urlscan.io logo urlscan.io
SecurityTrails logo

www.walla.co.il Open in urlscan Pro
13.224.189.35  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.walla.co.il/
Submission: On August 30 via manual from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 132 IPs in 16 countries across 95 domains to perform 685 HTTP transactions. The main IP is 13.224.189.35, located in United States and belongs to AMAZON-02, US. The main domain is www.walla.co.il. The Cisco Umbrella rank of the primary domain is 163570.
TLS certificate: Issued by Amazon RSA 2048 M01 on March 27th 2023. Valid for: a year.
This is the only time www.walla.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
39 13.224.189.35 16509 (AMAZON-02)
4 10 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 18.66.147.111 16509 (AMAZON-02)
1 205.185.216.42 20446 (STACKPATH...)
43 151.101.129.44 54113 (FASTLY)
2 2606:2800:234... 15133 (EDGECAST)
4 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:205... 16509 (AMAZON-02)
12 34.160.198.118 15169 (GOOGLE)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 104.19.150.54 13335 (CLOUDFLAR...)
1 2600:9000:205... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 88 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f08... 32934 (FACEBOOK)
1 51.77.64.70 16276 (OVH)
1 18.66.122.88 16509 (AMAZON-02)
17 54.85.118.140 14618 (AMAZON-AES)
1 104.244.42.8 13414 (TWITTER)
16 49 142.250.185.194 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a04:4e42::714 54113 (FASTLY)
2 12 2a00:1450:400... 15169 (GOOGLE)
3 99.81.111.55 16509 (AMAZON-02)
2 8 2a02:2638:3::c 44788 (ASN-CRITE...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:25a... 16509 (AMAZON-02)
1 104.18.35.167 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
11 2a02:2638:3::3 44788 (ASN-CRITE...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.66.97.88 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 8 51.75.86.98 16276 (OVH)
1 185.64.189.112 62713 (AS-PUBMATIC)
2 6 216.52.2.30 32475 (SINGLEHOP...)
8 185.86.138.122 201081 (SMARTADSE...)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 18.193.181.140 16509 (AMAZON-02)
2 3 185.184.8.90 204995 (RTB-HOUSE...)
5 2602:803:c003... 26667 (RUBICONPR...)
5 34.149.20.76 15169 (GOOGLE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 35.227.252.103 15169 (GOOGLE)
1 185.255.84.150 200271 (IGUANE-)
5 2a02:6b8::90 208722 (GLOBAL_DC)
1 18 104.22.69.131 13335 (CLOUDFLAR...)
4 9 185.89.210.101 29990 (ASN-APPNEX)
1 4 172.64.148.101 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f17... 32934 (FACEBOOK)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 34.120.218.58 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 162.19.138.83 16276 (OVH)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 54.171.14.223 16509 (AMAZON-02)
2 178.250.1.11 44788 (ASN-CRITE...)
1 2600:9000:20e... 16509 (AMAZON-02)
1 1 18.66.97.98 16509 (AMAZON-02)
3 52.222.139.98 16509 (AMAZON-02)
42 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 39 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 35.244.159.8 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 23.35.236.201 16625 (AKAMAI-AS)
2 4 168.119.72.236 24940 (HETZNER-AS)
4 4 46.228.174.117 56396 (AMOBEE)
2 2 2001:678:cb4:... 56396 (AMOBEE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
2 2 188.42.34.65 7979 (SERVERS-COM)
4 8.2.110.114 46636 (NATCOWEB)
5 2404:6800:400... 15169 (GOOGLE)
2 6 185.80.39.216 27381 (CASALE-MEDIA)
1 66.102.1.156 15169 (GOOGLE)
1 2 37.157.3.26 198622 (ADFORM)
4 104.75.89.75 16625 (AKAMAI-AS)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
7 9 2a05:d018:d29... 16509 (AMAZON-02)
7 8 37.157.5.132 198622 (ADFORM)
4 6 185.64.190.78 62713 (AS-PUBMATIC)
1 185.86.138.150 201081 (SMARTADSE...)
5 3.71.149.231 16509 (AMAZON-02)
2 3 2.16.202.106 20940 (AKAMAI-ASN1)
12 141.226.228.48 200478 (TABOOLA-AS)
1 178.250.1.6 44788 (ASN-CRITE...)
1 2600:9000:21f... 16509 (AMAZON-02)
2 35.157.139.48 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
13 2a02:2638:3::10 44788 (ASN-CRITE...)
3 2a02:2638:d::11 44788 (ASN-CRITE...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 6 54.155.202.110 16509 (AMAZON-02)
9 142.250.184.226 15169 (GOOGLE)
3 6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 178.250.1.9 44788 (ASN-CRITE...)
2 2 185.29.132.245 30419 (MEDIAMATH...)
1 1 35.186.193.173 15169 (GOOGLE)
2 34.96.105.8 396982 (GOOGLE-CL...)
4 4 213.155.156.182 1299 (TWELVE99 ...)
4 5 13.248.245.213 16509 (AMAZON-02)
2 3 35.204.74.118 396982 (GOOGLE-CL...)
6 15.197.193.217 16509 (AMAZON-02)
2 5 18.159.10.79 16509 (AMAZON-02)
6 2600:9000:223... 16509 (AMAZON-02)
17 2600:1f13:800... 16509 (AMAZON-02)
4 142.250.185.162 15169 (GOOGLE)
2 95.101.149.233 16625 (AKAMAI-AS)
1 67.202.105.24 32748 (STEADFAST)
2 104.18.38.76 13335 (CLOUDFLAR...)
1 23.35.236.188 16625 (AKAMAI-AS)
1 2a04:4e42:200... 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
2 4 52.46.128.147 16509 (AMAZON-02)
1 98.98.134.243 21859 (ZEN-ECN)
8 198.47.127.205 3257 (GTT-BACKB...)
1 3 67.220.228.200 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
4 185.64.191.210 62713 (AS-PUBMATIC)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 34.238.5.208 14618 (AMAZON-AES)
2 198.47.127.20 3257 (GTT-BACKB...)
2 4 69.173.144.138 26667 (RUBICONPR...)
4 4 69.173.144.165 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 54.167.22.22 14618 (AMAZON-AES)
1 2 151.101.66.49 54113 (FASTLY)
1 1 82.145.213.8 39832 (NO-OPERA)
1 1 35.214.144.172 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.121 42697 (NETIC-AS)
1 1 15.235.15.221 16276 (OVH)
2 2 31.172.81.172 44066 (DE-FIRSTC...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 188.166.17.21 14061 (DIGITALOC...)
685 132
39    13.224.189.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-35.fra2.r.cloudfront.net
www.walla.co.il
10    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
5    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    18.66.147.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-111.fra60.r.cloudfront.net
tags.dxmdp.com
1    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.valuad.cloud
43    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
4    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2600:9000:2057:c00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
12    34.160.198.118 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 118.198.160.34.bc.googleusercontent.com
images.wcdn.co.il
2    2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
web-sdk.smartlook.com
1    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    2600:9000:2057:8e00:4:1c73:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2r08ja41ypc0t.cloudfront.net
4    2a00:1450:4001:800::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
hb-dot-valuad.appspot.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
2    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
88    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
pagead2.googlesyndication.com
3    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
1    18.66.122.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-88.fra60.r.cloudfront.net
dal.walla.co.il
17    54.85.118.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-118-140.compute-1.amazonaws.com
ping.chartbeat.net
mabping.chartbeat.net
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
49    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googleadservices.com
cm.g.doubleclick.net
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
12890047.adoric-om.com
1    2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
12    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    99.81.111.55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-111-55.eu-west-1.compute.amazonaws.com
event.dxmdp.com
8    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2600:9000:25a2:7e00:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
11    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    18.66.97.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-88.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
8    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
6    216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
8    185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    18.193.181.140 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-181-140.eu-central-1.compute.amazonaws.com
tlx.3lift.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
5    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
5    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    2a02:fa8:8806:16::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
5    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
bs.yandex.ru
18    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
9    185.89.210.101 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
4    172.64.148.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
10    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
4    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
static.adoric.com
1    34.120.218.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.218.120.34.bc.googleusercontent.com
app.adoric-om.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
1    162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
id5-sync.com
1    2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
2    54.171.14.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-14-223.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
2    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2600:9000:20eb:8000:11:da61:a100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.dxmcdn.com
1    18.66.97.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-98.fra56.r.cloudfront.net
cdn-uw2-prod.tsv2.amagi.tv
3    52.222.139.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-98.ams50.r.cloudfront.net
amg01742-walla-wallanews-ono-btlna.amagi.tv
42    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
39    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
pixelgroup-d.openx.net
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    168.119.72.236 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.236.72.119.168.clients.your-server.de
sync.richaudience.com
4    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
5    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    188.42.34.65 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
4    8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
5    2404:6800:4004:80f::2003 (Australia)

ASN15169 (GOOGLE, US)
csi.gstatic.com
6    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    66.102.1.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f156.1e100.net
bid.g.doubleclick.net
2    37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
4    104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    85.114.159.118 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
9    2a05:d018:d29:3601:f60d:7f4e:ab14:8158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
8    37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
6    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
5    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    2.16.202.106 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-106.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
12    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
sync.taboola.com
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
1    2600:9000:21f3:5600:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
2    35.157.139.48 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-139-48.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
13    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
3    2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2a00:1450:4001:6d::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r1---sn-4g5edns6.c.2mdn.net
6    54.155.202.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-202-110.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
9    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
googleads4.g.doubleclick.net
6    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
4    213.155.156.182 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
5    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
6    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
5    18.159.10.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-10-79.eu-central-1.compute.amazonaws.com
x.bidswitch.net
6    2600:9000:223f:8e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
17    2600:1f13:800:7780:78aa:1966:9c24:9c12 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
4    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
ade.googlesyndication.com
2    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
4    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
8    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
3    67.220.228.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
4    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    34.238.5.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-5-208.compute-1.amazonaws.com
a.audrte.com
2    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage4.pubmatic.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    54.167.22.22 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-22-22.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    35.214.144.172 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 172.144.214.35.bc.googleusercontent.com
csync.loopme.me
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    15.235.15.221 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh
pixel.onaudience.com
2    31.172.81.172 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
1    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    188.166.17.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
Apex Domain
Subdomains		 Transfer
120 googlesyndication.com
f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
ade.googlesyndication.com — Cisco Umbrella Rank: 323
555 KB
92 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
stats.g.doubleclick.net — Cisco Umbrella Rank: 87
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
pubads.g.doubleclick.net — Cisco Umbrella Rank: 421
cm.g.doubleclick.net — Cisco Umbrella Rank: 237
bid.g.doubleclick.net — Cisco Umbrella Rank: 798
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371
411 KB
57 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 919
pm-widget.taboola.com — Cisco Umbrella Rank: 3145
trc.taboola.com — Cisco Umbrella Rank: 614
vidstat.taboola.com — Cisco Umbrella Rank: 2542
am-trc-events.taboola.com — Cisco Umbrella Rank: 16233
images.taboola.com — Cisco Umbrella Rank: 1780
imprammp.taboola.com — Cisco Umbrella Rank: 15906
am-match.taboola.com — Cisco Umbrella Rank: 16049
am-vid-events.taboola.com — Cisco Umbrella Rank: 14973
sync.taboola.com — Cisco Umbrella Rank: 998
pips.taboola.com — Cisco Umbrella Rank: 1574
cds.taboola.com — Cisco Umbrella Rank: 1786
833 KB
44 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 311
gcdn.2mdn.net — Cisco Umbrella Rank: 1242
r1---sn-4g5edns6.c.2mdn.net
6 MB
40 walla.co.il
www.walla.co.il — Cisco Umbrella Rank: 163570
dal.walla.co.il — Cisco Umbrella Rank: 148370
1 MB
29 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 884
static.adsafeprotected.com — Cisco Umbrella Rank: 607
dt.adsafeprotected.com — Cisco Umbrella Rank: 579
303 KB
27 criteo.net
static.criteo.net — Cisco Umbrella Rank: 603
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10696
csm.eu.criteo.net — Cisco Umbrella Rank: 10389
211 KB
24 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 512
ads.pubmatic.com — Cisco Umbrella Rank: 513
image6.pubmatic.com — Cisco Umbrella Rank: 752
simage2.pubmatic.com — Cisco Umbrella Rank: 794
image2.pubmatic.com — Cisco Umbrella Rank: 895
simage4.pubmatic.com — Cisco Umbrella Rank: 1267
96 KB
18 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 6591
csync.smilewanted.com — Cisco Umbrella Rank: 2812
static.smilewanted.com — Cisco Umbrella Rank: 11008
32 KB
17 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1354
mabping.chartbeat.net — Cisco Umbrella Rank: 5458
3 KB
16 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 426
bidder.criteo.com — Cisco Umbrella Rank: 767
mug.criteo.com — Cisco Umbrella Rank: 2631
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 17186
ads.eu.criteo.com — Cisco Umbrella Rank: 10282
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11316
dis.criteo.com — Cisco Umbrella Rank: 596
75 KB
15 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 510
eus.rubiconproject.com — Cisco Umbrella Rank: 593
pixel.rubiconproject.com — Cisco Umbrella Rank: 366
token.rubiconproject.com — Cisco Umbrella Rank: 597
17 KB
14 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 451
ups.analytics.yahoo.com — Cisco Umbrella Rank: 326
6 KB
13 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3238
www.google.com — Cisco Umbrella Rank: 2
1 KB
12 wcdn.co.il
images.wcdn.co.il — Cisco Umbrella Rank: 104358
338 KB
10 adform.net
cm.adform.net — Cisco Umbrella Rank: 1198
c1.adform.net — Cisco Umbrella Rank: 591
dmp.adform.net — Cisco Umbrella Rank: 3237
6 KB
10 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 567
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 475
7 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 239
secure.adnxs.com — Cisco Umbrella Rank: 450
acdn.adnxs.com — Cisco Umbrella Rank: 578
24 KB
9 openx.net
rtb.openx.net — Cisco Umbrella Rank: 751
oajs.openx.net — Cisco Umbrella Rank: 1329
google-bidout-d.openx.net — Cisco Umbrella Rank: 1333
us-u.openx.net — Cisco Umbrella Rank: 478
pixelgroup-d.openx.net — Cisco Umbrella Rank: 109805
2 KB
9 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1594
ssbsync.smartadserver.com — Cisco Umbrella Rank: 777
4 KB
9 dxmdp.com
tags.dxmdp.com — Cisco Umbrella Rank: 45499
event.dxmdp.com — Cisco Umbrella Rank: 45378
129 KB
8 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 736
1 KB
7 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1076
5 KB
7 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1074
ssc.33across.com — Cisco Umbrella Rank: 3667
ssc-cms.33across.com — Cisco Umbrella Rank: 1064
10 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 348
2 KB
6 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 805
s.tribalfusion.com — Cisco Umbrella Rank: 1949
3 KB
6 gstatic.com
fonts.gstatic.com
csi.gstatic.com
34 KB
6 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 583
eb2.3lift.com — Cisco Umbrella Rank: 388
3 KB
6 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 659
2 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 342
1 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 214
283 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 405
110 KB
5 yandex.ru
bs.yandex.ru — Cisco Umbrella Rank: 16772
741 B
5 google.de
www.google.de — Cisco Umbrella Rank: 6457
753 B
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
region1.google-analytics.com — Cisco Umbrella Rank: 2547
21 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
414 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2537
3 KB
4 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4396
1 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1326
652 B
4 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 2955
4 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1819
820 B
4 amagi.tv
cdn-uw2-prod.tsv2.amagi.tv — Cisco Umbrella Rank: 49507
amg01742-walla-wallanews-ono-btlna.amagi.tv — Cisco Umbrella Rank: 193586
5 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
249 B
4 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1403
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7461
creativecdn.com — Cisco Umbrella Rank: 570
2 KB
4 appspot.com
hb-dot-valuad.appspot.com — Cisco Umbrella Rank: 75990
122 B
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 25640
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 29011
897 B
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 791
2 KB
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 537
2 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 561
2 KB
3 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 488
fonts.googleapis.com — Cisco Umbrella Rank: 41
356 KB
3 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3350
dclk-match.dotomi.com — Cisco Umbrella Rank: 3037
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3398
357 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1471
mp.4dex.io — Cisco Umbrella Rank: 2303
26 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 809
bcp.crwdcntrl.net — Cisco Umbrella Rank: 776
sync.crwdcntrl.net — Cisco Umbrella Rank: 795
12 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 169
126 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1548
mab.chartbeat.com — Cisco Umbrella Rank: 2527
28 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1042
syndication.twitter.com — Cisco Umbrella Rank: 1308
132 KB
2 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 3612
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1180
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 692
770 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
cdn.indexww.com — Cisco Umbrella Rank: 1556
2 KB
2 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1998
292 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1098
1 KB
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 558
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1537
1 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1532
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 834
952 B
2 adoric.com
static.adoric.com — Cisco Umbrella Rank: 55978
32 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320
3 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 755
id5-sync.com — Cisco Umbrella Rank: 400
27 KB
2 adoric-om.com
12890047.adoric-om.com — Cisco Umbrella Rank: 213228
app.adoric-om.com — Cisco Umbrella Rank: 37228
54 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 149
20 KB
2 smartlook.com
web-sdk.smartlook.com — Cisco Umbrella Rank: 21658
19 KB
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2518
555 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2967
419 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3146
439 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 890
226 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1476
554 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 716
1 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 365
651 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 756
588 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 706
187 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 50826
609 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
5 KB
1 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1818
578 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1239
481 B
1 dxmcdn.com
cf.dxmcdn.com — Cisco Umbrella Rank: 77072
62 KB
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1754
436 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4109
782 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1404
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1732
2 KB
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5649
175 B
1 cloudfront.net
d2r08ja41ypc0t.cloudfront.net
461 B
1 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2877
1 valuad.cloud
cdn.valuad.cloud — Cisco Umbrella Rank: 110859
273 KB
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
685 95
Domain Requested by
67 pagead2.googlesyndication.com imasdk.googleapis.com
securepubads.g.doubleclick.net
f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
s0.2mdn.net
47 cm.g.doubleclick.net 16 redirects googleads.g.doubleclick.net
f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
42 s0.2mdn.net imasdk.googleapis.com
www.walla.co.il
s0.2mdn.net
f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
39 tpc.googlesyndication.com 4 redirects www.walla.co.il
f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
s0.2mdn.net
39 www.walla.co.il www.walla.co.il
28 images.taboola.com
21 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
www.googleadservices.com
www.walla.co.il
f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
pagead2.googlesyndication.com
imasdk.googleapis.com
17 dt.adsafeprotected.com f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
16 mabping.chartbeat.net www.walla.co.il
13 imageproxy.eu.criteo.net ads.eu.criteo.com
12 www.google.com 2 redirects www.walla.co.il
f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
tpc.googlesyndication.com
12 images.wcdn.co.il www.walla.co.il
11 csync.smilewanted.com 1 redirects cdn.valuad.cloud
csync.smilewanted.com
11 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
cdn.valuad.cloud
static.criteo.net
10 f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com securepubads.g.doubleclick.net
10 securepubads.g.doubleclick.net 4 redirects www.walla.co.il
securepubads.g.doubleclick.net
9 googleads4.g.doubleclick.net www.walla.co.il
9 pr-bh.ybp.yahoo.com 7 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
9 cdn.taboola.com www.walla.co.il
cdn.taboola.com
8 simage2.pubmatic.com ads.pubmatic.com
8 am-trc-events.taboola.com cdn.taboola.com
8 prg.smartadserver.com cdn.valuad.cloud
8 onetag-sys.com 2 redirects cdn.valuad.cloud
csync.smilewanted.com
f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
8 gum.criteo.com 2 redirects cdn.taboola.com
static.criteo.net
cdn.valuad.cloud
7 c1.adform.net 6 redirects ads.pubmatic.com
7 ib.adnxs.com 2 redirects cdn.valuad.cloud
googleads.g.doubleclick.net
acdn.adnxs.com
csync.smilewanted.com
6 static.adsafeprotected.com f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
6 match.adsrvr.org am-match.taboola.com
imprammp.taboola.com
ssum-sec.casalemedia.com
ads.pubmatic.com
6 fw.adsafeprotected.com 3 redirects www.walla.co.il
6 image6.pubmatic.com 4 redirects ads.pubmatic.com
6 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
6 ap.lijit.com 2 redirects cdn.valuad.cloud
csync.smilewanted.com
6 tags.dxmdp.com www.walla.co.il
tags.dxmdp.com
5 x.bidswitch.net 2 redirects am-match.taboola.com
f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
5 eb2.3lift.com 4 redirects cdn.valuad.cloud
5 ups.analytics.yahoo.com googleads.g.doubleclick.net
f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
imprammp.taboola.com
ads.pubmatic.com
5 csi.gstatic.com imasdk.googleapis.com
5 www.googletagservices.com f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 prebid.smilewanted.com cdn.valuad.cloud
5 bs.yandex.ru cdn.valuad.cloud
5 ssc.33across.com cdn.valuad.cloud
5 fastlane.rubiconproject.com cdn.valuad.cloud
5 www.google.de www.walla.co.il
5 www.googletagmanager.com www.walla.co.il
www.googletagmanager.com
4 token.rubiconproject.com 4 redirects
4 pixel.rubiconproject.com 2 redirects
4 a.audrte.com 3 redirects ads.pubmatic.com
4 image2.pubmatic.com ads.pubmatic.com
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 ade.googlesyndication.com
4 d5p.de17a.com 4 redirects
4 sync.teads.tv googleads.g.doubleclick.net
4 us-u.openx.net googleads.g.doubleclick.net
4 us.ck-ie.com csync.smilewanted.com
4 sync.richaudience.com 2 redirects csync.smilewanted.com
4 www.facebook.com www.walla.co.il
4 hb-dot-valuad.appspot.com cdn.valuad.cloud
12890047.adoric-om.com
4 www.google-analytics.com www.walla.co.il
www.google-analytics.com
3 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 s.tribalfusion.com f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
3 a.tribalfusion.com 3 redirects
3 csm.eu.criteo.net ads.eu.criteo.com
3 ads.stickyadstv.com 2 redirects ssum-sec.casalemedia.com
3 sync.1rx.io 3 redirects
3 ads.pubmatic.com cdn.valuad.cloud
ads.pubmatic.com
3 amg01742-walla-wallanews-ono-btlna.amagi.tv www.walla.co.il
3 event.dxmdp.com tags.dxmdp.com
12890047.adoric-om.com
3 connect.facebook.net www.walla.co.il
connect.facebook.net
2 sync.bumlam.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 simage4.pubmatic.com ads.pubmatic.com
2 creativecdn.com 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 eus.rubiconproject.com cdn.valuad.cloud
eus.rubiconproject.com
2 sync.taboola.com am-match.taboola.com
imprammp.taboola.com
2 tr.blismedia.com f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
2 sync.mathtag.com 2 redirects
2 dis.criteo.com 2 redirects
2 match.sharethrough.com csync.smilewanted.com
2 secure.adnxs.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 cm.adform.net 1 redirects csync.smilewanted.com
2 ads.betweendigital.com 2 redirects
2 ad.turn.com 2 redirects
2 static.smilewanted.com csync.smilewanted.com
2 pubads.g.doubleclick.net imasdk.googleapis.com
2 trc.taboola.com cdn.taboola.com
2 mug.criteo.com www.walla.co.il
2 oajs.openx.net 1 redirects www.walla.co.il
2 imasdk.googleapis.com www.walla.co.il
imasdk.googleapis.com
2 static.adoric.com 12890047.adoric-om.com
2 script.4dex.io cdn.valuad.cloud
12890047.adoric-om.com
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
cdn.valuad.cloud
2 www.googleadservices.com www.googletagmanager.com
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 web-sdk.smartlook.com www.walla.co.il
web-sdk.smartlook.com
2 static.chartbeat.com www.walla.co.il
2 platform.twitter.com www.walla.co.il
platform.twitter.com
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com
1 pixel.onaudience.com 1 redirects
1 mwzeom.zeotap.com
1 csync.loopme.me 1 redirects
1 t.adx.opera.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 px.ads.linkedin.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 pixel-sync.sitescout.com ssum-sec.casalemedia.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 acdn.adnxs.com cdn.valuad.cloud
1 js-sec.indexww.com cdn.valuad.cloud
1 pixelgroup-d.openx.net cdn.valuad.cloud
1 ssc-cms.33across.com cdn.valuad.cloud
1 gcm.ctnsnet.com 1 redirects
1 am-vid-events.taboola.com
1 am-match.taboola.com vidstat.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 r1---sn-4g5edns6.c.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 secure-gl.imrworldwide.com ads.eu.criteo.com
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 vidstat.taboola.com cdn.taboola.com
1 ssbsync.smartadserver.com f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
1 dclk-match.dotomi.com f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
1 bid.g.doubleclick.net imasdk.googleapis.com
1 ads.eu.criteo.com f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
1 rtb.nl3.eu.criteo.com www.walla.co.il
1 sync.targeting.unrulymedia.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 cdn-uw2-prod.tsv2.amagi.tv 1 redirects
1 cf.dxmcdn.com tags.dxmdp.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cadmus.script.ac script.4dex.io
1 id5-sync.com cdn.id5-sync.com
1 app.adoric-om.com 12890047.adoric-om.com
1 htlb.casalemedia.com cdn.valuad.cloud
1 hb-api.omnitagjs.com cdn.valuad.cloud
1 rtb.openx.net cdn.valuad.cloud
1 web.hb.ad.cpe.dotomi.com cdn.valuad.cloud
1 prebid-eu.creativecdn.com cdn.valuad.cloud
1 tlx.3lift.com cdn.valuad.cloud
1 bidder.criteo.com cdn.valuad.cloud
1 hbopenbid.pubmatic.com cdn.valuad.cloud
1 mp.4dex.io cdn.valuad.cloud
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 mab.chartbeat.com static.chartbeat.com
1 12890047.adoric-om.com www.walla.co.il
1 syndication.twitter.com platform.twitter.com
1 ping.chartbeat.net www.walla.co.il
1 dal.walla.co.il www.walla.co.il
1 pro.ip-api.com www.walla.co.il
1 region1.analytics.google.com www.googletagmanager.com
1 d2r08ja41ypc0t.cloudfront.net tags.dxmdp.com
1 cdn.permutive.com tags.dxmdp.com
1 cdn.valuad.cloud www.walla.co.il
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
685 175
Subject Issuer Validity Valid
*.walla.co.il
Amazon RSA 2048 M01		 2023-03-27 -
2024-04-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
tags.dxmdp.com
Amazon RSA 2048 M02		 2023-01-22 -
2024-02-21		 a year crt.sh
valuad.cloud
E1		 2023-08-26 -
2023-11-24		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
images.wcdn.co.il
R3		 2023-08-28 -
2023-11-26		 3 months crt.sh
1688964705.rsc.cdn77.org
R3		 2023-07-27 -
2023-10-25		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-08 -
2023-09-06		 3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
adoric-om.com
E1		 2023-08-30 -
2023-11-28		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
dxmdp.com
Amazon RSA 2048 M01		 2023-02-09 -
2024-02-16		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-07-27 -
2023-10-25		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-08-26 -
2023-11-24		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2023-07-03 -
2023-10-01		 3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-04-08 -
2023-10-07		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
adoric.com
GTS CA 1P5		 2023-07-17 -
2023-10-15		 3 months crt.sh
*.adoric.com
R3		 2023-08-08 -
2023-11-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.id5-sync.com
R3		 2023-08-22 -
2023-11-20		 3 months crt.sh
script.ac
E1		 2023-07-05 -
2023-10-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
cf.dxmcdn.com
Amazon RSA 2048 M02		 2023-03-27 -
2024-04-24		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.amagi.tv
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-13		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-27 -
2023-10-22		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-21		 3 months crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-02-03		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2023-11-08		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh

This page contains 92 frames:

Primary Page: https://www.walla.co.il/
Frame ID: D1FED667D75C359EDE55E97E1B5EE7A4
Requests: 240 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.walla.co.il
Frame ID: 573E83DCF7671C885A7D038C28CBF8DB
Requests: 2 HTTP requests in this frame

Frame: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Frame ID: 6CCE8E94C0507DAA39D45ABE7810EB85
Requests: 16 HTTP requests in this frame

Frame: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E6225F02883045F52831B4568D11C2E9
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.walla.co.il
Frame ID: 13BE9AF2883E07461EC6F43BD8031AEF
Requests: 2 HTTP requests in this frame

Frame: https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=&monitoringConfig=%7B%22uuid%22%3A%22bc8a7a32-7d98-4226-8af9-d2a43a8621cc%22%2C%22enabled%22%3Afalse%2C%22verboseMode%22%3A%22ERRORS%22%2C%22sampling%22%3Anull%2C%22observedUserId%22%3Anull%2C%22includeDatabase%22%3Afalse%2C%22includeLocalStorage%22%3Afalse%2C%22includeLoggerState%22%3Afalse%7D
Frame ID: 2172B4DF7D46CA512753B38DFF393F37
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Frame ID: 885FB4A2B736CAF2EBD1F61E5539EDA5
Requests: 31 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0EF90AB695279777651D05A3CB253482
Requests: 1 HTTP requests in this frame

Frame: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 736C435DE8EFB2F515B9602ADEA21ECA
Requests: 4 HTTP requests in this frame

Frame: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D41460DC733908418F8A721FC2054956
Requests: 4 HTTP requests in this frame

Frame: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 23A277967F52083E7012C6DCC650098B
Requests: 4 HTTP requests in this frame

Frame: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2292CAB6F10442FC4FA284C76346E2D4
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: 8F8125DE3257418BC098026BEF22BE2F
Requests: 14 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E48A64668DCD14162EFCFBE69C0FD5C3
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 4EEDCE909BF61CB09C442AAB8C874B38
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A3EF65AB846729F7890625438484DDAD
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 6A414A47DE1E3EF1DF6352ABF2D8CA08
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 9D39235AE91FAC384A7987DCE7D7C87F
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: F48DD15EF86436FE55C624FD9F9CE6ED
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
Frame ID: 745DDAB30E2F2B82EA705212CA510FBF
Requests: 1 HTTP requests in this frame

Frame: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3CBA999C68957FA8DD7D342CA45BAFF1
Requests: 20 HTTP requests in this frame

Frame: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 975F4931FB3BD1888721340B44B0F6F6
Requests: 10 HTTP requests in this frame

Frame: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8DCB2AF462378FC5431E39F2C065A1CD
Requests: 28 HTTP requests in this frame

Frame: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B94BB4B4C63F81F7E1E0F3E33E01830D
Requests: 28 HTTP requests in this frame

Frame: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E2883067CE443D7362E5AA41214D005A
Requests: 26 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-4f1d9cdf-53e5-4942-8191-5c24ba78bda9-003
Frame ID: 0B15B7C3A471D1B563B6ABAEC052E669
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjytZ_sATAB&v=APEucNXVnBocaJPfqQWJXrbUE_DyR-CVW2ODIeAzHuPS2-KdYPX88o7KyAmYGatbORlb3TeOnwXDrjAyspoIGG1TbT2iVBP7Ff_eE_ysP7ObMyPyX3u8Uo3J69P_E1u7ZBp68SHUwsbWTi1ZPBg5ld7srQns-vk2iRYYkPd1ruSqe73STFf4NA0
Frame ID: 6549F7EA1D642A8588EAF69FBE8BD16C
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Frame ID: 4BA358EBB61CBCDB74C9AC0F6AAC6661
Requests: 28 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F7269E6FA4C56CA75C634B35BD3FE7BE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNU1aSGtQ2HSXktkvEW4ogD9i1EsciAYuZVyVBFT7kGDuGiNdaXRs9PnfbB7cqaNUS2NWq6sJ-FpHg4oOZ9RCfB-f-t2FGYsiRckw2LncpI1G-tJYn0PvGC1Bsy2_Cfts3s5y8BlRqV7_irVBt1qSrL1Uo8VS8LfRq3e5pSSVIWhlhjrmbc
Frame ID: 028DEA64CD145682BB7169729E196B8F
Requests: 5 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/d6a17f44-7554-52f2-b666-c553d289d0c2
Frame ID: E0A6F74D97A30BFA1E850B666C4CEA67
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWtUwNGyYO-Je5D2IvyE_hG0O4s1txAMglNfAk7mcaZsOKjSQKitXF2CBeWKNYsnpYnI2COP_gii5jLNQJc2yD45VhosL_CP-uyfLPWorS9mCIfzVt7-DmjNk_SIcXw-CYrVcj0yiUSnnwmsF0AeeYfks19ZEddRLhr7bEgMsk-Km42SSM
Frame ID: E42E9F78CD8C3780AAC8AF290B159B99
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXWBb04QMJd7J_1CKwEteifHYdMqC5FP-TQkast2z2cnRBXIshSHJYiTGOqFLFoAjaGsrAVCilNiaLOv2qlaG-OsU0P8O1IZc-j7k_QE75_chaskPyntKEkKJ14vSW8ElQTuiauCs1RJNaABq6QAJIz5SqCX0v6fiJvhkKjTlcogVSLSjE
Frame ID: E05D661853CDF961E5A5ECE0F4B54153
Requests: 4 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 5385A33D480A51A9F400970B93F690A1
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Frame ID: E782C6D1DD8F28072DA21CC502764C08
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/cf5ec43bcbebae19d3c7c18df99423?gdpr_consent=&gdpr=0
Frame ID: 07B0C76F7AE554E7A463A8FECB9B4F97
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: D91522C027DE9BA311AD7B7087830650
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 1DEE665E42B735E988D095EE3572B122
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8007D3091A376B588ECCD7F858C19C27
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FDA6E45AFC6584E65D8F9460459526AB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D1A9D56CE979692E469C53A21FCE74A9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1F6361FD985C3B2DFF7204CFB6CB067D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8C24F5B6639AE53A246AF11D7E9EFC17
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 601967DD33884480C175575F64D2399A
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1014895307437113344/index.html?e=69&leftOffset=0&topOffset=0&c=IE7FpTRZJR&t=1&renderingType=2&ev=01_250
Frame ID: 959C14C7C88F59924DC5E72876088371
Requests: 15 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8YMgCLAaUF7zmBySnxBMoL3jND0hOiS8AAABgYID-AAnZbJblcGRcqyY2i1u022zcwo3H5ZbtVrPhZrdwbnyrISAhm82yHI6Ma9XEZnGLdpuNW7jxuNyy3Wo23OwWzo1vNQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIrDgjtdJpfdc3o57f4AAAAAAAIAAACABACC-G8JgBjcyRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAx5DcO0WJ2vgQRyIFoEUYAQAAAMiW0844MkknqFhU-f__77cCcAUAIECxiJ3HPIvuoMRbGAAAAAAxQvAlRCN3POhjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAzbgBAHgjACfkYKDpdPhc93rd73fXPcxmh13jtyvNftFJiNViMhlMJovVUYjdcLbYzRaLyewAAAAA3Pn____HIwRfQjRyx4OuB-QmNpdhNLEYZ56Vc-KbWFwbz2ZkG21GM4fFuDF5zxOYQEpaAjBCnwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFrMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGNZmIaDjcktMe02a9FwOHIrhxuPWzQZbUyriWc1mljWotfHdHEZlxPHYIsEA0T2InlapBPVbmPa7SbO5XJlW5lcM9twONwMl4vVZDEzTjymiViiOVmkE9ll35vYXIbRxGKceVbOiW9icW08m5FttBnNHBbjxuTvWBam4WBjcktMu81aNByO3MrhxuMWTUYb02riWY0mlrXo9TFdXMblxDHYN2bLzWY5mExG-8ZsudksB5PJaN9hMj1Tn7PRdcs4PiaptfmytW5Og8JlsHh_EtNi2p0dRCff0alySJdFndHv9_v9fr_f7_f7DVrPwWxQ-L5lv1G3FpuDxc3BIDYYFLFEcJFOdA-z2eE0u3UPs9lhEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcOstjNFYvRXLIYziWrVQIAAAAAAAAAsATTTDcBAAAAcDKo4WSzWa3TwUxWw9VitVwAFzCTun6EU3mI6at8d6UEKvFt12FLFGvssYZ7mM0Op9mte5jNDisDuHD5ZrbZZwSxVqtlDQAAQAAbAABAADfdeBNAFsX9____jwMAACAjhx4AAAD9PqCr2ZmZmZkZfgWxWA4G-wegQqzVanW7sVarFbDgZsvZYAL_____AQ!&cmcv=&pix=undefined&cb=1693390226428&uv=3322&tms=1693390226428&abt=aniview_inc_vA!ll427_vA!nonrv_vA!pl1545_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=dff298d8-5bfb-473c-8cce-6756837a9c75&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 20B7AEDB33ED877FF0CAF406732C3701
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8YMgCLAaUF7zmBySnxBMoL3jND0hOiS8AAABgYID-AAnZbJblcGRcqyY2i1u022zcwo3H5ZbtVrPhZrdwbnyrISAhm82yHI6Ma9XEZnGLdpuNW7jxuNyy3Wo23OwWzo1vNQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIrDgjtdJpfdc3o57f4AAAAAAAIAAACABACC-G8JgBjcyRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAx5DcO0WJ2vgQRyIFoEUYAQAAAMiW0844MkknqFhU-f__77cCcAUAIECxiJ3HPIvuoMRbGAAAAAAxQvAlRCN3POhjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAzbgBAHgjACfkYKDpdPhc93rd73fXPcxmh13jtyvNftFJiNViMhlMJovVUYjdcLbYzRaLyewAAAAA3Pn____HIwRfQjRyx4OuB-QmNpdhNLEYZ56Vc-KbWFwbz2ZkG21GM4fFuDF5zxOYQEpaAjBCnwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFrMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGNZmIaDjcktMe02a9FwOHIrhxuPWzQZbUyriWc1mljWotfHdHEZlxPHYIsEA0T2InlapBPVbmPa7SbO5XJlW5lcM9twONwMl4vVZDEzTjymiViiOVmkE9ll35vYXIbRxGKceVbOiW9icW08m5FttBnNHBbjxuTvWBam4WBjcktMu81aNByO3MrhxuMWTUYb02riWY0mlrXo9TFdXMblxDHYN2bLzWY5mExG-8ZsudksB5PJaN9hMj1Tn7PRdcs4PiaptfmytW5Og8JlsHh_EtNi2p0dRCff0alySJdFndHv9_v9fr_f7_f7DVrPwWxQ-L5lv1G3FpuDxc3BIDYYFLFEcJFOdA-z2eE0u3UPs9lhEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcOstjNFYvRXLIYziWrVQIAAAAAAAAAsATTTDcBAAAAcDKo4WSzWa3TwUxWw9VitVwAFzCTun6EU3mI6at8d6UEKvFt12FLFGvssYZ7mM0Op9mte5jNDisDuHD5ZrbZZwSxVqtlDQAAQAAbAABAADfdeBNAFsX9____jwMAACAjhx4AAAD9PqCr2ZmZmZkZfgWxWA4G-wegQqzVanW7sVarFbDgZsvZYAL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 2543DCD0F674C93BE937DFB269BAE49F
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E55942F58B476EFB52796F6E9890B07F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DBEF7745364303A50FB7578EA808A297
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Frame ID: 2C4685EA3A31C9633B2A04692D00D0A2
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C8406002752E50EBAB7F596426C7D755
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Frame ID: 9529557BFA68E17190664BFD3D36A378
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E4ED4DF29F59BA125CA9D63DFEC71FB1
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Frame ID: 53A9C344A98530CF0F6DA7454E8AD661
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2F41D58FB7B9A30557038B0D20E045F1
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 9C7E5CC940A3758833E907FC705001AE
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 4154891DD3A930BBAFCAAFEC399D2950
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 4905B04FC7C77A82F16E504B22046974
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il
Frame ID: FBCBA3CB22D20A9A577EC55B06D7579F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
Frame ID: 25868F944BA67E832EE2BCCD4860F32F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F51421940F3EE5F6B07D5B42B68E4062
Requests: 10 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cR0USG9OKr6ykwaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Frame ID: 278D02320AE7DB79DE0905A474923C1B
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13421168
Frame ID: F41B75309887A774007D6911E21BB31A
Requests: 1 HTTP requests in this frame

Frame: https://pixelgroup-d.openx.net/w/1.0/pd
Frame ID: 4EE5647E75095A6D5563835CC7C8C0E3
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EF161BE12D950112F2D50E7A7A346187
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1693390224275
Frame ID: 33DFA9041E03493C5A784339B8E7E9EA
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: E37914FFE6EC6FAF1DC1059C17577D63
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: FAEE64EC7E06EC924BE402CC5099B7D5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Frame ID: E2464EABB690B47A636874320D3A1622
Requests: 23 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 53C9626285B23F6B38201D58EAC825F1
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 196B737CF8254521BA8453321AFCF1A2
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: D976351E31FD11DFCFF82160EF922E83
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=57F150BD-F328-494B-8AE0-E372AABB30EB&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: B67ED65B1F73DA3EEF2C353AF8B5CD9D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=v5SocLiV9CKkkq4jusXgLu_Eq3OkkfwnsJMSaYmL
Frame ID: 102D87DA67EFD5B3397ED70378B2DCE6
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: D1DFB38CA3C47AD1C5591248254B627F
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: B82C2467FABC560E2E53533551A230DA
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: EC28ADC11E29DEB82991A3628A1E8815
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: 877ED832005408B2F0E613592515CAEB
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 062986206F2B915F43A1C4BEAAB61DC8
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/4761697221186090810
Frame ID: 00FD08CFD91E3163E0A6DADA924EF937
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/c86ddc974113c5fc36138c3d09ee4bf?gdpr_consent=&gdpr=0
Frame ID: 74DE902DB1B8756AC757644F87D8EC2B
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 1FE1CBBD76DA93264DF48C21953E7092
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: BDD043A24FDE1EE31C53FE3D55056987
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Px2mur4X0hdxGzX0GRJE?pi=smilewanted&tc=1
Frame ID: B847A735F22A0DB82D617EFF7C30D310
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=d2d0ac41b2f73069127b27a56e0c307a
Frame ID: 7450CAEAB9F6C76A6F88F9FF339F3047
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=57F150BD-F328-494B-8AE0-E372AABB30EB&gdpr=0&gdpr_consent=
Frame ID: 1C3F4814460B5AC33FA2ED7F6B959E3C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2472533790212609381&gdpr=0&gdpr_consent=
Frame ID: EBBEA3F22B815505A251BB63B13A15CD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7273055635756611742&gdpr=0&gdpr_consent=
Frame ID: FFABAF55E1D8EE3E70215C45775351D8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=cR6Tg2yQXFdTnP_fSGNuwNly2hk&gdpr=0&gdpr_consent=
Frame ID: 14FBD1420714D40D585091DD21B966E2
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZO8VlwAMesb49ABY
Frame ID: 18899389D50ADA0A2EDD29D6AE34B101
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU35d3a1cf1b4d47b988485429b9e1556b
Frame ID: 680153F7C56F77FADC9594168D63A03E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: FE60A1A450FC1DC3F718F4AA1560D031
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

וואלה! חדשות. ספורט. סלבס. אוכל - עדכונים ודיווחים שוטפים

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

685
Requests

88 %
HTTPS

40 %
IPv6

95
Domains

175
Subdomains

132
IPs

16
Countries

12422 kB
Transfer

25953 kB
Size

107
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 174
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/777956447/?random=377413495&cv=11&fst=1693390223667&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=2078294940.1693390223&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=jxXvZKOUL4WP7_UP2fuo-A8&sscte=1&crd=CKK4sQI&eitems=ChAI8NG7pwYQ8ovSrpLsn7M-Eh0ALE-GW5BEVGjVn_gtr9CApfk05beG9QhfQCpDMw&pscrd=Ek5DaEFJOE5HN3B3WVExLS1qaWZ2SC1jNEVFaVlBQ2RpYWhCNGZkRFZreWlVRHFrUjZJb25LZVE2bHROR3g5NkwtSmh5X1B2STlpWTdWZUEaWENoQUk4Tkc3cHdZUTlQMzF2Znljb2VsSkVpNEFWV2hOOEdia0FkZW52WmtfS29uUGgwamtNU29WUlcwOUJMcUNWLXhXVU1tQmY2aFFPNmdWZkdPQjZHVnIiEwjjl4SWkoSBAxWFx7sIHdk9Cv8 HTTP 302
  • https://www.google.com/pagead/1p-conversion/777956447/?random=377413495&cv=11&fst=1693390223667&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=2078294940.1693390223&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKK4sQI&pscrd=Ek5DaEFJOE5HN3B3WVExLS1qaWZ2SC1jNEVFaVlBQ2RpYWhCNGZkRFZreWlVRHFrUjZJb25LZVE2bHROR3g5NkwtSmh5X1B2STlpWTdWZUEaWENoQUk4Tkc3cHdZUTlQMzF2Znljb2VsSkVpNEFWV2hOOEdia0FkZW52WmtfS29uUGgwamtNU29WUlcwOUJMcUNWLXhXVU1tQmY2aFFPNmdWZkdPQjZHVnIiEwjjl4SWkoSBAxWFx7sIHdk9Cv8&is_vtc=1&ocp_id=jxXvZKOUL4WP7_UP2fuo-A8&cid=CAQSKQBpAlJWBQJapLfmyffytFrZJLlpTFJdlP3QPfdhkGL6au-FGLBTEtGV&eitems=ChAI8NG7pwYQ8ovSrpLsn7M-Eh0ALE-GW6qqQ_53BWz7e_riUihypGa9hrUpaDX3yw&random=3524213555 HTTP 302
  • https://www.google.de/pagead/1p-conversion/777956447/?random=377413495&cv=11&fst=1693390223667&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=2078294940.1693390223&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKK4sQI&pscrd=Ek5DaEFJOE5HN3B3WVExLS1qaWZ2SC1jNEVFaVlBQ2RpYWhCNGZkRFZreWlVRHFrUjZJb25LZVE2bHROR3g5NkwtSmh5X1B2STlpWTdWZUEaWENoQUk4Tkc3cHdZUTlQMzF2Znljb2VsSkVpNEFWV2hOOEdia0FkZW52WmtfS29uUGgwamtNU29WUlcwOUJMcUNWLXhXVU1tQmY2aFFPNmdWZkdPQjZHVnIiEwjjl4SWkoSBAxWFx7sIHdk9Cv8&is_vtc=1&ocp_id=jxXvZKOUL4WP7_UP2fuo-A8&cid=CAQSKQBpAlJWBQJapLfmyffytFrZJLlpTFJdlP3QPfdhkGL6au-FGLBTEtGV&eitems=ChAI8NG7pwYQ8ovSrpLsn7M-Eh0ALE-GW6qqQ_53BWz7e_riUihypGa9hrUpaDX3yw&random=3524213555&ipr=y
Request Chain 179
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.walla.co.il%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.walla.co.il%2F&rid=esp&cc=1
Request Chain 190
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=NKxXU3xMcXk1R1ZjVnpiWXprLzFrQ0lSVSsrdk4vc29WcnJkL1creWxOVm5nQmpiTGhLZ2hUcThhcXB6WFQ0czUzdlI3YUlwb3hkNzdxRHdJUzgwWjh1STg3cHdXbXBGbDAyUys1ejI4V1lhSS9uMk5zNWtpTXVzY1FOTnpCMUJ2SmtVNnkrU1p6YSthTkJPVy9tS0Y2cVFsK29jY0lPcFk0N2JaYWxrdmtMdjJXWVczSTZCY01hVEhjV2IySkUvUmlEN3NXVTJoR0pKY2hIKzVHa1dxa2dpbUFHSFVJVUJtbDEwN2l2cTYrT0F1WjQxcnl4eTFZWjg3emtVc2k0LzlNSlFaS2NjRHRaUTd0VmhBcTNpcGV0TUZsdz09fA&cppv=2
Request Chain 195
  • https://cdn-uw2-prod.tsv2.amagi.tv/linear/amg01742-walla-wallanews-ono/playlist.m3u8 HTTP 302
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
Request Chain 221
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjss04h-u3A3gM5dKgrKYsE-L8oxG8J6S_cqXej3NoNfS51OvoT4XLhlTC90jEKiWNnjzVlE-lMyk3li7psapdwuDzJ7O8grXJRGiU1hgjBKaX_ynZyz0kT-F6EDn0WBPv6F6gL-h2f3GzrxPmW3sA9LfT9iIvsMs8NA5BmgQwHkw5lRwqL5JU9AZ2Da9QSQDmUHMuT5cbGHA5O6JXzVL4XOkvFZLzHmCBABMnxyr3I4WEDCIIPHoMsJ64u-vAkYy6ibL_H-HiU6JjDOB3PwwaTvfLjzKWurr1t93vOvwjDKJpBC6RT4NIYCUfb2nbNDnl8CtO4b1uu5H9Fy-MsugB0GEfQ%26sai%3DAMfl-YTnF_y-lOU_J2VlRv0uJJ8Xq4gz5IQEHMJpQ2s52WTiq7ftKhISJ-dHkc-V1xemYYUPPy2U8GC9XS6dzZHKTxyvZx4ic9AD6ViKBgkWpxMN24XIhjiA-zFfF0pmbw%26sig%3DCg0ArKJSzI9j-J6r91_0EAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
Request Chain 223
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsudcVNHiO9iShNZlMzKi1FOEzx3cQQQ1FbFyE1JG04-Y5Q2BgCiUwvy3ZWEczj-QxAxonUs1z9yiIgtLSQZSMmScESWZ3lXgNqH8Zn4O61EqMEyXiVKHq1ZPMUUPDiOSqrWAFXFwSNOUfl641Uwzh4T-pA-sAjMl50sXowHAu8cZIeSQxuM1CWHADjfW00_tqyyaU3iqx6jUTLD1KBsOqo38UZtuwruOv_H8tQby-4WoRaNcypSMoDSzjPiQ-KVyNyh7JXWJCfb4PtctTOPsx4ETd8uXjbQNAfXwdAfOkF1EZJHUXHDMNmXcCUEDJnC7ZkLrbBNNrW1aCz1XPYumrXK4Q%26sai%3DAMfl-YRhw4RDJmD7YK9_AMbmIsCbfOCw4FLuClMK_l72Q0Gm1kclSmynaCDKyvC6cWcYAFjRhlKNIknyn28oQ3Qq2dGLW_eqxHF-972HKi5CXLSPODxuPPIFw1VIVJBfjg%26sig%3DCg0ArKJSzJCnpjEp5iSvEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
Request Chain 226
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsu6158f89i4XMY_We8xAHEAX7cIdvNnz5ejOFMAIyIDB6KoxjNG4Yz-xkglEZLv1iBkay2WsGJw2B8Pg7yBPC8HfQt_-2fVLeMsw3hE4ENFuuQ38FZWtGj3s12Pbi_x5ChU_gmyFCVY3nYEF8B68RGsILzvVxOBVL4razdQt4jfjpWFsRQ-A3iu-Ed1SKE6XTTocjP2QdM5VP9jlPOLpC6eo7c9ZmOM9sUrEK0G5BGynmPG1tWaJK1joqIktzEqY0VyYIgPwM_8YpbQGfaKjYOxuz8dFYnS8VABXK3HY1JsoKQTQ94lLBvYRnFyMIA0np_l3pe-EJNNTEJymgp3sS3v0w%26sai%3DAMfl-YSFvx3gFrJt2t3v2HM1KafmeLO_aamN7ybpoQ96-r2MpXMBP8QiGWDwFi2Nfu1x2g_rmEhkVynKrhjQqRb3zAUpAT4iW-_WHKpA4yT38JexbFc2vfMh1eGR-4zCPg%26sig%3DCg0ArKJSzPxF-pmLfBfAEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
Request Chain 228
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvSFeayuPGaRW00EeVENGs4kVTBvSlnk_Hvk0gH-NAaj9_wYvIiPzzOsl858dVcw9AhYVVaDNy5vgPUIWBM0TtYexlHvcGMD0OK9R3p-pcGf2wmFp6wYJhda2Ji4eDZBbGdFaWDOKamXBRrYigtyB7E5hljJXgxWWxYO7N1qLiCJMqjPbER3GBER17lljalTSDkzocDIYFx3KNEs36OoSWu1v-M6jWlkvM8C7NjLg17JWZr5TeVtgf9J1erl8Liz6RwUqZIYmCiDC_e1tZIC2_ppDo0Ap9fspaHRSsQGcyH1pkKw-n85Dtg0roJmSCui0CHbYjNYXvsKmBND87BvKR-yio%26sai%3DAMfl-YTG6Ak5ZgXkDYaFE_Iz_5pxQeZdwWvwXmR54AUXA5AcGOiMpZKIfFR6O_d9KwPcgLcdABHho13kQ7pVXXJw63jEcLkD1lMZ78PXUHaXxareZSwiZJMiXlEq4LNLpA%26sig%3DCg0ArKJSzMKLNMj84uoLEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3Dhttps://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg HTTP 301
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
Request Chain 232
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 246
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
Request Chain 252
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1693390225506 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1049773178 HTTP 302
  • https://sync.1rx.io/usersync/turn/2535591895242875208?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4f1d9cdf-53e5-4942-8191-5c24ba78bda9-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-4f1d9cdf-53e5-4942-8191-5c24ba78bda9-003 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-4f1d9cdf-53e5-4942-8191-5c24ba78bda9-003
Request Chain 279
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=-5245383880774798665 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/d6a17f44-7554-52f2-b666-c553d289d0c2
Request Chain 299
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGNgSdLoMJSL9pEYpFhIS2g&google_cver=1
Request Chain 300
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZO8Vkbtxviw0lCdvPLjgqwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGNgSdLoMJSL9pEYpFhIS2g&google_cver=1
Request Chain 301
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELH0QnvIQpkBeBuo5ZGvqhY&google_cver=1
Request Chain 302
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ3MjUzMzc5MDIxMjYwOTM4MQ%3D%3D
Request Chain 305
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGOLi3YCPFeArRDjM19heGE&google_cver=1
Request Chain 307
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEIPz9bvk5H7NUlj7VU9EFc0&google_cver=1
Request Chain 309
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGOLi3YCPFeArRDjM19heGE&google_cver=1
Request Chain 311
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEIPz9bvk5H7NUlj7VU9EFc0&google_cver=1
Request Chain 314
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOOS5DrK4SHCUm-eTgL_avc&google_cver=1&google_push=AXcoOmQI3A8ypWVYsUn1b3d9VFAPftYphY8nRe0PMX-dN7f6AMB4WB2szU-AGEHOPYrG1bHTXIXq9hRL-nomNr6YVfgj0OfXjnZBROzmqfFCPdrAZNCXXoJs5ksih0pq3isoOvfb_HA47vb2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MzA1NTYzNTc1NjYxMTc0Mg%3D%3D&google_push=AXcoOmQI3A8ypWVYsUn1b3d9VFAPftYphY8nRe0PMX-dN7f6AMB4WB2szU-AGEHOPYrG1bHTXIXq9hRL-nomNr6YVfgj0OfXjnZBROzmqfFCPdrAZNCXXoJs5ksih0pq3isoOvfb_HA47vb2
Request Chain 315
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPRarsN5ERDz35wOGmAM9js&google_cver=1&google_push=AXcoOmS1MEArAk3Fr7wkbdf-Yun4bgJoDczOqCw57AczuHO2splXxCrR4uneUeD-CQOxxfw3EO4-bPuJNiTYju8Z_GF_qtCMwzGNV3_EC5oZXbvhGSt6FN5SEppjSYeCWqOuf2l1XSGttki7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS1MEArAk3Fr7wkbdf-Yun4bgJoDczOqCw57AczuHO2splXxCrR4uneUeD-CQOxxfw3EO4-bPuJNiTYju8Z_GF_qtCMwzGNV3_EC5oZXbvhGSt6FN5SEppjSYeCWqOuf2l1XSGttki7&google_hm=eS03N2FIUkx0RTJwR3p1RVhFb2FsTVpDZ0U3dENYYmRVX35B
Request Chain 316
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ-dIGlCqa4Oq1xfbI4RMGM&google_cver=1&google_push=AXcoOmQ6h5Y42QmrcuhpK1dIXCL7fq1WjO1RxF89pjOWhmks1rGtCEwKiAZCYzyOyktAKfWNoMh6LeYYwdel9QILrUbXSHYjmwIw8bl3IaPBjX2KFTgMxgOuk0mgQxF-lMEb4-9h1hmUaP4 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJ-dIGlCqa4Oq1xfbI4RMGM&google_cver=1&google_push=AXcoOmQ6h5Y42QmrcuhpK1dIXCL7fq1WjO1RxF89pjOWhmks1rGtCEwKiAZCYzyOyktAKfWNoMh6LeYYwdel9QILrUbXSHYjmwIw8bl3IaPBjX2KFTgMxgOuk0mgQxF-lMEb4-9h1hmUaP4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc2MTY5NzIyMTE4NjA5MDgxMA&google_push=AXcoOmQ6h5Y42QmrcuhpK1dIXCL7fq1WjO1RxF89pjOWhmks1rGtCEwKiAZCYzyOyktAKfWNoMh6LeYYwdel9QILrUbXSHYjmwIw8bl3IaPBjX2KFTgMxgOuk0mgQxF-lMEb4-9h1hmUaP4
Request Chain 317
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJtn04iCa8jGAd0RMwmpebc&google_cver=1&google_push=AXcoOmTQOwYjaC0H2LuvaVmu2vFUSBrDHBiGz1ghbD1Qsh7fTwhMIRwEyC5fIMTms05SBtJH3ruqlzyhBIZg6ykWZiVv_Vpfc9eeTMSWm9rWJljw2chjfWU4EyzFfJ6KZEA5CliQCCV1Kedy HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJtn04iCa8jGAd0RMwmpebc&google_cver=1&google_push=AXcoOmTQOwYjaC0H2LuvaVmu2vFUSBrDHBiGz1ghbD1Qsh7fTwhMIRwEyC5fIMTms05SBtJH3ruqlzyhBIZg6ykWZiVv_Vpfc9eeTMSWm9rWJljw2chjfWU4EyzFfJ6KZEA5CliQCCV1Kedy&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=V_FQvfMoSUuK4ONyqrsw6w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTQOwYjaC0H2LuvaVmu2vFUSBrDHBiGz1ghbD1Qsh7fTwhMIRwEyC5fIMTms05SBtJH3ruqlzyhBIZg6ykWZiVv_Vpfc9eeTMSWm9rWJljw2chjfWU4EyzFfJ6KZEA5CliQCCV1Kedy
Request Chain 319
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEOe8caNXiZ3Lu6JMXy5YulM&google_cver=1&google_push=AXcoOmTOoeDAI7l3Ul7KX8M2VQdDa8plZGVROxESFGOAf9KnK5MwNNhKcRvzLb-__XEmaw2Ktw_jracaOptT8F69FMn-v7xKbvJoJD84emkl6t9aLYMLosKcAjDTP6v9egjByetVpM_6BVAq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjQ3MjUzMzc5MDIxMjYwOTM4MQ%3D%3D&google_gid=CAESEOe8caNXiZ3Lu6JMXy5YulM&google_cver=1&google_push=AXcoOmTOoeDAI7l3Ul7KX8M2VQdDa8plZGVROxESFGOAf9KnK5MwNNhKcRvzLb-__XEmaw2Ktw_jracaOptT8F69FMn-v7xKbvJoJD84emkl6t9aLYMLosKcAjDTP6v9egjByetVpM_6BVAq
Request Chain 321
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEM1XTz_pJhKywQZalc07kP8&google_cver=1
Request Chain 325
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/cf5ec43bcbebae19d3c7c18df99423?gdpr_consent=&gdpr=0
Request Chain 405
  • https://gcdn.2mdn.net/videoplayback/id/13c8b8091c6a7d44/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3813660949/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/1C4D85F2812D329A3955D689F7722C7925E13613.A0E8F22529195DB29E231B894E2F44DDF1648CF9/key/ck2/file/file.mp4?cpn=T0kM_2_P_MmgmD7_ HTTP 302
  • https://r1---sn-4g5edns6.c.2mdn.net/videoplayback/id/13c8b8091c6a7d44/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3813660949/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/037F56E177673DCCBE58E46058AB29C854E427C6.374CC9E4F5A1B9BAAA3D0A425DCA9B2FAA4339D6/key/cms1/cms_redirect/yes/mh/qa/mip/2001:1b60:2:240:3247::5/mm/42/mn/sn-4g5edns6/ms/onc/mt/1693388982/mv/u/mvi/1/pl/29?cpn=T0kM_2_P_MmgmD7_&file=file.mp4
Request Chain 454
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIdSrM8xsncYbLpYqlrUXVM&google_cver=1&google_push=AXcoOmSQyqttu-950nTjF2wNSkgSprywNfgIi6CDUIJGYA3sX7VyrCyZGRBXw_WWGAq3k3v9E74qZTmxacgOUN3nrzOc8UTfYyf9&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSQyqttu-950nTjF2wNSkgSprywNfgIi6CDUIJGYA3sX7VyrCyZGRBXw_WWGAq3k3v9E74qZTmxacgOUN3nrzOc8UTfYyf9%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIdSrM8xsncYbLpYqlrUXVM&google_cver=1&google_push=AXcoOmSQyqttu-950nTjF2wNSkgSprywNfgIi6CDUIJGYA3sX7VyrCyZGRBXw_WWGAq3k3v9E74qZTmxacgOUN3nrzOc8UTfYyf9&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSQyqttu-950nTjF2wNSkgSprywNfgIi6CDUIJGYA3sX7VyrCyZGRBXw_WWGAq3k3v9E74qZTmxacgOUN3nrzOc8UTfYyf9%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 455
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPRarsN5ERDz35wOGmAM9js&google_cver=1&google_push=AXcoOmRFThPllu_tviJ0MW2isf1xHW5X2Z5ZqtmgFkoZlJICL84FlUtvhwf5C-Ah8fmEBXiD11r5D_Wf4OJb2k8KDEHUSVIQA6BC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRFThPllu_tviJ0MW2isf1xHW5X2Z5ZqtmgFkoZlJICL84FlUtvhwf5C-Ah8fmEBXiD11r5D_Wf4OJb2k8KDEHUSVIQA6BC&google_hm=eS03N2FIUkx0RTJwR3p1RVhFb2FsTVpDZ0U3dENYYmRVX35B
Request Chain 456
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ-dIGlCqa4Oq1xfbI4RMGM&google_cver=1&google_push=AXcoOmSpsRaMdGv4AFRy1r2PHbhVPIPnn31wGzL2lTqCeRBgBHqmqdNA0fBLPHeQpvRvyvndXv5RdIu5Yk5hK7sR-UoGQkLRUPI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc2MTY5NzIyMTE4NjA5MDgxMA&google_push=AXcoOmSpsRaMdGv4AFRy1r2PHbhVPIPnn31wGzL2lTqCeRBgBHqmqdNA0fBLPHeQpvRvyvndXv5RdIu5Yk5hK7sR-UoGQkLRUPI
Request Chain 457
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQx-lEwCJM06Jf1jLLBc6FIoXxU2v6rEmkGth-_ufKLKjq5ajwVs5wzagtKDkuLDQQhBdn9IDJC5gwGxBQoLrkEr75p6mn4&google_gid=CAESEG0mQowrde205l1ATy78DPQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-G12sODBoWvmHcOo-GSdbtL9ViurD-oizh_GdBw&google_push=AXcoOmQx-lEwCJM06Jf1jLLBc6FIoXxU2v6rEmkGth-_ufKLKjq5ajwVs5wzagtKDkuLDQQhBdn9IDJC5gwGxBQoLrkEr75p6mn4
Request Chain 458
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ-dIGlCqa4Oq1xfbI4RMGM&google_cver=1&google_push=AXcoOmRoDzVDCOmzB8cHWU6KDQPBLMNEwV1pdR2oSyZBYYZxskAPA49Zk1eZIPgzGqCKQErcmzmRPpgg3fAnCl3GdevJfj4LIuh0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc2MTY5NzIyMTE4NjA5MDgxMA&google_push=AXcoOmRoDzVDCOmzB8cHWU6KDQPBLMNEwV1pdR2oSyZBYYZxskAPA49Zk1eZIPgzGqCKQErcmzmRPpgg3fAnCl3GdevJfj4LIuh0
Request Chain 460
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECIB_p-NXg3O86c5z5NGxtw&google_cver=1&google_push=AXcoOmTILnB9YqgVJ0xy66VREjDjhk0bqSEaTxaGVASPApenryMYm3ESOIrfzjaaqp2LKqu1pUvZjqqgBa0fGu6EW6Hh-IYxZGGyhg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTILnB9YqgVJ0xy66VREjDjhk0bqSEaTxaGVASPApenryMYm3ESOIrfzjaaqp2LKqu1pUvZjqqgBa0fGu6EW6Hh-IYxZGGyhg HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 469
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELYf-h60aapGQB8Q080pBiw&google_cver=1&google_push=AXcoOmSoxknDNKjaBChiDnEiEftqt9IwKshQQcRHzTML4Ec7AMF7ZUmVsk7pnj4W46n7xK5SAQBACeS_awyvGAe2dsC-qG7U3obB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSoxknDNKjaBChiDnEiEftqt9IwKshQQcRHzTML4Ec7AMF7ZUmVsk7pnj4W46n7xK5SAQBACeS_awyvGAe2dsC-qG7U3obB
Request Chain 470
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBE7C7Y3JuK4BlK5WDDpkFw&google_cver=1&google_push=AXcoOmQ0G0zps_PMPlR82AyGbHRxpR24Tu3ot819WIwIU0_GFIlJwF-FkHUmtFK8yyv2ycvHtGu5E4I6OKaHysfkqNq4a5K9z_lg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ0G0zps_PMPlR82AyGbHRxpR24Tu3ot819WIwIU0_GFIlJwF-FkHUmtFK8yyv2ycvHtGu5E4I6OKaHysfkqNq4a5K9z_lg&google_hm=UOTeS6VrTSiGHqiTzkNTaRk
Request Chain 472
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEMkkgkxD16sHOnHUnnhoO7A&google_cver=1&google_push=AXcoOmSS26lul3hMitMhjjjLkPmWL_dY2T6mqYoUyVyuXcLrbQAinT-hYb5GYYumbA_aXfwDWrmFPE5CRm9gHuzrqLlXztP4TzyU HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMkkgkxD16sHOnHUnnhoO7A&google_cver=1&google_push=AXcoOmSS26lul3hMitMhjjjLkPmWL_dY2T6mqYoUyVyuXcLrbQAinT-hYb5GYYumbA_aXfwDWrmFPE5CRm9gHuzrqLlXztP4TzyU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSS26lul3hMitMhjjjLkPmWL_dY2T6mqYoUyVyuXcLrbQAinT-hYb5GYYumbA_aXfwDWrmFPE5CRm9gHuzrqLlXztP4TzyU
Request Chain 473
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBDwBH91y_HhntET4ji_yfo&google_cver=1&google_push=AXcoOmREYIzsr_ST9kqI3iuOJsHty0vmeN2dPjXRpK3p5dOgiYrQ6NlO1awszYAm89oX75nLtnzmNpeZX378RepZ52VsMCe7USE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBDwBH91y_HhntET4ji_yfo&google_hm=ZO8Vkbtxviw0lCdvPLjgqwAADO4AAAAB&google_nid=index&google_push=AXcoOmREYIzsr_ST9kqI3iuOJsHty0vmeN2dPjXRpK3p5dOgiYrQ6NlO1awszYAm89oX75nLtnzmNpeZX378RepZ52VsMCe7USE
Request Chain 474
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEATUhQpRGA9c3UWK2EyUOyM&google_cver=1&google_push=AXcoOmQ_UNuuDuU41fJhz_Uq4JW2bH1AtG-HxN2zLBP67smi-qfwrTHS7MD5DYONIFChpynA8-NxQnuwQlgdmrCV6rQxnc3_COWd HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQ_UNuuDuU41fJhz_Uq4JW2bH1AtG-HxN2zLBP67smi-qfwrTHS7MD5DYONIFChpynA8-NxQnuwQlgdmrCV6rQxnc3_COWd&google_gid=CAESEATUhQpRGA9c3UWK2EyUOyM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY0NzIxMzcxOTA4MjE1MTAwMTY0NQ%3D%3D&google_push=AXcoOmQ_UNuuDuU41fJhz_Uq4JW2bH1AtG-HxN2zLBP67smi-qfwrTHS7MD5DYONIFChpynA8-NxQnuwQlgdmrCV6rQxnc3_COWd
Request Chain 477
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELYf-h60aapGQB8Q080pBiw&google_cver=1&google_push=AXcoOmRR7kikJW9AJrd9JoR2jbN6ZydjB2Vyq6C7jc5aSOW9m9R0_SoS1I1q2q8N4E2Q1b_0paViwQKH8l0vkuSASVUkCy9nNCs22CAJaXbvonuThx2mpPL57NfZ3T9avWI33qnwec-Re2Im2w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRR7kikJW9AJrd9JoR2jbN6ZydjB2Vyq6C7jc5aSOW9m9R0_SoS1I1q2q8N4E2Q1b_0paViwQKH8l0vkuSASVUkCy9nNCs22CAJaXbvonuThx2mpPL57NfZ3T9avWI33qnwec-Re2Im2w
Request Chain 478
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIdSrM8xsncYbLpYqlrUXVM&google_cver=1&google_push=AXcoOmSsj2svYeV2wxPsyj2_K1_f-v4NZluJa38d2w6aRWJFju0n21wCevIr43Lpeayiw-60Stpf9PiQ-vQqkAVsL8FlpYbQWibTLZJ8_GLvvL4LaWh1Ty-Bw-htju__MHMZiaq04QuhmHq1Jw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSsj2svYeV2wxPsyj2_K1_f-v4NZluJa38d2w6aRWJFju0n21wCevIr43Lpeayiw-60Stpf9PiQ-vQqkAVsL8FlpYbQWibTLZJ8_GLvvL4LaWh1Ty-Bw-htju__MHMZiaq04QuhmHq1Jw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIdSrM8xsncYbLpYqlrUXVM&google_cver=1&google_push=AXcoOmSsj2svYeV2wxPsyj2_K1_f-v4NZluJa38d2w6aRWJFju0n21wCevIr43Lpeayiw-60Stpf9PiQ-vQqkAVsL8FlpYbQWibTLZJ8_GLvvL4LaWh1Ty-Bw-htju__MHMZiaq04QuhmHq1Jw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSsj2svYeV2wxPsyj2_K1_f-v4NZluJa38d2w6aRWJFju0n21wCevIr43Lpeayiw-60Stpf9PiQ-vQqkAVsL8FlpYbQWibTLZJ8_GLvvL4LaWh1Ty-Bw-htju__MHMZiaq04QuhmHq1Jw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 479
  • https://um.simpli.fi/gp_match?google_gid=CAESEPXef7QrAZM7TOzJKORUDBw&google_cver=1&google_push=AXcoOmRurBUenR0OLULlbQkyzAQndG1QC4qQTK0A-sd0rxQlyEGxyHbNkK1RvWyrkCPCltVnVdax8o7hN9qc28TMup5IAJPRcTab8X3pJv-YSS7-Q7Ei7cBahL51axTzeW-60uFMvSSdLdclnw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9E42FD47FAEA42B6A9787FC7C62CEB7E&google_push=AXcoOmRurBUenR0OLULlbQkyzAQndG1QC4qQTK0A-sd0rxQlyEGxyHbNkK1RvWyrkCPCltVnVdax8o7hN9qc28TMup5IAJPRcTab8X3pJv-YSS7-Q7Ei7cBahL51axTzeW-60uFMvSSdLdclnw
Request Chain 480
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPRarsN5ERDz35wOGmAM9js&google_cver=1&google_push=AXcoOmQF6j0X6khdSgitewjILa7BHsU7SIaNOT1kxNM3IIg-mERPlfECTOaCmW7K0gDxTRdwlM2AERPWew9JUMyB38oJCtLtTd_oYPIBS-phUsTU3uuCdfmFkupVAU1Tk5lqdAufUSc94w1TrQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQF6j0X6khdSgitewjILa7BHsU7SIaNOT1kxNM3IIg-mERPlfECTOaCmW7K0gDxTRdwlM2AERPWew9JUMyB38oJCtLtTd_oYPIBS-phUsTU3uuCdfmFkupVAU1Tk5lqdAufUSc94w1TrQ&google_hm=eS03N2FIUkx0RTJwR3p1RVhFb2FsTVpDZ0U3dENYYmRVX35B
Request Chain 481
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJVKNoOmxzk-dheJox1fEhw&google_cver=1&google_push=AXcoOmR1-7T3kpc_sibcCs9-HtgqAQK2mpCgA-DK1d40j1TmsQc7LraFQu3JW_8Avquo44L6giG4VkqEYgK-Z2MZRLj_VKOvTzUffVLAeu-HCe2qI3AplabN8Nm5seZod7QRgdtBRt1qzn9jIg HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJVKNoOmxzk-dheJox1fEhw&google_cver=1&google_push=AXcoOmR1-7T3kpc_sibcCs9-HtgqAQK2mpCgA-DK1d40j1TmsQc7LraFQu3JW_8Avquo44L6giG4VkqEYgK-Z2MZRLj_VKOvTzUffVLAeu-HCe2qI3AplabN8Nm5seZod7QRgdtBRt1qzn9jIg&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmR1-7T3kpc_sibcCs9-HtgqAQK2mpCgA-DK1d40j1TmsQc7LraFQu3JW_8Avquo44L6giG4VkqEYgK-Z2MZRLj_VKOvTzUffVLAeu-HCe2qI3AplabN8Nm5seZod7QRgdtBRt1qzn9jIg&google_hm=HPKCuGZHMhmCnPE6RLKEFCya
Request Chain 482
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEATUhQpRGA9c3UWK2EyUOyM&google_cver=1&google_push=AXcoOmSkNFCm7cCvxLZL6VlKxNF1OqTAnRs5OephKO7tBZsVY2GRZxQN1AW7xeXogTZXAiOe472FIdLxchJQMQi0I9oCdheEnOJZmXCLwNI3AGB8-AUB6qqmfRgwDpHBieEAHsvg1wS01Umqbg HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSkNFCm7cCvxLZL6VlKxNF1OqTAnRs5OephKO7tBZsVY2GRZxQN1AW7xeXogTZXAiOe472FIdLxchJQMQi0I9oCdheEnOJZmXCLwNI3AGB8-AUB6qqmfRgwDpHBieEAHsvg1wS01Umqbg&google_gid=CAESEATUhQpRGA9c3UWK2EyUOyM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY0NzIxMzcxOTA4MjE1MTAwMTY0NQ%3D%3D&google_push=AXcoOmSkNFCm7cCvxLZL6VlKxNF1OqTAnRs5OephKO7tBZsVY2GRZxQN1AW7xeXogTZXAiOe472FIdLxchJQMQi0I9oCdheEnOJZmXCLwNI3AGB8-AUB6qqmfRgwDpHBieEAHsvg1wS01Umqbg
Request Chain 483
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECIB_p-NXg3O86c5z5NGxtw&google_cver=1&google_push=AXcoOmRBDP52-O0UE3Bk5Bk1pPOYVNS_v1V-Wgv7ckxx_HZxkuPbTd_JjOkyZd7F05N5aeSh2NB9Qqa2vKTmUGstMWEfJrKVP8NfY6y-uy9o27x88sPj_c3YQtufeFtHQf03zMddS1oE0lCrQFQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRBDP52-O0UE3Bk5Bk1pPOYVNS_v1V-Wgv7ckxx_HZxkuPbTd_JjOkyZd7F05N5aeSh2NB9Qqa2vKTmUGstMWEfJrKVP8NfY6y-uy9o27x88sPj_c3YQtufeFtHQf03zMddS1oE0lCrQFQ HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 486
  • https://pr-bh.ybp.yahoo.com/sync/taboola/c2a480cd-b473-488d-98cc-424c45b354b2-tuctbe89b10?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-bEo6RtRE2oSI3mbPbC4px7nhPGZgN_jatv_ijw--~A
Request Chain 489
  • https://pr-bh.ybp.yahoo.com/sync/taboola/c2a480cd-b473-488d-98cc-424c45b354b2-tuctbe89b10?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-bEo6RtRE2oSI3mbPbC4px7nhPGZgN_jatv_ijw--~A
Request Chain 491
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIdSrM8xsncYbLpYqlrUXVM&google_cver=1&google_push=AXcoOmSWiM3xw09A7fiyq8v30ZogWbm9_8qv_RXL6j6ac18M6awRAwpK8d45A2pWw2xLF-D4rylq-Q_6ZY54Kf2X8hPJ6HNseW5uDA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSWiM3xw09A7fiyq8v30ZogWbm9_8qv_RXL6j6ac18M6awRAwpK8d45A2pWw2xLF-D4rylq-Q_6ZY54Kf2X8hPJ6HNseW5uDA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIdSrM8xsncYbLpYqlrUXVM&google_cver=1&google_push=AXcoOmSWiM3xw09A7fiyq8v30ZogWbm9_8qv_RXL6j6ac18M6awRAwpK8d45A2pWw2xLF-D4rylq-Q_6ZY54Kf2X8hPJ6HNseW5uDA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSWiM3xw09A7fiyq8v30ZogWbm9_8qv_RXL6j6ac18M6awRAwpK8d45A2pWw2xLF-D4rylq-Q_6ZY54Kf2X8hPJ6HNseW5uDA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 492
  • https://um.simpli.fi/gp_match?google_gid=CAESEPXef7QrAZM7TOzJKORUDBw&google_cver=1&google_push=AXcoOmQU_KVMkZBugtrR-UOEbFObTzV08PBVp3lEPQMr4XFZGElWL1iy5U9RiXWLrNyAvJ5hyPSjd4wzEMEus8j94QyXDH3RwLme HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DDD0AA3F36E640C2BD133C1B50E57E0E&google_push=AXcoOmQU_KVMkZBugtrR-UOEbFObTzV08PBVp3lEPQMr4XFZGElWL1iy5U9RiXWLrNyAvJ5hyPSjd4wzEMEus8j94QyXDH3RwLme
Request Chain 494
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPRarsN5ERDz35wOGmAM9js&google_cver=1&google_push=AXcoOmRapZlZLGBYipM7vL30TKPW1rBq3m5DcQvb4Rsb0_lctKkZMig9HJybqPlaLsznP9Ryjzmp3JIdBwmVfqnjtv9t_L52LvELrA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRapZlZLGBYipM7vL30TKPW1rBq3m5DcQvb4Rsb0_lctKkZMig9HJybqPlaLsznP9Ryjzmp3JIdBwmVfqnjtv9t_L52LvELrA&google_hm=eS03N2FIUkx0RTJwR3p1RVhFb2FsTVpDZ0U3dENYYmRVX35B
Request Chain 495
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEMkkgkxD16sHOnHUnnhoO7A&google_cver=1&google_push=AXcoOmT_Aib1ybstho3R5AEsZUzre4S1sEkSqsa4qCbbR3co6ogrw6aT9B6VJeo4BSrwDP9w_g-1-nm2pMzfd4BG_pp1aDmS6l_OwQ HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMkkgkxD16sHOnHUnnhoO7A&google_cver=1&google_push=AXcoOmT_Aib1ybstho3R5AEsZUzre4S1sEkSqsa4qCbbR3co6ogrw6aT9B6VJeo4BSrwDP9w_g-1-nm2pMzfd4BG_pp1aDmS6l_OwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmT_Aib1ybstho3R5AEsZUzre4S1sEkSqsa4qCbbR3co6ogrw6aT9B6VJeo4BSrwDP9w_g-1-nm2pMzfd4BG_pp1aDmS6l_OwQ
Request Chain 496
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJtn04iCa8jGAd0RMwmpebc&google_cver=1&google_push=AXcoOmTLcZEvQVG-ziWZX47GIvApTbhpkxZXwGIqcJEWqIIlTSfZyVPp_1Xs21YOfO-UAe6X4I0ywJjTU8JCB3Gb136TFBGTzTLxRw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=V_FQvfMoSUuK4ONyqrsw6w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTLcZEvQVG-ziWZX47GIvApTbhpkxZXwGIqcJEWqIIlTSfZyVPp_1Xs21YOfO-UAe6X4I0ywJjTU8JCB3Gb136TFBGTzTLxRw
Request Chain 509
  • https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20338656462&bidurl=https://www.walla.co.il/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g0UMGzd5ny30P_JVMbGy7H&adContainerId=brand_safety_kRXvZK7RNp-wx_APo5en4As&cbFunctionName=goog_wrapCb_kRXvZK7RNp-wx_APo5en4As&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.walla.co.il&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.walla.co.il%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:5952e237-63b2-f878-6283-c5d8110ad44a,c:mLTsdK,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-68f67cd888-dth9t,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tOpuOFw+11%7C121%7C1221%7C1222%7C1223%7C1224%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1k1%7C1k2%7C1k3%7C1k4%7C1l1%7C1l2%7C1l3%7C1l4%7C1m*.990511-61634100%7C1m1%7C1m2%7C1m3%7C1m4%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v%7C1w%7C1x%7C1y,idMap:1m*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:71,oid:708b1291-471d-11ee-bd34-b21dc13447b1,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_kRXvZK7RNp-wx_APo5en4As&cbFunctionName=goog_wrapCb_kRXvZK7RNp-wx_APo5en4As&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Request Chain 511
  • https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20338656462&bidurl=https://www.walla.co.il/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0j4IwoU4VLck89L6_fvIyOW&adContainerId=brand_safety_kRXvZNadNojAx_AP3ZyBsAQ&cbFunctionName=goog_wrapCb_kRXvZNadNojAx_AP3ZyBsAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.walla.co.il&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.walla.co.il%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:ba140f8d-8ede-8ec5-42d7-9f159e706e0a,c:mLTseB,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7d74fbcfb-gf879,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tOpuOH7+11%7C121%7C1221%7C1222%7C1223%7C1224%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1k1%7C1k2%7C1k3%7C1k4%7C1l*.990511-61634100%7C1l1%7C1l2%7C1l3%7C1l4%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v%7C1w%7C1x%7C1y,idMap:1l*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:25,oid:708b3968-471d-11ee-a915-8aafb8e8113a,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_kRXvZNadNojAx_AP3ZyBsAQ&cbFunctionName=goog_wrapCb_kRXvZNadNojAx_AP3ZyBsAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Request Chain 513
  • https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20338656462&bidurl=https://www.walla.co.il/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gYWd3LI0ewoHmS5BvuDLHe&adContainerId=brand_safety_kRXvZMTgNoOxx_AP2f-7mAY&cbFunctionName=goog_wrapCb_kRXvZMTgNoOxx_AP2f-7mAY&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.walla.co.il&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.walla.co.il%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:231da780-d397-11ff-1b9e-20875e2ca1d5,c:mLTsg2,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7d74fbcfb-g6ndt,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tOpuOIy+11%7C121%7C1221%7C1222%7C1223%7C1224%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1k*.990511-61634100%7C1k1%7C1k2%7C1k3%7C1k4%7C1l1%7C1l2%7C1l3%7C1l4%7C1l5%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v%7C1w%7C1x%7C1y,idMap:1k*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:24,oid:708b39c4-471d-11ee-9ab5-ca51a7b2bc38,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_kRXvZMTgNoOxx_AP2f-7mAY&cbFunctionName=goog_wrapCb_kRXvZMTgNoOxx_AP2f-7mAY&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Request Chain 588
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=3&topUrl=www.walla.co.il&bundle=KAaUhF9tbUc2YjNBMXpBYWQyb0xKWWN4T0ExajBRWDlaOWhkY2J6UmhqcUxDU2tSY3l4dEM5RXN3VWFaWklyUFFlT0hQem1QRG85JTJCZDJRckVIZGtSYWwyQlV4bmZyJTJCNmxxcmI0cXc0dzNOelpjRFEwZWRGYnZoZGdhdGFQclBXa1NhaGZ3bTUza3p3RVRjcW93cDBvZFJ0a1BnJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=-9_mBnxjTklFSTBHUzdJbnY5WEhjN29nMFJBa3k0aHk4WGdyL05GUExZSlpuSTlXYTlLRVIyeFpzdENwU2lrSDk5YTM1VStGbHl3Mi85dUdtbjVOTG56K1krblV6TVgvbndvS0RXb2licXM3cnRsL0UvQlpyeW9mSjQvd3J6anByZHlQRndsK1VTN200T2k5ODNud3RTTWRrOUVDVnVFYlJhaDFrMnVtT01oR2tlWnlWY0hKREFVU1dqRURyY1RDNVhKR0JSZzZZQ0Y2TUNlTW1iNWpzemkySGlqdHJ2RC9pRWdXVWZ3bmE4VnNoSjZBaFhGaHllS0YvT2taSm5iRzI4U0VmamlpM2gxWnpMbUx0UXhWMG9rVmNGM3MwVVh3aU1mUUxGVnlFcUJpTldvQT18&cppv=2
Request Chain 617
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZO8Vkbtxviw0lCdvPLjgqwAADO4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBDwBH91y_HhntET4ji_yfo&google_cver=1
Request Chain 618
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO8Vkbtxviw0lCdvPLjgqwAADO4AAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO8Vkbtxviw0lCdvPLjgqwAADO4AAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 620
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4761697221186090810&expiration=1694599828
Request Chain 623
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2472533790212609381
Request Chain 625
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 626
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=57F150BD-F328-494B-8AE0-E372AABB30EB&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=57F150BD-F328-494B-8AE0-E372AABB30EB&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 627
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=v5SocLiV9CKkkq4jusXgLu_Eq3OkkfwnsJMSaYmL
Request Chain 628
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=V_FQvfMoSUuK4ONyqrsw6w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 630
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3524358078 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=57F150BD-F328-494B-8AE0-E372AABB30EB
Request Chain 631
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=57F150BD-F328-494B-8AE0-E372AABB30EB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ODY4ZFBCcE1Ia1JULWlvaENiZnBTc25YZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=4761697221186090810&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 632
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTdGMTUwQkQtRjMyOC00OTRCLThBRTAtRTM3MkFBQkIzMEVC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 633
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMwOG60Be6mnUMX9qyTZD8g&google_cver=1
Request Chain 636
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4761697221186090810
Request Chain 645
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 648
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/4761697221186090810
Request Chain 649
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/c86ddc974113c5fc36138c3d09ee4bf?gdpr_consent=&gdpr=0
Request Chain 652
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Px2mur4X0hdxGzX0GRJE?pi=smilewanted&tc=1
Request Chain 653
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=d2d0ac41b2f73069127b27a56e0c307a
Request Chain 664
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAMailicG_zR6ATrj1zd5t8&google_cver=1
Request Chain 665
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/tOGzXH03tteYUuvJev-FZ8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VLXkgEZE2oJdVzMnLwXTacWwDP2rfSndGUKA3g--~A
Request Chain 668
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjFhYWU5OWFmNWM4Y2ZlNzA5ODJiMzY1NzA0MjJiMjc3ZDRlZWI1ZA
Request Chain 669
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ThE0UTQeQmKOHas0b2XUKQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ThE0UTQeQmKOHas0b2XUKQ
Request Chain 670
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLXKTFEL-13-DCNT
Request Chain 671
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExYS1RGRUwtMTMtRENOVA== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPJ8pFF30PvFq6ImU86xH40&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExYS1RGRUwtMTMtRENOVA==&google_push=
Request Chain 675
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2472533790212609381&gdpr=0&gdpr_consent=
Request Chain 676
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7273055635756611742&gdpr=0&gdpr_consent=
Request Chain 677
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=cR6Tg2yQXFdTnP_fSGNuwNly2hk&gdpr=0&gdpr_consent=
Request Chain 678
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZO8VlwAMesb49ABY
Request Chain 679
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU35d3a1cf1b4d47b988485429b9e1556b
Request Chain 680
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 682
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=57F150BD-F328-494B-8AE0-E372AABB30EB&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=57F150BD-F328-494B-8AE0-E372AABB30EB&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 683
  • https://pixel.onaudience.com/?partner=214&mapped=57F150BD-F328-494B-8AE0-E372AABB30EB&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 684
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=c0ed94ef-b43c-4a77-85c3-475a815f5296&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&s_data=CAIQARiXq7ynBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEHOKZcBHHRHusdoAJZDIJDeqAQhwdWJtYXRpY7IBJGMwZWQ5NGVmLWI0M2MtNGE3Ny04NWMzLTQ3NWE4MTVmNTI5Ng** HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=476&user_id=738a65c0-471d-11ee-b1da-002590c82437&expires=90&ssp=pubmatic&bsw_param=c0ed94ef-b43c-4a77-85c3-475a815f5296
Request Chain 686
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2535591895242875208&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 687
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:55dc0c74-a031-4182-ad24-4202d1a30313&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

685 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.walla.co.il/ 		561 KB
253 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
6ef4ed027b1892f41dd49c3f926b378f1fb0ecc03b1d6008ceac12128d9747a2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=30
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 10:10:22 GMT
etag
W/"8c4e7-MDd1RF3ES2+xoUQgkHc9b6hH8B8"
server
openresty/1.15.8.1
vary
Accept-Encoding
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
x-amz-cf-id
iKj0bYe2pZ-wsoq7kDMqmiyFsQiQb7b7VtLjmptDhPd6yl5oCn2DTw==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-cached
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f28c57fdc3ffc7a3bbe7c4e728fb80ecd2fbb95f0401fbe5aca18568834b9fd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29544
x-xss-protection
0
server
cafe
etag
473 / 19599 / m202308240101 / config-hash: 3287751012361123362
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 10:10:22 GMT
js
www.googletagmanager.com/gtag/ 		197 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11170679829
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
721d1ff07d1902515fcff6339871f8875b2bd63d9dbdd97e6748934a2378998e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72434
x-xss-protection
0
last-modified
Wed, 30 Aug 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Aug 2023 10:10:22 GMT
js
www.googletagmanager.com/gtag/ 		246 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b3610a6e5327f2748fce71244972ccd7dcc6ad96ac04c61bc731200d0274b3c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86382
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 30 Aug 2023 10:10:22 GMT
dmp-provider.js
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/ 		208 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-111.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
068eb3e4d07d606a09b54b707f5b07bea6100b984ca99e6d932bce2ccc2b9ae3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 10:51:17 GMT
content-encoding
br
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA60-P4
age
83945
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
B0PUsyfFU11AeTpMshZBRiIXztWoyGC3pwYGHngA365cFlqtquKQYw==
wallacoil-prod.js
cdn.valuad.cloud/hb/ 		1000 KB
273 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
d61b6952261c247b92a5518171fdd6fd83dabb30265c303d3476873e705b8121
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Wed, 30 Aug 2023 07:28:39 GMT
x-amz-request-id
tx00000000000000264f236-0064eeefab-3b54c9b1-fra1a
etag
"928bdf3b1e091b57b0bcf457c507131f"
x-envoy-upstream-healthchecked-cluster
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1693390222.dop211.fr8.t,1693390222.cds212.fr8.hn,1693390222.cds108.fr8.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
279454
loader.js
cdn.taboola.com/libtrc/wallail-walla/ 		812 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
31dcb885f54c9bfd03a6c5b30c4c422bf9f7bc716b6e4b75ac2364bab2dbb937

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
dSYISHzb1nKi.p32qS05pBHYbLCTDH79
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 10:10:22 GMT
x-amz-request-id
VFFXBXY0ZS5XY3TH
age
1919
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
12
x-amz-replication-status
PENDING
content-length
68402
x-amz-id-2
Y+LOnU0/bJ8ZzbJ+p27ilFM59UnR3hmDx3AVLjZ9Fnw4kGokzdYPSxKwcPuO03qHdxImCdbIpV0=
x-served-by
cache-fra-eddf8230082-FRA
last-modified
Wed, 30 Aug 2023 09:38:23 UTC
server
nginx
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693390223.635128,VS0,VE1
etag
"2cb9e25fe21b2b474d075b78c186dcb6592bfd87"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
25
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6795) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 10:10:22 GMT
Content-Encoding
gzip
Age
54
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (frb/6795)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
gtm.js
www.googletagmanager.com/ 		476 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d43af1a3fa24cab28c013043adcb3cc40f1fb3871f53d430338beabc84468a5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106026
x-xss-protection
0
last-modified
Wed, 30 Aug 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Aug 2023 10:10:22 GMT
gtm.js
www.googletagmanager.com/ 		499 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
415ad36537ef1bc50e2cc62e176f1ec407382478b67f4973c5b4ee69e087b953
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84400
x-xss-protection
0
last-modified
Wed, 30 Aug 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Aug 2023 10:10:22 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 30 Aug 2023 09:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1239
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 30 Aug 2023 11:49:43 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:c00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 17:21:16 GMT
content-encoding
gzip
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 00:45:38 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
60546
etag
W/"64d2e1b2-94a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
5pV9un_Qg1Ir5blK6FlVeElnWmyCqopWL9cPdj-XBPc5Dzf6Rr15HA==
expires
Wed, 30 Aug 2023 17:21:16 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:c00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 16:55:39 GMT
content-encoding
gzip
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 00:37:14 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
62083
etag
W/"649b80ba-5df1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
DpvtvmDCeb6gtNhKAbYorJ6hTUjpDBx7X0BGnDpk42GJTy3yCUqJRQ==
expires
Wed, 30 Aug 2023 16:55:39 GMT
new-logo-mobile.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
968 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/new-logo-mobile.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a1cb876b8d4ac161aa3960063801ce2a3e1f893863524b9132de74867fe9d16b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"473-18a4599b968"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
U6c1ddXjuj6dGlT6y5it40DEQqwdyxrqVfrdXHZj8OYACOXMMMneWw==
x-cached
HIT
icon-weather-mobile.svg
www.walla.co.il/public/assets/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-weather-mobile.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"7ee-18a4599b968"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
XLSHzjkRUZ3G9Yksc18ieeBlwj6l1X45FzveRJ4p49EVVMfgBEyBjw==
x-cached
HIT
icon-mail-no-bg.svg
www.walla.co.il/public/assets/homepage2/ 		464 B
822 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-mail-no-bg.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"1d0-18a4599b968"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
464
x-cached
HIT
x-amz-cf-id
owGmrH7jEsrm1WdsAeHHYU-gRxWCcmq7VTkqugiw6Xb6Q_tiuEFSIw==
new-logo.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/new-logo.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"492-18a4599b968"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
wPG00yEQzHKBtcOzJ7hxJMQOYiDHqsKRqO1jzFgjQB4lZlaVPaMgyQ==
x-cached
HIT
allay-icon.svg
www.walla.co.il/public/assets/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/allay-icon.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"c00-18a4599b968"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
a8oR05ZdnqmJujxyiU57KYm5U31VF7uQb6yLzT_6LGddKoSSw_2_yA==
x-cached
HIT
tiktok.svg
www.walla.co.il/public/assets/navigation/ 		628 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/navigation/tiktok.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
40083197f6c3fad2ef5d99095c72f3a60072e92bdfcd920dd91299f3679027b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"274-18a4599b968"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
628
x-cached
HIT
x-amz-cf-id
-_e17QgyEouMnlc43GR3ME4PE5ycBUItBThIz0AK996CgrNGpuwN_Q==
insta.svg
www.walla.co.il/public/assets/navigation/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/navigation/insta.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
23e2409494818d5a7bbcf232f0818db8599da2d9c3c1856572f95ffc7b4b1d2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"79e-18a4599b968"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
hBNe-llwTpsm-WFgnHp4k4Gl1FDdobbkb9TWpZ_mgrGJa7-SlN_vGQ==
x-cached
HIT
twitter.svg
www.walla.co.il/public/assets/navigation/ 		1004 B
941 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/navigation/twitter.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
d685d349bc446d06cf68755fd4dbd95bb51f8913ad08cea281e371aa1fc284eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"3ec-18a4599b968"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
icdl9r8G3-oBEjuNYrSMjaEt6tPAiI2n8tS5iCTQEaj2IvkLAiVUTA==
x-cached
HIT
facebook.svg
www.walla.co.il/public/assets/navigation/ 		471 B
829 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/navigation/facebook.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5d2840fc0bf868ec7e60c9e2f14a0f623b865ee0a7f8459fbfb25881709f7838

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"1d7-18a4599b968"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
471
x-cached
HIT
x-amz-cf-id
1ibGt0oD8zJLSOSZhxnEge5mwT7MUXIauyu71AvYCFPcolal7qlM7Q==
3591606-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/3/5/9/1/ 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/3/5/9/1/3591606-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
a9018e9381e1bd50d3314593c424f249d021269239ebcf46ebc4485ee2dc83a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:04:16 GMT
via
1.1 google
age
7566
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114264
invalid-name2.svg
www.walla.co.il/public/assets/shivuki/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/shivuki/invalid-name2.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"834-18a4599b968"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
Yb_8NoHg3S7OIFnnVGtGKaJibcHOz7sNu_hk38njPns6H1nxderxlg==
x-cached
HIT
3591329-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/9/1/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/9/1/3591329-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
9219b7327f80a7844fcc0193242d7897c4ec79339631b98ea9f8c0676f8a1863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 10:51:02 GMT
via
1.1 google
age
83960
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14580
3562598-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/6/2/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/6/2/3562598-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
04af9b5f5e7d4140b6b8e4610c0f93714093f9f7bfe6df57766f70a4caf8c80d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 10:58:55 GMT
via
1.1 google
age
83487
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30042
3331531-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/3/3/1/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/3/3/1/3331531-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
081eb80088f5ab0ff581870bac0a06f8e82097a2a4fa400cc8019cfcacb22377

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 15:52:23 GMT
via
1.1 google
age
65879
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16518
logo_walla+.png
www.walla.co.il/public/assets/homepage2/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/logo_walla+.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
301bf90c72cd880946376981a30c087ebfdb02bf1a96780e311b7c48a0ed03a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"26ba-18a4599b968"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
9914
x-cached
HIT
x-amz-cf-id
hz_6pI4BK6uemfGEnAxe9akhxmNoA0PEHBw-b8BXYClkEH8NXVPIRw==
3512423-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/1/2/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/1/2/3512423-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
6c96868205ff762e7dba7da2237d6584fcbcb6dece067bb564b234dfd7b7c341

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 10:58:59 GMT
via
1.1 google
age
83483
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14366
3569914-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/6/9/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/6/9/3569914-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
29522943838b347b7c13c5f50eb4e4912ea6e7f3beae8082c8da68b0c2c10a40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 21:58:18 GMT
via
1.1 google
age
43924
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8390
3583412-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/8/3/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/8/3/3583412-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
5062b4854df82539482d1b759cddb9080a87bbef0872fca1e26f3ff1d4adf5fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 21:04:39 GMT
via
1.1 google
age
47143
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7904
google.gif
www.walla.co.il/public/assets/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/google.gif
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"5b6-18a4599b968"
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1462
x-cached
HIT
x-amz-cf-id
6oOtczScTQ8BH1IQWg_jkcGjEpS4RaoYSeGqQ0FgKfnT8Iyhz4ieJg==
icon-serch.svg
www.walla.co.il/public/assets/homepage2/ 		743 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-serch.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"2e7-18a4599b968"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
743
x-cached
HIT
x-amz-cf-id
d0ZCKMJ1d04dZMCYoxDPwp4df8jeGHyCf-pYY9owVss8lwG--CAsAg==
icon-5-g.svg
www.walla.co.il/public/assets/icons/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-5-g.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
9e3035b7f5b0074bf8401e498b2160a29e3f13741f03e537ad98e9a1836a701f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"b30-18a4599b968"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
BAAlNVgWPXE7xBbm-8DBYGAP9hfU7WaFreMPGPtMW31RmjagCOi_cA==
x-cached
HIT
icon-wather.svg
www.walla.co.il/public/assets/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-wather.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"85c-18a4599b968"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
4QIVp9lSzcMEKMqZPDDfRHweVkHME5hbyR-F8k5Qg0ujqoR-rnHqHg==
x-cached
HIT
icon-mail-empty.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-mail-empty.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"5f6-18a4599b968"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
GTNKHRCS2KkxkDbw5UQNtGQMc6glB_Gtntq3XfdWE1fhXT73OODDyw==
x-cached
HIT
video@2x.webp
www.walla.co.il/public/assets/icons/homepage3/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/homepage3/video@2x.webp
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
1c4dcf3b62662f4aa2a585956c0a77eb845c6bb99dbc5d71263f742286d79c18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"74c-18a4599b968"
x-cache
Miss from cloudfront
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1868
x-cached
HIT
x-amz-cf-id
oakDNxlKSPOe6dPHV3rEOlIeTOnHzhlP55-4mp6VGufHjSkucU1DLw==
almoni-neue-aaa-600.woff
www.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"e954-18a4599b968"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59732
x-cached
HIT
x-amz-cf-id
02BHJeX4cygI2oJu19Y-RAMdkY_aJF1h-Ldqe1VJmxu7sh-o51pipA==
almoni-neue-aaa-700.woff
www.walla.co.il/public/font/almoni/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-700.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"ea00-18a4599b968"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59904
x-cached
HIT
x-amz-cf-id
pTsysF1IXT75FifdC3NwH-1_0FNvSWJcss-sAb5RzPdxBYY7k-uvUA==
almoni-neue-aaa-400.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-400.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"e770-18a4599b968"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59248
x-cached
HIT
x-amz-cf-id
CzccY2_r5SdzMv4_BPqLSPHOgdJGa5vZEGy06kAOdOin99_lQeFz-Q==
almoni-neue-aaa-500.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"e7c0-18a4599b968"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59328
x-cached
HIT
x-amz-cf-id
PyMuluruRCxP0ncktTsC7ATRA-B9vTzHpvbCO5hBeMkJ_k-DR1Vs4g==
6950_1ee1e84a2c2bf62f2adf_1ee1e84a2c2bf62f2adf_walla.js
www.walla.co.il/public/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/6950_1ee1e84a2c2bf62f2adf_1ee1e84a2c2bf62f2adf_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
f20aa3c1f32442a08428b3f922e78848c790294e3acb607322a235c1ad7fc9c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:42:49 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"248c-18a459c0b28"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
advjooj1lFQPD8IPgrQDK2F3yEKH78cQPuEyi-VVnqMG5esvGUArtQ==
x-cached
HIT
3059_49711516c632ee02bdbc_49711516c632ee02bdbc_walla.js
www.walla.co.il/public/ 		313 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/3059_49711516c632ee02bdbc_49711516c632ee02bdbc_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
056e721ba249408b569260cc649c9f89f00b71885f60e93682d61f8375ffa926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:42:49 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"4e4f2-18a459c0b28"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
eNtlooip9VjRCNu1BFTYfSwBCkipAtXykXZPkFU83mqLbF8pr0O0DA==
x-cached
HIT
main_96e78731bb1cf4ee60b7_96e78731bb1cf4ee60b7_walla.js
www.walla.co.il/public/ 		993 KB
221 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/main_96e78731bb1cf4ee60b7_96e78731bb1cf4ee60b7_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
b6cb302e681df7352d4d577c0315d21dd0626089d058cf3b883e3dec6fba807f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:42:49 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"f85dd-18a459c0b28"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
tUAxgEttqCWx1kuYGoJsYa8HmmQnDpz6R1p0ko-FxYyLQW9gUUs6fg==
x-cached
HIT
9561_a6cb45b79e6001ccc514_a6cb45b79e6001ccc514_walla.js
www.walla.co.il/public/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/9561_a6cb45b79e6001ccc514_a6cb45b79e6001ccc514_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
801d6ff0dd3191cc7e44d8060ed2336706e8301bf4478df935f1ef87a82c11de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:42:49 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"6b6b-18a459c0b28"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
c9KMOtifppUCkN40eCLTiU38qPRibcPk9JsoYaM2WcNo4NkgiQZtsA==
x-cached
HIT
homepage_ee4e73cf5e17863146ba_ee4e73cf5e17863146ba_walla.js
www.walla.co.il/public/ 		217 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/homepage_ee4e73cf5e17863146ba_ee4e73cf5e17863146ba_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
3493d2d659aa266bb340ad1715a41bad4ab434d58474cafcd1c49a2174eb966d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:42:49 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"36575-18a459c0b28"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
Eg9nhuqUV_JMUZcC8KAH1nzgcLSdeoyQ7A7zxJ7YlBT_E0Bu4D9XsA==
x-cached
HIT
recorder.js
web-sdk.smartlook.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/recorder.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
f86d0322fdc1a470eaaa49114438b9fd7d7bb585cba3bf4469c02c8942556ffe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 30 Aug 2023 10:10:22 GMT
strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
216
x-accel-date
1693390006
x-77-nzt
AZySIYsD//n/2AAAAA
x-accel-expires
@1693390606
last-modified
Thu, 17 Aug 2023 08:46:25 GMT
server
CDN77-Turbo
etag
W/"64ddde61-10f6"
x-77-nzt-ray
cf878727e647337d8e15ef64cb3edf30
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
wallaicons.woff
www.walla.co.il/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:22 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"3bdc-18a4599b968"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15324
x-cached
HIT
x-amz-cf-id
O4JMPLOTelK2dS71cfEGyZM5z9YqDPXRU-5tTlvTdx28z3kghBETyg==
PRE
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/PRE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-111.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
1800
age
83845
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Tue, 29 Aug 2023 10:52:57 GMT
server
nginx/1.20.0
vary
Origin
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-cf-id
2y4mcRLX3GjQjgWSaBFMD38SA0E7B3ndHaZHqPK7Yt6uF1J5Q7gIQw==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
POST
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/POST
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-111.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
1800
age
83846
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Tue, 29 Aug 2023 10:52:56 GMT
server
nginx/1.20.0
vary
Origin
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-cf-id
vSPKmyjB2_V6MlpynXiPYL65dMI8ZddHzCVkkWK6H0oLs4OPKpVn9Q==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js
cdn.permutive.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2023-08-30
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
kahoona-idx-live.js
d2r08ja41ypc0t.cloudfront.net/WALLA/ 		52 B
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8e00:4:1c73:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad9dc28caa0fca7a160f2f4c9907725629603a32a137934e5cdcc2652323f637

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
ij0H4Ovav57a0UP4tyuRnZhuK0a2LmIu
date
Tue, 29 Aug 2023 15:37:39 GMT
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 15:24:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
66764
x-amz-server-side-encryption
AES256
etag
"ac76f968cf4a4fbbb4cd41cc0f5c401c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
52
x-amz-cf-id
I_NodDoDfqbHMo079T2VsQzLk8ecB6ZEPy9Ag7WgLbEOeT7ES3JpEg==
PRE
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ 		0
322 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/PRE
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-111.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/javascript

Response headers

date
Tue, 29 Aug 2023 10:51:35 GMT
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA60-P4
age
83927
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
gqGT1zyJvxHJFv3WkjG57j_s5lq42-N-SEWJYZAjhTD4FjUM_rhYGw==
POST
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ 		0
319 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/POST
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-111.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/javascript

Response headers

date
Tue, 29 Aug 2023 10:51:35 GMT
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA60-P4
age
83927
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
0sEDvDaV-J7zrGX4k6Ir8WDt70o_t6yKLZFDld0Qe1nZS--7tKf4EA==
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame 573E 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.walla.co.il
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6795) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1136179
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Wed, 30 Aug 2023 10:10:22 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6795)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
init
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 30 Aug 2023 10:10:23 GMT
server
Google Frontend
x-cloud-trace-context
53f7c26f3631dd27426367e3a3ea0089
x-request-id
undefined
init
hb-dot-valuad.appspot.com/ 		38 B
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
x-request-id
eefbf909-1532-4603-a3a0-3b1d349df9c8
x-vad-version
0.14.1

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
content-encoding
gzip
server
Google Frontend
etag
W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
d3c15c27f9e99dae63cecce2757e0a67
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64
x-request-id
undefined
collect
region1.analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RYD7X7E8VN&gtm=45je38s0&_p=211845584&_gaz=1&cid=578001927.1693390223&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693390222&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RYD7X7E8VN&cid=578001927.1693390223&gtm=45je38s0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RYD7X7E8VN&cid=578001927.1693390223&gtm=45je38s0&aip=1&z=970715950
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11170679829/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11170679829/?random=1693390223014&cv=11&fst=1693390223014&bg=ffffff&guid=ON&async=1&gtm=45be38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&auid=2078294940.1693390223&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11170679829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6697de21e51ff0ae3ef3118cd671318573b57ab71c06d73aafd08b973d490ea4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1381
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		193 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 30 Aug 2023 10:10:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52127
x-xss-protection
0
pragma
public
x-fb-debug
kOUK+YVc6QgZljmMC0lKBgSZXuBEv8aGQDqQQizxqY5zKoDZdGxu0EBWsqumoa1FP9PaVBiLZeaUe6zmzi3r7g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/ 		404 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 17:24:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
60367
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129934
x-xss-protection
0
server
cafe
etag
17007686020673988365
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 28 Aug 2024 17:24:16 GMT
dmp-main.js
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/ 		221 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-111.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
76e7bb4b02302c86d2609703d5e3bd8d6f406201268a9092eddd6d537db8d0e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 10:51:17 GMT
content-encoding
br
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA60-P4
age
83946
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
s1kq6z6AXhzyDPMGFQa3zaB5LRuAYA_JsKb53uGCvjck58ueNZG9Jw==
json
pro.ip-api.com/ 		20 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json?key=ay3FPSS6OcBXPHg&fields=countryCode
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/3059_49711516c632ee02bdbc_49711516c632ee02bdbc_walla.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 30 Aug 2023 10:10:23 GMT
Content-Length
20
Content-Type
application/json; charset=utf-8
3452_28c1808d0814a46feaca_28c1808d0814a46feaca_walla.js
www.walla.co.il/public/ 		123 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/3452_28c1808d0814a46feaca_28c1808d0814a46feaca_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_96e78731bb1cf4ee60b7_96e78731bb1cf4ee60b7_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
6dba6e329dfb9cefab40d65bd87209b0f98f585e82f455bff4ffb75e99573a23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:23 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:42:49 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"1eb65-18a459c0b28"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
DxWQ5pyMez0QrILFN-NeUbZBbzCzZGXQooshlXbotFF7YGCMJjkVqA==
x-cached
HIT
PikudInner_2e1eca4b5cb115902ee9_2e1eca4b5cb115902ee9_walla.js
www.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/PikudInner_2e1eca4b5cb115902ee9_2e1eca4b5cb115902ee9_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_96e78731bb1cf4ee60b7_96e78731bb1cf4ee60b7_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
55e1bb5ac96493124163d21acdc1a9e620d826d6654f94a9fab30cd8a648c0b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:23 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:42:49 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"cfe-18a459c0b28"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
ztHmq8U-kK731bnJaVI620KOKkGJDzJ2kvKMZyaqxE07btFOfyEzjw==
x-cached
HIT
load.js
pm-widget.taboola.com/wallail-walla/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/wallail-walla/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef9f4e5595c87f7bab17859c9e649bc27a66aae8e407d0c72b179a336f6be282

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
Nc3GQX_FPWE4JJa4d6ElLMboprgduwrj
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 10:10:23 GMT
x-amz-request-id
CVKBBR8HHR059X2S
age
226
x-cache
HIT, HIT
content-length
1107
x-amz-id-2
3rcSnvp+lLri15PpD2PiS0gWXs6e9pt1Qkdg2q+BzhqDFHXifcAK9823IoWAItMYavWEVp8uLHs=
x-served-by
cache-sjc1000140-SJC, cache-fra-eddf8230082-FRA
last-modified
Tue, 18 Apr 2023 12:24:46 GMT
server
AmazonS3
x-timer
S1693390224.548461,VS0,VE0
etag
"ba233cf579e81e13395451d440481864"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
3, 2
impl.20230830-8-RELEASE.js
cdn.taboola.com/libtrc/ 		804 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
37cad418c36ef3bcbffbee28600e2cdb2339a754ef141fb75c0de3c15523cd44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
nQoRCjjgoLejsC0U4vBbL4Rqsc0Bty61
content-encoding
br
via
1.1 varnish
date
Wed, 30 Aug 2023 10:10:23 GMT
x-amz-request-id
25NCCF2SSY4MV7KK
age
2879
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
170365
x-amz-id-2
mFMhg8rQ3cJ8vAxNqYxPhcriAYGLml+ucbCTWTS1sSWo4nBGpl+CsLtTuxgqETBBULTY9/kk4YU=
x-served-by
cache-fra-eddf8230082-FRA
last-modified
Wed, 30 Aug 2023 09:22:24 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693390223.495970,VS0,VE0
etag
"50babf3d0729c17439bdc90bc5fbaeee"
vary
Accept-Encoding
content-type
application/javascript
abp
8
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
6522
2323
dal.walla.co.il/editor/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dal.walla.co.il/editor/2323?from=www.walla.co.il
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/3059_49711516c632ee02bdbc_49711516c632ee02bdbc_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-88.fra60.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
549fdf51dffb7775d8c80636a55d83434588fc0b6a3d4fd2c0477748aa652854

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:09:33 GMT
content-encoding
gzip
via
1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
50
x-srkey
9ca383bf7f5c06689b373a08cfd03266
x-cache
Hit from cloudfront
x-cached
HIT
pragma
cache
server
openresty/1.15.8.1
x-speed
0.0583810806
vary
Accept-Encoding
x-hostname
04675d4f5e3b
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
x-ip-x
216.46.15.34, 64.252.66.126
x-ip-r
10.30.20.86
cache-control
max-age=60
x-amz-cf-id
SPQGnVY4HLOv-pwIk847PM8LaFXFPOcBuMoG_6BLnpkWyiGAG4Jh9w==
expires
Wed, 30 Aug 2023 10:09:54 GMT
7309_9e237d99c75cf4f9de9e_9e237d99c75cf4f9de9e_walla.js
www.walla.co.il/public/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/7309_9e237d99c75cf4f9de9e_9e237d99c75cf4f9de9e_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_96e78731bb1cf4ee60b7_96e78731bb1cf4ee60b7_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
02b9a34773ec700d23a92657536ca41b37bdd6012f2604ed935ebc25b5cbccd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:23 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:42:49 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"ae04-18a459c0b28"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
Q2uwn2N4D5ZZMg4LS3__TOz9Er8WwFv8iFWEmh14iTCtcXtUHp6Tjw==
x-cached
HIT
player.html
www.walla.co.il/public/ Frame 6CCE 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/3059_49711516c632ee02bdbc_49711516c632ee02bdbc_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
263eac65cbacd42ecd7fdd0b5d9d0fcb3670c26003e428a3aa7bab65c533f707

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 10:10:23 GMT
etag
W/"b2b-18a459c0b28"
last-modified
Wed, 30 Aug 2023 08:42:49 GMT
server
openresty/1.15.8.1
vary
Accept-Encoding
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
x-amz-cf-id
LOsI5VfTSbZAMj2TED8plq4k2M98lwrt_f59dZzDHKSJ9p_I9Y1gFg==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-cached
HIT
video.webp
www.walla.co.il/public/assets/icons/homepage3/ 		930 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/homepage3/video.webp
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
8cce178d2af1945d796fb0f59a956e2d51086ed8d5dd8152efc951c05ecf1f6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:23 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"3a2-18a4599b968"
x-cache
Miss from cloudfront
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
930
x-cached
HIT
x-amz-cf-id
oxqBkkz9ZuelJtl8V3vkKe8J1xs0pqXFoTAQppps5Ddq8zUlrda0eQ==
1626_f5f3b35c90a142b6399c_f5f3b35c90a142b6399c_walla.js
www.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/1626_f5f3b35c90a142b6399c_f5f3b35c90a142b6399c_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_96e78731bb1cf4ee60b7_96e78731bb1cf4ee60b7_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
b3eac0550b379114427c1361eccd17319ca02132838d4f93b2d39666c2ba53a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:23 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:42:49 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"c35-18a459c0b28"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
xPOTSqot3XSE1NERmhyESYKFiAF1eox1Sbww-lXPyCCwX4lY1cOg-w==
x-cached
HIT
close.png
www.walla.co.il/public/assets/ads/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/ads/close.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:23 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"46c-18a4599b968"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1132
x-cached
HIT
x-amz-cf-id
q3Dp-uk143_vHrVNn9b1To36RCVm3jdWRmWNVLYf1ThGsa22e8QCsA==
3592935-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/9/2/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/9/2/3592935-46.jpeg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
f1bc3e0462659028ca9acda7101deb10385733a5e33004e7c1cca0ae795f361f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 09:27:20 GMT
via
1.1 google
age
2583
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10462
3492071-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/9/2/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/9/2/3492071-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
9ca29b9f71e9035bb21b24d9825de750bfdf957a7d38323a3602a07c25049e2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:39:04 GMT
via
1.1 google
age
5479
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9574
3292645-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/2/9/2/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/2/9/2/3292645-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
59cee72f02f9792c048862b0903a69f042e9c65ae6c65634a6b83edc0dfa8aa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 30 Aug 2023 10:10:23 GMT
cache-control
max-age=604800
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28139
content-type
image/jpeg
2385744-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/2/3/8/5/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/2/3/8/5/2385744-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
e743c2180c959d98be885d9ae0940d49d2e06bf25e8a07c552f67c3beabfb9a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:32:09 GMT
via
1.1 google
age
5894
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74733
3559232-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/5/9/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/5/9/3559232-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8256ac23744cfb49162ea7ccfaf3b53df00bc6661f0e50ebc875ac4b5e58fa2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 09:01:22 GMT
via
1.1 google
age
4141
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15732
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=walla.co.il&p=%2F&u=1C7Sqt6YIg763o-&d=walla.co.il&g=20047&g0=%D7%95%D7%95%D7%90%D7%9C%D7%94&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11473&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.walla.co.il%2F&b=1165&t=HutoxClI4NIBmMKYdCAYJjBBDpyFf&V=141&i=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&tz=-120&sn=1&sv=BZxUahBnVu2JBQ2h7jDuzOvMDdoGFb&sd=1&im=067b2fff&_
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.118.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-118-140.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:23 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
settings
syndication.twitter.com/ Frame 573E 		869 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=6ce3ea7c1af3dcd11c34c8aa9790a14438b7b717
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.walla.co.il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-response-time
109
date
Wed, 30 Aug 2023 10:10:23 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Wed, 30 Aug 2023 10:10:23 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
34148fa00817a3d3
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
8824479f40eccd86d2246f7d85b9d39399db8bbfc31f68a069d8fbe4ef314003
content-length
337
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=211845584&t=pageview&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABEAAAACAAI~&jid=996748407&gjid=1593527793&cid=578001927.1693390223&tid=UA-4780630-1&_gid=389152161.1693390224&_r=1&_slc=1&gtm=45He38s0n71T728TH&cd1=578001927.1693390223&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=0&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&cd117=&cd118=&cd119=&cd120=&cd121=&cd122=gtm.js&cd123=https%3A%2F%2Fwww.walla.co.il%2F&cd124=&z=1255113211
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/777956447/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/777956447/?random=1693390223667&cv=11&fst=1693390223667&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&bttype=purchase&auid=2078294940.1693390223&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
2f5280c09703e016cb472ca2c78590d46a6c203f92c8586c1673a6d17d75a38d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1682
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion.js
www.googleadservices.com/pagead/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
1e8c662da1566e07c02a254f3487aafa6bef0934e319f8a448d97d2e1258c8aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18402
x-xss-protection
0
server
cafe
etag
4743311347245095809
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 10:10:23 GMT
adoric.js
12890047.adoric-om.com/ 		193 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://12890047.adoric-om.com/adoric.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7e72485d422e16e084c44e6e3117081442f7b4ee80aa4ebd67013ae831a10f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:23 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
via
1.1 google
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
455
x-dns-prefetch-control
off
content-range
bytes 50-10000/*
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-adoric-api-version
9.0.2
server
cloudflare
etag
W/"305a4-3oET5eQIkqf/Z1K9GvqC5jB7a1o"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
movetogcp2020.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWhAKTOkgJAae3jVQ8Ujr0%2FdfA6YOxoP2ZgeQaItv2xNBDgOJHZdIApAH8EIbsonOBBUU%2BcxwUojqy7fR7aS3QG%2B4oyEFTTB0tir1IxBs9tkRaQ7xvsAcwSUjaVvPC%2BzwH0pIPZAAbMuNnKEwNcxWXKX1hRv"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
access-control-allow-credentials
*
vary
Accept-Encoding
cf-ray
7fec3e62785d6940-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
js
www.googletagmanager.com/gtag/ 		196 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TSQY5YTYZ0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c0f5ec327ede551150eed9db5080c8bc56def38eeac351a0931fd2c6761c24db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73426
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 30 Aug 2023 10:10:23 GMT
init.2bd501c9a04d7b3ef073.js
web-sdk.smartlook.com/es6/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/es6/init.2bd501c9a04d7b3ef073.js
Requested by
Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6e4ead23863a53e4268e00ebc3bdc598cc60439bd6264b3da0c53b23bcaece11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 30 Aug 2023 10:10:23 GMT
strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
1122905
x-accel-date
1692267318
x-77-nzt
AZySIYtUvvn/WSIRAA
x-accel-expires
@1723803318
last-modified
Thu, 17 Aug 2023 08:46:25 GMT
server
CDN77-Turbo
etag
W/"64ddde61-ed86"
x-77-nzt-ray
cf878727e64712978f15ef647a81bb2b
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
3589_26d30df0f2e2888527b1_26d30df0f2e2888527b1_walla.js
www.walla.co.il/public/ Frame 6CCE 		736 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/3589_26d30df0f2e2888527b1_26d30df0f2e2888527b1_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
df9a74ba55b4b89b027a8123540004258e9b4396f1bd73e258af6adfac037750

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:23 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:42:49 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"b81b9-18a459c0b28"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
uOUhFHkP46xPUXDlBVuHvq0WkweGvIRN7xcbvXsLT4uKDQi-3eza6w==
x-cached
HIT
player_e3fa9808e80ce4b23355_e3fa9808e80ce4b23355_walla.js
www.walla.co.il/public/ Frame 6CCE 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player_e3fa9808e80ce4b23355_e3fa9808e80ce4b23355_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
500a0ec996d91320c8e4ca1b71317872904f89ff37740693002daae32bde3669

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:23 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:42:49 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"771f-18a459c0b28"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
X1SWbN1ExTE3zwTKjaLFf7oBQ1t1nufHvgvNCDqxVCTKwdbZ9KsUOA==
x-cached
HIT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		18 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=walla.co.il&domain=walla.co.il&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
53c801510315b14526932f139640e20b4b223a7214e89857b4d061b3f9566137

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-cache-hits
1
date
Wed, 30 Aug 2023 10:10:23 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
5
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3090
x-served-by
cache-fra-etou8220078-FRA
x-timer
S1693390224.775262,VS0,VE2
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Mon, 28 Aug 2023 10:10:18 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-4780630-1&cid=578001927.1693390223&jid=996748407&gjid=1593527793&_gid=389152161.1693390224&_u=aADAAEAAEAAAACAAI~&z=100939975
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 30 Aug 2023 10:10:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pmk-20220605.1.js
pm-widget.taboola.com/wallail-walla/ 		115 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/wallail-walla/pmk-20220605.1.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/wallail-walla/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7e3e2281e670435dd46492437a30bcf0c59368d824ac1aa591571d35c81d88b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
YaUoVhRXeV8pgb7fnBF6NLXk_e7KSGb2
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Wed, 30 Aug 2023 10:10:23 GMT
x-amz-request-id
1ZRF9AZMSP1MXZKY
age
3723037
x-cache
HIT, HIT
content-length
31819
x-amz-id-2
OUckhCCBQyRlZ54uGukfAk+IL/wJcaCb6S8Qtf8Omgh3owsecWM0riI5KUBsohxeZh5TodRrLw4=
x-served-by
cache-sjc10027-SJC, cache-fra-eddf8230082-FRA
last-modified
Tue, 18 Apr 2023 12:24:45 GMT
server
AmazonS3
x-timer
S1693390224.740001,VS0,VE0
etag
"4bbfdfa56e1850f61d8804a24a682324"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
5313, 142
/
www.google.com/pagead/1p-user-list/11170679829/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11170679829/?random=1693390223014&cv=11&fst=1693389600000&bg=ffffff&guid=ON&async=1&gtm=45be38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2822546721&rmt_tld=0&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:23 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/11170679829/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/11170679829/?random=1693390223014&cv=11&fst=1693389600000&bg=ffffff&guid=ON&async=1&gtm=45be38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2822546721&rmt_tld=1&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:23 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
170717926997655
connect.facebook.net/signals/config/ 		148 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/170717926997655?v=2.9.125&r=stable&domain=www.walla.co.il
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
44451df2812a88daec2f07410c31926f5ab7c66d4df85970fd60b1175dc64a46
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 30 Aug 2023 10:10:23 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
38934
x-xss-protection
0
pragma
public
x-fb-debug
cBBHhRmtpT3qFNpDjQxOYLZtv/RkY6iXkWwDesPxrMsdjuSUiw4FL9YOU61o21NLYJao+nffAP6QRTCkvBnnqQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
logo.png
www.walla.co.il/public/assets/pikud/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/pikud/logo.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:23 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"558e-18a4599b968"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
21902
x-cached
HIT
x-amz-cf-id
PJgXdJcVHK75xeYTCzcB5f3BBj7FPNwPZ46qG_FZm5jp0W5i8XAnOw==
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4780630-1&cid=578001927.1693390223&jid=996748407&_u=aADAAEAAEAAAACAAI~&z=941866433
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4780630-1&cid=578001927.1693390223&jid=996748407&_u=aADAAEAAEAAAACAAI~&z=941866433
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=1C7Sqt6YIg763o-&c=0&V=141&x=dh28k8MCTJgWa&v=B&ml=m&sl=DlGCev&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.118.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-118-140.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:23 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=1C7Sqt6YIg763o-&c=0&V=141&x=EbtxV2Fhm1aOw&v=A&ml=m&sl=CSd4K6&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.118.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-118-140.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:23 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=1C7Sqt6YIg763o-&c=0&V=141&x=aHfJ7wNhJrcR8&v=C&ml=m&sl=Cc8cke&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.118.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-118-140.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:23 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=1C7Sqt6YIg763o-&c=0&V=141&x=2P1g0kLjFXLe9&v=A&ml=m&sl=CAZ74T&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.118.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-118-140.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:23 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=1C7Sqt6YIg763o-&c=0&V=141&x=QYwAp1s80sHmF&v=B&ml=m&sl=LuECd&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.118.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-118-140.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:23 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=1C7Sqt6YIg763o-&c=0&V=141&x=LvswXUmU26XKA&v=F&ml=m&sl=BLnif_&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.118.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-118-140.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:23 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=1C7Sqt6YIg763o-&c=0&V=141&x=fveEqnVIC9Vmk&v=A&ml=m&sl=VJQaL&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.118.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-118-140.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=1C7Sqt6YIg763o-&c=0&V=141&x=GWV8Vhu94Kqey&v=A&ml=m&sl=BaIpfy&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.118.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-118-140.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=1C7Sqt6YIg763o-&c=0&V=141&x=JXZ4Mb1BnobGH&v=B&ml=m&sl=BBM-MC&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.118.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-118-140.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=1C7Sqt6YIg763o-&c=0&V=141&x=QfuCd9qSya0d9&v=A&ml=m&sl=BtE9bV&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.118.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-118-140.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=1C7Sqt6YIg763o-&c=0&V=141&x=HEmG0B456X1lQ&v=A&ml=m&sl=ewYYC&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.118.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-118-140.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=1C7Sqt6YIg763o-&c=0&V=141&x=EtJoMqgwe62JG&v=B&ml=m&sl=BiyevM&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.118.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-118-140.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=1C7Sqt6YIg763o-&c=0&V=141&x=YHOyNeRKrNhr2&v=A&ml=m&sl=D4yHGt&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.118.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-118-140.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=1C7Sqt6YIg763o-&c=0&V=141&x=aKKwvva7jKPgH&v=B&ml=m&sl=CZdFv_&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.118.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-118-140.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=1C7Sqt6YIg763o-&c=0&V=141&x=qpjtPUspzqE26&v=A&ml=m&sl=DGuTaa&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.118.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-118-140.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=1C7Sqt6YIg763o-&c=0&V=141&x=fGtMPdJzj2xsw&v=A&ml=m&sl=CDnJAk&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.118.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-118-140.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
state
event.dxmdp.com/rest/api/v1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/state
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.111.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-111-55.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TSQY5YTYZ0&gtm=45je38s0&_p=211845584&cid=578001927.1693390223&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693390223&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSQY5YTYZ0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:23 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
253375
expires
60
esp.js
cdn.id5-sync.com/api/1.0/ 		119 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 21 Aug 2023 10:48:56 GMT
server
cloudflare
x-amz-request-id
3ND70R4ZS9VEVTTH
age
2539
etag
W/"e6744398f78bbd5138fa1a9e34f686e4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7fec3e64090a37da-FRA
x-amz-id-2
RC3dOYXn2Zt+kvHN1fSiC3gDln7H5npWJ7vrZDViB+J551yF2qw3Sytinc4z0VCuPPjwsU7psCo=
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:7e00:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
null
Date
Wed, 30 Aug 2023 05:08:18 GMT
Via
1.1 3d994808da6a9ce8c9e7b1364fa689ea.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
ZRH55-P1
Age
18127
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
eHhC7CV-tVvA6tGjadZ05lbMjCuZZ65Pl_JJsOSbyocMCD2P7oGAig==
ob.js
cdn-ima.33across.com/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 04 Aug 2023 18:38:49 GMT
server
cloudflare
age
495352
etag
W/"64cd45b9-a13f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7fec3e6479bf58d8-TXL
expires
Sat, 02 Sep 2023 10:10:24 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 02:29:26 GMT
content-encoding
gzip
age
286858
x-guploader-uploadid
ADPycduOKtZ-jYI708NlmmpGXaU-NamfOkJWG4viTvwKHJcmSy94qlD08CPlfYu_2RHuf9tKSr4DZ6TG98ZrmcQ41lZhQQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Mon, 26 Aug 2024 02:29:26 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-aa04"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 31 Aug 2023 10:10:24 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5420
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-yyz4568-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D41Pd%2Bxphau%2FCSTKNRvZ%2BcVFZHvY5bU7SuB3nL5Mx8B8KXJpnEFwSNsZuCV51P08uD%2BDMNqzVlBMSLsHbog0Dhkvl%2BO8zfbSsKdNQlPfyYyLJ0SySLD85SFhXxoQhELDFZlgNv5NbkP1r0BA654%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7fec3e64fc3e1c01-FRA
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-88.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 15:55:11 GMT
content-encoding
gzip
via
1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
last-modified
Tue, 22 Aug 2023 15:52:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
65714
x-amz-server-side-encryption
AES256
etag
W/"abaee4c7a9cdd5e5098ecb24384e9e09"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
8YVBlgzmaBgVzHmgz860xi7MgeYzu7PPtRGlWjiw0FmuWy19VncVzQ==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
3aa247831d3c418dd4a229d38e2fa038
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
walla.json
www.walla.co.il/public/player-config/ Frame 6CCE 		111 B
482 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player-config/walla.json?cache=1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player_e3fa9808e80ce4b23355_e3fa9808e80ce4b23355_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
51f3359dfda7f7e3bb7ca5440eba096f6b170c38da65853d53fc56bdd65f396a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 08:40:17 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"6f-18a4599b968"
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
111
x-cached
HIT
x-amz-cf-id
fBgprJqGR1KVBrErxomTaTD4Y4c5szyEGRZ6fDSnp_yKxUJRyAkN9Q==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230830
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32eae5ac37a6fa422532679db09a5ba09e1fb0559d191208ff1babbc1be1fe7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
22172
x-jsd-version
1.0.1797
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"63d-y0xnGXM1F02SZhtv2ffvvco9+hE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVpEhhs9GEWcqLAChQuGYGBfc9z0%2BA4OBeDZc%2BQyiOZg1%2BUpDoXxCD9nXP4dROhkrayRqbEyonp5Gk9Mnd8BavxXU%2FyMH6hJ1C8f1SY0NV14%2Bdlfu39ftFRj1yAJMeiuRJ8KQhcvLl3KQKinRrw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7fec3e64bfd0922f-FRA
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 10:10:24 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Fri, 11 Aug 2023 11:58:31 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1635069
ETag
W/"7a2ddf8932b862ed5d75aa7b27e3f8c1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsxqmoewhgUSF6dNYsc2m6it6ImClhMImWKpHVm0P%2Brw5BqCfP37Ig45FV6oU8CAQtSgO6ax1fvkEyY5L7erUhD50eMPScZRYKfZ1WVgNacwEnGO9JviOhpmDWlxzo6Ydzx54AL4501Z3bTb"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7fec3e657a81367e-FRA
prebid
mp.4dex.io/ 		60 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Wed, 30 Aug 2023 10:10:24 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 4 inventory rules not found for mediatype: banner and adUnitCode: adSlot-2, Process Seats Booster. unable to get the seat booster engine for organization: 1241
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7fec3e64e945910a-FRA
expires
0
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
translator
hbopenbid.pubmatic.com/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Wed, 30 Aug 2023 10:10:24 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		95 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.5.0
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
c13552ab72431f6b55440c6b5b91f26415059ab0779ee104288b57a330112d48

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 30 Aug 2023 10:10:24 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.walla.co.il
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.5.0&cb=22454631611&lsavail=1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Wed, 30 Aug 2023 10:10:24 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
auction
tlx.3lift.com/header/ 		19 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.5.0&referrer=https%3A%2F%2Fwww.walla.co.il%2F&tmax=3000
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.181.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-181-140.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
x-auction-status
29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Wed, 30 Aug 2023 10:10:24 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
fastlane.json
fastlane.rubiconproject.com/a/api/ 		380 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=fca03850-0ee8-4fdd-a74a-2a1df5e14158&l_pb_bid_id=5866ca4a442e464&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=d2793898-a77e-429e-be8d-3ef29c925be4&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&slots=1&rand=0.19164097303149275
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a8b5e25c80ee88b60dd1457e6189631ddf2c5f3f9b5a5903e806237facb6edae

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
380
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		377 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Ftop_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=fca03850-0ee8-4fdd-a74a-2a1df5e14158&l_pb_bid_id=594c368a92ac468&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5d504951-29c6-49e5-a345-8f433fa9337d&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Ftop_desktop&slots=1&rand=0.6146158674451734
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5301d9a0cded3974f112e5121ed1c0f84f934962778865d5bb29594a74fd5c2e

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
377
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		365 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Frectangle_hp3_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=fca03850-0ee8-4fdd-a74a-2a1df5e14158&l_pb_bid_id=601149ea776a7f9&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=ae6e1780-ce39-4cfd-bef8-332fa969577d&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Frectangle_hp3_desktop&slots=1&rand=0.6813260327092141
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
dbc7b166f1d8936e918d8827b937990139056904b47f7ef6505f0e8c64b1dc94

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
365
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		370 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fpremium_rectangle1_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=fca03850-0ee8-4fdd-a74a-2a1df5e14158&l_pb_bid_id=61546f381220ec9&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=53fec533-4876-43c7-9a8a-9af16ffb14c8&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fpremium_rectangle1_desktop&slots=1&rand=0.2015519145150264
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
27c97eb1768f87105d65e6b5d1a12f2265dfecdc9544fb39f42deedd94e24cbc

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
370
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		366 B
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=fca03850-0ee8-4fdd-a74a-2a1df5e14158&l_pb_bid_id=6210fba6abbaac9&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=2b3a78cd-8abd-47e7-b654-36cdfe6d28e2&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&slots=1&rand=0.25201628984341995
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c6fbadbce2625fb7016f3a1ff98b819f14affa13b5b7a08ccaea281092a6376f

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
366
expires
Wed, 17 Sep 1975 21:32:10 GMT
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
7c17cdf296d38016360b8db6b8865222781e03df3c0b9b836be67c45597bfa51

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
7c17cdf296d38016360b8db6b8865222781e03df3c0b9b836be67c45597bfa51

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
7c17cdf296d38016360b8db6b8865222781e03df3c0b9b836be67c45597bfa51

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
7c17cdf296d38016360b8db6b8865222781e03df3c0b9b836be67c45597bfa51

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
7c17cdf296d38016360b8db6b8865222781e03df3c0b9b836be67c45597bfa51

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
582263bc8efc1c057338fda8fbaee1208a16b6fc6c00d3057d6c8cbe0308bb03

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		1 KB
782 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.walla.co.il%2F&PageUrl=https%3A%2F%2Fwww.walla.co.il%2F&PageReferrer=https%3A%2F%2Fwww.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
3c6647f1acdba53e69a0831258cf8ee281705a438ddbca515f28d93c661d71af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 10:10:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
56
content-length
427
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
2214040
bs.yandex.ru/prebid/ 		0
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
last-modified
Wed, 30 Aug 2023 10:10:24 GMT
x-yandex-req-id
1693390224281256-323316299671127517400395-production-app-host-sas-pcode-269
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
Direct
expires
Wed, 30 Aug 2023 10:10:24 GMT
2214040
bs.yandex.ru/prebid/ 		0
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
last-modified
Wed, 30 Aug 2023 10:10:24 GMT
x-yandex-req-id
1693390224279081-154080461039790114700361-production-app-host-vla-pcode-354
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
Direct
expires
Wed, 30 Aug 2023 10:10:24 GMT
2214040
bs.yandex.ru/prebid/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
last-modified
Wed, 30 Aug 2023 10:10:24 GMT
x-yandex-req-id
1693390224279023-384024924956947589800340-production-app-host-vla-pcode-240
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
Direct
expires
Wed, 30 Aug 2023 10:10:24 GMT
2214040
bs.yandex.ru/prebid/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
last-modified
Wed, 30 Aug 2023 10:10:24 GMT
x-yandex-req-id
1693390224331434-445715105000823348300271-production-app-host-vla-pcode-200
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
Direct
expires
Wed, 30 Aug 2023 10:10:24 GMT
2214040
bs.yandex.ru/prebid/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
last-modified
Wed, 30 Aug 2023 10:10:24 GMT
x-yandex-req-id
1693390224331373-56546617426220970700293-production-app-host-vla-pcode-193
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
Direct
expires
Wed, 30 Aug 2023 10:10:24 GMT
/
prebid.smilewanted.com/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7fec3e6528104db2-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7fec3e6528144db2-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7fec3e6528164db2-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7fec3e6528184db2-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7fec3e6528194db2-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebid
ib.adnxs.com/ut/v3/ 		594 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
95e0babcd3ebd7d779616840c67854fff20ed897f6df5c25e059aea540cec551
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
content-encoding
gzip
an-x-request-uuid
7dbd1045-7d03-46b1-95b3-941710bf6fd1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.25; 217.114.218.25; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=715831
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
070d0a4174fc4c7478297798e7eaf00482abe6bd764a41f2132d1b01194d402f

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cImeahkGP9UfDcyyvR2GThFacgQf93q2I4z6hBUu94EV7tBF0iswhIFOirTKjmRl20vpqUnWyYGcAh10A4Hg1sPYrQVwWZn83IsZYieBm%2B6yLQPlnSn1HhKVtA9kJLlkGuTKHm3W"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7fec3e652993910a-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		93 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2290754539433368&correlator=3917230345614056&eid=31077365%2C31070232&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Crm1_desktop%2Crm2_desktop%2Crm3_desktop%2Crm4_desktop%2Crm5_desktop%2Crm6_desktop%2Crm7_desktop%2Crm8_desktop%2Crm9_desktop%2Crm10_desktop%2Crm11_desktop%2Crm12_desktop%2Crm13_desktop%2Crm14_desktop%2Crm15_desktop%2Cnickbar_desktop%2Cdontmiss_strip_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17%2C0%2F1%2F2%2F18%2C0%2F1%2F2%2F19&prev_iu_szs=1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1200x40%2C320x50%7C865x190&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight&ifi=1&didk=1909289936~4078182110~845420629~2737176580~3757563159~2051796368~2459729993~3096182529~3770086168~3931141563~3707026742~2555613071~45217321~479599996~2547616871~1193244743~1193245117&sfv=1-0-40&ists=131068&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693390224133&lmt=1693383024&adxs=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C200%2C535&adys=11473%2C11473%2C11473%2C11473%2C11473%2C11473%2C11473%2C11473%2C11473%2C11473%2C11473%2C11473%2C11473%2C11473%2C11473%2C1200%2C2723&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15%7C16%7C17&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&vis=1&psz=1600x11473%7C1600x11473%7C1600x11473%7C1600x11473%7C1600x11473%7C1600x11473%7C1600x11473%7C1600x11473%7C1600x11473%7C1600x11473%7C1600x11473%7C1600x11473%7C1600x11473%7C1600x11473%7C1600x11473%7C0x-1%7C864x0&msz=1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1200x-1%7C865x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C644%2C132&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C864&ga_vid=578001927.1693390223&ga_sid=1693390224&ga_hid=211845584&ga_fc=true&dlt=1693390222547&idt=1352&prev_scp=slot_name%3Drm1_desktop%7Cslot_name%3Drm2_desktop%7Cslot_name%3Drm3_desktop%7Cslot_name%3Drm4_desktop%7Cslot_name%3Drm5_desktop%7Cslot_name%3Drm6_desktop%7Cslot_name%3Drm7_desktop%7Cslot_name%3Drm8_desktop%7Cslot_name%3Drm9_desktop%7Cslot_name%3Drm10_desktop%7Cslot_name%3Drm11_desktop%7Cslot_name%3Drm12_desktop%7Cslot_name%3Drm13_desktop%7Cslot_name%3Drm14_desktop%7Cslot_name%3Drm15_desktop%7Cslot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Ddontmiss_strip_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&cust_params=permutive%3D&adks=3574292238%2C3281790396%2C98111979%2C284161084%2C2694544435%2C99995744%2C2663655591%2C1832766528%2C3711358991%2C3169800366%2C3148243285%2C211575734%2C3583292036%2C2042096236%2C3658430203%2C1750305995%2C3185403617&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
257a1b9cb2c46b4c5ca12f641367bd551223379a0010c909e333d9ab64e3c123
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21013
x-xss-protection
0
google-lineitem-id
38340105,38284305,38363625,-2,-2,-2,-2,-2,-2,-2,38240625,-2,-2,-2,-2,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
68907848985,68907848985,68907848985,-2,-2,-2,-2,-2,-2,-2,68907848985,-2,-2,-2,-2,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E622 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 10:10:24 GMT
expires
Thu, 29 Aug 2024 10:10:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1616785908557850
connect.facebook.net/signals/config/ 		136 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1616785908557850?v=2.9.125&r=stable&domain=www.walla.co.il
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2515e0dd2c20753a79e366358691c2dee6f0001596bbb92a24ab406da34e0205
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 30 Aug 2023 10:10:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35927
x-xss-protection
0
pragma
public
x-fb-debug
5o3SKOr+iPxuCIh/z5CknZ7+hc5rWz1Txr9LgQ6Vv2nzJebVKFpUAwIOBX4+WVM4f02QiRbT0oyySHBhrzPBeg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1693390224196&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.2.1693390224194.113569553&cs_est=true&it=1693390223749&coo=false&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 30 Aug 2023 10:10:24 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
adoric.v9.1.min.css
static.adoric.com/ 		207 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.adoric.com/adoric.v9.1.min.css
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdc1e08f780fdf868e464ed255414de3b09f19016dbc350f92706d499b530bdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1854
x-guploader-uploadid
ADPycdvxlM4O5Bg3stjRG22YPEkxR18hfmIjF43qwo4IGFUTopygwGO1O7WUVVBTbZXCBzMT6LtwhV0CthKgeKBdBZCvO3q0mU6S
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 23 Aug 2023 07:55:26 GMT
server
cloudflare
etag
W/"89897345123699d811e804e84a391e5f"
vary
Accept-Encoding
x-goog-hash
crc32c=VKiELg==, md5=iYlzRRI2mdgR6AToSjkeXw==
x-goog-generation
1692777326040341
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jyax0nipO%2BY7wOpmfO6OZgM%2BOBLYApln83ckbyS7H2Xu9xw5kHqWb54fM0vOjoEb4Qh%2FwhMspgfeRpx1gP8n8vOk2rHQ0%2BjPdoX4MYQeHHLVSKN7PGj25jV1peNlh83esSMrRJJptpnyK8d2vLAKbg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
14621
cf-ray
7fec3e65bcb61951-FRA
expires
Wed, 30 Aug 2023 10:13:11 GMT
/
app.adoric-om.com/v1/campaigns/ 		770 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.adoric-om.com/v1/campaigns/?u=9cf2e1a44ca72a3fec13c925568a4883&l=en&cc=0&b=chrome&os=win&h=https%3A%2F%2Fwww.walla.co.il%2F&d=desktop&lsps=0&pd=A&nv=true&tz=-120&cIds=%5B%5D
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.218.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
58.218.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e583df8f9d259bf1cceb7af8e08534e8160cbf1147e5a39c1422fb5c21beca80
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
date
Wed, 30 Aug 2023 10:10:24 GMT
x-content-type-options
nosniff
via
1.1 google
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
770
x-xss-protection
1; mode=block
x-adoric-api-version
9.0.2
etag
W/"302-HLUruyjHFpzjerX7YdwRVYwr8uE"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
/
www.google.de/pagead/1p-conversion/777956447/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/777956447/?random=377413495&cv=11&fst=1693390223667&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.w...
  • https://www.google.com/pagead/1p-conversion/777956447/?random=377413495&cv=11&fst=1693390223667&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=m...
  • https://www.google.de/pagead/1p-conversion/777956447/?random=377413495&cv=11&fst=1693390223667&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZ...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/777956447/?random=377413495&cv=11&fst=1693390223667&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=2078294940.1693390223&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKK4sQI&pscrd=Ek5DaEFJOE5HN3B3WVExLS1qaWZ2SC1jNEVFaVlBQ2RpYWhCNGZkRFZreWlVRHFrUjZJb25LZVE2bHROR3g5NkwtSmh5X1B2STlpWTdWZUEaWENoQUk4Tkc3cHdZUTlQMzF2Znljb2VsSkVpNEFWV2hOOEdia0FkZW52WmtfS29uUGgwamtNU29WUlcwOUJMcUNWLXhXVU1tQmY2aFFPNmdWZkdPQjZHVnIiEwjjl4SWkoSBAxWFx7sIHdk9Cv8&is_vtc=1&ocp_id=jxXvZKOUL4WP7_UP2fuo-A8&cid=CAQSKQBpAlJWBQJapLfmyffytFrZJLlpTFJdlP3QPfdhkGL6au-FGLBTEtGV&eitems=ChAI8NG7pwYQ8ovSrpLsn7M-Eh0ALE-GW6qqQ_53BWz7e_riUihypGa9hrUpaDX3yw&random=3524213555&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/777956447/?random=377413495&cv=11&fst=1693390223667&bg=ffffff&guid=ON&async=1&gtm=45He38s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=2078294940.1693390223&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKK4sQI&pscrd=Ek5DaEFJOE5HN3B3WVExLS1qaWZ2SC1jNEVFaVlBQ2RpYWhCNGZkRFZreWlVRHFrUjZJb25LZVE2bHROR3g5NkwtSmh5X1B2STlpWTdWZUEaWENoQUk4Tkc3cHdZUTlQMzF2Znljb2VsSkVpNEFWV2hOOEdia0FkZW52WmtfS29uUGgwamtNU29WUlcwOUJMcUNWLXhXVU1tQmY2aFFPNmdWZkdPQjZHVnIiEwjjl4SWkoSBAxWFx7sIHdk9Cv8&is_vtc=1&ocp_id=jxXvZKOUL4WP7_UP2fuo-A8&cid=CAQSKQBpAlJWBQJapLfmyffytFrZJLlpTFJdlP3QPfdhkGL6au-FGLBTEtGV&eitems=ChAI8NG7pwYQ8ovSrpLsn7M-Eh0ALE-GW6qqQ_53BWz7e_riUihypGa9hrUpaDX3yw&random=3524213555&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1693390224260&cv=9&fst=1693390224260&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def1345460373d9057e35ea7cf89dad69dd1d2954906252a8fc7f3dccc4af4d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1444
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
event.dxmdp.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.111.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-111-55.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Wed, 30 Aug 2023 10:10:24 GMT
server
nginx/1.20.0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
sync
event.dxmdp.com/rest/api/v1/ 		13 B
326 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.111.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-111-55.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Wed, 30 Aug 2023 10:10:24 GMT
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 6CCE 		356 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player_e3fa9808e80ce4b23355_e3fa9808e80ce4b23355_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad527d7ac9e5c62049e2d0186ab8a60a4a6d8527b78711a37be14a8bfc557d44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125502
x-xss-protection
0
expires
Wed, 30 Aug 2023 10:10:24 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.walla.co.il%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.walla.co.il%2F&rid=esp&cc=1
85 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.walla.co.il%2F&rid=esp&cc=1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
30eee3320e723c6f03c1a9de228c0bd9f58a528742526e9fc80b36be98fb06dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-it8zx/wm5ZNk7zWfx269/CAo3CM"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 30 Aug 2023 10:10:24 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.walla.co.il
location
/esp?url=https%3A%2F%2Fwww.walla.co.il%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
increment
id5-sync.com/api/esp/ 		0
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Wed, 30 Aug 2023 10:10:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
syncframe
gum.criteo.com/ Frame 13BE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.walla.co.il
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 10:10:23 GMT
server
Kestrel
server-processing-duration-in-ticks
292259
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
truncated
/ Frame 6CCE 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		3 B
436 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
server
cloudflare
age
0
etag
W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
cf-ray
7fec3e66fbd13809-FRA
content-length
3
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
773ef390c0650fce7fe2832f5427c428f943a630c21f166a316384937006720f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 10:10:24 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1635057
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 11 Aug 2023 11:58:31 GMT
Server
cloudflare
ETag
W/"9d36e722f929b1726cf2a9cba00af489"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iwmGb4tPYV8E5Oh9zh%2B0rftlAzj0MWO%2FVv%2F1c1dKu9%2FOK8dKZptnAGx4EaYF6Cgh7m9K9b41MYIXTut7b8xPyVlnRl4xBe05Npx4fLyHxVEJftIYNxWpqk%2ByfSMLnkW0DrOYHrQhFKgQqbI%2B"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7fec3e66c97e9a21-FRA
map
bcp.crwdcntrl.net/6/ 		60 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.14.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-14-223.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
afacde615f2f9e444c55dc2253c4f677de413474a3731a0b78940868025cb8ab

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache
x-server
10.45.27.249
access-control-allow-credentials
true
content-length
60
expires
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1693390224406&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.2.1693390224194.113569553&it=1693390223749&coo=false&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 30 Aug 2023 10:10:24 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
adoric.v9.1.min.css
static.adoric.com/ 		207 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.adoric.com/adoric.v9.1.min.css
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdc1e08f780fdf868e464ed255414de3b09f19016dbc350f92706d499b530bdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1854
x-guploader-uploadid
ADPycdvxlM4O5Bg3stjRG22YPEkxR18hfmIjF43qwo4IGFUTopygwGO1O7WUVVBTbZXCBzMT6LtwhV0CthKgeKBdBZCvO3q0mU6S
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 23 Aug 2023 07:55:26 GMT
server
cloudflare
etag
W/"89897345123699d811e804e84a391e5f"
vary
Accept-Encoding
x-goog-hash
crc32c=VKiELg==, md5=iYlzRRI2mdgR6AToSjkeXw==
x-goog-generation
1692777326040341
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IfZR7f%2BoMfeXm34rj80Tb8MByYIDVI9ifwPRLQWB4t3j33t9S5XRTAvHVRs586LYq1rFeYIeuxe24ksNqVWsW3OF%2BxykDpSU%2Fhs89tGZLXYmJh7054IbkYPENJGdIVhush%2FANL8lB0Ao%2F8zasVAamQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
14621
cf-ray
7fec3e669df81951-FRA
expires
Wed, 30 Aug 2023 10:13:11 GMT
/
www.google.com/pagead/1p-user-list/964224610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/964224610/?random=1693390224260&cv=9&fst=1693389600000&num=1&guid=ON&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&fmt=3&is_vtc=1&random=4012789919&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/964224610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/964224610/?random=1693390224260&cv=9&fst=1693389600000&num=1&guid=ON&eid=375603261%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&fmt=3&is_vtc=1&random=4012789919&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 13BE
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=NKxXU3xMcXk1R1ZjVnpiWXprLzFrQ0lSVSsrdk4vc29WcnJkL1creWxOVm5nQmpiTGhLZ2hUcThhcXB6WFQ0czUzdlI3YUlwb3hkNzdxRHdJUzgwWjh1STg3cHdXbXBGbDAyUys1ejI4V1lhSS9uMk5zNWtpTXVzY1FOTn...
419 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=NKxXU3xMcXk1R1ZjVnpiWXprLzFrQ0lSVSsrdk4vc29WcnJkL1creWxOVm5nQmpiTGhLZ2hUcThhcXB6WFQ0czUzdlI3YUlwb3hkNzdxRHdJUzgwWjh1STg3cHdXbXBGbDAyUys1ejI4V1lhSS9uMk5zNWtpTXVzY1FOTnpCMUJ2SmtVNnkrU1p6YSthTkJPVy9tS0Y2cVFsK29jY0lPcFk0N2JaYWxrdmtMdjJXWVczSTZCY01hVEhjV2IySkUvUmlEN3NXVTJoR0pKY2hIKzVHa1dxa2dpbUFHSFVJVUJtbDEwN2l2cTYrT0F1WjQxcnl4eTFZWjg3emtVc2k0LzlNSlFaS2NjRHRaUTd0VmhBcTNpcGV0TUZsdz09fA&cppv=2
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
33c3d7ccb6d430664ab6c7f66d8b848095e54432fc3c3340d6033190b60e1ef5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1547411
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:24 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=NKxXU3xMcXk1R1ZjVnpiWXprLzFrQ0lSVSsrdk4vc29WcnJkL1creWxOVm5nQmpiTGhLZ2hUcThhcXB6WFQ0czUzdlI3YUlwb3hkNzdxRHdJUzgwWjh1STg3cHdXbXBGbDAyUys1ejI4V1lhSS9uMk5zNWtpTXVzY1FOTnpCMUJ2SmtVNnkrU1p6YSthTkJPVy9tS0Y2cVFsK29jY0lPcFk0N2JaYWxrdmtMdjJXWVczSTZCY01hVEhjV2IySkUvUmlEN3NXVTJoR0pKY2hIKzVHa1dxa2dpbUFHSFVJVUJtbDEwN2l2cTYrT0F1WjQxcnl4eTFZWjg3emtVc2k0LzlNSlFaS2NjRHRaUTd0VmhBcTNpcGV0TUZsdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
341593
content-length
0
expires
0
sync
gum.criteo.com/ 		73 B
314 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c058de93593543989437b6a869ff5a71eff15cc89de805137c323a28ce4503f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1795767
expires
60
json
trc.taboola.com/wallail-walla/trc/3/ 		102 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/wallail-walla/trc/3/json?tim=12%3A10%3A24.520&lti=deflated&data=%7B%22id%22%3A10%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1693388274637%2C%22vi%22%3A1693390224516%2C%22cv%22%3A%2220230830-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A11473%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Left%20Rail%20Homepage%22%2C%22orig_uip%22%3A%22Left%20Rail%20Homepage%22%2C%22cd%22%3A1106.484375%2C%22mw%22%3A298%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-g%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Homepage%201%22%2C%22orig_uip%22%3A%22Mid%20Homepage%201%22%2C%22cd%22%3A4313.984375%2C%22mw%22%3A864%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-g%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Homepage%202%22%2C%22orig_uip%22%3A%22Mid%20Homepage%202%22%2C%22cd%22%3A5480.984375%2C%22mw%22%3A864%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-g%3Aabp%3D0%22%2C%22uip%22%3A%22Homepage%20Endless%22%2C%22orig_uip%22%3A%22Homepage%20Endless%22%2C%22cd%22%3A11473.265625%2C%22mw%22%3A863%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHomepage%20Endless%3Dthumbnails-g%3Aabp%3D0%2C%2CLeft%20Rail%20Homepage%3Dthumbnails-a%3Aabp%3D0%2C%2CMid%20Homepage%201%3Dthumbnails-g%3Aabp%3D0%2C%2CMid%20Homepage%202%3Dthumbnails-g%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a798b646958b0b4e6ee43e6fa835ca1bada28d11c27be84407e11eeb8f387339

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
1053
date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
7381
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230082-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1693390225.545865,VS0,VE1053
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
dmp-common-iframe.html
cf.dxmcdn.com/dta/ Frame 2172 		193 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=&monitoringConfig=%7B%22uuid%22%3A%22bc8a7a32-7d98-4226-8af9-d2a43a8621cc%22%2C%22enabled%22%3Afalse%2C%22verboseMode%22%3A%22ERRORS%22%2C%22sampling%22%3Anull%2C%22observedUserId%22%3Anull%2C%22includeDatabase%22%3Afalse%2C%22includeLocalStorage%22%3Afalse%2C%22includeLoggerState%22%3Afalse%7D
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:8000:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62db05cbc08f8a152afa78e6c309221aac46be5a9927d700dc5dcd79b694af7d

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
19488
content-encoding
gzip
content-type
text/html
date
Wed, 30 Aug 2023 04:45:37 GMT
etag
W/"26fac2aab0da1220dfb31537337da864"
last-modified
Thu, 27 Jul 2023 07:10:40 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
x-amz-cf-id
6jSiutXoF3b4-UJHJyUzXsZmEDlQicMuX50Tow0ECi05fvpB0Z6BQQ==
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
qHjCUfZm1tQdGgBJuTqxtyNTpiQNb5ro
x-cache
Hit from cloudfront
e9791bc3-19fb-4737-a06a-508705a1c437
https://www.walla.co.il/ Frame 6CCE 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/e9791bc3-19fb-4737-a06a-508705a1c437
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
playlist.m3u8
amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/ Frame 6CCE
Redirect Chain
  • https://cdn-uw2-prod.tsv2.amagi.tv/linear/amg01742-walla-wallanews-ono/playlist.m3u8
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Server
52.222.139.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-98.ams50.r.cloudfront.net
Software
/
Resource Hash
a06aa7d05c7f7282e54c5174a3b89c1f34acbd199b859985f2aaa86538db59dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
via
1.1 google, 1.1 614841c4d4b9d16b3be042dd1938400c.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Wed, 30 Aug 2023 10:10:25 GMT
x-amz-cf-pop
AMS50-C1
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
null
x-cache
Miss from cloudfront
cache-control
max-age=0
access-control-allow-credentials
true
x-amz-cf-id
ZO4-K04DlWb6sy8YYSorAHAjYJeGza8brwJo5TbSHE3keptPtHoKZg==

Redirect headers

date
Wed, 30 Aug 2023 10:10:24 GMT
via
1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
vary
origin
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
access-control-allow-origin
https://www.walla.co.il
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
E9E3MtBoUp1o7-fjKslyPA8-ecFslUrtx-i_3whA9ebtDja6XZFiAw==
bridge3.586.0_en.html
imasdk.googleapis.com/js/core/ Frame 885F 		720 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6c84b6607a1fb1669e2110c8f5cb7af35b2f5d6c2aa06ce0a6e9d1be2af99fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
259995
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236436
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 09:57:09 GMT
expires
Mon, 26 Aug 2024 09:57:09 GMT
last-modified
Thu, 24 Aug 2023 15:59:05 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 6CCE 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 10:10:24 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0EF9 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 09:52:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 30 Aug 2023 10:52:50 GMT
9596c136-88b5-4a6a-8419-54905ef8d90e
https://www.walla.co.il/ Frame 6CCE 		6 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/9596c136-88b5-4a6a-8419-54905ef8d90e
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b94a77fa0aa100733aaea38ce611cc70fd81ebf17c1727a8511cb2bde47e2106

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length
5872
Content-Type
application/javascript
da22d492-9575-43d5-861d-6500e6b3a73e
https://www.walla.co.il/ Frame 6CCE 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/da22d492-9575-43d5-861d-6500e6b3a73e
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bbe9554acdc9fc122c3aad62ead41c1a503320adc8b145e67b1f37de5740db8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length
80351
Content-Type
application/javascript
65fff4f9-fb96-4bed-8611-c1baf4e00ead
https://www.walla.co.il/ Frame 6CCE 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/65fff4f9-fb96-4bed-8611-c1baf4e00ead
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bbe9554acdc9fc122c3aad62ead41c1a503320adc8b145e67b1f37de5740db8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length
80351
Content-Type
application/javascript
container.html
f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 736C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 10:10:24 GMT
expires
Thu, 29 Aug 2024 10:10:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D414 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 10:10:24 GMT
expires
Thu, 29 Aug 2024 10:10:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 23A2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 10:10:24 GMT
expires
Thu, 29 Aug 2024 10:10:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2292 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 10:10:24 GMT
expires
Thu, 29 Aug 2024 10:10:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012307272333000/ Frame 8F81 		222 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 23:14:41 GMT
age
39343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62092
x-xss-protection
0
server
sffe
etag
"72571316e23440c4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 23:14:41 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 8F81 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 23:14:41 GMT
age
39343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5267
x-xss-protection
0
server
sffe
etag
"85c6144a0af9a6d8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 23:14:41 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 8F81 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 23:14:41 GMT
age
39343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29055
x-xss-protection
0
server
sffe
etag
"34be4077024c0aa5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 23:14:41 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 8F81 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 23:14:41 GMT
age
39343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1908
x-xss-protection
0
server
sffe
etag
"a56399b21b8bf15b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 23:14:41 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 8F81 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 23:14:41 GMT
age
39343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13018
x-xss-protection
0
server
sffe
etag
"62ea6ad255afcfa9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 23:14:41 GMT
css
fonts.googleapis.com/ Frame 8F81 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 30 Aug 2023 10:10:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 30 Aug 2023 10:01:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 30 Aug 2023 10:10:24 GMT
iw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8F81 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/iw.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:18:17 GMT
x-content-type-options
nosniff
server
cafe
age
71527
etag
415739381108731362
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2712
x-xss-protection
0
expires
Wed, 30 Aug 2023 14:18:17 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8F81 		344 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:47:11 GMT
x-content-type-options
nosniff
server
cafe
age
73393
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Wed, 30 Aug 2023 13:47:11 GMT
l
www.google.com/ads/measurement/ Frame 8F81 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRzWsGZQ9bHIAZ0r9F0er_izvpFC7vR0zBNNLN9aSWSxjXxfG4SmSyj79rIJyVrKh261emJ4G_gtAMPc9Hx6APcfCo_6Q
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 30 Aug 2023 10:10:24 GMT
server
Google Frontend
x-cloud-trace-context
291d7cedc94c31aa78266bdc5d5fa896
x-request-id
undefined
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
x-request-id
192daa0c-cb1b-4e08-99cf-4400a33d88a9
x-vad-version
0.14.1

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
0a02479c5861928eddd6c5fe54e9e5ca
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
x-request-id
undefined
ads
securepubads.g.doubleclick.net/gampad/ 		130 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2290754539433368&correlator=1424148999049367&eid=31077365%2C31070232&output=ldjh&gdfp_req=1&vrg=202308240101&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cskyscraper_desktop%2Ctop_desktop%2Crectangle_hp3_desktop%2Cpremium_rectangle1_desktop%2Cyad2_rectangle_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7&prev_iu_szs=120x600%7C160x600%2C1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%7C1200x1%7C1200x90%7C1200x250%7C1200x330%7C1200x350%7C1200x550%2C300x250%2C300x250%2C300x250&ifi=18&didk=1193244742~1193245113~1193245112~1193245115~1193245114&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D7569efd415a233c8%3AT%3D1693390224%3ART%3D1693390224%3AS%3DALNI_MZOYeKANT1W7haCwjPOTweLon0eIQ&gpic=UID%3D00000c92955cec61%3AT%3D1693390224%3ART%3D1693390224%3AS%3DALNI_MZ9Yqdl_pP84qLoeUvRsIfm0eLWcw&abxe=1&dt=1693390224738&lmt=1693383024&adxs=1480%2C920%2C516%2C200%2C516&adys=160%2C173%2C839%2C839%2C1105&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0&ucis=i%7Cj%7Ck%7Cl%7Cm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&vis=1&psz=120x0%7C1200x0%7C300x0%7C300x0%7C300x0&msz=120x0%7C1200x0%7C300x0%7C300x0%7C300x0&fws=4%2C4%2C4%2C4%2C4&ohw=120%2C1200%2C300%2C300%2C300&psts=AOrYGsl4lPLPyHtVCvApp9WEj_dtzU3t9fUALhSNZGZChMVcKGUO3JkGsgm_s6O0GdrPl_AFjE-pxKc8rMo5Mqr6AmkkdjU-LEU%2CAOrYGslovlgRL_ekGSMCdD-goOywDs2VmiKO4A6vajGDBesckuZrpCklZP9dCwdUjaZSzXSHClgSmNO-XPycpn8xU6aSb0U0HUs%2CAOrYGsmB86cx2d1rWavLdKLuJKV0SMQdE7SV4AyZjsp1uQ66DODY_MP4hZ3Ru9bU5M6WSh91hDwbVinzvfadUiYyzCCrnAROBPM%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsn2BqA5m7IUl0fQDoeD81DmtMbbVJJNU988Y0iKxEPi5GTRC_aUzaaatU5fY1-huZnjj8g9tVIYLs0WiidDPLkxvTszHsw%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=578001927.1693390223&ga_sid=1693390224&ga_hid=211845584&ga_fc=true&ga_cid=389152161.1693390224&dlt=1693390222547&idt=1352&prev_scp=slot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drectangle_hp3_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dpremium_rectangle1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dyad2_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&cust_params=permutive%3D&adks=2273020715%2C885339186%2C1717219177%2C1472875564%2C2299111211&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
48b62168fcf244bd85b4cb8d50785346a504ec73b315f2d77adc3d6bc243a396
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38379
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 8F81 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49d91a749f03e1881e9916184d1a49bbf429c92e2072dde77f79877aea05e3b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/ Frame E48A 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.walla.co.il
Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 10:10:24 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 736C 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 03:38:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
282704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 26 Aug 2024 03:38:40 GMT
3664297453309006094
tpc.googlesyndication.com/simgad/ Frame 736C
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjss04h-u3A3gM5dKgrKYsE-L8oxG8J6S_cqXej3NoNfS51OvoT4XLhlTC90jEKiWNnjzVlE-lMyk3li7psapdwuDzJ7O8grXJRGiU1hgjBKaX_ynZyz0kT-F6EDn0WBPv6F6gL-h2...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
924 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3664297453309006094
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:44:31 GMT
x-content-type-options
nosniff
age
77154
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
924
x-xss-protection
0
last-modified
Sat, 15 Apr 2017 10:38:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Aug 2024 12:44:31 GMT

Redirect headers

date
Wed, 30 Aug 2023 07:50:08 GMT
x-content-type-options
nosniff
server
cafe
age
8417
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3664297453309006094
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 29 Sep 2023 07:50:08 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D414 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 03:38:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
282704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 26 Aug 2024 03:38:40 GMT
3664297453309006094
tpc.googlesyndication.com/simgad/ Frame D414
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsudcVNHiO9iShNZlMzKi1FOEzx3cQQQ1FbFyE1JG04-Y5Q2BgCiUwvy3ZWEczj-QxAxonUs1z9yiIgtLSQZSMmScESWZ3lXgNqH8Zn4O61EqMEyXiVKHq1ZPMUUPDiOSqrWAFXFw...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
924 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3664297453309006094
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:44:31 GMT
x-content-type-options
nosniff
age
77154
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
924
x-xss-protection
0
last-modified
Sat, 15 Apr 2017 10:38:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Aug 2024 12:44:31 GMT

Redirect headers

date
Wed, 30 Aug 2023 07:50:08 GMT
x-content-type-options
nosniff
server
cafe
age
8417
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3664297453309006094
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 29 Sep 2023 07:50:08 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 8F81 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 05:04:01 GMT
x-content-type-options
nosniff
age
363984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 05:04:01 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 23A2 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 03:38:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
282704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 26 Aug 2024 03:38:40 GMT
3664297453309006094
tpc.googlesyndication.com/simgad/ Frame 23A2
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsu6158f89i4XMY_We8xAHEAX7cIdvNnz5ejOFMAIyIDB6KoxjNG4Yz-xkglEZLv1iBkay2WsGJw2B8Pg7yBPC8HfQt_-2fVLeMsw3hE4ENFuuQ38FZWtGj3s12Pbi_x5ChU_gmyF...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
924 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3664297453309006094
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:44:31 GMT
x-content-type-options
nosniff
age
77154
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
924
x-xss-protection
0
last-modified
Sat, 15 Apr 2017 10:38:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Aug 2024 12:44:31 GMT

Redirect headers

date
Wed, 30 Aug 2023 07:50:08 GMT
x-content-type-options
nosniff
server
cafe
age
8417
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3664297453309006094
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 29 Sep 2023 07:50:08 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2292 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 03:38:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
282704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 26 Aug 2024 03:38:40 GMT
3664297453309006094
tpc.googlesyndication.com/simgad/ Frame 2292
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsvSFeayuPGaRW00EeVENGs4kVTBvSlnk_Hvk0gH-NAaj9_wYvIiPzzOsl858dVcw9AhYVVaDNy5vgPUIWBM0TtYexlHvcGMD0OK9R3p-pcGf2wmFp6wYJhda2Ji4eDZBbGdFaWDO...
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDLh7jr_AEQARgBMghMyp1u-ZMMNg
  • https://tpc.googlesyndication.com/simgad/3664297453309006094
924 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3664297453309006094
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:44:31 GMT
x-content-type-options
nosniff
age
77154
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
924
x-xss-protection
0
last-modified
Sat, 15 Apr 2017 10:38:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Aug 2024 12:44:31 GMT

Redirect headers

date
Wed, 30 Aug 2023 07:50:08 GMT
x-content-type-options
nosniff
server
cafe
age
8417
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3664297453309006094
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 29 Sep 2023 07:50:08 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 4EED 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 30 Aug 2023 10:10:25 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
www.facebook.com/tr/ Frame A3EF 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.walla.co.il
Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 10:10:25 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
ads
pubads.g.doubleclick.net/gampad/ Frame 885F 		44 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=43010785%2Fwallanews%2Fmain%2Fpre_desktop&sz=635x360%7C640x480%7C640x480%7C640x360%7C635x360&url=https%3A%2F%2Fwww.walla.co.il%2F&description_url=https%3A%2F%2Fwww.walla.co.il%2F&cust_params=app_name%3Dfalse%26providerId%3D0%26item_id%3D0%26vertical_id%3D173%26vertical_name%3D%D7%95%D7%95%D7%90%D7%9C%D7%94%26category_id%3D0%26item_type%3D%26exclusive%3Dnot%26login%3Dno%26isMobileApp%3Dfalse&output=xml_vmap1&vpi=1&gdfp_req=1&env=vp&unviewed_position_start=1&vpa=click&vpmute=1&sdkv=h.3.586.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=2054437229&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.586.0&media_url=blob%3Ahttps%253a%2F%2Fwww.walla.co.il%2Fb27ef295-a687-4831-9a98-3bcd6bf57869&sid=772A9DFC-DA36-4CC5-89F6-2AC49FDC2DC2&a3p=EhsKDDMzYWNyb3NzLmNvbRi_9LCvpDFIAFICCGQSGQoKdWlkYXBpLmNvbRi-9LCvpDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMP4sK-kMUgAUgIIahIcCg1jcndkY250cmwubmV0GL_0sK-kMUgAUgIIZBIZCgpwdWJjaWQub3JnGM73sK-kMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRi_9LCvpDFIAFICCGQSFwoIcnRiaG91c2UY0fewr6QxSABSAghqEhQKBW9wZW54GL_0sK-kMUgAUgIIZA..&nel=0&eid=44752711%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&ref=https%3A%2F%2Fwww.walla.co.il%2F&top=https%3A%2F%2Fwww.walla.co.il%2F&loc=https%3A%2F%2Fwww.walla.co.il%2Fpublic%2Fplayer.html%3Fautoplay%3Dtrue%26imaAdUnit%3D43010785%252Fwallanews%252Fmain%252Fpre_desktop%26imaKeyValues%3D%257B%2522app_name%2522%253Afalse%252C%2522providerId%2522%253A0%252C%2522item_id%2522%253A0%252C%2522vertical_id%2522%253A173%252C%2522vertical_name%2522%253A%2522%25D7%2595%25D7%2595%25D7%2590%25D7%259C%25D7%2594%2522%252C%2522category_id%2522%253A0%252C%2522item_type%2522%253A%2522%2522%252C%2522exclusive%2522%253A%2522not%2522%252C%2522login%2522%253A%2522no%2522%252C%2522isMobileApp%2522%253Afalse%257D%26muted%3Dtrue%26player%3Dwalla%26stream%3Dhttps%253A%252F%252Fcdn-uw2-prod.tsv2.amagi.tv%252Flinear%252Famg01742-walla-wallanews-ono%252Fplaylist.m3u8%26url%3Dhttps%253A%252F%252Fwww.walla.co.il%252F%26ver%3D2023&dt=1693390225032&cookie_enabled=1&correlator=2403602958643988&scor=3448924094328232&ged=ve4_td1_tt0_pd1_la1000_er1700.200.1700.200_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff293cce1a9193d70095d628cfa5ac28642070aa806951429e96bbcdb329f36f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7990
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8F81
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

date
Wed, 30 Aug 2023 10:10:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 		210 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fdb3a5f6e3182c980503f12c3b7d7a6cbbf899db34df26816ac905acb58f7cdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:35:42 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=38509
accept-ranges
bytes
content-length
65459
expires
Wed, 30 Aug 2023 20:52:14 GMT
/
csync.smilewanted.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b62a89701f26ec1da28a7957e9dbdf26c5151089025c31795f9534a0ea878600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
7fec3e6adf2b4db2-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
index.m3u8
amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb543e1f7c6c648f9ed43d67d8ef42a5f9421fde1d6988693eb5518975d1073edce2a59caa08ff16388f1ede7f0a66413a3e951fda77118fd87... Frame 6CCE 		13 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb543e1f7c6c648f9ed43d67d8ef42a5f9421fde1d6988693eb5518975d1073edce2a59caa08ff16388f1ede7f0a66413a3e951fda77118fd87eb141453c5728cfffe729a2c05616b7db083429b56a062a866a68ac39437ed0e21f48a238b6720a5aa82a66443d80b846ac7754db80148e772d8eb3dc65396d390ec90c1fbcbf5ba0f8ff5e43ca78a7e74f40917c43e59f46ced548a681d50ecb5ed471f9128096a1d9d417d7879860af55e306123256152d44abf2b93cccb8be4c7bfb562d541354e8bae18f245ea37233907c62a9c503da06dc8635841a5ad3e27c80e542ec46bf07aee246e2dfd320b79558d6a679585dc7c7a19cfa273abc2c9cc88c85232bc0a0463c2f5d0ea9d1e2daa1d4be3ca4ba415462741df62e3d72adb4508992a286a0928858902cc4fd26f95756636c1e0b8a51a3d53895799d309fc71d25535a57edb46184d7891060390fb18950824740f9c3ddd7964e1ada70175fdf65db700c7883613f2bab7eafda7447a11227a9797df7513e8502dbbd2ffea892a52533a7d1ca47b03ebee34482b857f139691753e7a26c6c444a7cc2e72958632e8d16b2a1bf8b1d3e09e2f3c2e9d31369574b707c38cbb3b73ecbf483437b31ce5c216c716a67b50cc466d205094d6efe17dda8066396444609e3b43449557c9caae5d14ec0c5eb682c044c4a4e23689c6b527d/40/640x360_642400/index.m3u8
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/3589_26d30df0f2e2888527b1_26d30df0f2e2888527b1_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-98.ams50.r.cloudfront.net
Software
/
Resource Hash
708cd92ad2d8017513154e77ceb24999d8b684eb81b3ba7360a88d8d0abc99e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
via
1.1 google, 1.1 614841c4d4b9d16b3be042dd1938400c.cloudfront.net (CloudFront)
content-encoding
br
last-modified
Wed, 30 Aug 2023 10:10:25 GMT
x-amz-cf-pop
AMS50-C1
x-cache-status
AMS-cba56054, miss
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
https://www.walla.co.il
x-cache
Miss from cloudfront
cache-control
max-age=1
access-control-allow-credentials
true
accept-ranges
none
x-amz-cf-id
tZVrbkZw_8if2MYGwGfFW4SNfm7diDINdvrfX8bz3S0vfRqUGwYAzw==
truncated
/ Frame 736C 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e2aec096f79ba68c029c32ce9959945b486bad2626a819567d5887f33890ce8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D414 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a258f670ce128451fd686e2f9dd5bd38fae6a2dec3abab6f850a3ee6312a96ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 23A2 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d18cd3b8eacb6fe2fefe9f23cadfcd6e3fd2d1765dc934481ba31d63c1402089

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2292 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f21119a95821599c2449b6c3cc9b0eb820fe65a13eb481364b23811c9c1adc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 8F81 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C1b_hkBXvZNrVD62ynsEPr6iQkAinkM-4b7uxu5mWEdvZHhABINGTwypglYr4gZQHoAHgl6bAA8gBAakCRMu0ce87sj7gAgCoAwHIAwqqBIICT9BcIjKrrLwJ-6NasqVK7PPVFX6hkvLlXTH949kN5Ra5tDbJZzIVDZM0tOKANjkaWShk8Uov8HAdH5Ix2qo_Uhd1VGwH8pt60GyrcyH3GN9X4y_7e1qkBvRQy1VZqksLOqVjkJ5XLpzOkiMvL5KMM-LpqL0O2JUoRMG0Y9VMdvJTwzCCIF9CAxA0H_k_zdNGlOeUaxWarPQsMcxkeIQIDB-IGByQ1g0QQM1THqnHYsx6VZyX6d9HYnSO_mSX9dllRIlYF88dWYnuk5oOTuCnue5-8_HnOOzwuZzDVkYgos1viU6DKkvnten7npHSYGhRxl8dwIMlm2Hay5CbnQgHh6KnwASFs7LIogTgBAGIBYu0k9pJgAeI6Nk_qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQqWDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgnMAWh0dHBzOi8vd3d3Lm12di5kZS9scC9waG90b3ZvbHRhaWsva3VuZGVuemVudHJ1bS13YWdoYWV1c2VsP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj1EUF9JQV9OQ19TVF9QSE9UT1ZPTFRBSUtfR0VOX0t1bmRlbnplbnRydW0mdXRtX2NvbnRlbnQ9JmVtX3NyYz1rdyZlbV9jbXA9MTk3ODQ4NDk5MzEvMTQ2NzE3NTc5NjUzL4AKA8gLAdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi03NjI3NjUwMDg2ODk1NTkwGPHmEw&sigh=5mFJZXyB7mY&uach_m=[]&ase=2&cid=CAQSOwBpAlJWZfkiqzXP3ophPXZlVfp7Z7HK19APHQLWaOrNcq6t8WtPFtpcV0t55Uv9-ToSfWlIji5L8yDrGAE&cbvp=2
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
decode_consent.js
static.smilewanted.com/js/decode_consent/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
504596
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7fec3e6b4fba4db2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 6A41 		0
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7fec3e6b88094db2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 10:10:25 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 9D39 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308240101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a335dc3e76f6f418f38dfec1b105b3bf7899d8265e3ad23f98f43a413670b451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11915
x-xss-protection
0
pixel
ap.lijit.com/ Frame F48D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Wed, 30 Aug 2023 10:10:25 GMT
X-Sovrn-Pod
ad_ap6ams1
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 745D
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
95 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Wed, 30 Aug 2023 10:09:09 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
x-powered-by
PHP/8.2.5

Redirect headers

content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 10:09:09 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
server
nginx
x-powered-by
PHP/8.2.5
container.html
f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3CBA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 10:10:24 GMT
expires
Thu, 29 Aug 2024 10:10:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 975F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 10:10:24 GMT
expires
Thu, 29 Aug 2024 10:10:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8DCB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 10:10:24 GMT
expires
Thu, 29 Aug 2024 10:10:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B94B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 10:10:24 GMT
expires
Thu, 29 Aug 2024 10:10:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E288 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 10:10:24 GMT
expires
Thu, 29 Aug 2024 10:10:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
RX-4f1d9cdf-53e5-4942-8191-5c24ba78bda9-003
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame 0B15
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1693390225506
  • https://ad.turn.com/r/cs?pid=45&rndcb=1049773178
  • https://sync.1rx.io/usersync/turn/2535591895242875208?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-4f1d9cdf-53e5-4942-8191-5c24ba78bda9-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-4f1d9cdf-53e5-4942-8191-5c2...
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-4f1d9cdf-53e5-4942-8191-5c24ba78bda9-003
0
446 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-4f1d9cdf-53e5-4942-8191-5c24ba78bda9-003
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7fec3e6f7d704db2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 10:10:25 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-type
text/html
date
Wed, 30 Aug 2023 10:10:25 GMT
etag
RX4f1d9cdf53e5494281915c24ba78bda9003
location
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-4f1d9cdf-53e5-4942-8191-5c24ba78bda9-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Aug 2023 10:10:25 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6549 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjytZ_sATAB&v=APEucNXVnBocaJPfqQWJXrbUE_DyR-CVW2ODIeAzHuPS2-KdYPX88o7KyAmYGatbORlb3TeOnwXDrjAyspoIGG1TbT2iVBP7Ff_eE_ysP7ObMyPyX3u8Uo3J69P_E1u7ZBp68SHUwsbWTi1ZPBg5ld7srQns-vk2iRYYkPd1ruSqe73STFf4NA0
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 10:10:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 3CBA 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 10:10:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CBA 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BCP52HmKtHqYrMXiXUIOCEvIUhykKFuLqydpg6IgLWnk0HIun6iO-9o-Xmy989ZvIer1A1hBJxlVglPjDvwqgZ7eNPPUoYtI7LQQrOMmGkix07Vlw
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CBA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8312018398775044992&x=1&ct=76
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 3CBA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:51:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
4717
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 08:51:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 3CBA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
72858
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:56:07 GMT
l
www.google.com/ads/measurement/ Frame 3CBA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSN-Qx6ROOsjU5jOfJQh289DUl5RSNugGT4tGgJZSZ_iHKZH8dB6HaSEvunDdAiwK5uPvfKySo1Ca-lEWkX7YSrDzWXTg
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3CBA 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 10:10:25 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 975F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C4IslkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSFAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2AQCGtDPauS3Q6UgSRBxysrN5nfyhdESRr-u0Yl1R1iNyUULb64-eAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDkxNjU5NDk2MzcyMTcyGPHmEw&sigh=R6mAYtfMJYk&uach_m=[UACH]&cid=CAQSOwBpAlJW7K0BTd1R7DNqprW6P2XQmKlu4L7zgwiI56hsZlcc3K7kkt3AJLI80QL6mOCCAQGgWjO-acWpGAE
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 975F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k5XPF4_eaMoH-gGdg2ICAgAAAERKsbLBpQHOUwfGnGMh-yoQkBXvZOo3-y9rzZS6StAAABIAAAoKQVFVQkFRRUJBUQ&wp=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
172745
server
Kestrel
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 4BA3 		189 KB
59 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b09be6428164fee0a979e31a87c194996e2bfe86d55a6789558b983b4cad6319
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 10:10:25 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=bc7H1kOMckU4c2dyjvvp7vE20bFfFc3Dx9AlsQfmyOYZjcHHPen7EO6n7zo1-zV0zbOFrCCDAhltJdqN6ANWMQ9sr_3c8sqCKxNpvxVLstOd7_c_DEWkREUCswQh83H7IMijsPsw9UYiJa335eLUGbCswS_0tHb9sHm2f5xbSHYQxxdHsARdPqBJsGvB8aNBJ_3Gwj1zv-kq0Gp6w3dowrobzdZvG4mkwVObBFvSO9WD6-W4k7J_fdax3otCpuMNZRfjUw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
46485360
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 975F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:51:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
4717
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 08:51:48 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F726 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
82586
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 11:13:59 GMT
etag
48472445140208031
expires
Wed, 30 Aug 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 975F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
72858
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:56:07 GMT
l
www.google.com/ads/measurement/ Frame 975F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQVKGrxQ6UP9txKEBhN1omkrLSLz7BzkxDFQLW-RFb9YFsAdmqnlWli-k6HkDG5ZsObyeE86QdcAyGmab1srOtXd0F3jA
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 975F 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 03:38:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
282705
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 26 Aug 2024 03:38:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 975F 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 10:10:25 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 028D 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNU1aSGtQ2HSXktkvEW4ogD9i1EsciAYuZVyVBFT7kGDuGiNdaXRs9PnfbB7cqaNUS2NWq6sJ-FpHg4oOZ9RCfB-f-t2FGYsiRckw2LncpI1G-tJYn0PvGC1Bsy2_Cfts3s5y8BlRqV7_irVBt1qSrL1Uo8VS8LfRq3e5pSSVIWhlhjrmbc
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 10:10:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 8DCB 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 10:10:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8DCB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AOF4uDcUHR01L4-oRhSPtvjkMz_WLpAcujRqok1bac3oAAYfm-imMxcgplq-VLZNmgbtPoFvmhqK1iUYor69su9kGVE-ah0aGlGOipOgiY2z1S13Q
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8DCB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11278931248339396067&x=1&ct=76
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 8DCB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:51:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
4717
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 08:51:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 8DCB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
72858
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:56:07 GMT
l
www.google.com/ads/measurement/ Frame 8DCB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQVufW_0U3tHN9awfX1WLDo_4S-HyydSRK8uNo3g8INBkmO5rXThy-G2Jo2aqsPl8-UEVBimrkcdPfyP6zG7Q2Jbrjwpw
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8DCB 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 10:10:25 GMT
d6a17f44-7554-52f2-b666-c553d289d0c2
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame E0A6
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=-5245383880774798665
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/d6a17f44-7554-52f2-b666-c553d289d0c2
0
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/d6a17f44-7554-52f2-b666-c553d289d0c2
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7fec3e6edc634db2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 10:10:25 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/d6a17f44-7554-52f2-b666-c553d289d0c2
pixel
googleads.g.doubleclick.net/xbbe/ Frame E42E 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWtUwNGyYO-Je5D2IvyE_hG0O4s1txAMglNfAk7mcaZsOKjSQKitXF2CBeWKNYsnpYnI2COP_gii5jLNQJc2yD45VhosL_CP-uyfLPWorS9mCIfzVt7-DmjNk_SIcXw-CYrVcj0yiUSnnwmsF0AeeYfks19ZEddRLhr7bEgMsk-Km42SSM
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 10:10:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B94B 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 10:10:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B94B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C2qYfp0REUXmPTNpOOoAl35B5RKtTMMo9DuG_hhtdx1ydYqOWQoPqrkud9is3Lvx6shL72N5jGHb26p6iWzZ4WSsYjoCjJAYbWlura9aYA12qdHTo
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B94B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2144809379395157053&x=1&ct=76
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame B94B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:51:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
4717
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 08:51:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame B94B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
72858
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:56:07 GMT
l
www.google.com/ads/measurement/ Frame B94B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSDmWEmjFL2eMXUsYLdal7LbheWEWIwY1JvdTfJIAXQjCC9uxoEoZ0bRjIRnyO-fm50oR0FTWdiAMZloLQr0v4b9wZpCg
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B94B 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 10:10:25 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E05D 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXWBb04QMJd7J_1CKwEteifHYdMqC5FP-TQkast2z2cnRBXIshSHJYiTGOqFLFoAjaGsrAVCilNiaLOv2qlaG-OsU0P8O1IZc-j7k_QE75_chaskPyntKEkKJ14vSW8ElQTuiauCs1RJNaABq6QAJIz5SqCX0v6fiJvhkKjTlcogVSLSjE
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 10:10:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E288 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 10:10:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E288 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BNy3DCbvfsnLRw3XJI5UtRgzlHkL10Q6BDmv71MJXopcdXkb_6OQ8YQCY0TTevBTiEUhZAT9MYTzZ-3FB584uaclgACSB4sx1_vKHGVLGq0IECyC0
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E288 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2554340492466510173&x=1&ct=76
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame E288 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 08:51:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
4717
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Sep 2023 08:51:48 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame E288 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 13:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
72858
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 13:56:07 GMT
l
www.google.com/ads/measurement/ Frame E288 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQO-Ju3WrPCOQzet-CkEXU80Eyj7zSFeC05j8I-IVS8KpIeP_NA6PixFYqPEOhVt43FcZGEQ7-ezXKXABK38oHAmNkYxw
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E288 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693222425768293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 10:10:25 GMT
smwt256.gif
us.ck-ie.com/ Frame 5385 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Wed, 30 Aug 2023 10:10:25 GMT
Server
nginx
csi
csi.gstatic.com/ Frame 885F 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~llxktfvs&c=690763233471&slotId=345381616735.5&eee=missing-element&bi=missing-id&vast_v=3.0&wta=1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=211845584&t=event&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=IMAPluginLoaded&el=&_u=aDDAAEABEAAAACAUI~&jid=&gjid=&cid=578001927.1693390223&tid=UA-4780630-1&_gid=389152161.1693390224&gtm=45He38s0n71T728TH&cd1=578001927.1693390223&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=0&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&cd122=GTM%20video%20event%20To%20GA&cd123=https%3A%2F%2Fwww.walla.co.il%2F&cd124=&cd35=editorial&cd38=Live&cd39=Live&cd44=true&cd47=Live&cd49=&cd50=Live&cd72=true&z=1074540925
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:30:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31189
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6549
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGNgSdLoMJSL9pEYpFhIS2g&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGNgSdLoMJSL9pEYpFhIS2g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjytZ_sATAB&v=APEucNXVnBocaJPfqQWJXrbUE_DyR-CVW2ODIeAzHuPS2-KdYPX88o7KyAmYGatbORlb3TeOnwXDrjAyspoIGG1TbT2iVBP7Ff_eE_ysP7ObMyPyX3u8Uo3J69P_E1u7ZBp68SHUwsbWTi1ZPBg5ld7srQns-vk2iRYYkPd1ruSqe73STFf4NA0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 10:10:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGNgSdLoMJSL9pEYpFhIS2g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6549
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZO8Vkbtxviw0lCdvPLjgqwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGNgSdLoMJSL9pEYpFhIS2g&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGNgSdLoMJSL9pEYpFhIS2g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjytZ_sATAB&v=APEucNXVnBocaJPfqQWJXrbUE_DyR-CVW2ODIeAzHuPS2-KdYPX88o7KyAmYGatbORlb3TeOnwXDrjAyspoIGG1TbT2iVBP7Ff_eE_ysP7ObMyPyX3u8Uo3J69P_E1u7ZBp68SHUwsbWTi1ZPBg5ld7srQns-vk2iRYYkPd1ruSqe73STFf4NA0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 10:10:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGNgSdLoMJSL9pEYpFhIS2g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6549
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELH0QnvIQpkBeBuo5ZGvqhY&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELH0QnvIQpkBeBuo5ZGvqhY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjytZ_sATAB&v=APEucNXVnBocaJPfqQWJXrbUE_DyR-CVW2ODIeAzHuPS2-KdYPX88o7KyAmYGatbORlb3TeOnwXDrjAyspoIGG1TbT2iVBP7Ff_eE_ysP7ObMyPyX3u8Uo3J69P_E1u7ZBp68SHUwsbWTi1ZPBg5ld7srQns-vk2iRYYkPd1ruSqe73STFf4NA0
Protocol
H2
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
an-x-request-uuid
7612bfcc-aa03-46d1-877c-b4f500586e5f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.25; 217.114.218.25; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELH0QnvIQpkBeBuo5ZGvqhY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6549
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ3MjUzMzc5MDIxMjYwOTM4MQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ3MjUzMzc5MDIxMjYwOTM4MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjytZ_sATAB&v=APEucNXVnBocaJPfqQWJXrbUE_DyR-CVW2ODIeAzHuPS2-KdYPX88o7KyAmYGatbORlb3TeOnwXDrjAyspoIGG1TbT2iVBP7Ff_eE_ysP7ObMyPyX3u8Uo3J69P_E1u7ZBp68SHUwsbWTi1ZPBg5ld7srQns-vk2iRYYkPd1ruSqe73STFf4NA0
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
an-x-request-uuid
b25374bb-9fab-42ba-ad04-1a299aafaf7b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ3MjUzMzc5MDIxMjYwOTM4MQ%3D%3D
x-proxy-origin
217.114.218.25; 217.114.218.25; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 885F 		33 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AJF2E1g9G4lB1LtP5HjqJN1dhuZKOzg2TgaXH1ce3lGYu80v5h1AWgDnbf5_k5WnrbfRPib0dmskj1SwzuoRPtwFjyoQ&cry=1&dbm_d=AKAmf-DZTnw9QSRyCDMXl91_NwQ_4-WGbae-gG-wC3m5-9RmRKVFZw18ZsN3ob8EF00sqy-zpjjJvP7fTkDoVlX0f6cMHWBzJTQIHkWI5Jjh6tijB64UWBLt2G4dUhhH7XBiuTQhTWDyy0kFnpbrOyYI7Pwu_FPl8ypJ92sCWgQbzwPcA4GkLU2haTXphBSq9sOneMf5BxseIJ_RkB6aCX_EI88tP6rxnzuCx6253blmTtvpVFaNz6YdjBE7un7ihOBkFzYBjDDeeMbD1PmjDyb70tT6Eav_RD1Gwzdc8_yfNDDx_mEuL__q4RKvIq37ZLPW34vC10HX0m0Lf6JbQaeyUgIQw_dlQPM8iJiusCAfZHcoEAPz7EiuksN3bKayAtq0fcEbvAwdDICctNZjFdSjP6fvonpzqBZGS4ejq_fGqi2wh3xH4zrgg7aPf7RWZWQz90iBSbXThUdy0PKXfieA5b_JKLgGtfxf-B7FnfHRfI_KRqANu5nP0-TpXeB9InZrTrbmTTXLyrOzEjijpUVsANZhZQwymEAaxkL-R1LIooEQ-dnYeFOeBHHj7Zg-4isg-wHkoARlach38jfRjEaP7_-umSHOKaUUn90G8ktZsLFyybHO1UXeT3KxCcCvOZX757oBGNLOsdXWcw0WUDKiXqlrJgVRGZVu89ISb9auWpmBhTZNyFwe_XclXniltKicbd9wrntQHkMRRcTzLKt8m0W0of_8Kfz8_TUvodutTwqIQS5Qw8iROp8qyCgGQiaJy8hgt4C5P-rRSK20-fP4delzYuHghug6lg6F2lL2TWOFgt4m2G67yfmNNOYUx8UEZy6PIw9OZ5kBE0XmMwv58bcOxqf4BwXJmOH-wcdfVDtVSKmIi-6QqHgIaExTLBCP3Q9fDSuslqpjQma7xAvclGQK8O9I29jKq9KfENHjkrHXhTtYpowjog0cuz9-AUx-yihyEvy1F6lioJ8VUxqeZnfDSe41ufueF0J7ofbgWOSLWYFavD7iw3aUMFcHxGuwPzXFNTg37lY4ZP479UzGmHaF82LEixvsi0sT58nz1hSIvv94DnULhleS2BJDY2ComMPta0-2dnAGS3AVqwbtsTCC05YS-0pn2CNopKtj3StX66yVv-44fW3M2mzjt_eJPjWX_CYgFg1nujl95ZF9IsMzX-t0k9H8QMW_NEP0bWRglGRGSw-qzDf61IxVQVWMun4b2eL5vCA2dkkCz_s2YJCVbumAO3w2NaLskpdF7HKH00daBVwPfinFz6z52hb0iZ6mid_ZZA9CBraIMKCCVY6Un9NkoFEwUoQu6A6ExY8hRPvGakEKB4l4fBt9HyISrPRSduO_xXw6JgeQq92JrZ2DLYoCm0PgiPD8-ilHTezzOKtLwPoAIMt0PGPuYpqJ2tL_EbBNocHhs0UhFVuSrGe0od8aHRCMy44K5_T8ftwjiejPydNDrMdjWJF20f3L1t7ZCoLXjRSzeMKZr16k7b7GFmo2cR8X-evYtGSuKNnS4-Al7QnS-vhxdCM4n2_6VUIFUmOCUxHQEyb8uEb-Irjjk3GByuxrdx0kyayLySts8BOGpqmy0zr_dFV1NA3yL21Oxvv5iLDBLQxIBt3-tO5i86wtac2h9wq5pTd966Hn0K2_b4PwsuiCJ1IamwthuVSC30qDr40a3h5jfZeCcGwjR3x5PkL4U-M8yl3FT_7qNHeNs1XtzmfyEigCgJwX4qYLOx0YW_Zgt7f_ImySRNnZBiiKcuMkAMFziFt3DOQ0N1G2nJDlTHhGJjaQxxIzqG0G0DpxsQK0oHZ6YqKdnD4k2fkQmvjgiF-7e1vDlsTOdHT0S6Ypxh4PFYEJJN3hVshb5TnVYoi2qWea6U3CzxmjJyJIvInhASSCmKBlWdhIpg8ivPzBG2tFd3S5UAVvbRgR0BquKEwjzkU5t6Ylsl09VW-8l4ZFmolWzwDcTiR2qAY0daMSM0KHT0cUPkcwK-Y4s72wSKcaY2B-CDwzHyoHs455rB52YDPEI3f28jNvfP5JJO4yuRAoHmycTodLXKqymEF2dP0WTh6K0Ebu3RVQLT0GgFQx3iUx3oknz-KBZPkDWrfFxcT21OWT5ryBmcxAxIbolH30GmuT3SnokPCb5I9fkw53VeqzipWiGjVpx8Xp0R-Sv_svIVp3-sG_ZU7MiIvddONR6MdOCLTBctZz5intt0zCuaOmERP2r2PKFyHhKNa-Q_yX3tlql8MiwrcN5c3CriO65qutR_xbmjGaj3lPpGp6g5Xx5BwGmeImLoLjFsqJMQuPMcPFLn2MoDEddKveNixzDOPcamdWlM9fs_SQjf9SMp2si-wNAbptns5jHtQorDu4ewuw3gth4rus_Guk71E-L0vJrxqcHEVWlZ7um2GXrqMaCxPNy4_5mdsvQcP_iXY36nuMtrV28D47LDTqg_M4eSp7QsKxUDkBiiIUtG1xCRBUknMYPlQpUv3aBzdoMZYfxwUZI-2_8nTwabGcE92wKjw7VMfH7i-3VMUEJSNjM0-YhpVtbbcXDF18lNEKYqMSLflh6ge9HW7iaqjbew3pUOeHQRJqEsDna9SXd09K32WD0nmKsb8_zuWk1bc1Hb55lMy8IzgyoqxBPQSrI5UwFYHm52hztyx3XT9x1zZ_n6jFtRXiOTwJQeqvEuLMfiQaZCaCcNGRNDbEjxcMAnIdiMG9_fhCyEPFNBaldAO0r9fTVgToArdFxj0NMSoP7xMQMk916gjEMFM1SfpjMS8ElVY4baYqsD-sTredOvozvlgcUIK9L2QEpjaFG-h5C0f88cdA6JXx_8QXBqzSaQ3SbLVihXhDk09SZdXxyCltsj_la0cjKUED8Anyt6Yp5QJ9GXLDaI1YjvMYgiig1C7R4UnU-ItVM9KQQXAv-YL4gWyH2BDMz5AHglS5jDLi6gQmbaIHlFjwD5vX2smWijnLtAOnm4L-MfesHnwxOlAN4ow6x_aDl_a0xQWhFuz_2550MmaYcj5nUDJRqLSb76-Skwvu0zKJOg8iTJhggJNDJBoDVMjOvz04HTg4Hek4x71Ww5suR4wjxeRut-oIBPux3BET9d7JrJAMxWi8cRcQHf3vFyHYMSEHgJVL2AAL4Np8Chk9AsCm6NIoXuTLlH0LLkuf0ONCTYAehXJtXnK780Ya_EnDcp3SqLlTjJ-0OPZdOq_Su2UMGX2Y0Dv082K5VuYT7fmlZUF2lQD6E0DkEKt_CrdHoYyOoJ4dbNrjIxXiWGrSNSH0FjVYOwKKUCXtSzwq51dcDk9Wl9Gx_I2JhG0XunO-p-v-Bg7EXaMwly6Q8GQmrGWz2-242YY4xQzUEYhK1SdQM0-SqhjzREfydTQcuG1TomkN-OyRHq0pHfWVXgNa_GtFxCp_e6PnxSVVmIcNYQhfcyO-zwizbM7liU6XYdI4NhPxvm1B6s7a1T_4jXDFgm-RrXbaea-byiJ21TuBG5HtmEkKIvAhQFeiuZzvBWPxX34rHvcU9Sr7CGvxEzf2gSl0MUkS8UE8RjUYuriVlJHosEWwNmFWqNIsIsMfSsWFfs29XMk6HU2VlH6NOQspRSPMrB7P6WDuzPkdG98uUmo6TRKc0KVkvEMluTPDa925lSN2NFN8RnI&cid=CAQSOwBpAlJWU1ebusf--KA2sCCLpp1-l5tMZAVQX03bPMOnfVd-e2BGdVLT8iAcHxA0BBROlDVQL1e3pfa5GAE&vpa=click&vpmute=1&sdkv=h.3.586.0&osd=2&frm=1&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=2054437229&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.586.0&media_url=blob%3Ahttps%253a%2F%2Fwww.walla.co.il%2Fb27ef295-a687-4831-9a98-3bcd6bf57869&sid=772A9DFC-DA36-4CC5-89F6-2AC49FDC2DC2&a3p=EhsKDDMzYWNyb3NzLmNvbRi_9LCvpDFIAFICCGQSGQoKdWlkYXBpLmNvbRi-9LCvpDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMP4sK-kMUgAUgIIahIcCg1jcndkY250cmwubmV0GL_0sK-kMUgAUgIIZBIZCgpwdWJjaWQub3JnGM73sK-kMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRi_9LCvpDFIAFICCGQSFwoIcnRiaG91c2UY0fewr6QxSABSAghqEhQKBW9wZW54GL_0sK-kMUgAUgIIZA..&nel=0&eid=44752711%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&ref=https%3A%2F%2Fwww.walla.co.il%2F&url=https%3A%2F%2Fwww.walla.co.il%2F&dt=1693390225515&ged=ve4_td1_tt0_pd1_la1000_er1861.200.2208.816_vi0.0.1200.1600_vp0_ts0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f156.1e100.net
Software
cafe /
Resource Hash
a808443c33b35b61a773d6308db0dffdfd3a228e2c853fc4515679c8f204e472
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17723
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie
cm.adform.net/ Frame E782 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Wed, 30 Aug 2023 10:10:25 GMT
server
nginx
sd
us-u.openx.net/w/1.0/ Frame 028D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGOLi3YCPFeArRDjM19heGE&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGOLi3YCPFeArRDjM19heGE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNU1aSGtQ2HSXktkvEW4ogD9i1EsciAYuZVyVBFT7kGDuGiNdaXRs9PnfbB7cqaNUS2NWq6sJ-FpHg4oOZ9RCfB-f-t2FGYsiRckw2LncpI1G-tJYn0PvGC1Bsy2_Cfts3s5y8BlRqV7_irVBt1qSrL1Uo8VS8LfRq3e5pSSVIWhlhjrmbc
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGOLi3YCPFeArRDjM19heGE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 028D 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNU1aSGtQ2HSXktkvEW4ogD9i1EsciAYuZVyVBFT7kGDuGiNdaXRs9PnfbB7cqaNUS2NWq6sJ-FpHg4oOZ9RCfB-f-t2FGYsiRckw2LncpI1G-tJYn0PvGC1Bsy2_Cfts3s5y8BlRqV7_irVBt1qSrL1Uo8VS8LfRq3e5pSSVIWhlhjrmbc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 028D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEIPz9bvk5H7NUlj7VU9EFc0&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEIPz9bvk5H7NUlj7VU9EFc0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNU1aSGtQ2HSXktkvEW4ogD9i1EsciAYuZVyVBFT7kGDuGiNdaXRs9PnfbB7cqaNUS2NWq6sJ-FpHg4oOZ9RCfB-f-t2FGYsiRckw2LncpI1G-tJYn0PvGC1Bsy2_Cfts3s5y8BlRqV7_irVBt1qSrL1Uo8VS8LfRq3e5pSSVIWhlhjrmbc
Protocol
H2
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 30 Aug 2023 10:10:25 GMT
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEIPz9bvk5H7NUlj7VU9EFc0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 028D 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNU1aSGtQ2HSXktkvEW4ogD9i1EsciAYuZVyVBFT7kGDuGiNdaXRs9PnfbB7cqaNUS2NWq6sJ-FpHg4oOZ9RCfB-f-t2FGYsiRckw2LncpI1G-tJYn0PvGC1Bsy2_Cfts3s5y8BlRqV7_irVBt1qSrL1Uo8VS8LfRq3e5pSSVIWhlhjrmbc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 30 Aug 2023 10:10:25 GMT
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame E42E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGOLi3YCPFeArRDjM19heGE&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGOLi3YCPFeArRDjM19heGE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWtUwNGyYO-Je5D2IvyE_hG0O4s1txAMglNfAk7mcaZsOKjSQKitXF2CBeWKNYsnpYnI2COP_gii5jLNQJc2yD45VhosL_CP-uyfLPWorS9mCIfzVt7-DmjNk_SIcXw-CYrVcj0yiUSnnwmsF0AeeYfks19ZEddRLhr7bEgMsk-Km42SSM
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGOLi3YCPFeArRDjM19heGE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame E42E 		43 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWtUwNGyYO-Je5D2IvyE_hG0O4s1txAMglNfAk7mcaZsOKjSQKitXF2CBeWKNYsnpYnI2COP_gii5jLNQJc2yD45VhosL_CP-uyfLPWorS9mCIfzVt7-DmjNk_SIcXw-CYrVcj0yiUSnnwmsF0AeeYfks19ZEddRLhr7bEgMsk-Km42SSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame E42E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEIPz9bvk5H7NUlj7VU9EFc0&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEIPz9bvk5H7NUlj7VU9EFc0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWtUwNGyYO-Je5D2IvyE_hG0O4s1txAMglNfAk7mcaZsOKjSQKitXF2CBeWKNYsnpYnI2COP_gii5jLNQJc2yD45VhosL_CP-uyfLPWorS9mCIfzVt7-DmjNk_SIcXw-CYrVcj0yiUSnnwmsF0AeeYfks19ZEddRLhr7bEgMsk-Km42SSM
Protocol
H2
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 30 Aug 2023 10:10:25 GMT
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEIPz9bvk5H7NUlj7VU9EFc0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame E42E 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNWtUwNGyYO-Je5D2IvyE_hG0O4s1txAMglNfAk7mcaZsOKjSQKitXF2CBeWKNYsnpYnI2COP_gii5jLNQJc2yD45VhosL_CP-uyfLPWorS9mCIfzVt7-DmjNk_SIcXw-CYrVcj0yiUSnnwmsF0AeeYfks19ZEddRLhr7bEgMsk-Km42SSM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 30 Aug 2023 10:10:25 GMT
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
current
dclk-match.dotomi.com/match/bounce/ Frame F726 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMYJ0G-r8r4EDtp9NusaUB4&google_cver=1&google_push=AXcoOmRlAUo_G3BaDpIHnmW5jdNFLwbZ4M7qtOgvOaq2FfiBFQOz6T9VdPQYWXDzBsW_qJSVUsT_iU1ixEVfTIk4Xs6NBTN8xNXVarap2IYp7es3zIyIWviEJP_-IUjtyzsaAS3_3ioUtOJH
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame F726
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOOS5DrK4SHCUm-eTgL_avc&google_cver=1&google_push=AXcoOmQI3A8ypWVYsUn1b3d9VFAPftYphY8nRe0PMX-dN7f6AMB4WB2szU-AGEHOPYrG1bHTXIXq9hRL-nomNr...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MzA1NTYzNTc1NjYxMTc0Mg%3D%3D&google_push=AXcoOmQI3A8ypWVYsUn1b3d9VFAPftYphY8nRe0PMX-dN7f6AMB4WB2szU-AGEHOPYrG1bHTXIXq9hRL-nomNr6YVf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MzA1NTYzNTc1NjYxMTc0Mg%3D%3D&google_push=AXcoOmQI3A8ypWVYsUn1b3d9VFAPftYphY8nRe0PMX-dN7f6AMB4WB2szU-AGEHOPYrG1bHTXIXq9hRL-nomNr6YVfgj0OfXjnZBROzmqfFCPdrAZNCXXoJs5ksih0pq3isoOvfb_HA47vb2
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MzA1NTYzNTc1NjYxMTc0Mg%3D%3D&google_push=AXcoOmQI3A8ypWVYsUn1b3d9VFAPftYphY8nRe0PMX-dN7f6AMB4WB2szU-AGEHOPYrG1bHTXIXq9hRL-nomNr6YVfgj0OfXjnZBROzmqfFCPdrAZNCXXoJs5ksih0pq3isoOvfb_HA47vb2
Date
Wed, 30 Aug 2023 10:10:25 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame F726
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPRarsN5ERDz35wOGmAM9js&google_cver=1&google_push=AXcoOmS1MEArAk3Fr7wkbdf-Yun4bgJoDczOqCw57AczuHO2splXxCrR4uneUeD-CQOxxfw3EO4-bPuJNiTYju8Z_GF_qtC...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS1MEArAk3Fr7wkbdf-Yun4bgJoDczOqCw57AczuHO2splXxCrR4uneUeD-CQOxxfw3EO4-bPuJNiTYju8Z_GF_qtCMwzGNV3_EC5oZXbvhGSt6FN5SEppjSYeCWqOuf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS1MEArAk3Fr7wkbdf-Yun4bgJoDczOqCw57AczuHO2splXxCrR4uneUeD-CQOxxfw3EO4-bPuJNiTYju8Z_GF_qtCMwzGNV3_EC5oZXbvhGSt6FN5SEppjSYeCWqOuf2l1XSGttki7&google_hm=eS03N2FIUkx0RTJwR3p1RVhFb2FsTVpDZ0U3dENYYmRVX35B
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 30 Aug 2023 10:10:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS1MEArAk3Fr7wkbdf-Yun4bgJoDczOqCw57AczuHO2splXxCrR4uneUeD-CQOxxfw3EO4-bPuJNiTYju8Z_GF_qtCMwzGNV3_EC5oZXbvhGSt6FN5SEppjSYeCWqOuf2l1XSGttki7&google_hm=eS03N2FIUkx0RTJwR3p1RVhFb2FsTVpDZ0U3dENYYmRVX35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame F726
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ-dIGlCqa4Oq1xfbI4RMGM&google_cver=1&google_push=AXcoOmQ6h5Y42QmrcuhpK1dIXCL7fq1WjO1RxF89pjOWhmks1rGtCEwKiAZCYzyOyktAKfWNoMh6LeYY...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJ-dIGlCqa4Oq1xfbI4RMGM&google_cver=1&google_push=AXcoOmQ6h5Y42QmrcuhpK1dIXCL7fq1WjO1RxF89pjOWhmks1rGtCEwKiAZCYzyOyktAKfWNoMh...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc2MTY5NzIyMTE4NjA5MDgxMA&google_push=AXcoOmQ6h5Y42QmrcuhpK1dIXCL7fq1WjO1RxF89pjOWhmks1rGtCEwKiAZCYzyOyktAKfWNoMh6Le...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc2MTY5NzIyMTE4NjA5MDgxMA&google_push=AXcoOmQ6h5Y42QmrcuhpK1dIXCL7fq1WjO1RxF89pjOWhmks1rGtCEwKiAZCYzyOyktAKfWNoMh6LeYYwdel9QILrUbXSHYjmwIw8bl3IaPBjX2KFTgMxgOuk0mgQxF-lMEb4-9h1hmUaP4
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc2MTY5NzIyMTE4NjA5MDgxMA&google_push=AXcoOmQ6h5Y42QmrcuhpK1dIXCL7fq1WjO1RxF89pjOWhmks1rGtCEwKiAZCYzyOyktAKfWNoMh6LeYYwdel9QILrUbXSHYjmwIw8bl3IaPBjX2KFTgMxgOuk0mgQxF-lMEb4-9h1hmUaP4
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame F726
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=V_FQvfMoSUuK4ONyqrsw6w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=V_FQvfMoSUuK4ONyqrsw6w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTQOwYjaC0H2LuvaVmu2vFUSBrDHBiGz1ghbD1Qsh7fTwhMIRwEyC5fIMTms05SBtJH3ruqlzyhBIZg6ykWZiVv_Vpfc9eeTMSWm9rWJljw2chjfWU4EyzFfJ6KZEA5CliQCCV1Kedy
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=V_FQvfMoSUuK4ONyqrsw6w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTQOwYjaC0H2LuvaVmu2vFUSBrDHBiGz1ghbD1Qsh7fTwhMIRwEyC5fIMTms05SBtJH3ruqlzyhBIZg6ykWZiVv_Vpfc9eeTMSWm9rWJljw2chjfWU4EyzFfJ6KZEA5CliQCCV1Kedy
date
Wed, 30 Aug 2023 10:10:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
sync
ssbsync.smartadserver.com/api/ Frame F726 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJZUBbW6q5EZpobixE3_VJk&google_cver=1&google_push=AXcoOmRfKUTEsJ-mKg8mr1cU4ooceD6yAR27o4vxtyRKspVAfFGrpXCP58W280B4fzUaXf7raA0TnpvePTH6AySd3Os1SE3r-VQR7i_yfoJDy5olHAP1OpuiklbhHhJlL22zNXmXX5eN5Zqo
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:24 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame F726
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEOe8caNXiZ3Lu6JMXy5YulM&google_cver=1&google_push=AXcoOmTOoeDAI7l3U...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjQ3MjUzMzc5MDIxMjYwOTM4MQ%3D%3D&google_gid=CAESEOe8caNXiZ3Lu6JMXy5YulM&google_cver=1&google_push=AXcoOmTOoeDAI7l3Ul7KX8M2VQdDa8plZG...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjQ3MjUzMzc5MDIxMjYwOTM4MQ%3D%3D&google_gid=CAESEOe8caNXiZ3Lu6JMXy5YulM&google_cver=1&google_push=AXcoOmTOoeDAI7l3Ul7KX8M2VQdDa8plZGVROxESFGOAf9KnK5MwNNhKcRvzLb-__XEmaw2Ktw_jracaOptT8F69FMn-v7xKbvJoJD84emkl6t9aLYMLosKcAjDTP6v9egjByetVpM_6BVAq
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
an-x-request-uuid
d7981e28-ac57-405d-9e5c-a292e1c01cbe
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjQ3MjUzMzc5MDIxMjYwOTM4MQ%3D%3D&google_gid=CAESEOe8caNXiZ3Lu6JMXy5YulM&google_cver=1&google_push=AXcoOmTOoeDAI7l3Ul7KX8M2VQdDa8plZGVROxESFGOAf9KnK5MwNNhKcRvzLb-__XEmaw2Ktw_jracaOptT8F69FMn-v7xKbvJoJD84emkl6t9aLYMLosKcAjDTP6v9egjByetVpM_6BVAq
x-proxy-origin
217.114.218.25; 217.114.218.25; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame F726 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ix4hvKV3zTwcuqF3vQ1H_KezbzkwJMsjReSjB_SKtT-3eO1TfW2DvZ4SoJZV98FBJin4WKxw
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
partner
sync.search.spotxchange.com/ Frame E05D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEM1XTz_pJhKywQZalc07kP8&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame E05D 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame E05D 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNXWBb04QMJd7J_1CKwEteifHYdMqC5FP-TQkast2z2cnRBXIshSHJYiTGOqFLFoAjaGsrAVCilNiaLOv2qlaG-OsU0P8O1IZc-j7k_QE75_chaskPyntKEkKJ14vSW8ElQTuiauCs1RJNaABq6QAJIz5SqCX0v6fiJvhkKjTlcogVSLSjE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
truncated
/ Frame 975F 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
931ea2be4ac0b47d38c0386cd57cb6b155e00e9a4570fe309cc9056219ec974e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
cf5ec43bcbebae19d3c7c18df99423
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 07B0
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/cf5ec43bcbebae19d3c7c18df99423?gdpr_consent=&gdpr=0
0
364 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/cf5ec43bcbebae19d3c7c18df99423?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7fec3e6edc644db2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 10:10:25 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Wed, 30 Aug 2023 10:10:25 GMT
Expires
Wed, 30 Aug 2023 10:10:25 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/cf5ec43bcbebae19d3c7c18df99423?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1693390225674041-383
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CBA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4324184250491&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CBA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4324184250491&version=m202307240101&ct=76&x=1&cor=8312018398775045000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3CBA 		98 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DbgoRwf1uiBxBg5H0Y9iLGszW-AM1OkAHbGEErNoOKlZNyFPPPMX3ZZIbXzPp7joHjM51ijcGDroh7O9w2422O0zqobbKZdcqp5BUAg87gp26GHGA&cry=1&dbm_d=AKAmf-DJZC7yvcurrIvt0EUetUehFiWtY4_OXd0Lfz5Rl-05qguAIMW5jdJbx9cA3NKPQNd7XgEUQrT1NnfswDLEFk251zA6XgEvY6tvPD5_EDwpM5WR4oucLQo899KaeW8lBQ6SImUeEwWaIM6T6pST85AOYtcP_E3t5dVo39m_rtwg9hhRtg931Kv9mE-rWsVf2AKS8rr9m7RR9kfJu9pON-3oAHSvf65UmoaH-n8_NRSLsu37Ws_wpCFAqAiqrW_lVjzqLFAG960-bZjcF1rraahXIvIXyjYJ40gnGg99pPQHmYgyzOZezWG3j2nwANqbJno4UGam6OdlFOFiiV24UgM41YXM2loFJCRcPyC68v_9EvBFsCIc6ijcpFi1YLLHZ4ot6b5lQR4NaLhL9ydjbvmb3fnacRMd6RSeMX8MSA2rEMeQcDQzdmWy-wzzRFFyRMj93rLZ5AeYl45NVFZKwJfuEkpKlBt5VO2pfOwBoe25zLZkunpp4bHTmlRuSz9DewEV-j9eaa1thCPNSBamNO5SmeQdl4E716sOtyc4Tnk_p-2qNQzLneeNCeyJgGt6MqhS4AqCwoXVGnMJMd4VXK_FCs-q7kkjXQHKOiX8yZ8eBV-MCRMCizrTfV7c1ZSoG7wsAsRrvPmq-MZPUDRd6gCt7EhgGWwwHCALBJG6JKgNr1oLvdpmeC0HteKo4oPgKaTTcDc2e4mjtjSHYCsqQDJq8-Q9mcBzocLyZIlr5JxzYeTvtnvCCD1aRKrLTX3065kgKhB-bg16Sdo95Z4c5w2mZv4bLCUB2mLseG75rVtwHCn-GPZ82hEAyXVAY0FwyRYnuspzcAlF9C9M4l96ud1fBw046MMKtkExPiU8BaSprDljLCiGtT7P8z-C22doFKbdnHEWFD55DL4T8TG3YHExcb4k8D7Pv6XICe42Oz23WGuiqmx0klDZDbv8hBBpkk_7pmd9IrBXHYUWw6idtvgRqiXGtAQAey7l-oL57KUuCdL5XUh3xKvUP7ydvim4tqgNpG8vr-kM6Ooaj3UWn9pMYkuPe_KfnUt74Z07M_afACngmhtO9nGpzFTgeDUHZTn_eeQRGSm6GUKWKW5jCdSMij1IAepy7Qes9ya682xSBVWVm5wumN3vX5dc7monvBfNU_j7nKWoLnpC-YLxZ9753H_PjVfit-Riii4EkYRMYbe6qNeldN6Gam72gzLegZXYPaonYXlAXdPS_I5c9l5SDZsWqEqy7zja3VJ5uP6rVUJgZSdeDy_B4XYz6-CGA4sg892OT8Zmr6QUUzOTVKC2Tfqj5_JetG3uIxrwhQ8y6NFU6V6L6p8ERJuSaHbqrgenbJt5SC1-jPRr29nvPFIy1qA06Q4Wr8zsPhZ2MPwTjn4GTccqzvraSAsOheSSPvbnFKCZvJK6OsGOROk6C-GEtanGzfHObJwVdvkmRxC1x0D5cXGU-YYOHJqNlsFi2vkWHAO4ncmSwR_nc2VToLq9oAQqtDpb6Bw_AgqpB8JPlsoP5SWvQqlb2X3fAXzX062lRiFR0tbuyFLzj85s3Z8h84429j6UQWzVrfQyTS2KdQGAjtWioD7mW6ppN7uws1x6c-o2dMqxgk6JaLEFsd1tQ03258RW6rjIaQtbsqCgobHgbMtbZ7qxV0loMxzUxsHWNGhLxQDcLv3BTdfpaoemhw9U2cJIrfGYLD_i4dBNgYbWfUpkwEZDQt6kMcdu5jOrbS8RB7gdDd5jWOZ5ryAVGJu6Ve1ZSRipsubnNEKENOG6C-czOPUJ81tP93IRoRGxLCLs0y1q1nIj3gspAjRw6C0dEiCP9oe7gv7oO8Z4AoNVx_FZLBczqP33aS9VwXNNqs9XS9sLmUWzdIeNmV7rlaCJ4UuIe6G8aMCOXO6xh4ER_XLFfb4C2Fbx_7fjvlPb7QJZKcBgo7muI6TzfckZE1xCEvMEhSKl1tsO6Ch0qa_8Fg737AIndxrsUlscyi9iamouZwDcpMYCtVbm3eDMNjVqACF85HT_Ngtz9Na3-ES-pErIpm0mHK7LgNG0xm_455NwyQuAAqeXl7G3UAS3biKYeAixs3k8ZhBYfWR80abJESyJ3AF-Zd5mFeD5FPx_h0jTvlaL8gr4NkF42a94c5Bqx5Z4cgXr-hvmE3Y0nLqD5s8-ISHDFKp8621viasd-Yl9F65Xv3ocqv17X9NoOCmTJz88XYygyc0ymxqNnKZewoSQzBXjpHxBD2oINqFlGlcJWjCYIwFiLjCdcm4q4ADzk9K6OI4TSIqbuDqb1TT3bCelR5rn89uKq7zqXOEJmLUZRM91IDlJfUAfPvwcTjp-qaxQcdsIm0rddhr283k0n2fP2iXAqJNvjuvNiuAfKvZN2mEUtLujXKn_-pmTot5_dxrqqskSkPnmVGbp--4rQ2T-gwKWmBAWLRhcxJ6OSpI4c2BFFf0YmlQcFAsCC3aZJYbQ6iisE8XMgIfoa3_xJEwLWkJluAri-2LPjBLyWLVcdbj1DJeFdyIUrON6g3uNYhOycKIXeSxKNQv9vHpoJIKWs8n4Cwr81yys6Ltnb-rKCpB04KLE8zgnEEsYlcNfmd33o4XMQ-UxxI1pTLFdWRTyZTor0khbaaRM7MXbTequ6j6KNMJUjL3In79n5fV-ZcIbg7KEZ2NZ_RSUZSnV9UUEZcx7K5Jm0kINsraL7wAKhBJOT36wdWycoWvzxnYHMl4VHXU4BSLsUw76klyjnh5utsTO32hj1yRNXmfI_JznAUeDAdlwpgKUWMxYoWGZSGr_rL8i4JE5JksEVKeBSSyZbDvh-j84DcoMJLTzXoXdZgFuklHlJChNsf2oZ5lPIKPwMb6wJnI4Hm64GV53O72gftXf3HhRn1mtm1BaWUlPu-tumczX7WX3VaEQjU5AXFql4CmY1F3LPUflH5HUmrfP93XS_kN_1GLip-hDzWaHNgROonwVAWvqoRtJpzpPiqOPDc_lS50ytUCk0iF2VoqbIr_MumBvuw3qPY6YTGwtHryfJ3D67LIyra1gAD8RHzGp3-W5TEJSNRhEGjXLh2hHmAyY3RHn7FdU-I-uNkX6oXU49lfZio3TgTsRyGZTgNLJGPlpgQnA_5O1-nWeTbNJR0MjcI6-BSvWIW4OYhjm17ffqpGhzAM5zIB25tzl3I7UCH-ckVEBC8RRHvNNDWtN2ydfD-ShDcF3ixffMIgUey_zsRGnBnILrjO98bmbp4InVyOqofAtBsscZlJESuB3CUy6i6_67j39VJBOQBePh5AleYZKegVBVkjFprsh4mGizQGpFEpZ_v3cjKMmoyU19-NfLIca-B8nwDFDwX7QfU9BIcff_mooy09kpLugR82sT_r1fntBIf7pd0lVQ0UDNmxBPK0aWFFDj7vdQdB0AHHBp7IstdKBE-ZqD2OLx6lqk9ekpCx2r4ZW5XRDssiL_ePqloy3FkNY-3zERFQeP5-k1_h2f6qOXrPeGDkMChs7InNSt1dROuhR0y_OXtPurXc5fsSdw2FblU5gH0QSRh0UydWF3apEa-sEoMM2Wc9kieQR0jOKRk5OAjH5pttjh9OicPvUqZ5dwiMkez8TZ4kHzDvpfNrZ9yxj0dWMYUEKROJknymuZl4FgAO8cfI6Z5jSgUgAGq5uZ_YgkUsPlrRGnEpW2XSv2fGJnmDfc004l_T0drgAwD3maENEO2ol2NjXjmsCh35jWZRkzxjeI9elbAKdb818XkB7pNek0DmoliUy3vzlT9_2ndfF1iRZMytVERsqDmgOnwCb0_q75-KgI3SapxyIsPMMXKQxWJAJwC9m2EgCxx8pQrmRp_A&cid=CAQSOwBpAlJW7K0BTd1R7DNqprW6P2XQmKlu4L7zgwiI56hsZlcc3K7kkt3AJLI80QL6mOCCAQGgWjO-acWpGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=8312018398775045000&adk=3661671305&idt=132&cac=0&dtd=101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0509efa58dce7c40825244075f4ba03dff2a13e8930ad4f3dd7cec760a08911
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39046
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.2.7/ 		125 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.2.7/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81f5c6e1abf8d3d9a30e2ae804208b24e57fa5de96856eb8a9b8f61312e9f914

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
3845
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
35909
x-served-by
cache-fra-eddf8230082-FRA
last-modified
Wed, 30 Aug 2023 09:06:10 GMT
server
AmazonS3
x-timer
S1693390226.699662,VS0,VE0
etag
"f239c302054dd1e219afc4ce8e59a8ac"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
ZOgvNeoLBuY2mNqTZdheLcV0W8ryx1lplzTiFabBZarw8oEmG0cdeA==
x-cache-hits
134
feed-card-placeholder.20230830-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230830-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b081f758eb4f787016ce0140a615934de59a34e01843db159c37bfe059440986

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
J9HPV89nAtyvH5O2JXJ1ZIx8pi9UFHQ6
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 10:10:25 GMT
x-amz-request-id
FKCG3XVRKHA86B8A
age
1406
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
GCdVNeEnofnCvdFdfBbq5KxGeI/cmShF4eyS+hA79tr2SQ9GYIqEM9xYoYBtWHIG39PumOnptSw=
x-served-by
cache-fra-eddf8230082-FRA
last-modified
Wed, 30 Aug 2023 09:47:00 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693390226.701035,VS0,VE0
etag
"1dd6db2f4613383b1b8ff9ac985bfeb3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
47
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
2775
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 10:10:25 GMT
x-amz-request-id
CCG7A4WVWN5WJAVZ
age
55
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
TBmCggLO8/GElgFPb5rvRR7gHff4xRNz3fdHVeMViDUfwUB4CbODSlFFpnwJ77ZBlNCMfCXQR04=
x-served-by
cache-fra-eddf8230082-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693390226.725880,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
17
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
78
userx.20230830-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230830-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c7f06d5926f4da53559d7f0e3b7db9c2f0d1ec51884459c31348a6377903114

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
C_FbpQZhuDFJ0WmyfSe2FAitKlQrCML8
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 10:10:25 GMT
x-amz-request-id
93MM2PYF2NC7PEHC
age
1378
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
wSrWrXDrVDFqIII+0va0QqzvkToav9RUOwC1DtEn8ubFxuZtZrW03N6M96y2E1WxdLTMGuFuBLA=
x-served-by
cache-fra-eddf8230082-FRA
last-modified
Wed, 30 Aug 2023 09:47:27 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693390226.732078,VS0,VE0
etag
"84d9ce4f7b76fbbaa632ca2007cfbd42"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
7
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
924
distance-from-article.20230830-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230830-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03d3f85197360e4684f26a00d33541910a8e4c157c6372d09e41994ad039a727

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
e1dntQkCGj368ieGsugwuBP41xOustoJ
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 10:10:25 GMT
x-amz-request-id
391PGYWW2R3FCHX2
age
1413
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
rW1+vJYJfpFchcasaCVO3tzbPsU0NUSJVUQ684m3YpH9e2oLQMrJf3JggzmyW8LjzEqEvGbA+VM=
x-served-by
cache-fra-eddf8230082-FRA
last-modified
Wed, 30 Aug 2023 09:46:53 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693390226.732932,VS0,VE0
etag
"cb56702a02ebfe9bffe0f6bfde907156"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
62
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
3152
article-detection.20230830-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230830-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32ba30fabef8a3646d3449ae6e2af4a6fadd893988410fd1ea78759403cd5f81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
77NzeFwEKTkuylzLE00n3IEMQf6vNTQP
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 10:10:25 GMT
x-amz-request-id
2V7B7P71F1E190CM
age
1417
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
5V6zKXgUqirGqiC6TNgS32hqtA4vVfrENbE6FiE7PCXrM/BvbQ1XC9zBD4NQE7hU9IjINHUm4Xs=
x-served-by
cache-fra-eddf8230082-FRA
last-modified
Wed, 30 Aug 2023 09:46:48 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693390226.732914,VS0,VE0
etag
"9309f5009e44992979130292dc6600a2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
90
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
3171
abtests
am-trc-events.taboola.com/wallail-walla/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/3/abtests?route=AM:AM:V&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1693390225783%7D&tim=12%3A10%3A25.784&id=8683&llvl=2&ri=57c477b999e6ed5f68883891521f8bc4&sd=v2_7bfe04bb8f3e9b7bb5c33d6434fab8cd_c2a480cd-b473-488d-98cc-424c45b354b2-tuctbe89b10_1693390224_1693390224_CIi3jgYQk-FcGIT5sK-kMSABKAEwODib4wlAhIoQSJCt2QNQ____________AVgAYABo7Y_QnZX90qfAAXAA&ui=c2a480cd-b473-488d-98cc-424c45b354b2-tuctbe89b10&pi=/&wi=2990753527669053458&pt=home&vi=1693390224516&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/wallail-walla/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/3/abtests?route=AM:AM:V&lti=deflated&ri=57c477b999e6ed5f68883891521f8bc4&sd=v2_7bfe04bb8f3e9b7bb5c33d6434fab8cd_c2a480cd-b473-488d-98cc-424c45b354b2-tuctbe89b10_1693390224_1693390224_CIi3jgYQk-FcGIT5sK-kMSABKAEwODib4wlAhIoQSJCt2QNQ____________AVgAYABo7Y_QnZX90qfAAXAA&ui=c2a480cd-b473-488d-98cc-424c45b354b2-tuctbe89b10&pi=/&wi=2990753527669053458&pt=home&vi=1693390224516&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1693390225696%7D&tim=12%3A10%3A25.696&id=9793&llvl=2&cv=20230830-8-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
privacy_small.svg
static.criteo.net/flash/icon/ Frame 4BA3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Aug 2024 10:10:25 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4BA3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Aug 2024 10:10:25 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 4BA3 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 24 Aug 2024 10:10:25 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 4BA3 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 24 Aug 2024 10:10:25 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 4BA3 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=jv4FJQkIxk4bRsCYpAcm6mceE9cXs_Eng54IdJcWrWUfeIuXAYrqadwKG94ef0btYJaMJMCFnJ5UoVY0QI1hoHZ17gZ7N_hDDYvPIZfYs-Arub4qjMTq9RG8LlS8_9PPyouEysdWIenI-XQ8m_5xAgk77wgfD82cpTTBravWptoexPYKIcWA59UGS6O5fLgm7w-jW7fRzBrmEOSfAyXpCI_sb-OxnB5698fhXvTZcf_sjiOFW9NSOLCOCISCG8MW4b8jEkjU0fHtHRbPl-pCXBfP_PRn_VVp6p4a1cYgAaIWXAD22usXD6RSqW26CdzR6VCiwfgFyXt1qSZQUKHhfUq5PAElLmAynpJDrR4BIkzlChp-gEp9uS3g-sAbhUe9GWXIweyxKsY8BRzmmG7-ozTn6j-uvAKl0jzd_yLvG8aE8nvA2aVjn2InicppqS_bfHe1jBA3WFZtbmI7-AIt0P4T41A
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2705494
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 4BA3 		44 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1693390225
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:5600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:26 GMT
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
5dRWD2q1EE0Y8wKRic9n4fH877eXy1_5_6fkXvcEIw26H-7lilQodQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT
csi
csi.gstatic.com/ Frame 885F 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~llxktgdx&c=690763233471&slotId=345381616735.5&ghmsh_eids=44752711%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 885F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=1018958856&message=vl&sdkv=h.3.586.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 885F 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~llxktgnv&c=690763233471&slotId=345381616735.5&qqid=CN2v2paShIEDFT5B9ggdt9oB-Q&fb=ima_html5-lima&sdkv=h.3.586.0&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=1&itv=1&faa=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 885F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=1018958856&message=omo&sdkv=h.3.586.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 885F 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_eLZkRXvZJ2jC76C2fcPt7WHyA_r0sWTb9jTw8-JEb__uePXAhABIJmjzypglYr7gZQHoAHIx7XyAsgBBagDAcgDE5gEAKoEgwJP0CCLUmZPeZRklsP9H6oboeyR6KGgn5_RVLWAEZcy_ZGvG3dRP4Ggg7PkmTbzBAFORhayJ5WSlGuNHvWMrRD7dtDi34fUOhs3G26-0DD7bZ2jWQ6FLbodSw-4sMrbuAVgjnJglOBDG4bfUfwmV9j9N5XrMmnG-9pXY6BM_GrjGZ9BgmEnXINe0YaItFcRZT3pgFi6H_ZHz2xW3BLoLuD7bqPppiw1UuLWVnQnDolkOHrZTxIs1UhxK5359QW179CgiGhh4zBGuBDHsA3qCep_MH-kWUqoE4_Q1FfpRr-cejOPNUBVDjzpdgjQawlW1g0AwWHESm1x6ifwFnuB4k3dkchywAS7tLi-3APgBAOIBa2Xp4s3kAYBoAZOgAeguMqNAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE6Ks2RHQEwDYEwyIFALYFAHQFQH4FgGAFwE&sigh=vyPhfcZaB2Y&label=vmap_ad_break_start&sdkv=h.3.586.0&vci=[CREATIVE_PLAYBACK]
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 885F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=1018958856&message=oms&sdkv=h.3.586.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 885F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_eLZkRXvZJ2jC76C2fcPt7WHyA_r0sWTb9jTw8-JEb__uePXAhABIJmjzypglYr7gZQHoAHIx7XyAsgBBagDAcgDE5gEAKoEgwJP0CCLUmZPeZRklsP9H6oboeyR6KGgn5_RVLWAEZcy_ZGvG3dRP4Ggg7PkmTbzBAFORhayJ5WSlGuNHvWMrRD7dtDi34fUOhs3G26-0DD7bZ2jWQ6FLbodSw-4sMrbuAVgjnJglOBDG4bfUfwmV9j9N5XrMmnG-9pXY6BM_GrjGZ9BgmEnXINe0YaItFcRZT3pgFi6H_ZHz2xW3BLoLuD7bqPppiw1UuLWVnQnDolkOHrZTxIs1UhxK5359QW179CgiGhh4zBGuBDHsA3qCep_MH-kWUqoE4_Q1FfpRr-cejOPNUBVDjzpdgjQawlW1g0AwWHESm1x6ifwFnuB4k3dkchywAS7tLi-3APgBAOIBa2Xp4s3kAYBoAZOgAeguMqNAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE6Ks2RHQEwDYEwyIFALYFAHQFQH4FgGAFwE&sigh=vyPhfcZaB2Y&label=show_ad&sdkv=h.3.586.0&vci=CiEIAhoLQWRTZW5zZS9BZFggAyoMNjM3NzE2NzM4ODkyQAAKbQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSADKgk1NDQzNjcxMjEyCTE4MjY0MzY3NECuAlIyCLQhEA8lAAAgQSgBOgd1bmtub3duQgd1bmtub3duUABaEFQwa01fMl9QX01tZ21EN18YAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 885F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CNkrSkRXvZJ2jC76C2fcPt7WHyA_r0sWTb9jTw8-JEb__uePXAhABIJmjzypglYr7gZQHoAHIx7XyAsgBBagDAZgEAKoEgAJP0CCLUmZPeZRklsP9H6oboeyR6KGgn5_RVLWAEZcy_ZGvG3dRP4Ggg7PkmTbzBAFORhayJ5WSlGuNHvWMrRD7dtDi34fUOhs3G26-0DD7bZ2jWQ6FLbodSw-4sMrbuAVgjnJglOBDG4bfUfwmV9j9N5XrMmnG-9pXY6BM_GrjGZ9BgmEnXINe0YaItFcRZT3pgFi6H_ZHz2xW3BLoLuD7bqPppiw1UuLWVnQnDolkOHrZTxIs1UhxK5359QW179D4ifqvcKo7KqNbUmRX65r8shAU2w08vq5HUUrJTAOWUysnp9o6vpwuXybI67jj95qPYEvoUtzYEE5NAbyTH5KfwAS7tLi-3APgBAOIBa2Xp4s3kgUGCAMQAhgBkgUGCBsQARgBkgUKCCIQAxgDSJOWdpIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAHoLjKjQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDEpx4Yv5f52gHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsBsBOirNkRyBOSyKoJ0BMA2BMMiBQC2BQB0BUBgBcBshceChwIABIUcHViLTc2Mjc2NTAwODY4OTU1OTAY8eYT&sigh=7wnB9gl7rQo&cmd=Ch1jYS12aWRlby1wdWItNDQ5MTY1OTQ5NjM3MjE3MhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&ase=2&cid=CAQSOwBpAlJWU1ebusf--KA2sCCLpp1-l5tMZAVQX03bPMOnfVd-e2BGdVLT8iAcHxA0BBROlDVQL1e3pfa5GAE&vt=10&sdkv=h.3.586.0&vci=CiEIAhoLQWRTZW5zZS9BZFggAyoMNjM3NzE2NzM4ODkyQAAKbQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSADKgk1NDQzNjcxMjEyCTE4MjY0MzY3NECuAlIyCLQhEA8lAAAgQSgBOgd1bmtub3duQgd1bmtub3duUABaEFQwa01fMl9QX01tZ21EN18YAQ..
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
v1
match.sharethrough.com/universal/ Frame D915 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.139.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-139-48.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
smw888.gif
us.ck-ie.com/ Frame 1DEE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Wed, 30 Aug 2023 10:10:25 GMT
Server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame B94B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7860312822803&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B94B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7860312822803&version=m202307240101&ct=76&x=1&cor=2144809379395157000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B94B 		104 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFTBT8yXGo1-goiJcmKa5LwityuDYKRVtd4b_3vw84QUKd5mOMj4AaoqNerd0D7aQecgMlqYObmjt94DKcHwZpsxrPO-idY565IlTuaMLueQ0DLMBwdhlVRP1vs_wr-5Q9Gstz8GvSiLKgqrsOgODX7wVC-LOOTUJjZrCq4Q6E_yWwinI&dbm_d=AKAmf-BgnFuP07cFI7tuaBDGtHlGlCwgzuyZiLwBXckleBriKmVaj43mCLNpkB5nn5LEeRmoQ7i1BoSxtwLyXtW8cVnKKr6Is_5d5XO6DNm6UT4QsBermUJp3LMNG8yx4I4YFZq5S-adWXEZbdoNrQl-baCjolPjnxopIwLjWyCd4de8Oua_eWMEW77DbA9_EyIEMMS9cNkHepViiWU-A6_Kd_9Z6349F4IqqryGZ4u4ZRaQoGSN9ONvVG5hbEmMPdTL3Pz-EFg0c9SFdBNb15fOzOpSAwyy3SgygDsAW0LunCP9V7hxHAOnI9p26fIPn04sqQ7x-7x59EdEo0DQ2WUfIjYo1vuksJQ--sbkRtINXG__fshkgtNwW4pq6qRgqMaj-X5cA7IoAH-oXLxD6iIid87gcTZpAVce-PLNZsYG7wDyAXKdeyBQRTsOGf3EsgONLm8zb3iQ6Cn8OhjPAJtDO0NnsRH3lNELWYS4Eds6uIdd1Jm7wOX4v5nO3dBQFxKoaYh3EUQtLIcSIfBd_OCP7mZy3v6Rg88UgsFMBIuqTDFDjLA_TGX8t0KcOpprKfbNO_6RW4OS4Qf7djCPfzM7WP_zOesqr-GErmADKF49-pZZHjyMSmMJMnLMwPJka5VYr-ScV6VahmNUlJHBjlOgFq-Dxs1Q1si77otOtCIjZBOPaVSJCsMZfL9sWs_VTg-VIA8tyAKSTOwYovMxmaO_MZ5eniQy1SUx5nl1PfWcSIB0TioCwN4ZC-iJJYpXVD1iKQ9lpVSyRp0oMeANdRxKoIBrIim4ht53opVjdyJNEmnNqS_1K7v1q_D8Ey7rpE73Rh5MaCfEGrS1a4Ka3gLmUnM5x9qTvntKCwf6tA_2ner7aI89GyKxky42cE5j1Bx-lK1Hkk3Pv3wKUZrRKz59alGcAyNGl8y8Cd5i8UvOA7v1qARyr-SLKOBThNFFJj-BASoz9dlncb06h4t37ShvxoZm2UJzddXoef97oa-eF18kXsFK1oT42xv_divUSfYpFyPFlkciUbRBNWoZ4zu9XrsoU8L1LMQl9g869mxEy6GMTouiAT4wAFfQs7OcTVNBJ5n9JzkkkEYe2YIom_xxysamtT2hPvkLKjztVYU6Rh6pmFpSy7hUoZ5qid-8LjHiTyq-JRUyA8Nrh-cpTNviL55f5umrIXdl3SgycMQID3lFMuIVjFosQ94u_DQQQOivR_MUXTNtHU6DTKNmjnqI_819Q1_0zW5wEeJwIvXyqbXX6pp4FUz5p64YPGk59q33l0uon99hGSnB7bfXHvN4CQzIRs8lDNgoEPyIHa_Igoqak5hIpxq4Hl4N7tv0HawwyyUYbLgq0x_q6Bk4-qIN7fx6c63KThweEde0X_YIeAxnZuEyA_ZXQO-hgM5YYfG4IevNscDT3cj8ZzeuMt6iMjcUGV9aPwVALqKPj6DuL_UDyjO0_cd3diTnzVW8jVD9rINIO8wzjTaCEWJsWO5w_8rYp_Rrbf6gpEVgGJkzy7sZnN0f0OFaqgptEnW63FATXgGrm9F8xvfKWtO5gwdHywcB0Ags_S52B9qvYRmkCrpuDI8VCFpzn8z2R-pWhnIyMs5cd-JnWoSXecuzLrR5aE6jVnnOlTSmc9KQ-ASjjLHS2JOXQBvvDb0II-PmY2tMb_qtuKuMWAL6VmB9u7Z1j0QfSJpurjaFNGAZDBcKlJgP5-SrDTb6pMHlsWvA08B9zl1pYiqicvLskkBNH7CwDytw2xuVFWoUmKuz-j0kmCP7yX3Nn4hM6cvrcOct765rCnQKhzIIUru8ga8AIEH0RPX3904nPgjKRTfcu8SJf4HjVmk90-9AVtlaGArARsmiIXUmno9AyZDSuSX_hVjFKsHfKOVDx0e-YiA2IH3ztB5agLP_Cb2TRVkyjvR4xxn-oABTolDPlQ3Lwmk0HCp5o5vyuNsXuMEQuPIjrCiIIlsLsfRfCY8Cew2EQT_85sbGLXsNZj4RCobE9vxhPanxZc0c5y7osvNtvoL1I1BQGyudUk7vFF0B9BTnZeA7L4YBsa4XhN3NNEZFwWfyot5Vw8QrFGuZU2Ua7h_e45Ec5H2AUcfhyJqTys3kwwwEoGB5i5m2Z91oZ6pz8dNYkbVLcAM1J7AUcNrxOX3wQMWuk7wKDH8RVS41KMv29MGMICZV9WomS_6_rS2Bajt8jyepoYi-GIcVpvZGVr3aFMTrGwVX9G6ZIttkQFOF6k5dHjArOmltjxeulZ7x5RpwTQDMg-nLu3aK_juvJG9Q0oKqWHPQpH5fdB1qkgvUv4AgYYj7wD42aSj8a3r7Y-nWS-GQ2R8QNyuo08skcCouBrOQBII407NTphBzUubM3LqMt_jfiUGNW2OuIjncIdikP1uE9EAB2XgIe_b3O2vMoqX3-PtG6OIVZ_6GshyMKvOlKb09z0yGsSOMjjVm6I8Cr4halFLDeFCoho2kR-5NYA_8xuudJnXQzEetBKyr1uAsJdlb3Qq1JGUiumfwDCng9zkrnJGVmcoDzYasU4RWTSyAEOxfVpS0HzFvzIh1FGV1YTYhBi-TpBJygdsW77A3j9iEDh2a9zIZcWZmWIrtK4AREyMSX_Fp4Pl_BxFZTRrmBk2HtUJNMZPCjIyEG9_lGbrem4wO_nJfOu3YyCDAC87-jGAa-hOP_EqadE2z5_9L3PZoJNNwkR_tH6XkOVy54_7qOW7CtKQaaZbxatOLur1wn48H4KHJOT86yirYD7Kgum1nxrY1suWjj_fN-2rVrHhMNFQ-6QjIL9Yc_nDGYftCI5f2cETUtVGYW_Koy55MHdxGVDRlvv7UzitG7xm9y8ctMkR-aFFrDroVRSuof7A8MaA6uk9PfpFZRo32ZoDFOV1YWbQsh1Y512J-3fRrCJkkcZBUUxktzicNLaHRheqzaz05fxscDxEoh-XRv2m5z3MIX-04LTujqdsTLlmZWwounAQqDdyTq8odHGTjI2PXGFG6gPD0nz-FvO_SAB4AlYkrz5oDVE9PG31i_juIC87qXCiEEnYEOT5ovAKehbbKejHjTccPPrC5XvvlHitGemDDbmSs0KqWK9MTTlZXN-Co88-nwB97cJVRwSnGfCKK-YzRgwDKhTT3hiHlfC3MMx7x0We_97LTL1XFQCM3xB6uZISl0N--UfmNTP8fmGh7O2D1O_8Hiy92OU2Q6gdWAqSA_ueEECHet2hkhZS5kfkeTEH5c1eDl3L5ojzeI1MYx3w3YQcYx6hA54pvS7ECQNI1uXBMY6mgKYzbGd5H8ij4AnW85poU3rL2GRREXvoxbpUG-kQF7FUS6wrkZdCYspVFoWjXSQ7Klw1qroZ1OpTmDvho8hBbNCMcf0b6o5V8ElbPXrqChVfzwPT3fO3cilyhKfdfuFiPz_ya-Lz95G94wufV1sc6mXJad7x_XxN2HTY6At1MqPiySQC5aT5yOsr514pI_e7jUzKAMHeWY7AKTWlCnHXkwtQHHXXqOijGgI45Clydr7expKRdFTzv3baHYQujW5nL9CLJDewPyEGJcrraSAjvB2tI3_h0SekeNNAMV0377JRk-jIt-OK48Rnl4hQ8emA_kdY6lRXdpMQYLkdssa-A9Ylgr8LjHh3ioM8K_VDHOwNRhF2XYVRB4VQr3iOYLtzUI2v-Xn3TknhV6X7xSJtd9Kwo7w7fVDZ0E5HMW6xA2g5hcoKizGEJlcLOxFtQwpbqmbn-tPJG2K4fidCiM9xJB3zl3jFGZIuiv353URoDVvsDwvMGot-Dbao8W1SslBPko6-AiyVJk-h-0LvhZyBd_Na9pwtnXTwQTGi-YAgxp9o&cid=CAQSOwBpAlJW7K0BTd1R7DNqprW6P2XQmKlu4L7zgwiI56hsZlcc3K7kkt3AJLI80QL6mOCCAQGgWjO-acWpGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=2144809379395157000&adk=2013371551&idt=181&cac=0&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f47b133f092884c5436505dcdcb7a7c1b2f5dc579aa44c567266fcb743af1997
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40777
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E288 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3202967365502&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E288 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3202967365502&version=m202307240101&ct=76&x=1&cor=2554340492466510300
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E288 		104 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BkNUmCfoEIth_rkzqGZdXN8hARCF0mf3pSfyqNzHfat6jneczsLNJvr_r9HEJTkUKEcY5ec_tbp3M9C3idIcmGYJad-xu-_45pa5vQvk2lEmH3DeRab3FmgGX2yEQZEwWfRBurgUQ8NECuHD01sWmY6s6_RMjvz7kO_5W0v0l3GLq40GQ&dbm_d=AKAmf-A1RXSV3gxxfPlunngaxKuecOWbOvWGcwaHltQHR7YDCO62siPf9UrMz1utCKRHIHO_5IU8K6Q7whsT6G4kHnSnKv4CX31XWio9cNztJf9vI2zpLPaFW15l5tKiGU-qrHhWUUaNQV4VJK6irjD1Vo4q3SHZ72Q1oWM1aKZf5TKd96H8poxYxjUkc_4I5AqDCgSOjUThFd7MpvSbNo1yHxtu1yHjR4ABKJ-uLh7NHEjQ-alGjYBBXxQXNSv4IYN-HqL5MdvyaRefqd2j8aEMBIRDYWbbfHRHaibnJUouGzzklG4T62HUmaJZTy-9uKy_sq_ZFvUU8Bf9lTrxQYsYnX_6vkyVi0EkSdSIDw1i6OpaT3M_qS1_rcgromzCES3BYXdpTPoIcHGPJCh0N6XNHC2ETIM89G_JkZXP51EAt46yiaLMcxhCi5ZzJiU_cpwxXIzs-jOcI9TDSjKnmGB53jCCiz7TMAzPdXLoNn2O9FDygpxEAg3-GpY9gvaapEFWvGCZ7Skw5nSQkXurGRX4sFV1wJ-N2vezPmVUCCGBWh_8BiTv1BGJdGeQHeu3QW7nYjJFudqBRT86D5Cd836EqMzDO51wDDAymHpFH2Czn6UAwzI0v4RBlSSuvZXeGt6ZjceEFMLO1dspENs97bJa3_eYYTGEOKK7XPMZR7cxttQZ7m0feygWSOhkmug8dRj5_RvBimxk_-TsCB8lDn-Bx3H0VbL5_bwFok-lb6FGwraq-isJojgZ15nwIRcF40EIdi5oqF7PRtDbw7u898eIjSrPRuvgpcifnyHsPbYQVRaoK3rWIF-oNS1Dm3gwlDmGBTqGYLQlTLGvpNT8z7MtTmcMPElYzmU2FmqkPVVcqqHgxoYcMT1jF3OWwHc48-4UnlhtsUYAJN-MiKWemnuSPonb5JdykfWcdwYHAbAOSg9TO2h8comrhJeb2VzW8UpYuO7-RpzCcqSgcJvf5sNO2ul7XH0MBmQlklmkyVVTbe4TJaOSAqr-jHmof1ZffdrGsb4dtxxAo1kd5Caxld16YrjEAvbNYNUapy63fRIp8zjvK9rQC96jBf_MJ1vcnAeAb990buVpmjmP5ddDGxX2cIfB6uuYT1eH35WnErxizLIoWzJGtNiw3V_4Z5ZhJnQc4XCQyter2WOQyWB4gAu4Z9Wi-0icug4inkq4vfLM0GJwCOBKNQf1dhoSZxcpqD-tHBTVo2VF6PXcSc0jFmTFKvt-XBLpNvFRck2hxewAuvv0Qcw7KT4h5hnCfLyNd6ITYMnQSteP4wKfy3aA5El523BFe6NQCTjQkrafWHEdP843c73toPjpzcroVamlBERcYAPuRsk6Y0R0BYH3CY5FiYI39fox4pPYFpbaMYxiWpu8cwXCE36QPG3DCTSe6yq5gZg5ui553HABUcRWt0rZfuBag_yXuMXTNIvOO73mq0t4esWnGNVgxoiC-9Z4eIYTCp_7WlZi6qWogsw6MqoVRiCHHS4xbopJPftIAkqwd8DultibjmWO9Cfzl4QpUpP1dyU8ed-xpvaPoEBM-URWaaxcm_5lCnd_LASddXmtlwCYLZ9J2o8wOkqMIsF1sVIdT0uGMSY04aXSJ4GtrRfvpGepTiVDzoyhxyc85zzE3e_V8GVkCdtG2yHXgC1uBws7fYZSHlXfxlKGDaQlVJm45M-0nMM9M-n9JmfjYhDcmy5tja_HPG8UYFP97rcQFVMWHsWmsMGph86rXmY00xuOiVXmCVmvifMou94ySAw1ZQiNjDG66CsSrdGqJbSdJHHMzlN1-fiH7Cb52ssJlFi2DJdSZ3MHR8v_CInbL10Wir87IruqU3EM2PQDYqMuLz46XgMTtt60DsSYpTVNt3N11C2jG2wAE2P2bM7HJIM0LCV6HKeXljJZA2ianl_serssETCKBmJydK8S79Me55mflhLIqAQOLnPLLC-_uIIhgosloITWXsG-GPDcPpblgM9JfgQyFv816PAz7eq8J6-zB_9a0nGDR1BsyuUIbXZuNJF5wbvUI_6HSqqDgaMV57ABA3zXNBZHUMJkGNsYnuTRLD5vzFvYT6hIo1cAIEOKbWly7XmqMM3WoPFT3r2KHBGyrkfVhF4FCHZl_LNfhMwHo53epRE8dEcZmKEitmOBhhWIqg3WMeq2JoRSzVcJ5ZuVlreGl_kPJmfhGFTlN0o5pinUofx8r5qYJMAZmaR3F9DOU0GnPLBDWWxtYaWrVhcYBzlbWwh5_1HiHbOlYINzJRtJL4LdSkYVGo_pqeLCGPjL69gRHDALdz0Y1NYnUO6EBUckB-P3uuZy_1ZlueqT46jkN7KE95N4595b-crRXOl4LvE0gzBePrNd33azgC3X9CRfycTfoPPUYq2k_e_jXK3NGmroCFw7fZprR9BoLAk8UonyLYuK0gHK3EyQOm5TLKezJMEoGJ8YcvL7xSdFmY0qCgev9aIldmHznVacwyPybqVlAzmTaUiXhuZoFooJzbwjK1JbD4T5QniF3uA6X4HWamJbe8PBOOW40RSEp2mJr-UVRqv9HsagIxTilCF7k3wyPqwY16739Jy127vLqAvNuEQKyQUKqyaeY2Hhy7J6qxwis909dDiPtDaHq79x6YZDU3lajuN6zMggxkbTjqRIS-4G6RMBNHNMBfoQYHRe9oQtxuU8JkF63UjCYyTL2sZ6kTgyDvT4N9bG1GY29Xl0_SeTFyTW-ceIHvL5dlCWH1oE6qHB9px_UMSXLlNOe67RhwctVCSRgi5rhEMPSwqREiyujr4fDvspNCukUWbVOTrupLux2y9H3YIxzrKFcb1nTCCUAFVqK6gLwGiu6oOUT5sZpU3N-ny9ujUf9qxtWyIfxzKdbxfd9rsWPg-tRSloyjHUUyympad3owMnjzfvCKT4HnVjGb20jgmPPnzHGUvfbIlyA80qvLhGkVd1lmirY-CREuSxLBa3FrMrhnf3Pd70TYJPNjmzPxP3C1ruB4pRTYKWZ4kGk88Sz3vzathqSAOxSYyFmbeonge_U-j-rb8RZS-PnvEpwckMefpfpOmy2lAshWAN_ZqKoPYspnKBBAtJqnIbAxMaic89KGgAeyG5rEK1Y6ynDIoqixPfFfpw5EUEiSsQ3o2cXINpYzRP7ftICgcgvx3QPpdXRTUuk5ifaUvIMGK-u3HlJ_Lbn5wGR8QiJqcR6Xq7TTc7HR3PmPXrXMP7mzaoe1GwpzOHuIUAN2XFCeZ1K-8PyP2oGQxoIxoWFbEFUasAv3uALJ4Y22jUR9_w9P7m16q1eKlce-jWaEze7u3MoKu_Fk2KToiXAV3TjkroNpUCiohWrRLljsatJl8FiuVuExO_CUiRP1Bsr0CNVgkrfkIazjTAJ2bqJc6S77pc-6mawIfBgZ9pstrHdJjz4iexoA-tu-O8_nK6uNXXJ-5z40ZeIWUvSCX9H_EEFh1yWNxg6wHcY11MTbBBBLiAAG1kLGKjRkTC45e9qSNPSeHX6GRrtsjDaP93_rLQ9u6KynC6eEzt6Yq9CGUBJgN3uobdQNs5KInQLeNL8ZENUt51Cgf4SSCxUvrSqeniZHGGYWTiFRRUMpb8K5Rx_Ra9wciSj5plAby8-vkcReO5pR-EIgYYWmTCMfCtY39gbfvDyD01tbykplPwEzlpcsH6DUy5mhGCaM4drx76YndKA8iR6p1Q3-P3FYjUScrr9xiL1nqjKHHh4HzINAYqQMa6_nsUCXKKj7wNpYkctpajXO5me1rYvFCsye1belMhwEr28xzPzQSDf8qn8fJ8efGdrp-NU_rIRz8v2pgzCFpNyMrzxgVp7aoj9m2RzrY&cid=CAQSOwBpAlJW7K0BTd1R7DNqprW6P2XQmKlu4L7zgwiI56hsZlcc3K7kkt3AJLI80QL6mOCCAQGgWjO-acWpGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=2554340492466510300&adk=4020099329&idt=174&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b71e96dedafb4879e37a2d99ea16c1ebfe856a788845cccfe29c377fe9a0d275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40813
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8DCB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8662449538355&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8DCB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8662449538355&version=m202307240101&ct=76&x=1&cor=11278931248339397000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 8DCB 		104 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_CcL4mLAZOiPBkVJKBSeWPAqAhTG8YwkLKKHcicG6s2qYFPXfiBEBOu3wg6OIPUlAjsHtE9RBOUb8L_4m-hcpQFI_crkl3d20-N5qtm-inSjQY2_uOpxzvL-9yEuV9K3j5XditNWVljFrAN4hStj8wAc1n49nVcSWipEkhUQIQGju3rM&dbm_d=AKAmf-ADLgIIvD4m-rWviR-cSg4ly3B7CBTnb2e9I5kuXD-JkRt6XkgHk31t4TAET20bDBVJC8UwqCR2PfhebMrUSU1i1V-zvotxS_1_LFwVjYHvKuDSk4MhMgpviSV0K5AIuKV9uyHyyUGpNJTEFjR7qR7p4c6MFt1gGRIWjZaWDkOsslOTknnGEOSHDJZk9OhMKbWyn_wukoHypBqGxcaza4xEo6IRakMz0O1wFKVXoqbQRDKfun7H-DRYYNt2krXef3LS13w4XxRjpH_Q2RU_V72Sc8FP3QDe022W9YTJ_rb1rnQ4hsCELX-lkmnCDnIun87ZIrxjQXgNGuiDAl_S5J_ZDsomQHKBwHWAvH0CkL1NP4owtbCoMpE0KlMhqXCi3RErI59OT-UTT1RcRZc4gSS_SrZPSZH1lta1NyM6_aR0fiIubGqvBNsWEOBxN12r1kmQ_G5Bra2FMIlJLZZ7RNCQgDiPQ9-L7ScnjdVxZeXIevXvM8RRYz5aleOLlb4SF-NCbHEebyaePZpq8TRRFUBgmCCgs1h1_dplbMS3JAWJO6HK1hjiMshHw6s0q1gGle4GRn7ibFKhuRt0PltkKh3S18nd8eT0khhUL-9dysh0OHljsekxXI_K4xXrJDFzcBHQiE2arDICDn6MMUvup4R9DHsS9IF9LXV2J37_ATMkgwdpYtMFwMfOvry_USiVLb-KN3DQ9tzo7Adrt_mYlHv8lSdCT0R7cit15Xz6_Dm2V1gBn6T-puhE4soCz4cM6fS5VTMU8BoDcud5FmS0QKETRoQfnirDT2w9uX-rRG5roAOmvQNukRLQWLG2rhRfVFP7-uXd7d4vTnhJCrjVwo5eLG2buvSSCkskYpMQy83mcOlCkyPiDALbGE6XPlUULn0dcS76pp9Xu8SGs2N8TyiMvhoYgATYU-qmMnwsP4UFzQiFSoSZIlJx1b6e-NSL_Ju3acdpknZBFCLYCq_gVb9ABW1rRZlHOCH8cCF6eWlgidd1BG-4dw-Zp3kdptTWQlHbQ-Z3WhD6DISV1mtyHabD58uWBr4eQtZ9O_N-Yudk6RnWpVMshk9fHFhFA-28ktQ8gjrRPQe27qHK3ZBPa1UfJgn9ZZg1YrQovNHjZywEuNG7V5lQWQCunjs35Iw-elWjU8V9Y5RYVd3hr6ganysBH4eAv9wsZHu-Xb1GrmSNgm8dJPt0fsW4RDF5b3xk361pB_WMHjVpR4EY5qCMUFT5klF7Speommpur72io-E_SYDeAQiNMwyKGALXyOUtTmUv4iXTx9lgLewDzpAu06Zkw58Kn2Fc3be74hh2Sv7lGRyrkIZtZxBYaxvX_1dS56zlu7ws9Tg4sQI01GM733OPHXTKGP76h--THBIZQAQMpOZgwNl1oZ--Ira0WJlVNx-3x0RCYd7Ok5KlRn4Y9zx9SR8JbgUCL4HqImTrdw6TkONkF4A-RnP-FxY3NiOZBoYcEo6TMyIL0oU3DLjRpumgmMrqY5LJJadENOoIqIx9sZGzKb9KMU9plt-pK4ajcDfaHReBvgm8a6YGy5KdRvxZjpmGq0hz-K_z0y5oS9W14MWYQzQMnNc9E7lyOdScvQX_LrMwoH_PokPcUXJLK5zr5aDOUiadWoMmfOs73wg4tUx5iZZfUFcFcTibtv2My6As4xmfVNWTbIWq_WihJTD2PmP2tiGG_D5V-HA9pxuok2llrF7hINgKO4X5huptaUOORTkCgg-mVC2WtdhbWFO4yjCQThO1tPULGAvLcJxIiOQ60yfu6vJz7CApIuPEOHaehUzw1b9dmUTUhDiGvJTeJSYIYaTtCQT6bHEbPfq3q4QL871Oj8SJhrYxUVcvkLCBgMwFGAbimh4NBLvgMMjXY2lUW-U9IWlLdMslLk55P4SZX9rQeD4pRPOk45P8uaYonXZQca3nTBEu1Hm2hHPii_AbRZXkgl2qlxExVbRrL1dkuM-F2hFxsvuBevPDGkkGMaIrl5UW7kU3lz9EtWoLroshi5uRyWuJZSoCOOzbehWO0TrN1YBkNwc78StYHOG7ahWDDqScHnHvdijIdOBwRzwSd6HSJZTdbFU7kMKq_ZeapiZA2R1oNnvMROHtL7l8xVD3OzBHzVhftYqe4mIL0Bbq053d26bR1nVsKiNReZj63-hFvf1l79zMh6eNgvNYlSYRSZI2owpiDhJPhtsxRi8Hh44I4hBOtbOsE0baVaIor4eKaXUPTv5_fhrJ-qLMFUtfKcQcUI8ZU-D0K5d7ySk7ps_o5DP3-iYZrqVunQwvimOpcXkdTm6BH7b73x9NLOBB6J8hbZ9bFA-Qg3PPPQPWRjWARRrKYHvXQ7CEqE4SEZyDedpLDBWgA1AcnXQYgIRBKOQUcqDkpugMVltzWC0UG9MfIX4DCi8DIUEB3QEbfdezHI5Kmj5oVTUu5W2QcP7GODW62bP0eTzvuUgbkuZlXwS_Xr078o-cUupkyScmgLTzR65bI7qzryVijQ39PY0phDIj1Z2BoPBedT8vINmppVfNijbYIdnnFTzy4QPDEhcrdPuLem8q0CelfXxRI_UOWkK62R3A4GLC2S5c1YeJ3Sh7soYbTCFT0xOn975rmg_e3zAsTk1JmSWkA2nHmfiHJit-ObNwwcwgCpsq0O2VeX-9rQzXiFbMYnrGUwVSyZDBORGpYK4T1_F5NNevN5gV4nrK2yfHHhVL61Qf3ZthgxMxVDDMVj7LyBZpoFu6RY8z6qa4mMuRCiASQgPrhZqqeSc_ceTuarHVLDyHAWWkV5mSkrRhp_fARY119Yq97KU-6ww9osdp5G1NZLB9e-osdcYyARjJXcHhFi8bt1KCs93OgyclY5ghy8AgwnuXhxcyf-YD8iMsGU31-hEpbFAxq21_rAq2S_GPE371wSbEbA7nZRv-IG34g0BfTkxpulaw7IaveC055qGrPzJKg6v2H4A93zMSvR3wm8Qje6WBFE2dTPHt7ax5QqkMAMhrV4ATDbAdzSRK6MhNMHap5Z32v2DoAWheuiWeJm9UTvnC8XZLThNPibCbetFE-HtImrxxgq9L4z7v9Hr7-uas1uWheBzWN1sZ6COWBINqL4Eynl6gKYg-QlbvdygQsH1hTOvCNpQPUWW8JV7FT7oqj_8Ep4okRsdKXG6QNAuQ5hK-j2TsuZ0jTPBYXvW_S10VOC9-C-JpN1MrhO64Wbr3F0d2qaGBOyTIcMoLprAWzaP3HhhhZPlKcqRp-mmlTN11HffQdVp8b-UubPRVhT2N19JfyMXjv_DXk3g8B96-GWHfbrLuWuRp5k0jt3VR2ZJnpRR_KHSkc2dOh3Bjo_asMeGGA4HntjeWfxk_qKMx0VwcjGUfGVPxPqaYGGVeBeTMXsElbiHMYF4SrzkWJ4ffulVL1q2ruCGGIheeqIHRK9VkeuMYi5JG-6Suf9oHZ3gViahhY38aoAKvmfDVFWw_6lsItZ1U4GJSEyJL5joiHbqQGig7ch-JIds6ZomzL12HJfluJaTzk5GK6EPHBp8rE58TZp3UlDhuBVySxkSFdhS6AfWCXdUhrBbQWAJvH1NUIW88Wa0WhPHu5aQPToYKVVg98IYO2rB5hXWbC_os7xZy5_myggO8gneLLWdo6K9iRQkKzCTIZAx63jg4tb-B_hmnKnPiNmH-SLJbyEompCP8aPs0SxMJnLNEeLrDuOYwtIy0mdYw4_okXbAZkdNN-Or8tXuysUbPIO-TiZk7npbeFGJkbWFaAMG8t5lunLUJCMpHlkihPoYndFTd2uOvUQazim1FUOkFfCYASQMHHHfMsRbEefqiBFz5xwCANWuwRro&cid=CAQSOwBpAlJW7K0BTd1R7DNqprW6P2XQmKlu4L7zgwiI56hsZlcc3K7kkt3AJLI80QL6mOCCAQGgWjO-acWpGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=11278931248339397000&adk=496764934&idt=187&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef50dbb637dd47c5839df33fe8e21aa7a8fdf8838748bff0a8ac012a2cdee031
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40885
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
social
am-trc-events.taboola.com/wallail-walla/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/3/social?route=AM:AM:V&lti=deflated&ri=57c477b999e6ed5f68883891521f8bc4&sd=v2_7bfe04bb8f3e9b7bb5c33d6434fab8cd_c2a480cd-b473-488d-98cc-424c45b354b2-tuctbe89b10_1693390224_1693390224_CIi3jgYQk-FcGIT5sK-kMSABKAEwODib4wlAhIoQSJCt2QNQ____________AVgAYABo7Y_QnZX90qfAAXAA&ui=c2a480cd-b473-488d-98cc-424c45b354b2-tuctbe89b10&pi=/&wi=2990753527669053458&pt=home&vi=1693390224516&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.walla.co.il%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%22%2C%22sec%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fimages.wcdn.co.il%2Ff_auto%2Cq_auto%2Cw_1200%2Ct_54%2F3%2F1%2F3%2F6%2F3136860-46.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=12%3A10%3A25.869&id=2305&llvl=2&cv=20230830-8-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
8cfec50746d2031c5a44b21bdeff8d0c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8cfec50746d2031c5a44b21bdeff8d0c.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7cdb6e853af5cca292315c58f1866648b2c94623a2e03a30df950e236e138d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 30 Aug 2023 10:10:25 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8cfec50746d2031c5a44b21bdeff8d0c.jpg
age
2190147
edge-cache-tag
412349734790409965415090686309220368759,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
412349734790409965415090686309220368759,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
43
expiration
expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://lebronwire.usatoday.com/
content-length
9368
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200053-IAD, cache-iad-kjyo7100083-IAD, cache-lax10680-LGB, cache-iad-kjyo7100127-IAD, cache-fra-eddf8230082-FRA
last-modified
Mon, 17 Jul 2023 10:42:19 GMT
server
nginx
x-timer
S1693390226.915306,VS0,VE1
etag
"ae1a1167481387f4c0f535c146c7f236"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 11, 1
03975d3cf5c262509acf5fb9f945e2aa.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03975d3cf5c262509acf5fb9f945e2aa.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
176efc1123d845d5f4c83c6193709ed2d2054826ea87a4564cab8b6ca886d1f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 30 Aug 2023 10:10:25 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03975d3cf5c262509acf5fb9f945e2aa.jpg
age
677560
edge-cache-tag
578177222200264508171546881263006443994,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
578177222200264508171546881263006443994,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
824
req-referer
https://ads.taboola.com/
content-length
11064
x-request-id
93c896f908e91237b999b79f83b74646
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100029-IAD, cache-iad-kjyo7100106-IAD, cache-lax10635-LGB, cache-iad-kcgs7200028-IAD, cache-fra-eddf8230082-FRA
last-modified
Tue, 22 Aug 2023 13:57:44 GMT
server
nginx
x-timer
S1693390226.917504,VS0,VE1
etag
"2ccd6ddad05c846fe69a708efb8ec414"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 5, 1
88750af267086b076eef1197aa796aa3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/88750af267086b076eef1197aa796aa3.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
11a8a6c9ae53194f06f4ac62c8be800fed3f392ae35723d85bbd9f0543a48dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 30 Aug 2023 10:10:25 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/88750af267086b076eef1197aa796aa3.jpg
age
587218
edge-cache-tag
502112117369156768324822053477814835786,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
502112117369156768324822053477814835786,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
449
req-referer
https://www.sport1.de/news/internationaler-fussball/2023/08/cristiano-ronaldo-spielt-wieder-champions-league-al-nassr-gewinnt-in-der-qualifikation-gegen-al-ahli-dubai
content-length
17916
x-request-id
dc75e79e517881e7d58b8e5ed10841a1
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200087-IAD, cache-iad-kiad7000129-IAD, cache-lax10681-LGB, cache-iad-kjyo7100123-IAD, cache-fra-eddf8230082-FRA
last-modified
Wed, 23 Aug 2023 14:15:26 GMT
server
nginx
x-timer
S1693390226.917792,VS0,VE1
etag
"f57001ae7b6d31d50dfb5b07a55066a7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
2__a59ac5f8-3f47-473d-b063-e1b9245a3ab8_1000x600.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/15696a61-c9e8-4b87-af5d-ad3d7449b815/images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/15696a61-c9e8-4b87-af5d-ad3d7449b815/images/2__a59ac5f8-3f47-473d-b063-e1b9245a3ab8_1000x600.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9a43100304a2104a52d94c896ee8d78396afd29af281889c3f5c500a8bbd3b14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 30 Aug 2023 10:10:25 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/15696a61-c9e8-4b87-af5d-ad3d7449b815/images/2__a59ac5f8-3f47-473d-b063-e1b9245a3ab8_1000x600.jpeg
age
2671455
edge-cache-tag
486101221925899522009640451852483298192,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
486101221925899522009640451852483298192,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
317
expiration
expiry-date="Mon, 21 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://universodagastronomia.com/?p=325
content-length
25020
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100091-IAD, cache-iad-kcgs7200177-IAD, cache-lga21974-LGA, cache-iad-kjyo7100129-IAD, cache-fra-eddf8230082-FRA
last-modified
Fri, 21 Jul 2023 06:44:14 GMT
server
nginx
x-timer
S1693390226.918090,VS0,VE1
etag
"b8e54f91b7e238375eab7a6a82dcca3c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 14, 1
00be4fd8b6bb2027f6e42ddd5899bc90.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00be4fd8b6bb2027f6e42ddd5899bc90.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
abe96ce9f3aaf5e534c3b33e0adfdfe6b8207d2263a2227d4479924e7187bf25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 30 Aug 2023 10:10:25 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00be4fd8b6bb2027f6e42ddd5899bc90.jpg
age
1557506
edge-cache-tag
625296538354884077281272984814560668641,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
cache-tag
625296538354884077281272984814560668641,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
476
req-referer
https://www.kicker.de/
content-length
9656
x-request-id
0c83ad1f041849d5271a3ea57c23ae85
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000112-IAD, cache-iad-kcgs7200025-IAD, cache-lga21975-LGA, cache-iad-kiad7000174-IAD, cache-fra-eddf8230082-FRA
last-modified
Tue, 08 Aug 2023 00:11:15 GMT
server
nginx
x-timer
S1693390226.918565,VS0,VE1
etag
"e9721805f5d38268b7bf122f9e87d757"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 24, 1
0a246c2857bf74dc2df2e2138602a2a3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0a246c2857bf74dc2df2e2138602a2a3.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f4709f7cb1090e8481c1afaaf1ba9174cdbb33ecd42f5a959c7c575640045105

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 30 Aug 2023 10:10:25 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0a246c2857bf74dc2df2e2138602a2a3.jpg
age
2010127
edge-cache-tag
508990555312403711548289366218384053158,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
508990555312403711548289366218384053158,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1196
req-referer
https://www.calcalistech.com/
content-length
12400
x-request-id
a54b3801fd27de61a4c9d0c00c2ba23c
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100174-IAD, cache-iad-kjyo7100076-IAD, cache-sna10737-LGB, cache-iad-kjyo7100074-IAD, cache-fra-eddf8230082-FRA
last-modified
Thu, 27 Jul 2023 15:12:08 GMT
server
nginx
x-timer
S1693390226.918559,VS0,VE1
etag
"51eba37c050f6b8557b9a678c51c777f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 51, 1
jennifer-aniston-imago0094666233h-boris-becker-imago0154911208h-sylvie-meis-imago0093433190h%2Cid%3D80d1b6a5%2Cb%3Dintouch%2Cw%3D1600%2Cca%3D0%2C0%2C100.00%2C100.00%2Crm%3Dsk.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/jennifer-aniston-imago0094666233h-boris-becker-imago0154911208h-sylvie-meis-imago0093433190h%2Cid%3D80d1b6a5%2Cb%3Dintouch%2Cw%3D1600%2Cca%3D0%2C0%2C100.00%2C100.00%2Crm%3Dsk.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
023bccef2ce86e217cc76fc982d47f45d838ae9be6aaf57f461255e1be4326d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 30 Aug 2023 10:10:25 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/jennifer-aniston-imago0094666233h-boris-becker-imago0154911208h-sylvie-meis-imago0093433190h%2Cid%3D80d1b6a5%2Cb%3Dintouch%2Cw%3D1600%2Cca%3D0%2C0%2C100.00%2C100.00%2Crm%3Dsk.jpeg
age
2515190
edge-cache-tag
340391864875208970251281983681272911102,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
340391864875208970251281983681272911102,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
462
expiration
expiry-date="Sun, 13 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.walla.co.il/
content-length
15384
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200025-IAD, cache-iad-kjyo7100036-IAD, cache-sna10746-LGB, cache-iad-kcgs7200040-IAD, cache-fra-eddf8230082-FRA
last-modified
Thu, 13 Jul 2023 09:42:14 GMT
server
nginx
x-timer
S1693390226.937799,VS0,VE0
etag
"33cb72041fbda883961d97e2cc4f6634"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 73, 2
00b34a4035dc549d0609719e54a2035a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00b34a4035dc549d0609719e54a2035a.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
23382b9534161712a2dee8f93216a483bb32997e1ecb9ca3dbab7079553cc75d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Wed, 30 Aug 2023 10:10:25 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00b34a4035dc549d0609719e54a2035a.png
age
695783
edge-cache-tag
330184441911425794108049727948765940498,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
330184441911425794108049727948765940498,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
679
req-referer
https://www.derstandard.at/
content-length
17540
x-request-id
bbd2be4cb50e6389856d358616b00e12
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200161-IAD, cache-iad-kjyo7100028-IAD, cache-iad-kiad7000058-IAD, cache-fra-eddf8230082-FRA
last-modified
Sat, 19 Aug 2023 06:59:40 GMT
server
nginx
x-timer
S1693390226.940747,VS0,VE3
etag
"75e1470d86f650b58ffe8ca4b7e8925a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1
3589100-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/8/9/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/8/9/3589100-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3fc358735f4fe6a1df0bd358a1249d2d24f9fef756378f87f85e32c42bf7a755

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 30 Aug 2023 10:10:25 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/8/9/3589100-46.jpg
age
693084
edge-cache-tag
399059569717620289240405050531116693516,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
399059569717620289240405050531116693516,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
125
req-referer
https://www.walla.co.il/
content-length
27170
x-request-id
b3b6dd58b37c659d0b3f6acff8a9998c
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100023-IAD, cache-iad-kiad7000022-IAD, cache-iad-kiad7000138-IAD, cache-fra-eddf8230082-FRA
last-modified
Tue, 22 Aug 2023 09:39:02 GMT
server
nginx
x-timer
S1693390226.947233,VS0,VE2
etag
"55c69094f93907cd7b876db5e8587caf"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 144, 1
3001126-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/0/0/1/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/0/0/1/3001126-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1b27d15f4c8dab73e7b067f59bd381ba4c7aec7cb4e0754b3574964513860b49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 30 Aug 2023 10:10:25 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/0/0/1/3001126-46.jpg
age
765670
edge-cache-tag
317451627938764227497511119841984780896,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
317451627938764227497511119841984780896,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
1050
req-referer
https://www.walla.co.il/
content-length
47368
x-request-id
17e44ff75201679309148b459f624088
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200163-IAD, cache-iad-kjyo7100047-IAD, cache-iad-kjyo7100087-IAD, cache-fra-eddf8230082-FRA
last-modified
Sun, 23 Jul 2023 11:33:00 GMT
server
nginx
x-timer
S1693390226.947127,VS0,VE1
etag
"6889e79a810f62739dbc7dba557be192"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1
9c443560f0d76bbdc11b28e9eb9ef258.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9c443560f0d76bbdc11b28e9eb9ef258.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0c18aac62d5ed49abfd8c1a900d5a0ca72d9d11810d6a1410033be0409dfe1c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
5
date
Wed, 30 Aug 2023 10:10:25 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9c443560f0d76bbdc11b28e9eb9ef258.jpg
age
2130606
edge-cache-tag
576771268535060090205840934130924150673,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
576771268535060090205840934130924150673,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
178
expiration
expiry-date="Sun, 13 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.oneindia.com/
content-length
7186
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100103-IAD, cache-iad-kjyo7100156-IAD, cache-chi-kigq8000114-CHI, cache-iad-kjyo7100158-IAD, cache-fra-eddf8230082-FRA
last-modified
Thu, 13 Jul 2023 17:55:04 GMT
server
nginx
x-timer
S1693390226.946886,VS0,VE5
etag
"395cd102bfc3ead0d07e0a3a188bb9ee"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 7, 1
4b474e148b1029690c2e5898df421edc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4b474e148b1029690c2e5898df421edc.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
00e2ff280d45d352b18689fd9b6725dd524d86b89081d40008a5b480ddb53c9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 30 Aug 2023 10:10:25 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4b474e148b1029690c2e5898df421edc.jpg
age
86622
edge-cache-tag
380701153887008088168630797588666780605,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
380701153887008088168630797588666780605,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
77
req-referer
https://www.walla.co.il/
content-length
13806
x-request-id
48ea151a16ba20909caf0fda0713d8a7
x-backend-name
CH_nlb802
x-served-by
cache-iad-kjyo7100032-IAD, cache-iad-kiad7000143-IAD, cache-iad-kjyo7100160-IAD, cache-fra-eddf8230082-FRA
last-modified
Tue, 29 Aug 2023 08:36:13 GMT
server
nginx
x-timer
S1693390226.947110,VS0,VE1
etag
"242447c23ab9f03e86013b664620c157"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 5, 1
eb84f75e8f43d2899600e838e006a42d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb84f75e8f43d2899600e838e006a42d.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6d06019641a320f78477dcf28b94fa1207c2ee07893f427850e45ba30df5a787

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 30 Aug 2023 10:10:25 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb84f75e8f43d2899600e838e006a42d.jpg
age
2339906
edge-cache-tag
451156214465580254622652449281369589667,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
451156214465580254622652449281369589667,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
552
req-referer
https://apnews.com/
content-length
18146
x-request-id
ca89abd0246c06dd041d90567778c657
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200178-IAD, cache-iad-kiad7000084-IAD, cache-lga21979-LGA, cache-iad-kcgs7200109-IAD, cache-fra-eddf8230082-FRA
last-modified
Thu, 27 Jul 2023 13:27:01 GMT
server
nginx
x-timer
S1693390226.961474,VS0,VE1
etag
"622df772dcea0043c41cc15425b1f170"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 24, 1
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 4BA3 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1786864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4418
last-modified
Thu, 22 Jun 2023 11:22:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942f04-1142"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gq99psDoBIw8DMV6npqhk0uYMRoxsr3qtGG2j1WnxWMO1oSu132LftxZDnORXmezdQ510mni%2FKhcA1hF5kmiUT1vhqeT34GB6et44dqI4KJTmSaknchwR1xEDN%2B%2BQGBq9rad5f8e2Q0sVmg8NQGIMxMk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7fec3e705e5a922c-FRA
expires
Mon, 19 Aug 2024 10:10:25 GMT
animejs.js
static.criteo.net/animejs/ Frame 4BA3 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Aug 2024 10:10:25 GMT
csi
csi.gstatic.com/ Frame 6CCE 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~llxktfn6&c=690763233471&slotId=345381616735.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8007 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4717
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 08:51:48 GMT
expires
Thu, 29 Aug 2024 08:51:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FDA6 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7619df691e783c907c04c0bfea49f2889d4be6a446b7c72cc1ea4747cc8c99b2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2YdXcQDM9aQuShXgEknMLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-2YdXcQDM9aQuShXgEknMLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 10:10:25 GMT
expires
Wed, 30 Aug 2023 10:10:25 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
3411dcef15a92fef4e50862f3464ff1f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3411dcef15a92fef4e50862f3464ff1f.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b1d1e5b926bb4860d220d6b819fd35ec8b48bd7b06d32dd7d7871ce1c71615e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 30 Aug 2023 10:10:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3411dcef15a92fef4e50862f3464ff1f.jpg
age
2208728
edge-cache-tag
490539229405930533963033718701574259435,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
cache-tag
490539229405930533963033718701574259435,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
191
expiration
expiry-date="Thu, 10 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.newsbomb.gr/
content-length
4184
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100063-IAD, cache-iad-kcgs7200112-IAD, cache-sna10740-LGB, cache-iad-kiad7000156-IAD, cache-fra-eddf8230082-FRA
last-modified
Mon, 10 Jul 2023 15:55:53 GMT
server
nginx
x-timer
S1693390226.009521,VS0,VE2
etag
"14fdca12da5871db4f91b9d5afe089d7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 23, 1
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 3CBA 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
Origin
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 09:29:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2484
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 09:29:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/ Frame 3CBA 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DbgoRwf1uiBxBg5H0Y9iLGszW-AM1OkAHbGEErNoOKlZNyFPPPMX3ZZIbXzPp7joHjM51ijcGDroh7O9w2422O0zqobbKZdcqp5BUAg87gp26GHGA&cry=1&dbm_d=AKAmf-DJZC7yvcurrIvt0EUetUehFiWtY4_OXd0Lfz5Rl-05qguAIMW5jdJbx9cA3NKPQNd7XgEUQrT1NnfswDLEFk251zA6XgEvY6tvPD5_EDwpM5WR4oucLQo899KaeW8lBQ6SImUeEwWaIM6T6pST85AOYtcP_E3t5dVo39m_rtwg9hhRtg931Kv9mE-rWsVf2AKS8rr9m7RR9kfJu9pON-3oAHSvf65UmoaH-n8_NRSLsu37Ws_wpCFAqAiqrW_lVjzqLFAG960-bZjcF1rraahXIvIXyjYJ40gnGg99pPQHmYgyzOZezWG3j2nwANqbJno4UGam6OdlFOFiiV24UgM41YXM2loFJCRcPyC68v_9EvBFsCIc6ijcpFi1YLLHZ4ot6b5lQR4NaLhL9ydjbvmb3fnacRMd6RSeMX8MSA2rEMeQcDQzdmWy-wzzRFFyRMj93rLZ5AeYl45NVFZKwJfuEkpKlBt5VO2pfOwBoe25zLZkunpp4bHTmlRuSz9DewEV-j9eaa1thCPNSBamNO5SmeQdl4E716sOtyc4Tnk_p-2qNQzLneeNCeyJgGt6MqhS4AqCwoXVGnMJMd4VXK_FCs-q7kkjXQHKOiX8yZ8eBV-MCRMCizrTfV7c1ZSoG7wsAsRrvPmq-MZPUDRd6gCt7EhgGWwwHCALBJG6JKgNr1oLvdpmeC0HteKo4oPgKaTTcDc2e4mjtjSHYCsqQDJq8-Q9mcBzocLyZIlr5JxzYeTvtnvCCD1aRKrLTX3065kgKhB-bg16Sdo95Z4c5w2mZv4bLCUB2mLseG75rVtwHCn-GPZ82hEAyXVAY0FwyRYnuspzcAlF9C9M4l96ud1fBw046MMKtkExPiU8BaSprDljLCiGtT7P8z-C22doFKbdnHEWFD55DL4T8TG3YHExcb4k8D7Pv6XICe42Oz23WGuiqmx0klDZDbv8hBBpkk_7pmd9IrBXHYUWw6idtvgRqiXGtAQAey7l-oL57KUuCdL5XUh3xKvUP7ydvim4tqgNpG8vr-kM6Ooaj3UWn9pMYkuPe_KfnUt74Z07M_afACngmhtO9nGpzFTgeDUHZTn_eeQRGSm6GUKWKW5jCdSMij1IAepy7Qes9ya682xSBVWVm5wumN3vX5dc7monvBfNU_j7nKWoLnpC-YLxZ9753H_PjVfit-Riii4EkYRMYbe6qNeldN6Gam72gzLegZXYPaonYXlAXdPS_I5c9l5SDZsWqEqy7zja3VJ5uP6rVUJgZSdeDy_B4XYz6-CGA4sg892OT8Zmr6QUUzOTVKC2Tfqj5_JetG3uIxrwhQ8y6NFU6V6L6p8ERJuSaHbqrgenbJt5SC1-jPRr29nvPFIy1qA06Q4Wr8zsPhZ2MPwTjn4GTccqzvraSAsOheSSPvbnFKCZvJK6OsGOROk6C-GEtanGzfHObJwVdvkmRxC1x0D5cXGU-YYOHJqNlsFi2vkWHAO4ncmSwR_nc2VToLq9oAQqtDpb6Bw_AgqpB8JPlsoP5SWvQqlb2X3fAXzX062lRiFR0tbuyFLzj85s3Z8h84429j6UQWzVrfQyTS2KdQGAjtWioD7mW6ppN7uws1x6c-o2dMqxgk6JaLEFsd1tQ03258RW6rjIaQtbsqCgobHgbMtbZ7qxV0loMxzUxsHWNGhLxQDcLv3BTdfpaoemhw9U2cJIrfGYLD_i4dBNgYbWfUpkwEZDQt6kMcdu5jOrbS8RB7gdDd5jWOZ5ryAVGJu6Ve1ZSRipsubnNEKENOG6C-czOPUJ81tP93IRoRGxLCLs0y1q1nIj3gspAjRw6C0dEiCP9oe7gv7oO8Z4AoNVx_FZLBczqP33aS9VwXNNqs9XS9sLmUWzdIeNmV7rlaCJ4UuIe6G8aMCOXO6xh4ER_XLFfb4C2Fbx_7fjvlPb7QJZKcBgo7muI6TzfckZE1xCEvMEhSKl1tsO6Ch0qa_8Fg737AIndxrsUlscyi9iamouZwDcpMYCtVbm3eDMNjVqACF85HT_Ngtz9Na3-ES-pErIpm0mHK7LgNG0xm_455NwyQuAAqeXl7G3UAS3biKYeAixs3k8ZhBYfWR80abJESyJ3AF-Zd5mFeD5FPx_h0jTvlaL8gr4NkF42a94c5Bqx5Z4cgXr-hvmE3Y0nLqD5s8-ISHDFKp8621viasd-Yl9F65Xv3ocqv17X9NoOCmTJz88XYygyc0ymxqNnKZewoSQzBXjpHxBD2oINqFlGlcJWjCYIwFiLjCdcm4q4ADzk9K6OI4TSIqbuDqb1TT3bCelR5rn89uKq7zqXOEJmLUZRM91IDlJfUAfPvwcTjp-qaxQcdsIm0rddhr283k0n2fP2iXAqJNvjuvNiuAfKvZN2mEUtLujXKn_-pmTot5_dxrqqskSkPnmVGbp--4rQ2T-gwKWmBAWLRhcxJ6OSpI4c2BFFf0YmlQcFAsCC3aZJYbQ6iisE8XMgIfoa3_xJEwLWkJluAri-2LPjBLyWLVcdbj1DJeFdyIUrON6g3uNYhOycKIXeSxKNQv9vHpoJIKWs8n4Cwr81yys6Ltnb-rKCpB04KLE8zgnEEsYlcNfmd33o4XMQ-UxxI1pTLFdWRTyZTor0khbaaRM7MXbTequ6j6KNMJUjL3In79n5fV-ZcIbg7KEZ2NZ_RSUZSnV9UUEZcx7K5Jm0kINsraL7wAKhBJOT36wdWycoWvzxnYHMl4VHXU4BSLsUw76klyjnh5utsTO32hj1yRNXmfI_JznAUeDAdlwpgKUWMxYoWGZSGr_rL8i4JE5JksEVKeBSSyZbDvh-j84DcoMJLTzXoXdZgFuklHlJChNsf2oZ5lPIKPwMb6wJnI4Hm64GV53O72gftXf3HhRn1mtm1BaWUlPu-tumczX7WX3VaEQjU5AXFql4CmY1F3LPUflH5HUmrfP93XS_kN_1GLip-hDzWaHNgROonwVAWvqoRtJpzpPiqOPDc_lS50ytUCk0iF2VoqbIr_MumBvuw3qPY6YTGwtHryfJ3D67LIyra1gAD8RHzGp3-W5TEJSNRhEGjXLh2hHmAyY3RHn7FdU-I-uNkX6oXU49lfZio3TgTsRyGZTgNLJGPlpgQnA_5O1-nWeTbNJR0MjcI6-BSvWIW4OYhjm17ffqpGhzAM5zIB25tzl3I7UCH-ckVEBC8RRHvNNDWtN2ydfD-ShDcF3ixffMIgUey_zsRGnBnILrjO98bmbp4InVyOqofAtBsscZlJESuB3CUy6i6_67j39VJBOQBePh5AleYZKegVBVkjFprsh4mGizQGpFEpZ_v3cjKMmoyU19-NfLIca-B8nwDFDwX7QfU9BIcff_mooy09kpLugR82sT_r1fntBIf7pd0lVQ0UDNmxBPK0aWFFDj7vdQdB0AHHBp7IstdKBE-ZqD2OLx6lqk9ekpCx2r4ZW5XRDssiL_ePqloy3FkNY-3zERFQeP5-k1_h2f6qOXrPeGDkMChs7InNSt1dROuhR0y_OXtPurXc5fsSdw2FblU5gH0QSRh0UydWF3apEa-sEoMM2Wc9kieQR0jOKRk5OAjH5pttjh9OicPvUqZ5dwiMkez8TZ4kHzDvpfNrZ9yxj0dWMYUEKROJknymuZl4FgAO8cfI6Z5jSgUgAGq5uZ_YgkUsPlrRGnEpW2XSv2fGJnmDfc004l_T0drgAwD3maENEO2ol2NjXjmsCh35jWZRkzxjeI9elbAKdb818XkB7pNek0DmoliUy3vzlT9_2ndfF1iRZMytVERsqDmgOnwCb0_q75-KgI3SapxyIsPMMXKQxWJAJwC9m2EgCxx8pQrmRp_A&cid=CAQSOwBpAlJW7K0BTd1R7DNqprW6P2XQmKlu4L7zgwiI56hsZlcc3K7kkt3AJLI80QL6mOCCAQGgWjO-acWpGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=8312018398775045000&adk=3661671305&idt=132&cac=0&dtd=101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:06:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
72231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 14:06:35 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame 3CBA 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DbgoRwf1uiBxBg5H0Y9iLGszW-AM1OkAHbGEErNoOKlZNyFPPPMX3ZZIbXzPp7joHjM51ijcGDroh7O9w2422O0zqobbKZdcqp5BUAg87gp26GHGA&cry=1&dbm_d=AKAmf-DJZC7yvcurrIvt0EUetUehFiWtY4_OXd0Lfz5Rl-05qguAIMW5jdJbx9cA3NKPQNd7XgEUQrT1NnfswDLEFk251zA6XgEvY6tvPD5_EDwpM5WR4oucLQo899KaeW8lBQ6SImUeEwWaIM6T6pST85AOYtcP_E3t5dVo39m_rtwg9hhRtg931Kv9mE-rWsVf2AKS8rr9m7RR9kfJu9pON-3oAHSvf65UmoaH-n8_NRSLsu37Ws_wpCFAqAiqrW_lVjzqLFAG960-bZjcF1rraahXIvIXyjYJ40gnGg99pPQHmYgyzOZezWG3j2nwANqbJno4UGam6OdlFOFiiV24UgM41YXM2loFJCRcPyC68v_9EvBFsCIc6ijcpFi1YLLHZ4ot6b5lQR4NaLhL9ydjbvmb3fnacRMd6RSeMX8MSA2rEMeQcDQzdmWy-wzzRFFyRMj93rLZ5AeYl45NVFZKwJfuEkpKlBt5VO2pfOwBoe25zLZkunpp4bHTmlRuSz9DewEV-j9eaa1thCPNSBamNO5SmeQdl4E716sOtyc4Tnk_p-2qNQzLneeNCeyJgGt6MqhS4AqCwoXVGnMJMd4VXK_FCs-q7kkjXQHKOiX8yZ8eBV-MCRMCizrTfV7c1ZSoG7wsAsRrvPmq-MZPUDRd6gCt7EhgGWwwHCALBJG6JKgNr1oLvdpmeC0HteKo4oPgKaTTcDc2e4mjtjSHYCsqQDJq8-Q9mcBzocLyZIlr5JxzYeTvtnvCCD1aRKrLTX3065kgKhB-bg16Sdo95Z4c5w2mZv4bLCUB2mLseG75rVtwHCn-GPZ82hEAyXVAY0FwyRYnuspzcAlF9C9M4l96ud1fBw046MMKtkExPiU8BaSprDljLCiGtT7P8z-C22doFKbdnHEWFD55DL4T8TG3YHExcb4k8D7Pv6XICe42Oz23WGuiqmx0klDZDbv8hBBpkk_7pmd9IrBXHYUWw6idtvgRqiXGtAQAey7l-oL57KUuCdL5XUh3xKvUP7ydvim4tqgNpG8vr-kM6Ooaj3UWn9pMYkuPe_KfnUt74Z07M_afACngmhtO9nGpzFTgeDUHZTn_eeQRGSm6GUKWKW5jCdSMij1IAepy7Qes9ya682xSBVWVm5wumN3vX5dc7monvBfNU_j7nKWoLnpC-YLxZ9753H_PjVfit-Riii4EkYRMYbe6qNeldN6Gam72gzLegZXYPaonYXlAXdPS_I5c9l5SDZsWqEqy7zja3VJ5uP6rVUJgZSdeDy_B4XYz6-CGA4sg892OT8Zmr6QUUzOTVKC2Tfqj5_JetG3uIxrwhQ8y6NFU6V6L6p8ERJuSaHbqrgenbJt5SC1-jPRr29nvPFIy1qA06Q4Wr8zsPhZ2MPwTjn4GTccqzvraSAsOheSSPvbnFKCZvJK6OsGOROk6C-GEtanGzfHObJwVdvkmRxC1x0D5cXGU-YYOHJqNlsFi2vkWHAO4ncmSwR_nc2VToLq9oAQqtDpb6Bw_AgqpB8JPlsoP5SWvQqlb2X3fAXzX062lRiFR0tbuyFLzj85s3Z8h84429j6UQWzVrfQyTS2KdQGAjtWioD7mW6ppN7uws1x6c-o2dMqxgk6JaLEFsd1tQ03258RW6rjIaQtbsqCgobHgbMtbZ7qxV0loMxzUxsHWNGhLxQDcLv3BTdfpaoemhw9U2cJIrfGYLD_i4dBNgYbWfUpkwEZDQt6kMcdu5jOrbS8RB7gdDd5jWOZ5ryAVGJu6Ve1ZSRipsubnNEKENOG6C-czOPUJ81tP93IRoRGxLCLs0y1q1nIj3gspAjRw6C0dEiCP9oe7gv7oO8Z4AoNVx_FZLBczqP33aS9VwXNNqs9XS9sLmUWzdIeNmV7rlaCJ4UuIe6G8aMCOXO6xh4ER_XLFfb4C2Fbx_7fjvlPb7QJZKcBgo7muI6TzfckZE1xCEvMEhSKl1tsO6Ch0qa_8Fg737AIndxrsUlscyi9iamouZwDcpMYCtVbm3eDMNjVqACF85HT_Ngtz9Na3-ES-pErIpm0mHK7LgNG0xm_455NwyQuAAqeXl7G3UAS3biKYeAixs3k8ZhBYfWR80abJESyJ3AF-Zd5mFeD5FPx_h0jTvlaL8gr4NkF42a94c5Bqx5Z4cgXr-hvmE3Y0nLqD5s8-ISHDFKp8621viasd-Yl9F65Xv3ocqv17X9NoOCmTJz88XYygyc0ymxqNnKZewoSQzBXjpHxBD2oINqFlGlcJWjCYIwFiLjCdcm4q4ADzk9K6OI4TSIqbuDqb1TT3bCelR5rn89uKq7zqXOEJmLUZRM91IDlJfUAfPvwcTjp-qaxQcdsIm0rddhr283k0n2fP2iXAqJNvjuvNiuAfKvZN2mEUtLujXKn_-pmTot5_dxrqqskSkPnmVGbp--4rQ2T-gwKWmBAWLRhcxJ6OSpI4c2BFFf0YmlQcFAsCC3aZJYbQ6iisE8XMgIfoa3_xJEwLWkJluAri-2LPjBLyWLVcdbj1DJeFdyIUrON6g3uNYhOycKIXeSxKNQv9vHpoJIKWs8n4Cwr81yys6Ltnb-rKCpB04KLE8zgnEEsYlcNfmd33o4XMQ-UxxI1pTLFdWRTyZTor0khbaaRM7MXbTequ6j6KNMJUjL3In79n5fV-ZcIbg7KEZ2NZ_RSUZSnV9UUEZcx7K5Jm0kINsraL7wAKhBJOT36wdWycoWvzxnYHMl4VHXU4BSLsUw76klyjnh5utsTO32hj1yRNXmfI_JznAUeDAdlwpgKUWMxYoWGZSGr_rL8i4JE5JksEVKeBSSyZbDvh-j84DcoMJLTzXoXdZgFuklHlJChNsf2oZ5lPIKPwMb6wJnI4Hm64GV53O72gftXf3HhRn1mtm1BaWUlPu-tumczX7WX3VaEQjU5AXFql4CmY1F3LPUflH5HUmrfP93XS_kN_1GLip-hDzWaHNgROonwVAWvqoRtJpzpPiqOPDc_lS50ytUCk0iF2VoqbIr_MumBvuw3qPY6YTGwtHryfJ3D67LIyra1gAD8RHzGp3-W5TEJSNRhEGjXLh2hHmAyY3RHn7FdU-I-uNkX6oXU49lfZio3TgTsRyGZTgNLJGPlpgQnA_5O1-nWeTbNJR0MjcI6-BSvWIW4OYhjm17ffqpGhzAM5zIB25tzl3I7UCH-ckVEBC8RRHvNNDWtN2ydfD-ShDcF3ixffMIgUey_zsRGnBnILrjO98bmbp4InVyOqofAtBsscZlJESuB3CUy6i6_67j39VJBOQBePh5AleYZKegVBVkjFprsh4mGizQGpFEpZ_v3cjKMmoyU19-NfLIca-B8nwDFDwX7QfU9BIcff_mooy09kpLugR82sT_r1fntBIf7pd0lVQ0UDNmxBPK0aWFFDj7vdQdB0AHHBp7IstdKBE-ZqD2OLx6lqk9ekpCx2r4ZW5XRDssiL_ePqloy3FkNY-3zERFQeP5-k1_h2f6qOXrPeGDkMChs7InNSt1dROuhR0y_OXtPurXc5fsSdw2FblU5gH0QSRh0UydWF3apEa-sEoMM2Wc9kieQR0jOKRk5OAjH5pttjh9OicPvUqZ5dwiMkez8TZ4kHzDvpfNrZ9yxj0dWMYUEKROJknymuZl4FgAO8cfI6Z5jSgUgAGq5uZ_YgkUsPlrRGnEpW2XSv2fGJnmDfc004l_T0drgAwD3maENEO2ol2NjXjmsCh35jWZRkzxjeI9elbAKdb818XkB7pNek0DmoliUy3vzlT9_2ndfF1iRZMytVERsqDmgOnwCb0_q75-KgI3SapxyIsPMMXKQxWJAJwC9m2EgCxx8pQrmRp_A&cid=CAQSOwBpAlJW7K0BTd1R7DNqprW6P2XQmKlu4L7zgwiI56hsZlcc3K7kkt3AJLI80QL6mOCCAQGgWjO-acWpGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=8312018398775045000&adk=3661671305&idt=132&cac=0&dtd=101
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:06:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
72231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11511
x-xss-protection
0
server
cafe
etag
961974302080011826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 14:06:35 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3CBA 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 03:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
368951
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 03:41:15 GMT
f9d5f193fe704d30bc6e97384f41c8fe_relative-bold-pro.woff
static.criteo.net/design/dt/ Frame 4BA3 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/f9d5f193fe704d30bc6e97384f41c8fe_relative-bold-pro.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c94f7120af1dd1e52881cfb218fb4fda3f26d6971c0ebd317ba23b459dcaa1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 20 Apr 2023 14:26:14 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"64414b86-e41c"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Aug 2024 10:10:26 GMT
debug
am-trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/2/debug?tim=12%3A10%3A26.029&type=usage&msg=image_utils-event-1693390226028&llvl=2&id=356&cv=20230830-8-RELEASE&lt=deflated&file=trcrbox-ui-image-utils&method=&position=&extraData=%7B%22eventName%22%3A%22event-cropping_did_not_matched%22%2C%22itemId%22%3A%22~~V1~~9136630515393773225~~QOCfU-VxarVBf%22%2C%22isCropping%22%3Atrue%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:26 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
25575
debug
am-trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/2/debug?tim=12%3A10%3A26.029&type=usage&msg=image_utils-event-1693390226029&llvl=2&id=7638&cv=20230830-8-RELEASE&lt=deflated&file=trcrbox-ui-image-utils&method=&position=&extraData=%7B%22eventName%22%3A%22event-cropping_did_not_matched%22%2C%22itemId%22%3A%22~~V1~~-3470299871059249064~~LwSgtqu7XvFi%22%2C%22isCropping%22%3Atrue%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:26 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
25575
img
imageproxy.eu.criteo.net/img/ Frame 4BA3 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=496&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F230502%2F6c678b4c3aaa4eb8985bff7ee55cf9b8_stepstone_job_portal_negative_rgb.png&v=3&w=356&s=f82ffVTSZuM1C2NLUhb3glKg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3290c092bb4df9f7429398cc191d51cc4a6d9e3c9d6c97ac497411628b60ddb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
10345
expires
Wed, 31 Jul 2024 02:14:40 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4BA3 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoMercedes-Benz-Tech-Innovation-200596DE-2204010837.gif%3Feb%3D1&v=3&w=400&s=_tIhSRdJUTKk7bOgPAJ-2zbS&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
26cd08f1566ba2cf280c41768cdb82113945a0676046c51ebb50f61efcef8dd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=2591971
content-length
12346
expires
Fri, 08 Sep 2023 23:20:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4BA3 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoTRUMPF-GmbH-Co-KG-89837DE-2102261340.gif%3Feb%3D1&v=3&w=400&s=XzyqR9V2SsoI1itNbKTZPmBV&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d2f42817076c77b4f4088346b2e89b3ae1f60d82b782392d75214a141d881e78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=2591942
content-length
4115
expires
Tue, 05 Sep 2023 13:31:27 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4BA3 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FM%2FlogoMETA-Regalbau_GmbH___Co._KGDE.gif%3Feb%3D1&v=3&w=400&s=_CJ9oO7v_ksDeDRQvT0_iYa6&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
18f1ce708d0c91a8d25802a2fbaae6624b10db8c9c2362ddcd6914993cbe493a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=2720
content-length
2481
expires
Wed, 30 Aug 2023 10:38:27 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4BA3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoMLP-Finanzberatung-SE-4972DE-2210200809.gif%3Feb%3D1&v=3&w=400&s=4ePDe2waZWEhM8OC-D8vbhUD&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42b67ac69bbb72f3aef7a7c78738bc0dc2c5067031de210c36307276c618ca69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=2591956
content-length
3288
expires
Tue, 05 Sep 2023 10:32:47 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4BA3 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2Flogoconovum-AG-222713DE.gif%3Feb%3D1&v=3&w=400&s=L8w21NkmMvKnABZjMXxjYq4g&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c0b8cf95d32ca4940b378560b53cb10ebc5a6daf9185e65967d0a5f6dcebd4d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2591980
content-length
1186
expires
Sun, 03 Sep 2023 14:57:27 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4BA3 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoDeutscher-BundeswehrVerband-106752DE-2111091331.gif%3Feb%3D1&v=3&w=400&s=KDaWaRmQABrT0uRub_4BK8iL&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
25523cd8889c2269c239061abbc29fb4a9b033e5ecf795344149ca0f50137ce6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=3584
content-length
19740
expires
Wed, 30 Aug 2023 10:50:00 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4BA3 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoPwC-2965DE-2307031425.gif%3Feb%3D1&v=3&w=400&s=ws0bTDmqQEcYN_HWa9nOF9_Z&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a41b061cab0b78987ef20ee2da139aa2c6ec28308a9a7463f0ce2a3033a81f04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=2592000
content-length
1513
expires
Mon, 11 Sep 2023 05:58:32 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4BA3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F1%2FlogoVodafone-Deutschland-GmbH-152818DE-2204111148.gif%3Feb%3D1&v=3&w=400&s=UUtnX0I4EeTWdcdViyrFl1HA&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
98493f3c05b8d61f9b1b6a01ce3ad92cf16d577dfe841a9a7da13a9bc10cb9af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=2591979
content-length
2884
expires
Thu, 21 Sep 2023 14:52:33 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4BA3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FL%2FlogoLBS_Bayerische_Landesbausparkasse__Anstalt_Der_Bayerischen_Landesbank_66152DE.gif%3Feb%3D1&v=3&w=400&s=KIIHQI8tcY502VHp78lRN1MS&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
147776762ece31694cfd2c93ee7a87f10645ed1afa355621b2c6b6aad242b4ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
1736
expires
Sun, 24 Sep 2023 13:03:57 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4BA3 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoWTS-Group-AG-Steuerberatungsgesellschaft-467DE.gif%3Feb%3D1&v=3&w=400&s=chPOXHSX9gVpcMasCt4CCqlU&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1c23686a15255953e51e375b06af067cebe30f6efd4a04aef9912cfe5679b868
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=2670
content-length
1257
expires
Wed, 30 Aug 2023 10:43:38 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4BA3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoBridgingIT-GmbH-61818DE-2302090926.gif%3Feb%3D1&v=3&w=400&s=zPmM6UdwHQxEVoELbMVk0jJs&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9ffa7d3bcfa1f8b335f688cf14b469ede7d8e1aed04c7785a68e0cb605536e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:26 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=2591962
content-length
1785
expires
Tue, 05 Sep 2023 09:59:39 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4BA3 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F2%2Flogoalfaview-gmbh-244696DE-2004161304.gif%3Feb%3D1&v=3&w=400&s=fzAllTWvmADwdWqgYhEfqCBT&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
40407df0b0464ca5bf4dd118e93607617418769bb20c3ba1ed336541b60b15cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:25 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=2591944
content-length
3627
expires
Fri, 08 Sep 2023 13:59:25 GMT
all
csm.eu.criteo.net/ Frame 4BA3 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=bc7H1kOMckU4c2dyjvvp7vE20bFfFc3Dx9AlsQfmyOYZjcHHPen7EO6n7zo1-zV0zbOFrCCDAhltJdqN6ANWMQ9sr_3c8sqCKxNpvxVLstOd7_c_DEWkREUCswQh83H7IMijsPsw9UYiJa335eLUGbCswS_0tHb9sHm2f5xbSHYQxxdHsARdPqBJsGvB8aNBJ_3Gwj1zv-kq0Gp6w3dowrobzdZvG4mkwVObBFvSO9WD6-W4k7J_fdax3otCpuMNZRfjUw&sds=2&rev=88100&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 30 Aug 2023 10:10:25 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4BA3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Aug 2024 10:10:26 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 4BA3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 24 Aug 2024 10:10:26 GMT
29
r1---sn-4g5edns6.c.2mdn.net/videoplayback/id/13c8b8091c6a7d44/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3813660949/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 6CCE
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/13c8b8091c6a7d44/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3813660949/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
  • https://r1---sn-4g5edns6.c.2mdn.net/videoplayback/id/13c8b8091c6a7d44/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3813660949/sparams/acao,ctier,expire,id,ip,ipbits,itag...
5 MB
5 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5edns6.c.2mdn.net/videoplayback/id/13c8b8091c6a7d44/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3813660949/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/037F56E177673DCCBE58E46058AB29C854E427C6.374CC9E4F5A1B9BAAA3D0A425DCA9B2FAA4339D6/key/cms1/cms_redirect/yes/mh/qa/mip/2001:1b60:2:240:3247::5/mm/42/mn/sn-4g5edns6/ms/onc/mt/1693388982/mv/u/mvi/1/pl/29?cpn=T0kM_2_P_MmgmD7_&file=file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4001:6d::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
9fe56616f2b1075320f46ff6d47f19a7af9cb3a3386886395a8fea5b52d5e529
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 10:10:26 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 23 Nov 2022 14:15:17 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-5611234/5611235
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
5611235
Expires
Wed, 30 Aug 2023 10:10:26 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r1---sn-4g5edns6.c.2mdn.net/videoplayback/id/13c8b8091c6a7d44/itag/37/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3813660949/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/037F56E177673DCCBE58E46058AB29C854E427C6.374CC9E4F5A1B9BAAA3D0A425DCA9B2FAA4339D6/key/cms1/cms_redirect/yes/mh/qa/mip/2001:1b60:2:240:3247::5/mm/42/mn/sn-4g5edns6/ms/onc/mt/1693388982/mv/u/mvi/1/pl/29?cpn=T0kM_2_P_MmgmD7_&file=file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
677
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 885F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=1018958856&message=ss&sdkv=h.3.586.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 885F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=1018958856&message=oml&sdkv=h.3.586.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 885F 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~llxktgnz&c=690763233471&slotId=345381616735.5&qqid=CN2v2paShIEDFT5B9ggdt9oB-Q&fb=ima_html5-lima&sdkv=h.3.586.0&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=1&itv=1&gpm_i=12&gpm_c=12&gpm_a=11&smb=Infinity&br=4276&mt=video%2Fmp4&vs=1920x1080&ua_e=1&webm=0&vp9=0&vamt=application%2Fx-mpegurl%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=37&vsrc=web_video_ads&fas=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80f::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D1A9 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
82587
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 11:13:59 GMT
etag
48472445140208031
expires
Wed, 30 Aug 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3CBA 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58a5a96754c36c456f443fc94e7fc06a02097efe3e2e44d2718b2f88e80587ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
skeleton.js
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame B94B 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20338656462&bidurl=https://www.walla.co.il/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0j4IwoU4VLck89L6_fvIyOW
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.202.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-202-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
dd6486e4abd0cb739612973fb1c3511782e63aab3d890aa4b55cf0eabdf99392

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame B94B 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
Origin
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 16:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64234
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 16:19:52 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/ Frame B94B 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFTBT8yXGo1-goiJcmKa5LwityuDYKRVtd4b_3vw84QUKd5mOMj4AaoqNerd0D7aQecgMlqYObmjt94DKcHwZpsxrPO-idY565IlTuaMLueQ0DLMBwdhlVRP1vs_wr-5Q9Gstz8GvSiLKgqrsOgODX7wVC-LOOTUJjZrCq4Q6E_yWwinI&dbm_d=AKAmf-BgnFuP07cFI7tuaBDGtHlGlCwgzuyZiLwBXckleBriKmVaj43mCLNpkB5nn5LEeRmoQ7i1BoSxtwLyXtW8cVnKKr6Is_5d5XO6DNm6UT4QsBermUJp3LMNG8yx4I4YFZq5S-adWXEZbdoNrQl-baCjolPjnxopIwLjWyCd4de8Oua_eWMEW77DbA9_EyIEMMS9cNkHepViiWU-A6_Kd_9Z6349F4IqqryGZ4u4ZRaQoGSN9ONvVG5hbEmMPdTL3Pz-EFg0c9SFdBNb15fOzOpSAwyy3SgygDsAW0LunCP9V7hxHAOnI9p26fIPn04sqQ7x-7x59EdEo0DQ2WUfIjYo1vuksJQ--sbkRtINXG__fshkgtNwW4pq6qRgqMaj-X5cA7IoAH-oXLxD6iIid87gcTZpAVce-PLNZsYG7wDyAXKdeyBQRTsOGf3EsgONLm8zb3iQ6Cn8OhjPAJtDO0NnsRH3lNELWYS4Eds6uIdd1Jm7wOX4v5nO3dBQFxKoaYh3EUQtLIcSIfBd_OCP7mZy3v6Rg88UgsFMBIuqTDFDjLA_TGX8t0KcOpprKfbNO_6RW4OS4Qf7djCPfzM7WP_zOesqr-GErmADKF49-pZZHjyMSmMJMnLMwPJka5VYr-ScV6VahmNUlJHBjlOgFq-Dxs1Q1si77otOtCIjZBOPaVSJCsMZfL9sWs_VTg-VIA8tyAKSTOwYovMxmaO_MZ5eniQy1SUx5nl1PfWcSIB0TioCwN4ZC-iJJYpXVD1iKQ9lpVSyRp0oMeANdRxKoIBrIim4ht53opVjdyJNEmnNqS_1K7v1q_D8Ey7rpE73Rh5MaCfEGrS1a4Ka3gLmUnM5x9qTvntKCwf6tA_2ner7aI89GyKxky42cE5j1Bx-lK1Hkk3Pv3wKUZrRKz59alGcAyNGl8y8Cd5i8UvOA7v1qARyr-SLKOBThNFFJj-BASoz9dlncb06h4t37ShvxoZm2UJzddXoef97oa-eF18kXsFK1oT42xv_divUSfYpFyPFlkciUbRBNWoZ4zu9XrsoU8L1LMQl9g869mxEy6GMTouiAT4wAFfQs7OcTVNBJ5n9JzkkkEYe2YIom_xxysamtT2hPvkLKjztVYU6Rh6pmFpSy7hUoZ5qid-8LjHiTyq-JRUyA8Nrh-cpTNviL55f5umrIXdl3SgycMQID3lFMuIVjFosQ94u_DQQQOivR_MUXTNtHU6DTKNmjnqI_819Q1_0zW5wEeJwIvXyqbXX6pp4FUz5p64YPGk59q33l0uon99hGSnB7bfXHvN4CQzIRs8lDNgoEPyIHa_Igoqak5hIpxq4Hl4N7tv0HawwyyUYbLgq0x_q6Bk4-qIN7fx6c63KThweEde0X_YIeAxnZuEyA_ZXQO-hgM5YYfG4IevNscDT3cj8ZzeuMt6iMjcUGV9aPwVALqKPj6DuL_UDyjO0_cd3diTnzVW8jVD9rINIO8wzjTaCEWJsWO5w_8rYp_Rrbf6gpEVgGJkzy7sZnN0f0OFaqgptEnW63FATXgGrm9F8xvfKWtO5gwdHywcB0Ags_S52B9qvYRmkCrpuDI8VCFpzn8z2R-pWhnIyMs5cd-JnWoSXecuzLrR5aE6jVnnOlTSmc9KQ-ASjjLHS2JOXQBvvDb0II-PmY2tMb_qtuKuMWAL6VmB9u7Z1j0QfSJpurjaFNGAZDBcKlJgP5-SrDTb6pMHlsWvA08B9zl1pYiqicvLskkBNH7CwDytw2xuVFWoUmKuz-j0kmCP7yX3Nn4hM6cvrcOct765rCnQKhzIIUru8ga8AIEH0RPX3904nPgjKRTfcu8SJf4HjVmk90-9AVtlaGArARsmiIXUmno9AyZDSuSX_hVjFKsHfKOVDx0e-YiA2IH3ztB5agLP_Cb2TRVkyjvR4xxn-oABTolDPlQ3Lwmk0HCp5o5vyuNsXuMEQuPIjrCiIIlsLsfRfCY8Cew2EQT_85sbGLXsNZj4RCobE9vxhPanxZc0c5y7osvNtvoL1I1BQGyudUk7vFF0B9BTnZeA7L4YBsa4XhN3NNEZFwWfyot5Vw8QrFGuZU2Ua7h_e45Ec5H2AUcfhyJqTys3kwwwEoGB5i5m2Z91oZ6pz8dNYkbVLcAM1J7AUcNrxOX3wQMWuk7wKDH8RVS41KMv29MGMICZV9WomS_6_rS2Bajt8jyepoYi-GIcVpvZGVr3aFMTrGwVX9G6ZIttkQFOF6k5dHjArOmltjxeulZ7x5RpwTQDMg-nLu3aK_juvJG9Q0oKqWHPQpH5fdB1qkgvUv4AgYYj7wD42aSj8a3r7Y-nWS-GQ2R8QNyuo08skcCouBrOQBII407NTphBzUubM3LqMt_jfiUGNW2OuIjncIdikP1uE9EAB2XgIe_b3O2vMoqX3-PtG6OIVZ_6GshyMKvOlKb09z0yGsSOMjjVm6I8Cr4halFLDeFCoho2kR-5NYA_8xuudJnXQzEetBKyr1uAsJdlb3Qq1JGUiumfwDCng9zkrnJGVmcoDzYasU4RWTSyAEOxfVpS0HzFvzIh1FGV1YTYhBi-TpBJygdsW77A3j9iEDh2a9zIZcWZmWIrtK4AREyMSX_Fp4Pl_BxFZTRrmBk2HtUJNMZPCjIyEG9_lGbrem4wO_nJfOu3YyCDAC87-jGAa-hOP_EqadE2z5_9L3PZoJNNwkR_tH6XkOVy54_7qOW7CtKQaaZbxatOLur1wn48H4KHJOT86yirYD7Kgum1nxrY1suWjj_fN-2rVrHhMNFQ-6QjIL9Yc_nDGYftCI5f2cETUtVGYW_Koy55MHdxGVDRlvv7UzitG7xm9y8ctMkR-aFFrDroVRSuof7A8MaA6uk9PfpFZRo32ZoDFOV1YWbQsh1Y512J-3fRrCJkkcZBUUxktzicNLaHRheqzaz05fxscDxEoh-XRv2m5z3MIX-04LTujqdsTLlmZWwounAQqDdyTq8odHGTjI2PXGFG6gPD0nz-FvO_SAB4AlYkrz5oDVE9PG31i_juIC87qXCiEEnYEOT5ovAKehbbKejHjTccPPrC5XvvlHitGemDDbmSs0KqWK9MTTlZXN-Co88-nwB97cJVRwSnGfCKK-YzRgwDKhTT3hiHlfC3MMx7x0We_97LTL1XFQCM3xB6uZISl0N--UfmNTP8fmGh7O2D1O_8Hiy92OU2Q6gdWAqSA_ueEECHet2hkhZS5kfkeTEH5c1eDl3L5ojzeI1MYx3w3YQcYx6hA54pvS7ECQNI1uXBMY6mgKYzbGd5H8ij4AnW85poU3rL2GRREXvoxbpUG-kQF7FUS6wrkZdCYspVFoWjXSQ7Klw1qroZ1OpTmDvho8hBbNCMcf0b6o5V8ElbPXrqChVfzwPT3fO3cilyhKfdfuFiPz_ya-Lz95G94wufV1sc6mXJad7x_XxN2HTY6At1MqPiySQC5aT5yOsr514pI_e7jUzKAMHeWY7AKTWlCnHXkwtQHHXXqOijGgI45Clydr7expKRdFTzv3baHYQujW5nL9CLJDewPyEGJcrraSAjvB2tI3_h0SekeNNAMV0377JRk-jIt-OK48Rnl4hQ8emA_kdY6lRXdpMQYLkdssa-A9Ylgr8LjHh3ioM8K_VDHOwNRhF2XYVRB4VQr3iOYLtzUI2v-Xn3TknhV6X7xSJtd9Kwo7w7fVDZ0E5HMW6xA2g5hcoKizGEJlcLOxFtQwpbqmbn-tPJG2K4fidCiM9xJB3zl3jFGZIuiv353URoDVvsDwvMGot-Dbao8W1SslBPko6-AiyVJk-h-0LvhZyBd_Na9pwtnXTwQTGi-YAgxp9o&cid=CAQSOwBpAlJW7K0BTd1R7DNqprW6P2XQmKlu4L7zgwiI56hsZlcc3K7kkt3AJLI80QL6mOCCAQGgWjO-acWpGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=2144809379395157000&adk=2013371551&idt=181&cac=0&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:06:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
72231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 14:06:35 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame B94B 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BFTBT8yXGo1-goiJcmKa5LwityuDYKRVtd4b_3vw84QUKd5mOMj4AaoqNerd0D7aQecgMlqYObmjt94DKcHwZpsxrPO-idY565IlTuaMLueQ0DLMBwdhlVRP1vs_wr-5Q9Gstz8GvSiLKgqrsOgODX7wVC-LOOTUJjZrCq4Q6E_yWwinI&dbm_d=AKAmf-BgnFuP07cFI7tuaBDGtHlGlCwgzuyZiLwBXckleBriKmVaj43mCLNpkB5nn5LEeRmoQ7i1BoSxtwLyXtW8cVnKKr6Is_5d5XO6DNm6UT4QsBermUJp3LMNG8yx4I4YFZq5S-adWXEZbdoNrQl-baCjolPjnxopIwLjWyCd4de8Oua_eWMEW77DbA9_EyIEMMS9cNkHepViiWU-A6_Kd_9Z6349F4IqqryGZ4u4ZRaQoGSN9ONvVG5hbEmMPdTL3Pz-EFg0c9SFdBNb15fOzOpSAwyy3SgygDsAW0LunCP9V7hxHAOnI9p26fIPn04sqQ7x-7x59EdEo0DQ2WUfIjYo1vuksJQ--sbkRtINXG__fshkgtNwW4pq6qRgqMaj-X5cA7IoAH-oXLxD6iIid87gcTZpAVce-PLNZsYG7wDyAXKdeyBQRTsOGf3EsgONLm8zb3iQ6Cn8OhjPAJtDO0NnsRH3lNELWYS4Eds6uIdd1Jm7wOX4v5nO3dBQFxKoaYh3EUQtLIcSIfBd_OCP7mZy3v6Rg88UgsFMBIuqTDFDjLA_TGX8t0KcOpprKfbNO_6RW4OS4Qf7djCPfzM7WP_zOesqr-GErmADKF49-pZZHjyMSmMJMnLMwPJka5VYr-ScV6VahmNUlJHBjlOgFq-Dxs1Q1si77otOtCIjZBOPaVSJCsMZfL9sWs_VTg-VIA8tyAKSTOwYovMxmaO_MZ5eniQy1SUx5nl1PfWcSIB0TioCwN4ZC-iJJYpXVD1iKQ9lpVSyRp0oMeANdRxKoIBrIim4ht53opVjdyJNEmnNqS_1K7v1q_D8Ey7rpE73Rh5MaCfEGrS1a4Ka3gLmUnM5x9qTvntKCwf6tA_2ner7aI89GyKxky42cE5j1Bx-lK1Hkk3Pv3wKUZrRKz59alGcAyNGl8y8Cd5i8UvOA7v1qARyr-SLKOBThNFFJj-BASoz9dlncb06h4t37ShvxoZm2UJzddXoef97oa-eF18kXsFK1oT42xv_divUSfYpFyPFlkciUbRBNWoZ4zu9XrsoU8L1LMQl9g869mxEy6GMTouiAT4wAFfQs7OcTVNBJ5n9JzkkkEYe2YIom_xxysamtT2hPvkLKjztVYU6Rh6pmFpSy7hUoZ5qid-8LjHiTyq-JRUyA8Nrh-cpTNviL55f5umrIXdl3SgycMQID3lFMuIVjFosQ94u_DQQQOivR_MUXTNtHU6DTKNmjnqI_819Q1_0zW5wEeJwIvXyqbXX6pp4FUz5p64YPGk59q33l0uon99hGSnB7bfXHvN4CQzIRs8lDNgoEPyIHa_Igoqak5hIpxq4Hl4N7tv0HawwyyUYbLgq0x_q6Bk4-qIN7fx6c63KThweEde0X_YIeAxnZuEyA_ZXQO-hgM5YYfG4IevNscDT3cj8ZzeuMt6iMjcUGV9aPwVALqKPj6DuL_UDyjO0_cd3diTnzVW8jVD9rINIO8wzjTaCEWJsWO5w_8rYp_Rrbf6gpEVgGJkzy7sZnN0f0OFaqgptEnW63FATXgGrm9F8xvfKWtO5gwdHywcB0Ags_S52B9qvYRmkCrpuDI8VCFpzn8z2R-pWhnIyMs5cd-JnWoSXecuzLrR5aE6jVnnOlTSmc9KQ-ASjjLHS2JOXQBvvDb0II-PmY2tMb_qtuKuMWAL6VmB9u7Z1j0QfSJpurjaFNGAZDBcKlJgP5-SrDTb6pMHlsWvA08B9zl1pYiqicvLskkBNH7CwDytw2xuVFWoUmKuz-j0kmCP7yX3Nn4hM6cvrcOct765rCnQKhzIIUru8ga8AIEH0RPX3904nPgjKRTfcu8SJf4HjVmk90-9AVtlaGArARsmiIXUmno9AyZDSuSX_hVjFKsHfKOVDx0e-YiA2IH3ztB5agLP_Cb2TRVkyjvR4xxn-oABTolDPlQ3Lwmk0HCp5o5vyuNsXuMEQuPIjrCiIIlsLsfRfCY8Cew2EQT_85sbGLXsNZj4RCobE9vxhPanxZc0c5y7osvNtvoL1I1BQGyudUk7vFF0B9BTnZeA7L4YBsa4XhN3NNEZFwWfyot5Vw8QrFGuZU2Ua7h_e45Ec5H2AUcfhyJqTys3kwwwEoGB5i5m2Z91oZ6pz8dNYkbVLcAM1J7AUcNrxOX3wQMWuk7wKDH8RVS41KMv29MGMICZV9WomS_6_rS2Bajt8jyepoYi-GIcVpvZGVr3aFMTrGwVX9G6ZIttkQFOF6k5dHjArOmltjxeulZ7x5RpwTQDMg-nLu3aK_juvJG9Q0oKqWHPQpH5fdB1qkgvUv4AgYYj7wD42aSj8a3r7Y-nWS-GQ2R8QNyuo08skcCouBrOQBII407NTphBzUubM3LqMt_jfiUGNW2OuIjncIdikP1uE9EAB2XgIe_b3O2vMoqX3-PtG6OIVZ_6GshyMKvOlKb09z0yGsSOMjjVm6I8Cr4halFLDeFCoho2kR-5NYA_8xuudJnXQzEetBKyr1uAsJdlb3Qq1JGUiumfwDCng9zkrnJGVmcoDzYasU4RWTSyAEOxfVpS0HzFvzIh1FGV1YTYhBi-TpBJygdsW77A3j9iEDh2a9zIZcWZmWIrtK4AREyMSX_Fp4Pl_BxFZTRrmBk2HtUJNMZPCjIyEG9_lGbrem4wO_nJfOu3YyCDAC87-jGAa-hOP_EqadE2z5_9L3PZoJNNwkR_tH6XkOVy54_7qOW7CtKQaaZbxatOLur1wn48H4KHJOT86yirYD7Kgum1nxrY1suWjj_fN-2rVrHhMNFQ-6QjIL9Yc_nDGYftCI5f2cETUtVGYW_Koy55MHdxGVDRlvv7UzitG7xm9y8ctMkR-aFFrDroVRSuof7A8MaA6uk9PfpFZRo32ZoDFOV1YWbQsh1Y512J-3fRrCJkkcZBUUxktzicNLaHRheqzaz05fxscDxEoh-XRv2m5z3MIX-04LTujqdsTLlmZWwounAQqDdyTq8odHGTjI2PXGFG6gPD0nz-FvO_SAB4AlYkrz5oDVE9PG31i_juIC87qXCiEEnYEOT5ovAKehbbKejHjTccPPrC5XvvlHitGemDDbmSs0KqWK9MTTlZXN-Co88-nwB97cJVRwSnGfCKK-YzRgwDKhTT3hiHlfC3MMx7x0We_97LTL1XFQCM3xB6uZISl0N--UfmNTP8fmGh7O2D1O_8Hiy92OU2Q6gdWAqSA_ueEECHet2hkhZS5kfkeTEH5c1eDl3L5ojzeI1MYx3w3YQcYx6hA54pvS7ECQNI1uXBMY6mgKYzbGd5H8ij4AnW85poU3rL2GRREXvoxbpUG-kQF7FUS6wrkZdCYspVFoWjXSQ7Klw1qroZ1OpTmDvho8hBbNCMcf0b6o5V8ElbPXrqChVfzwPT3fO3cilyhKfdfuFiPz_ya-Lz95G94wufV1sc6mXJad7x_XxN2HTY6At1MqPiySQC5aT5yOsr514pI_e7jUzKAMHeWY7AKTWlCnHXkwtQHHXXqOijGgI45Clydr7expKRdFTzv3baHYQujW5nL9CLJDewPyEGJcrraSAjvB2tI3_h0SekeNNAMV0377JRk-jIt-OK48Rnl4hQ8emA_kdY6lRXdpMQYLkdssa-A9Ylgr8LjHh3ioM8K_VDHOwNRhF2XYVRB4VQr3iOYLtzUI2v-Xn3TknhV6X7xSJtd9Kwo7w7fVDZ0E5HMW6xA2g5hcoKizGEJlcLOxFtQwpbqmbn-tPJG2K4fidCiM9xJB3zl3jFGZIuiv353URoDVvsDwvMGot-Dbao8W1SslBPko6-AiyVJk-h-0LvhZyBd_Na9pwtnXTwQTGi-YAgxp9o&cid=CAQSOwBpAlJW7K0BTd1R7DNqprW6P2XQmKlu4L7zgwiI56hsZlcc3K7kkt3AJLI80QL6mOCCAQGgWjO-acWpGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=2144809379395157000&adk=2013371551&idt=181&cac=0&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:06:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
72231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11511
x-xss-protection
0
server
cafe
etag
961974302080011826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 14:06:35 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B94B 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 03:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
368951
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 03:41:15 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame E288 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20338656462&bidurl=https://www.walla.co.il/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g0UMGzd5ny30P_JVMbGy7H
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.202.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-202-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
96599e22c4c92ef570094f365f8305a709fb368d1dd163c4fefeffc25d4d3cb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame E288 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
Origin
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 16:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64234
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 16:19:52 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/ Frame E288 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BkNUmCfoEIth_rkzqGZdXN8hARCF0mf3pSfyqNzHfat6jneczsLNJvr_r9HEJTkUKEcY5ec_tbp3M9C3idIcmGYJad-xu-_45pa5vQvk2lEmH3DeRab3FmgGX2yEQZEwWfRBurgUQ8NECuHD01sWmY6s6_RMjvz7kO_5W0v0l3GLq40GQ&dbm_d=AKAmf-A1RXSV3gxxfPlunngaxKuecOWbOvWGcwaHltQHR7YDCO62siPf9UrMz1utCKRHIHO_5IU8K6Q7whsT6G4kHnSnKv4CX31XWio9cNztJf9vI2zpLPaFW15l5tKiGU-qrHhWUUaNQV4VJK6irjD1Vo4q3SHZ72Q1oWM1aKZf5TKd96H8poxYxjUkc_4I5AqDCgSOjUThFd7MpvSbNo1yHxtu1yHjR4ABKJ-uLh7NHEjQ-alGjYBBXxQXNSv4IYN-HqL5MdvyaRefqd2j8aEMBIRDYWbbfHRHaibnJUouGzzklG4T62HUmaJZTy-9uKy_sq_ZFvUU8Bf9lTrxQYsYnX_6vkyVi0EkSdSIDw1i6OpaT3M_qS1_rcgromzCES3BYXdpTPoIcHGPJCh0N6XNHC2ETIM89G_JkZXP51EAt46yiaLMcxhCi5ZzJiU_cpwxXIzs-jOcI9TDSjKnmGB53jCCiz7TMAzPdXLoNn2O9FDygpxEAg3-GpY9gvaapEFWvGCZ7Skw5nSQkXurGRX4sFV1wJ-N2vezPmVUCCGBWh_8BiTv1BGJdGeQHeu3QW7nYjJFudqBRT86D5Cd836EqMzDO51wDDAymHpFH2Czn6UAwzI0v4RBlSSuvZXeGt6ZjceEFMLO1dspENs97bJa3_eYYTGEOKK7XPMZR7cxttQZ7m0feygWSOhkmug8dRj5_RvBimxk_-TsCB8lDn-Bx3H0VbL5_bwFok-lb6FGwraq-isJojgZ15nwIRcF40EIdi5oqF7PRtDbw7u898eIjSrPRuvgpcifnyHsPbYQVRaoK3rWIF-oNS1Dm3gwlDmGBTqGYLQlTLGvpNT8z7MtTmcMPElYzmU2FmqkPVVcqqHgxoYcMT1jF3OWwHc48-4UnlhtsUYAJN-MiKWemnuSPonb5JdykfWcdwYHAbAOSg9TO2h8comrhJeb2VzW8UpYuO7-RpzCcqSgcJvf5sNO2ul7XH0MBmQlklmkyVVTbe4TJaOSAqr-jHmof1ZffdrGsb4dtxxAo1kd5Caxld16YrjEAvbNYNUapy63fRIp8zjvK9rQC96jBf_MJ1vcnAeAb990buVpmjmP5ddDGxX2cIfB6uuYT1eH35WnErxizLIoWzJGtNiw3V_4Z5ZhJnQc4XCQyter2WOQyWB4gAu4Z9Wi-0icug4inkq4vfLM0GJwCOBKNQf1dhoSZxcpqD-tHBTVo2VF6PXcSc0jFmTFKvt-XBLpNvFRck2hxewAuvv0Qcw7KT4h5hnCfLyNd6ITYMnQSteP4wKfy3aA5El523BFe6NQCTjQkrafWHEdP843c73toPjpzcroVamlBERcYAPuRsk6Y0R0BYH3CY5FiYI39fox4pPYFpbaMYxiWpu8cwXCE36QPG3DCTSe6yq5gZg5ui553HABUcRWt0rZfuBag_yXuMXTNIvOO73mq0t4esWnGNVgxoiC-9Z4eIYTCp_7WlZi6qWogsw6MqoVRiCHHS4xbopJPftIAkqwd8DultibjmWO9Cfzl4QpUpP1dyU8ed-xpvaPoEBM-URWaaxcm_5lCnd_LASddXmtlwCYLZ9J2o8wOkqMIsF1sVIdT0uGMSY04aXSJ4GtrRfvpGepTiVDzoyhxyc85zzE3e_V8GVkCdtG2yHXgC1uBws7fYZSHlXfxlKGDaQlVJm45M-0nMM9M-n9JmfjYhDcmy5tja_HPG8UYFP97rcQFVMWHsWmsMGph86rXmY00xuOiVXmCVmvifMou94ySAw1ZQiNjDG66CsSrdGqJbSdJHHMzlN1-fiH7Cb52ssJlFi2DJdSZ3MHR8v_CInbL10Wir87IruqU3EM2PQDYqMuLz46XgMTtt60DsSYpTVNt3N11C2jG2wAE2P2bM7HJIM0LCV6HKeXljJZA2ianl_serssETCKBmJydK8S79Me55mflhLIqAQOLnPLLC-_uIIhgosloITWXsG-GPDcPpblgM9JfgQyFv816PAz7eq8J6-zB_9a0nGDR1BsyuUIbXZuNJF5wbvUI_6HSqqDgaMV57ABA3zXNBZHUMJkGNsYnuTRLD5vzFvYT6hIo1cAIEOKbWly7XmqMM3WoPFT3r2KHBGyrkfVhF4FCHZl_LNfhMwHo53epRE8dEcZmKEitmOBhhWIqg3WMeq2JoRSzVcJ5ZuVlreGl_kPJmfhGFTlN0o5pinUofx8r5qYJMAZmaR3F9DOU0GnPLBDWWxtYaWrVhcYBzlbWwh5_1HiHbOlYINzJRtJL4LdSkYVGo_pqeLCGPjL69gRHDALdz0Y1NYnUO6EBUckB-P3uuZy_1ZlueqT46jkN7KE95N4595b-crRXOl4LvE0gzBePrNd33azgC3X9CRfycTfoPPUYq2k_e_jXK3NGmroCFw7fZprR9BoLAk8UonyLYuK0gHK3EyQOm5TLKezJMEoGJ8YcvL7xSdFmY0qCgev9aIldmHznVacwyPybqVlAzmTaUiXhuZoFooJzbwjK1JbD4T5QniF3uA6X4HWamJbe8PBOOW40RSEp2mJr-UVRqv9HsagIxTilCF7k3wyPqwY16739Jy127vLqAvNuEQKyQUKqyaeY2Hhy7J6qxwis909dDiPtDaHq79x6YZDU3lajuN6zMggxkbTjqRIS-4G6RMBNHNMBfoQYHRe9oQtxuU8JkF63UjCYyTL2sZ6kTgyDvT4N9bG1GY29Xl0_SeTFyTW-ceIHvL5dlCWH1oE6qHB9px_UMSXLlNOe67RhwctVCSRgi5rhEMPSwqREiyujr4fDvspNCukUWbVOTrupLux2y9H3YIxzrKFcb1nTCCUAFVqK6gLwGiu6oOUT5sZpU3N-ny9ujUf9qxtWyIfxzKdbxfd9rsWPg-tRSloyjHUUyympad3owMnjzfvCKT4HnVjGb20jgmPPnzHGUvfbIlyA80qvLhGkVd1lmirY-CREuSxLBa3FrMrhnf3Pd70TYJPNjmzPxP3C1ruB4pRTYKWZ4kGk88Sz3vzathqSAOxSYyFmbeonge_U-j-rb8RZS-PnvEpwckMefpfpOmy2lAshWAN_ZqKoPYspnKBBAtJqnIbAxMaic89KGgAeyG5rEK1Y6ynDIoqixPfFfpw5EUEiSsQ3o2cXINpYzRP7ftICgcgvx3QPpdXRTUuk5ifaUvIMGK-u3HlJ_Lbn5wGR8QiJqcR6Xq7TTc7HR3PmPXrXMP7mzaoe1GwpzOHuIUAN2XFCeZ1K-8PyP2oGQxoIxoWFbEFUasAv3uALJ4Y22jUR9_w9P7m16q1eKlce-jWaEze7u3MoKu_Fk2KToiXAV3TjkroNpUCiohWrRLljsatJl8FiuVuExO_CUiRP1Bsr0CNVgkrfkIazjTAJ2bqJc6S77pc-6mawIfBgZ9pstrHdJjz4iexoA-tu-O8_nK6uNXXJ-5z40ZeIWUvSCX9H_EEFh1yWNxg6wHcY11MTbBBBLiAAG1kLGKjRkTC45e9qSNPSeHX6GRrtsjDaP93_rLQ9u6KynC6eEzt6Yq9CGUBJgN3uobdQNs5KInQLeNL8ZENUt51Cgf4SSCxUvrSqeniZHGGYWTiFRRUMpb8K5Rx_Ra9wciSj5plAby8-vkcReO5pR-EIgYYWmTCMfCtY39gbfvDyD01tbykplPwEzlpcsH6DUy5mhGCaM4drx76YndKA8iR6p1Q3-P3FYjUScrr9xiL1nqjKHHh4HzINAYqQMa6_nsUCXKKj7wNpYkctpajXO5me1rYvFCsye1belMhwEr28xzPzQSDf8qn8fJ8efGdrp-NU_rIRz8v2pgzCFpNyMrzxgVp7aoj9m2RzrY&cid=CAQSOwBpAlJW7K0BTd1R7DNqprW6P2XQmKlu4L7zgwiI56hsZlcc3K7kkt3AJLI80QL6mOCCAQGgWjO-acWpGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=2554340492466510300&adk=4020099329&idt=174&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:06:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
72231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 14:06:35 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame E288 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BkNUmCfoEIth_rkzqGZdXN8hARCF0mf3pSfyqNzHfat6jneczsLNJvr_r9HEJTkUKEcY5ec_tbp3M9C3idIcmGYJad-xu-_45pa5vQvk2lEmH3DeRab3FmgGX2yEQZEwWfRBurgUQ8NECuHD01sWmY6s6_RMjvz7kO_5W0v0l3GLq40GQ&dbm_d=AKAmf-A1RXSV3gxxfPlunngaxKuecOWbOvWGcwaHltQHR7YDCO62siPf9UrMz1utCKRHIHO_5IU8K6Q7whsT6G4kHnSnKv4CX31XWio9cNztJf9vI2zpLPaFW15l5tKiGU-qrHhWUUaNQV4VJK6irjD1Vo4q3SHZ72Q1oWM1aKZf5TKd96H8poxYxjUkc_4I5AqDCgSOjUThFd7MpvSbNo1yHxtu1yHjR4ABKJ-uLh7NHEjQ-alGjYBBXxQXNSv4IYN-HqL5MdvyaRefqd2j8aEMBIRDYWbbfHRHaibnJUouGzzklG4T62HUmaJZTy-9uKy_sq_ZFvUU8Bf9lTrxQYsYnX_6vkyVi0EkSdSIDw1i6OpaT3M_qS1_rcgromzCES3BYXdpTPoIcHGPJCh0N6XNHC2ETIM89G_JkZXP51EAt46yiaLMcxhCi5ZzJiU_cpwxXIzs-jOcI9TDSjKnmGB53jCCiz7TMAzPdXLoNn2O9FDygpxEAg3-GpY9gvaapEFWvGCZ7Skw5nSQkXurGRX4sFV1wJ-N2vezPmVUCCGBWh_8BiTv1BGJdGeQHeu3QW7nYjJFudqBRT86D5Cd836EqMzDO51wDDAymHpFH2Czn6UAwzI0v4RBlSSuvZXeGt6ZjceEFMLO1dspENs97bJa3_eYYTGEOKK7XPMZR7cxttQZ7m0feygWSOhkmug8dRj5_RvBimxk_-TsCB8lDn-Bx3H0VbL5_bwFok-lb6FGwraq-isJojgZ15nwIRcF40EIdi5oqF7PRtDbw7u898eIjSrPRuvgpcifnyHsPbYQVRaoK3rWIF-oNS1Dm3gwlDmGBTqGYLQlTLGvpNT8z7MtTmcMPElYzmU2FmqkPVVcqqHgxoYcMT1jF3OWwHc48-4UnlhtsUYAJN-MiKWemnuSPonb5JdykfWcdwYHAbAOSg9TO2h8comrhJeb2VzW8UpYuO7-RpzCcqSgcJvf5sNO2ul7XH0MBmQlklmkyVVTbe4TJaOSAqr-jHmof1ZffdrGsb4dtxxAo1kd5Caxld16YrjEAvbNYNUapy63fRIp8zjvK9rQC96jBf_MJ1vcnAeAb990buVpmjmP5ddDGxX2cIfB6uuYT1eH35WnErxizLIoWzJGtNiw3V_4Z5ZhJnQc4XCQyter2WOQyWB4gAu4Z9Wi-0icug4inkq4vfLM0GJwCOBKNQf1dhoSZxcpqD-tHBTVo2VF6PXcSc0jFmTFKvt-XBLpNvFRck2hxewAuvv0Qcw7KT4h5hnCfLyNd6ITYMnQSteP4wKfy3aA5El523BFe6NQCTjQkrafWHEdP843c73toPjpzcroVamlBERcYAPuRsk6Y0R0BYH3CY5FiYI39fox4pPYFpbaMYxiWpu8cwXCE36QPG3DCTSe6yq5gZg5ui553HABUcRWt0rZfuBag_yXuMXTNIvOO73mq0t4esWnGNVgxoiC-9Z4eIYTCp_7WlZi6qWogsw6MqoVRiCHHS4xbopJPftIAkqwd8DultibjmWO9Cfzl4QpUpP1dyU8ed-xpvaPoEBM-URWaaxcm_5lCnd_LASddXmtlwCYLZ9J2o8wOkqMIsF1sVIdT0uGMSY04aXSJ4GtrRfvpGepTiVDzoyhxyc85zzE3e_V8GVkCdtG2yHXgC1uBws7fYZSHlXfxlKGDaQlVJm45M-0nMM9M-n9JmfjYhDcmy5tja_HPG8UYFP97rcQFVMWHsWmsMGph86rXmY00xuOiVXmCVmvifMou94ySAw1ZQiNjDG66CsSrdGqJbSdJHHMzlN1-fiH7Cb52ssJlFi2DJdSZ3MHR8v_CInbL10Wir87IruqU3EM2PQDYqMuLz46XgMTtt60DsSYpTVNt3N11C2jG2wAE2P2bM7HJIM0LCV6HKeXljJZA2ianl_serssETCKBmJydK8S79Me55mflhLIqAQOLnPLLC-_uIIhgosloITWXsG-GPDcPpblgM9JfgQyFv816PAz7eq8J6-zB_9a0nGDR1BsyuUIbXZuNJF5wbvUI_6HSqqDgaMV57ABA3zXNBZHUMJkGNsYnuTRLD5vzFvYT6hIo1cAIEOKbWly7XmqMM3WoPFT3r2KHBGyrkfVhF4FCHZl_LNfhMwHo53epRE8dEcZmKEitmOBhhWIqg3WMeq2JoRSzVcJ5ZuVlreGl_kPJmfhGFTlN0o5pinUofx8r5qYJMAZmaR3F9DOU0GnPLBDWWxtYaWrVhcYBzlbWwh5_1HiHbOlYINzJRtJL4LdSkYVGo_pqeLCGPjL69gRHDALdz0Y1NYnUO6EBUckB-P3uuZy_1ZlueqT46jkN7KE95N4595b-crRXOl4LvE0gzBePrNd33azgC3X9CRfycTfoPPUYq2k_e_jXK3NGmroCFw7fZprR9BoLAk8UonyLYuK0gHK3EyQOm5TLKezJMEoGJ8YcvL7xSdFmY0qCgev9aIldmHznVacwyPybqVlAzmTaUiXhuZoFooJzbwjK1JbD4T5QniF3uA6X4HWamJbe8PBOOW40RSEp2mJr-UVRqv9HsagIxTilCF7k3wyPqwY16739Jy127vLqAvNuEQKyQUKqyaeY2Hhy7J6qxwis909dDiPtDaHq79x6YZDU3lajuN6zMggxkbTjqRIS-4G6RMBNHNMBfoQYHRe9oQtxuU8JkF63UjCYyTL2sZ6kTgyDvT4N9bG1GY29Xl0_SeTFyTW-ceIHvL5dlCWH1oE6qHB9px_UMSXLlNOe67RhwctVCSRgi5rhEMPSwqREiyujr4fDvspNCukUWbVOTrupLux2y9H3YIxzrKFcb1nTCCUAFVqK6gLwGiu6oOUT5sZpU3N-ny9ujUf9qxtWyIfxzKdbxfd9rsWPg-tRSloyjHUUyympad3owMnjzfvCKT4HnVjGb20jgmPPnzHGUvfbIlyA80qvLhGkVd1lmirY-CREuSxLBa3FrMrhnf3Pd70TYJPNjmzPxP3C1ruB4pRTYKWZ4kGk88Sz3vzathqSAOxSYyFmbeonge_U-j-rb8RZS-PnvEpwckMefpfpOmy2lAshWAN_ZqKoPYspnKBBAtJqnIbAxMaic89KGgAeyG5rEK1Y6ynDIoqixPfFfpw5EUEiSsQ3o2cXINpYzRP7ftICgcgvx3QPpdXRTUuk5ifaUvIMGK-u3HlJ_Lbn5wGR8QiJqcR6Xq7TTc7HR3PmPXrXMP7mzaoe1GwpzOHuIUAN2XFCeZ1K-8PyP2oGQxoIxoWFbEFUasAv3uALJ4Y22jUR9_w9P7m16q1eKlce-jWaEze7u3MoKu_Fk2KToiXAV3TjkroNpUCiohWrRLljsatJl8FiuVuExO_CUiRP1Bsr0CNVgkrfkIazjTAJ2bqJc6S77pc-6mawIfBgZ9pstrHdJjz4iexoA-tu-O8_nK6uNXXJ-5z40ZeIWUvSCX9H_EEFh1yWNxg6wHcY11MTbBBBLiAAG1kLGKjRkTC45e9qSNPSeHX6GRrtsjDaP93_rLQ9u6KynC6eEzt6Yq9CGUBJgN3uobdQNs5KInQLeNL8ZENUt51Cgf4SSCxUvrSqeniZHGGYWTiFRRUMpb8K5Rx_Ra9wciSj5plAby8-vkcReO5pR-EIgYYWmTCMfCtY39gbfvDyD01tbykplPwEzlpcsH6DUy5mhGCaM4drx76YndKA8iR6p1Q3-P3FYjUScrr9xiL1nqjKHHh4HzINAYqQMa6_nsUCXKKj7wNpYkctpajXO5me1rYvFCsye1belMhwEr28xzPzQSDf8qn8fJ8efGdrp-NU_rIRz8v2pgzCFpNyMrzxgVp7aoj9m2RzrY&cid=CAQSOwBpAlJW7K0BTd1R7DNqprW6P2XQmKlu4L7zgwiI56hsZlcc3K7kkt3AJLI80QL6mOCCAQGgWjO-acWpGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=2554340492466510300&adk=4020099329&idt=174&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:06:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
72231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11511
x-xss-protection
0
server
cafe
etag
961974302080011826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 14:06:35 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E288 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 03:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
368951
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 03:41:15 GMT
8cfec50746d2031c5a44b21bdeff8d0c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8cfec50746d2031c5a44b21bdeff8d0c.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f7cdb6e853af5cca292315c58f1866648b2c94623a2e03a30df950e236e138d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 30 Aug 2023 10:10:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8cfec50746d2031c5a44b21bdeff8d0c.jpg
age
2190147
edge-cache-tag
412349734790409965415090686309220368759,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
412349734790409965415090686309220368759,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
43
expiration
expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://lebronwire.usatoday.com/
content-length
9368
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200053-IAD, cache-iad-kjyo7100083-IAD, cache-lax10680-LGB, cache-iad-kjyo7100127-IAD, cache-fra-eddf8230082-FRA
last-modified
Mon, 17 Jul 2023 10:42:19 GMT
server
nginx
x-timer
S1693390226.181178,VS0,VE0
etag
"ae1a1167481387f4c0f535c146c7f236"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 11, 2
03975d3cf5c262509acf5fb9f945e2aa.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03975d3cf5c262509acf5fb9f945e2aa.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
176efc1123d845d5f4c83c6193709ed2d2054826ea87a4564cab8b6ca886d1f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 30 Aug 2023 10:10:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03975d3cf5c262509acf5fb9f945e2aa.jpg
age
677560
edge-cache-tag
578177222200264508171546881263006443994,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
578177222200264508171546881263006443994,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
824
req-referer
https://ads.taboola.com/
content-length
11064
x-request-id
93c896f908e91237b999b79f83b74646
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100029-IAD, cache-iad-kjyo7100106-IAD, cache-lax10635-LGB, cache-iad-kcgs7200028-IAD, cache-fra-eddf8230082-FRA
last-modified
Tue, 22 Aug 2023 13:57:44 GMT
server
nginx
x-timer
S1693390226.182668,VS0,VE0
etag
"2ccd6ddad05c846fe69a708efb8ec414"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 5, 2
88750af267086b076eef1197aa796aa3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/88750af267086b076eef1197aa796aa3.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
11a8a6c9ae53194f06f4ac62c8be800fed3f392ae35723d85bbd9f0543a48dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 30 Aug 2023 10:10:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/88750af267086b076eef1197aa796aa3.jpg
age
587218
edge-cache-tag
502112117369156768324822053477814835786,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
502112117369156768324822053477814835786,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
449
req-referer
https://www.sport1.de/news/internationaler-fussball/2023/08/cristiano-ronaldo-spielt-wieder-champions-league-al-nassr-gewinnt-in-der-qualifikation-gegen-al-ahli-dubai
content-length
17916
x-request-id
dc75e79e517881e7d58b8e5ed10841a1
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200087-IAD, cache-iad-kiad7000129-IAD, cache-lax10681-LGB, cache-iad-kjyo7100123-IAD, cache-fra-eddf8230082-FRA
last-modified
Wed, 23 Aug 2023 14:15:26 GMT
server
nginx
x-timer
S1693390226.182659,VS0,VE0
etag
"f57001ae7b6d31d50dfb5b07a55066a7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
2__a59ac5f8-3f47-473d-b063-e1b9245a3ab8_1000x600.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/15696a61-c9e8-4b87-af5d-ad3d7449b815/images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/15696a61-c9e8-4b87-af5d-ad3d7449b815/images/2__a59ac5f8-3f47-473d-b063-e1b9245a3ab8_1000x600.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9a43100304a2104a52d94c896ee8d78396afd29af281889c3f5c500a8bbd3b14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 30 Aug 2023 10:10:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/15696a61-c9e8-4b87-af5d-ad3d7449b815/images/2__a59ac5f8-3f47-473d-b063-e1b9245a3ab8_1000x600.jpeg
age
2671455
edge-cache-tag
486101221925899522009640451852483298192,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
486101221925899522009640451852483298192,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
317
expiration
expiry-date="Mon, 21 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://universodagastronomia.com/?p=325
content-length
25020
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100091-IAD, cache-iad-kcgs7200177-IAD, cache-lga21974-LGA, cache-iad-kjyo7100129-IAD, cache-fra-eddf8230082-FRA
last-modified
Fri, 21 Jul 2023 06:44:14 GMT
server
nginx
x-timer
S1693390226.182956,VS0,VE0
etag
"b8e54f91b7e238375eab7a6a82dcca3c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 14, 2
00be4fd8b6bb2027f6e42ddd5899bc90.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00be4fd8b6bb2027f6e42ddd5899bc90.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
abe96ce9f3aaf5e534c3b33e0adfdfe6b8207d2263a2227d4479924e7187bf25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 30 Aug 2023 10:10:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00be4fd8b6bb2027f6e42ddd5899bc90.jpg
age
1557506
edge-cache-tag
625296538354884077281272984814560668641,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
cache-tag
625296538354884077281272984814560668641,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
476
req-referer
https://www.kicker.de/
content-length
9656
x-request-id
0c83ad1f041849d5271a3ea57c23ae85
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000112-IAD, cache-iad-kcgs7200025-IAD, cache-lga21975-LGA, cache-iad-kiad7000174-IAD, cache-fra-eddf8230082-FRA
last-modified
Tue, 08 Aug 2023 00:11:15 GMT
server
nginx
x-timer
S1693390226.183131,VS0,VE0
etag
"e9721805f5d38268b7bf122f9e87d757"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 24, 2
0a246c2857bf74dc2df2e2138602a2a3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0a246c2857bf74dc2df2e2138602a2a3.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f4709f7cb1090e8481c1afaaf1ba9174cdbb33ecd42f5a959c7c575640045105

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 30 Aug 2023 10:10:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0a246c2857bf74dc2df2e2138602a2a3.jpg
age
2010127
edge-cache-tag
508990555312403711548289366218384053158,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
508990555312403711548289366218384053158,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1196
req-referer
https://www.calcalistech.com/
content-length
12400
x-request-id
a54b3801fd27de61a4c9d0c00c2ba23c
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100174-IAD, cache-iad-kjyo7100076-IAD, cache-sna10737-LGB, cache-iad-kjyo7100074-IAD, cache-fra-eddf8230082-FRA
last-modified
Thu, 27 Jul 2023 15:12:08 GMT
server
nginx
x-timer
S1693390226.182897,VS0,VE0
etag
"51eba37c050f6b8557b9a678c51c777f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 51, 2
jennifer-aniston-imago0094666233h-boris-becker-imago0154911208h-sylvie-meis-imago0093433190h%2Cid%3D80d1b6a5%2Cb%3Dintouch%2Cw%3D1600%2Cca%3D0%2C0%2C100.00%2C100.00%2Crm%3Dsk.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/jennifer-aniston-imago0094666233h-boris-becker-imago0154911208h-sylvie-meis-imago0093433190h%2Cid%3D80d1b6a5%2Cb%3Dintouch%2Cw%3D1600%2Cca%3D0%2C0%2C100.00%2C100.00%2Crm%3Dsk.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
023bccef2ce86e217cc76fc982d47f45d838ae9be6aaf57f461255e1be4326d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 30 Aug 2023 10:10:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/jennifer-aniston-imago0094666233h-boris-becker-imago0154911208h-sylvie-meis-imago0093433190h%2Cid%3D80d1b6a5%2Cb%3Dintouch%2Cw%3D1600%2Cca%3D0%2C0%2C100.00%2C100.00%2Crm%3Dsk.jpeg
age
2515191
edge-cache-tag
340391864875208970251281983681272911102,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
340391864875208970251281983681272911102,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
462
expiration
expiry-date="Sun, 13 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.walla.co.il/
content-length
15384
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200025-IAD, cache-iad-kjyo7100036-IAD, cache-sna10746-LGB, cache-iad-kcgs7200040-IAD, cache-fra-eddf8230082-FRA
last-modified
Thu, 13 Jul 2023 09:42:14 GMT
server
nginx
x-timer
S1693390226.202784,VS0,VE0
etag
"33cb72041fbda883961d97e2cc4f6634"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 73, 3
00b34a4035dc549d0609719e54a2035a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00b34a4035dc549d0609719e54a2035a.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
23382b9534161712a2dee8f93216a483bb32997e1ecb9ca3dbab7079553cc75d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 30 Aug 2023 10:10:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00b34a4035dc549d0609719e54a2035a.png
age
695783
edge-cache-tag
330184441911425794108049727948765940498,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
330184441911425794108049727948765940498,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
679
req-referer
https://www.derstandard.at/
content-length
17540
x-request-id
bbd2be4cb50e6389856d358616b00e12
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200161-IAD, cache-iad-kjyo7100028-IAD, cache-iad-kiad7000058-IAD, cache-fra-eddf8230082-FRA
last-modified
Sat, 19 Aug 2023 06:59:40 GMT
server
nginx
x-timer
S1693390226.211794,VS0,VE0
etag
"75e1470d86f650b58ffe8ca4b7e8925a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2
skeleton.js
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame 8DCB 		250 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20338656462&bidurl=https://www.walla.co.il/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gYWd3LI0ewoHmS5BvuDLHe
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.202.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-202-110.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8ad73ceb974899cec99e08a8661dd464f77c4d1ca946647150bbb2d5237373a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 8DCB 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
Origin
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 16:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64234
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 16:19:52 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/ Frame 8DCB 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_CcL4mLAZOiPBkVJKBSeWPAqAhTG8YwkLKKHcicG6s2qYFPXfiBEBOu3wg6OIPUlAjsHtE9RBOUb8L_4m-hcpQFI_crkl3d20-N5qtm-inSjQY2_uOpxzvL-9yEuV9K3j5XditNWVljFrAN4hStj8wAc1n49nVcSWipEkhUQIQGju3rM&dbm_d=AKAmf-ADLgIIvD4m-rWviR-cSg4ly3B7CBTnb2e9I5kuXD-JkRt6XkgHk31t4TAET20bDBVJC8UwqCR2PfhebMrUSU1i1V-zvotxS_1_LFwVjYHvKuDSk4MhMgpviSV0K5AIuKV9uyHyyUGpNJTEFjR7qR7p4c6MFt1gGRIWjZaWDkOsslOTknnGEOSHDJZk9OhMKbWyn_wukoHypBqGxcaza4xEo6IRakMz0O1wFKVXoqbQRDKfun7H-DRYYNt2krXef3LS13w4XxRjpH_Q2RU_V72Sc8FP3QDe022W9YTJ_rb1rnQ4hsCELX-lkmnCDnIun87ZIrxjQXgNGuiDAl_S5J_ZDsomQHKBwHWAvH0CkL1NP4owtbCoMpE0KlMhqXCi3RErI59OT-UTT1RcRZc4gSS_SrZPSZH1lta1NyM6_aR0fiIubGqvBNsWEOBxN12r1kmQ_G5Bra2FMIlJLZZ7RNCQgDiPQ9-L7ScnjdVxZeXIevXvM8RRYz5aleOLlb4SF-NCbHEebyaePZpq8TRRFUBgmCCgs1h1_dplbMS3JAWJO6HK1hjiMshHw6s0q1gGle4GRn7ibFKhuRt0PltkKh3S18nd8eT0khhUL-9dysh0OHljsekxXI_K4xXrJDFzcBHQiE2arDICDn6MMUvup4R9DHsS9IF9LXV2J37_ATMkgwdpYtMFwMfOvry_USiVLb-KN3DQ9tzo7Adrt_mYlHv8lSdCT0R7cit15Xz6_Dm2V1gBn6T-puhE4soCz4cM6fS5VTMU8BoDcud5FmS0QKETRoQfnirDT2w9uX-rRG5roAOmvQNukRLQWLG2rhRfVFP7-uXd7d4vTnhJCrjVwo5eLG2buvSSCkskYpMQy83mcOlCkyPiDALbGE6XPlUULn0dcS76pp9Xu8SGs2N8TyiMvhoYgATYU-qmMnwsP4UFzQiFSoSZIlJx1b6e-NSL_Ju3acdpknZBFCLYCq_gVb9ABW1rRZlHOCH8cCF6eWlgidd1BG-4dw-Zp3kdptTWQlHbQ-Z3WhD6DISV1mtyHabD58uWBr4eQtZ9O_N-Yudk6RnWpVMshk9fHFhFA-28ktQ8gjrRPQe27qHK3ZBPa1UfJgn9ZZg1YrQovNHjZywEuNG7V5lQWQCunjs35Iw-elWjU8V9Y5RYVd3hr6ganysBH4eAv9wsZHu-Xb1GrmSNgm8dJPt0fsW4RDF5b3xk361pB_WMHjVpR4EY5qCMUFT5klF7Speommpur72io-E_SYDeAQiNMwyKGALXyOUtTmUv4iXTx9lgLewDzpAu06Zkw58Kn2Fc3be74hh2Sv7lGRyrkIZtZxBYaxvX_1dS56zlu7ws9Tg4sQI01GM733OPHXTKGP76h--THBIZQAQMpOZgwNl1oZ--Ira0WJlVNx-3x0RCYd7Ok5KlRn4Y9zx9SR8JbgUCL4HqImTrdw6TkONkF4A-RnP-FxY3NiOZBoYcEo6TMyIL0oU3DLjRpumgmMrqY5LJJadENOoIqIx9sZGzKb9KMU9plt-pK4ajcDfaHReBvgm8a6YGy5KdRvxZjpmGq0hz-K_z0y5oS9W14MWYQzQMnNc9E7lyOdScvQX_LrMwoH_PokPcUXJLK5zr5aDOUiadWoMmfOs73wg4tUx5iZZfUFcFcTibtv2My6As4xmfVNWTbIWq_WihJTD2PmP2tiGG_D5V-HA9pxuok2llrF7hINgKO4X5huptaUOORTkCgg-mVC2WtdhbWFO4yjCQThO1tPULGAvLcJxIiOQ60yfu6vJz7CApIuPEOHaehUzw1b9dmUTUhDiGvJTeJSYIYaTtCQT6bHEbPfq3q4QL871Oj8SJhrYxUVcvkLCBgMwFGAbimh4NBLvgMMjXY2lUW-U9IWlLdMslLk55P4SZX9rQeD4pRPOk45P8uaYonXZQca3nTBEu1Hm2hHPii_AbRZXkgl2qlxExVbRrL1dkuM-F2hFxsvuBevPDGkkGMaIrl5UW7kU3lz9EtWoLroshi5uRyWuJZSoCOOzbehWO0TrN1YBkNwc78StYHOG7ahWDDqScHnHvdijIdOBwRzwSd6HSJZTdbFU7kMKq_ZeapiZA2R1oNnvMROHtL7l8xVD3OzBHzVhftYqe4mIL0Bbq053d26bR1nVsKiNReZj63-hFvf1l79zMh6eNgvNYlSYRSZI2owpiDhJPhtsxRi8Hh44I4hBOtbOsE0baVaIor4eKaXUPTv5_fhrJ-qLMFUtfKcQcUI8ZU-D0K5d7ySk7ps_o5DP3-iYZrqVunQwvimOpcXkdTm6BH7b73x9NLOBB6J8hbZ9bFA-Qg3PPPQPWRjWARRrKYHvXQ7CEqE4SEZyDedpLDBWgA1AcnXQYgIRBKOQUcqDkpugMVltzWC0UG9MfIX4DCi8DIUEB3QEbfdezHI5Kmj5oVTUu5W2QcP7GODW62bP0eTzvuUgbkuZlXwS_Xr078o-cUupkyScmgLTzR65bI7qzryVijQ39PY0phDIj1Z2BoPBedT8vINmppVfNijbYIdnnFTzy4QPDEhcrdPuLem8q0CelfXxRI_UOWkK62R3A4GLC2S5c1YeJ3Sh7soYbTCFT0xOn975rmg_e3zAsTk1JmSWkA2nHmfiHJit-ObNwwcwgCpsq0O2VeX-9rQzXiFbMYnrGUwVSyZDBORGpYK4T1_F5NNevN5gV4nrK2yfHHhVL61Qf3ZthgxMxVDDMVj7LyBZpoFu6RY8z6qa4mMuRCiASQgPrhZqqeSc_ceTuarHVLDyHAWWkV5mSkrRhp_fARY119Yq97KU-6ww9osdp5G1NZLB9e-osdcYyARjJXcHhFi8bt1KCs93OgyclY5ghy8AgwnuXhxcyf-YD8iMsGU31-hEpbFAxq21_rAq2S_GPE371wSbEbA7nZRv-IG34g0BfTkxpulaw7IaveC055qGrPzJKg6v2H4A93zMSvR3wm8Qje6WBFE2dTPHt7ax5QqkMAMhrV4ATDbAdzSRK6MhNMHap5Z32v2DoAWheuiWeJm9UTvnC8XZLThNPibCbetFE-HtImrxxgq9L4z7v9Hr7-uas1uWheBzWN1sZ6COWBINqL4Eynl6gKYg-QlbvdygQsH1hTOvCNpQPUWW8JV7FT7oqj_8Ep4okRsdKXG6QNAuQ5hK-j2TsuZ0jTPBYXvW_S10VOC9-C-JpN1MrhO64Wbr3F0d2qaGBOyTIcMoLprAWzaP3HhhhZPlKcqRp-mmlTN11HffQdVp8b-UubPRVhT2N19JfyMXjv_DXk3g8B96-GWHfbrLuWuRp5k0jt3VR2ZJnpRR_KHSkc2dOh3Bjo_asMeGGA4HntjeWfxk_qKMx0VwcjGUfGVPxPqaYGGVeBeTMXsElbiHMYF4SrzkWJ4ffulVL1q2ruCGGIheeqIHRK9VkeuMYi5JG-6Suf9oHZ3gViahhY38aoAKvmfDVFWw_6lsItZ1U4GJSEyJL5joiHbqQGig7ch-JIds6ZomzL12HJfluJaTzk5GK6EPHBp8rE58TZp3UlDhuBVySxkSFdhS6AfWCXdUhrBbQWAJvH1NUIW88Wa0WhPHu5aQPToYKVVg98IYO2rB5hXWbC_os7xZy5_myggO8gneLLWdo6K9iRQkKzCTIZAx63jg4tb-B_hmnKnPiNmH-SLJbyEompCP8aPs0SxMJnLNEeLrDuOYwtIy0mdYw4_okXbAZkdNN-Or8tXuysUbPIO-TiZk7npbeFGJkbWFaAMG8t5lunLUJCMpHlkihPoYndFTd2uOvUQazim1FUOkFfCYASQMHHHfMsRbEefqiBFz5xwCANWuwRro&cid=CAQSOwBpAlJW7K0BTd1R7DNqprW6P2XQmKlu4L7zgwiI56hsZlcc3K7kkt3AJLI80QL6mOCCAQGgWjO-acWpGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=11278931248339397000&adk=496764934&idt=187&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:06:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
72231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4196
x-xss-protection
0
server
cafe
etag
15907914729094346842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 14:06:35 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/ Frame 8DCB 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230828/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_CcL4mLAZOiPBkVJKBSeWPAqAhTG8YwkLKKHcicG6s2qYFPXfiBEBOu3wg6OIPUlAjsHtE9RBOUb8L_4m-hcpQFI_crkl3d20-N5qtm-inSjQY2_uOpxzvL-9yEuV9K3j5XditNWVljFrAN4hStj8wAc1n49nVcSWipEkhUQIQGju3rM&dbm_d=AKAmf-ADLgIIvD4m-rWviR-cSg4ly3B7CBTnb2e9I5kuXD-JkRt6XkgHk31t4TAET20bDBVJC8UwqCR2PfhebMrUSU1i1V-zvotxS_1_LFwVjYHvKuDSk4MhMgpviSV0K5AIuKV9uyHyyUGpNJTEFjR7qR7p4c6MFt1gGRIWjZaWDkOsslOTknnGEOSHDJZk9OhMKbWyn_wukoHypBqGxcaza4xEo6IRakMz0O1wFKVXoqbQRDKfun7H-DRYYNt2krXef3LS13w4XxRjpH_Q2RU_V72Sc8FP3QDe022W9YTJ_rb1rnQ4hsCELX-lkmnCDnIun87ZIrxjQXgNGuiDAl_S5J_ZDsomQHKBwHWAvH0CkL1NP4owtbCoMpE0KlMhqXCi3RErI59OT-UTT1RcRZc4gSS_SrZPSZH1lta1NyM6_aR0fiIubGqvBNsWEOBxN12r1kmQ_G5Bra2FMIlJLZZ7RNCQgDiPQ9-L7ScnjdVxZeXIevXvM8RRYz5aleOLlb4SF-NCbHEebyaePZpq8TRRFUBgmCCgs1h1_dplbMS3JAWJO6HK1hjiMshHw6s0q1gGle4GRn7ibFKhuRt0PltkKh3S18nd8eT0khhUL-9dysh0OHljsekxXI_K4xXrJDFzcBHQiE2arDICDn6MMUvup4R9DHsS9IF9LXV2J37_ATMkgwdpYtMFwMfOvry_USiVLb-KN3DQ9tzo7Adrt_mYlHv8lSdCT0R7cit15Xz6_Dm2V1gBn6T-puhE4soCz4cM6fS5VTMU8BoDcud5FmS0QKETRoQfnirDT2w9uX-rRG5roAOmvQNukRLQWLG2rhRfVFP7-uXd7d4vTnhJCrjVwo5eLG2buvSSCkskYpMQy83mcOlCkyPiDALbGE6XPlUULn0dcS76pp9Xu8SGs2N8TyiMvhoYgATYU-qmMnwsP4UFzQiFSoSZIlJx1b6e-NSL_Ju3acdpknZBFCLYCq_gVb9ABW1rRZlHOCH8cCF6eWlgidd1BG-4dw-Zp3kdptTWQlHbQ-Z3WhD6DISV1mtyHabD58uWBr4eQtZ9O_N-Yudk6RnWpVMshk9fHFhFA-28ktQ8gjrRPQe27qHK3ZBPa1UfJgn9ZZg1YrQovNHjZywEuNG7V5lQWQCunjs35Iw-elWjU8V9Y5RYVd3hr6ganysBH4eAv9wsZHu-Xb1GrmSNgm8dJPt0fsW4RDF5b3xk361pB_WMHjVpR4EY5qCMUFT5klF7Speommpur72io-E_SYDeAQiNMwyKGALXyOUtTmUv4iXTx9lgLewDzpAu06Zkw58Kn2Fc3be74hh2Sv7lGRyrkIZtZxBYaxvX_1dS56zlu7ws9Tg4sQI01GM733OPHXTKGP76h--THBIZQAQMpOZgwNl1oZ--Ira0WJlVNx-3x0RCYd7Ok5KlRn4Y9zx9SR8JbgUCL4HqImTrdw6TkONkF4A-RnP-FxY3NiOZBoYcEo6TMyIL0oU3DLjRpumgmMrqY5LJJadENOoIqIx9sZGzKb9KMU9plt-pK4ajcDfaHReBvgm8a6YGy5KdRvxZjpmGq0hz-K_z0y5oS9W14MWYQzQMnNc9E7lyOdScvQX_LrMwoH_PokPcUXJLK5zr5aDOUiadWoMmfOs73wg4tUx5iZZfUFcFcTibtv2My6As4xmfVNWTbIWq_WihJTD2PmP2tiGG_D5V-HA9pxuok2llrF7hINgKO4X5huptaUOORTkCgg-mVC2WtdhbWFO4yjCQThO1tPULGAvLcJxIiOQ60yfu6vJz7CApIuPEOHaehUzw1b9dmUTUhDiGvJTeJSYIYaTtCQT6bHEbPfq3q4QL871Oj8SJhrYxUVcvkLCBgMwFGAbimh4NBLvgMMjXY2lUW-U9IWlLdMslLk55P4SZX9rQeD4pRPOk45P8uaYonXZQca3nTBEu1Hm2hHPii_AbRZXkgl2qlxExVbRrL1dkuM-F2hFxsvuBevPDGkkGMaIrl5UW7kU3lz9EtWoLroshi5uRyWuJZSoCOOzbehWO0TrN1YBkNwc78StYHOG7ahWDDqScHnHvdijIdOBwRzwSd6HSJZTdbFU7kMKq_ZeapiZA2R1oNnvMROHtL7l8xVD3OzBHzVhftYqe4mIL0Bbq053d26bR1nVsKiNReZj63-hFvf1l79zMh6eNgvNYlSYRSZI2owpiDhJPhtsxRi8Hh44I4hBOtbOsE0baVaIor4eKaXUPTv5_fhrJ-qLMFUtfKcQcUI8ZU-D0K5d7ySk7ps_o5DP3-iYZrqVunQwvimOpcXkdTm6BH7b73x9NLOBB6J8hbZ9bFA-Qg3PPPQPWRjWARRrKYHvXQ7CEqE4SEZyDedpLDBWgA1AcnXQYgIRBKOQUcqDkpugMVltzWC0UG9MfIX4DCi8DIUEB3QEbfdezHI5Kmj5oVTUu5W2QcP7GODW62bP0eTzvuUgbkuZlXwS_Xr078o-cUupkyScmgLTzR65bI7qzryVijQ39PY0phDIj1Z2BoPBedT8vINmppVfNijbYIdnnFTzy4QPDEhcrdPuLem8q0CelfXxRI_UOWkK62R3A4GLC2S5c1YeJ3Sh7soYbTCFT0xOn975rmg_e3zAsTk1JmSWkA2nHmfiHJit-ObNwwcwgCpsq0O2VeX-9rQzXiFbMYnrGUwVSyZDBORGpYK4T1_F5NNevN5gV4nrK2yfHHhVL61Qf3ZthgxMxVDDMVj7LyBZpoFu6RY8z6qa4mMuRCiASQgPrhZqqeSc_ceTuarHVLDyHAWWkV5mSkrRhp_fARY119Yq97KU-6ww9osdp5G1NZLB9e-osdcYyARjJXcHhFi8bt1KCs93OgyclY5ghy8AgwnuXhxcyf-YD8iMsGU31-hEpbFAxq21_rAq2S_GPE371wSbEbA7nZRv-IG34g0BfTkxpulaw7IaveC055qGrPzJKg6v2H4A93zMSvR3wm8Qje6WBFE2dTPHt7ax5QqkMAMhrV4ATDbAdzSRK6MhNMHap5Z32v2DoAWheuiWeJm9UTvnC8XZLThNPibCbetFE-HtImrxxgq9L4z7v9Hr7-uas1uWheBzWN1sZ6COWBINqL4Eynl6gKYg-QlbvdygQsH1hTOvCNpQPUWW8JV7FT7oqj_8Ep4okRsdKXG6QNAuQ5hK-j2TsuZ0jTPBYXvW_S10VOC9-C-JpN1MrhO64Wbr3F0d2qaGBOyTIcMoLprAWzaP3HhhhZPlKcqRp-mmlTN11HffQdVp8b-UubPRVhT2N19JfyMXjv_DXk3g8B96-GWHfbrLuWuRp5k0jt3VR2ZJnpRR_KHSkc2dOh3Bjo_asMeGGA4HntjeWfxk_qKMx0VwcjGUfGVPxPqaYGGVeBeTMXsElbiHMYF4SrzkWJ4ffulVL1q2ruCGGIheeqIHRK9VkeuMYi5JG-6Suf9oHZ3gViahhY38aoAKvmfDVFWw_6lsItZ1U4GJSEyJL5joiHbqQGig7ch-JIds6ZomzL12HJfluJaTzk5GK6EPHBp8rE58TZp3UlDhuBVySxkSFdhS6AfWCXdUhrBbQWAJvH1NUIW88Wa0WhPHu5aQPToYKVVg98IYO2rB5hXWbC_os7xZy5_myggO8gneLLWdo6K9iRQkKzCTIZAx63jg4tb-B_hmnKnPiNmH-SLJbyEompCP8aPs0SxMJnLNEeLrDuOYwtIy0mdYw4_okXbAZkdNN-Or8tXuysUbPIO-TiZk7npbeFGJkbWFaAMG8t5lunLUJCMpHlkihPoYndFTd2uOvUQazim1FUOkFfCYASQMHHHfMsRbEefqiBFz5xwCANWuwRro&cid=CAQSOwBpAlJW7K0BTd1R7DNqprW6P2XQmKlu4L7zgwiI56hsZlcc3K7kkt3AJLI80QL6mOCCAQGgWjO-acWpGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=11278931248339397000&adk=496764934&idt=187&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:06:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
72231
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11511
x-xss-protection
0
server
cafe
etag
961974302080011826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2023 14:06:35 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8DCB 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 03:41:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
368951
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 03:41:15 GMT
3589100-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/8/9/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/8/9/3589100-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3fc358735f4fe6a1df0bd358a1249d2d24f9fef756378f87f85e32c42bf7a755

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 30 Aug 2023 10:10:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/8/9/3589100-46.jpg
age
693084
edge-cache-tag
399059569717620289240405050531116693516,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
399059569717620289240405050531116693516,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
125
req-referer
https://www.walla.co.il/
content-length
27170
x-request-id
b3b6dd58b37c659d0b3f6acff8a9998c
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100023-IAD, cache-iad-kiad7000022-IAD, cache-iad-kiad7000138-IAD, cache-fra-eddf8230082-FRA
last-modified
Tue, 22 Aug 2023 09:39:02 GMT
server
nginx
x-timer
S1693390226.211743,VS0,VE0
etag
"55c69094f93907cd7b876db5e8587caf"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 144, 2
3001126-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/0/0/1/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/0/0/1/3001126-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1b27d15f4c8dab73e7b067f59bd381ba4c7aec7cb4e0754b3574964513860b49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 30 Aug 2023 10:10:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/0/0/1/3001126-46.jpg
age
765670
edge-cache-tag
317451627938764227497511119841984780896,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
317451627938764227497511119841984780896,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
1050
req-referer
https://www.walla.co.il/
content-length
47368
x-request-id
17e44ff75201679309148b459f624088
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200163-IAD, cache-iad-kjyo7100047-IAD, cache-iad-kjyo7100087-IAD, cache-fra-eddf8230082-FRA
last-modified
Sun, 23 Jul 2023 11:33:00 GMT
server
nginx
x-timer
S1693390226.212116,VS0,VE0
etag
"6889e79a810f62739dbc7dba557be192"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 2
9c443560f0d76bbdc11b28e9eb9ef258.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9c443560f0d76bbdc11b28e9eb9ef258.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0c18aac62d5ed49abfd8c1a900d5a0ca72d9d11810d6a1410033be0409dfe1c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 30 Aug 2023 10:10:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9c443560f0d76bbdc11b28e9eb9ef258.jpg
age
2130606
edge-cache-tag
576771268535060090205840934130924150673,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
576771268535060090205840934130924150673,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
178
expiration
expiry-date="Sun, 13 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.oneindia.com/
content-length
7186
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100103-IAD, cache-iad-kjyo7100156-IAD, cache-chi-kigq8000114-CHI, cache-iad-kjyo7100158-IAD, cache-fra-eddf8230082-FRA
last-modified
Thu, 13 Jul 2023 17:55:04 GMT
server
nginx
x-timer
S1693390226.212114,VS0,VE0
etag
"395cd102bfc3ead0d07e0a3a188bb9ee"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 7, 2
4b474e148b1029690c2e5898df421edc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4b474e148b1029690c2e5898df421edc.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
00e2ff280d45d352b18689fd9b6725dd524d86b89081d40008a5b480ddb53c9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 30 Aug 2023 10:10:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4b474e148b1029690c2e5898df421edc.jpg
age
86622
edge-cache-tag
380701153887008088168630797588666780605,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
380701153887008088168630797588666780605,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
77
req-referer
https://www.walla.co.il/
content-length
13806
x-request-id
48ea151a16ba20909caf0fda0713d8a7
x-backend-name
CH_nlb802
x-served-by
cache-iad-kjyo7100032-IAD, cache-iad-kiad7000143-IAD, cache-iad-kjyo7100160-IAD, cache-fra-eddf8230082-FRA
last-modified
Tue, 29 Aug 2023 08:36:13 GMT
server
nginx
x-timer
S1693390226.214818,VS0,VE0
etag
"242447c23ab9f03e86013b664620c157"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 5, 2
eb84f75e8f43d2899600e838e006a42d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb84f75e8f43d2899600e838e006a42d.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6d06019641a320f78477dcf28b94fa1207c2ee07893f427850e45ba30df5a787

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 30 Aug 2023 10:10:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb84f75e8f43d2899600e838e006a42d.jpg
age
2339906
edge-cache-tag
451156214465580254622652449281369589667,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
451156214465580254622652449281369589667,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
552
req-referer
https://apnews.com/
content-length
18146
x-request-id
ca89abd0246c06dd041d90567778c657
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kcgs7200178-IAD, cache-iad-kiad7000084-IAD, cache-lga21979-LGA, cache-iad-kcgs7200109-IAD, cache-fra-eddf8230082-FRA
last-modified
Thu, 27 Jul 2023 13:27:01 GMT
server
nginx
x-timer
S1693390226.224537,VS0,VE0
etag
"622df772dcea0043c41cc15425b1f170"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 24, 2
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1F63 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
82587
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 11:13:59 GMT
etag
48472445140208031
expires
Wed, 30 Aug 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
3411dcef15a92fef4e50862f3464ff1f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3411dcef15a92fef4e50862f3464ff1f.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b1d1e5b926bb4860d220d6b819fd35ec8b48bd7b06d32dd7d7871ce1c71615e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 30 Aug 2023 10:10:26 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3411dcef15a92fef4e50862f3464ff1f.jpg
age
2208728
edge-cache-tag
490539229405930533963033718701574259435,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
cache-tag
490539229405930533963033718701574259435,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
191
expiration
expiry-date="Thu, 10 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.newsbomb.gr/
content-length
4184
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100063-IAD, cache-iad-kcgs7200112-IAD, cache-sna10740-LGB, cache-iad-kiad7000156-IAD, cache-fra-eddf8230082-FRA
last-modified
Mon, 10 Jul 2023 15:55:53 GMT
server
nginx
x-timer
S1693390226.244757,VS0,VE0
etag
"14fdca12da5871db4f91b9d5afe089d7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 23, 2
truncated
/ Frame B94B 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bcd1f84a5b68c7d4418a74837999de51fde30e5edaa4bc363ccdbddb5139852d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8C24 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
82587
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 11:13:59 GMT
etag
48472445140208031
expires
Wed, 30 Aug 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E288 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd34490a8b0273708562f14bedf6cf072eaa5b82ce29a16b5b328e0198de643a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6019 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
82587
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 11:13:59 GMT
etag
48472445140208031
expires
Wed, 30 Aug 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8DCB 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
acd135577fe1c483594b4784ec20821d2b86466c8d7bed041e9ac520df378ab4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
debug
am-trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/2/debug?tim=12%3A10%3A26.298&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=8503&cv=20230830-8-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:26 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
25640
supply-feature
am-trc-events.taboola.com/wallail-walla/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=57c477b999e6ed5f68883891521f8bc4&sd=v2_7bfe04bb8f3e9b7bb5c33d6434fab8cd_c2a480cd-b473-488d-98cc-424c45b354b2-tuctbe89b10_1693390224_1693390224_CIi3jgYQk-FcGIT5sK-kMSABKAEwODib4wlAhIoQSJCt2QNQ____________AVgAYABo7Y_QnZX90qfAAXAA&ui=c2a480cd-b473-488d-98cc-424c45b354b2-tuctbe89b10&pi=/&wi=2990753527669053458&pt=home&vi=1693390224516&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22114.28125%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=12%3A10%3A26.327&id=4868&llvl=2&cv=20230830-8-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
activeview
pagead2.googlesyndication.com/pcs/ Frame 8F81 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsssTXKEU0n78XjXqsQKMSKswvurfNw9r22OrW-BF0jrbCTpdO6Zn_IZd8CVRgToQFRv-_OvOMPiDunn81JKGvnkqClUGzQ3aNz-7iMbo5GweVZNklmW2nHnPJvuX-wAJAd3kdzSa033OrrTCmBK-WWWPUaBQ6zrievXEabbPk4jt_7gKWTxGjF0Ld6TdgM-QKitEkSc5GaSl1vUGMqbFe-E9GlJfUTtqkaV9FKc7-yI6rQgCzBDooUTt9hYhbG_y0zym6I0tc5Y6tW93_xXSCLz2nxvKGBEEjXsItEQV2pJhiHON3D5nBUc_HSSFUaXprkfOv3U7C0ES_Pprby4PTZWK_Ysnsw2u5H-OBXHN5dWf5Ih54V8jpwn50p7MHWsEMMiGR11-7y9pCucwxwHoNlLSBRdsZ5A1fXZiKRcK_FM7joE5l7fNJp8-usPIgdccBYEyfMUxSQIG61xO5r4O_Wtlc6XPul0Ipyu-1VKkJELoIGUvoWtAlw4tm1IUEL10ipy6UVwzddPp15gHcyJike-VV6F8tQaGpSqSsQ2NekTkdbnCMKu7UW6P32b-XLYfvOK1LhXQX6cBF9p2oJGbgULhAFF_C48Hw3GBEwKhziYamxCxkYPyd-ppiEjj8-nSpMAvcO72WVl0nRqFQXNHaZXPdJVMqEs5vJNNOCbn1TGwvGiuQDOJ5054MRkVxMu36BWa7ddqziVNVywfAra1NoN5K8WqKepr-gVF3vzOu3KtJdSBURXvAuUAFmN5NVeVB38fo6bySGqm05yduFC-sRQkFb8oXq337urX0dkPFHQZw1ANyNK1GX1MYI4oyX6CTjEQ7v6NEqlNqWarutNnzqh_hB1uMLwrn06VAn25wFAnXap9sxlrO2J0mtiKqoFqUSmrfqwSdVPDtZabuYrfo-q-4BYqxJN1pjomGJgNyH5va3r_c1ciRt86cKoP0x3CcAMlrsQaBFdZdDQxpdikRTKsdqgDc1Aa7CpKRuLz5j4TzSpNbjO0oQ20YJ0twp3EJJJTqgOgPPyQQLjo8Efx4BfSijmdR_PlvqUIPhkYTRrwJVilCFpL23FB0TGibFY1pVbuilF5HkkEPk2w3OlJbUECsV4ZEGPyTiSReXuOg6Qru1Qw-xlIn5MMUJ4YDdzcw3htmiuhmKdRnpIrYoMv-7oIjuKiEU1i-qmcmk5eYthprIdAG9zXTT1SFG4UFFon7o-kiGfZU5DYZX6CkMgNip7wXxZ0Tb-NIGU3j9JLQzdXoowW-dB_onrp-p3cdDqpplVkxuYHIhHtTBlAjlNaUaGQTlwxb7DfhwGXKeImWZJKz8NCkUrWuvPJWoW1It3G_cwhMMgR1DCvt-Bp8Gt3EY94wYhszQkCArMtuvesxIBfFft_akUDuTnzJIVb7hOnPgWhu0U6CcYTFUQY-_TZD_h9NQvz2CCXg_A6jhMVlhpd-YPF48muCBAEaW9pCTVAfW1_iW1FyVWn09w6w&sai=AMfl-YQ7_TOAiMihjKP0rFWobpt0NZ2MYus6O0VtIOWMBYAgah6tcRfx_ILr8sYAAxZqdXAZLpMMMxSZC86U5eYJ_CSIngKMgLbbQDNa0qvKc0fWy1ZtZGgnfJxY4ifJ9UHyb6uJ6TAeMFJa&sig=Cg0ArKJSzFRxQdwppcjuEAE&cid=CAQSOwBpAlJWZfkiqzXP3ophPXZlVfp7Z7HK19APHQLWaOrNcq6t8WtPFtpcV0t55Uv9-ToSfWlIji5L8yDrGAE&id=ampim&o=200,1160&d=1200,40&ss=1600,1200&bs=1600,1200&mcvt=1081&mtos=0,0,1081,1081,1081&tos=0,0,1081,0,0&tfs=405&tls=1486&g=100&h=100&tt=1486&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/1014895307437113344/ Frame 959C 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1014895307437113344/index.html?e=69&leftOffset=0&topOffset=0&c=IE7FpTRZJR&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3430f2b10affe53b571fdb6172ccdd08b06807c358a25a7f4540f1d39f37f4d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
873
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 10:10:26 GMT
expires
Thu, 29 Aug 2024 10:10:26 GMT
last-modified
Fri, 02 Jun 2023 16:31:06 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3CBA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6qJ4EFLaQhnyPLvIhZgbmvsprclBSKFaxMiANrxTNjkwrDTjoYueRli6Oe4yV7EBbUKdxSzM2v2ETvqPQ-eJFaddmXYGQk8wwh18xNxucB70hpFNBEzH91inMgoPspkfqJX9Mdj8AVXFZd6Jq2xG7_I7HSBaK7FBUgAgr1xq3zzSnhhF38C33paMa86VzJi8CD-u4AAgfwAimHmIgFamH8v_2E84GsUS24g48mOWyZHN0g0FV9sREqkg8z0IbRM4HaXKv0_dpHxsoXP_N2urme1Crdr4r1u0OlzI1OndKsR-pWhUviPIeYi4Riw9wRjodE08OyNaMM66xcIVQfNNSwbGp2z5G_sFy3Hz_puUL7pnByJpgHsyhkNm3WNZfX39Nz7brGgGrbDYNwj3nQP2ggG9Yuaa9DLQ_B0CfDG-t9xX-Bxr9lPkQHu9r8aqekSlTdXkPinwsZYMguwBhtZjpDmQg3NWpD0fYYXwTRJ8PFJUtTk70Jxn-LN1fSUMfFopvnKi_gQsfdrA-4OXSLLKelX-jSUYGZxjrplaEtetgvhaMuXJlCTKWNByWn65Nwzcd2Mv0LiqoQxYCeL81EBILOoXmiAtMlQ4AVZ-EFWtHZ1oYEAHA-15Ip_t8j0hkPNHOetcu8vcDgbF3r3NEHDx02dDP2VejDW_zEqbk1RS7tdxrHte1dfv9EROr2wSxTGWJz8czgsX6GtZVxmJvU6oJ1GoC1Z6sHrpbQKZJX-Jh05AXGLG3SuHDfG9fdhAkhvVASc0Puh6cznH52AN7N_y990ISI2OY-DQ85lMHGi9Kofe0_AzTDZCYGLSnvxCib-yQ_ymOzRHbY9p5ssvOttHoQMW6e0EZfqnQuBsOafkEVHtVroBY1VnP3aappprxEAYrSPV52f6PJ-TTiRLND8rAu3MlM_40Trix3jFBuSPlx77tk3MYZE1-L4tLMCpR0MKkJUJUOuZhaFtuVxfowa9Q1RSounhvX3RHz_XvV81rLqp43eEalhfnaKSVOYHVdJ_SGjnECAOeLPGhJr7syiMxyUUlBZKCuoAoXPPuSQkBtYW-Gdy3U4eBv_akckWo5GuVimSmUV5rDrANmUmGw0leJrlTs1_ioNYwVJTQdSTY4b4Sh-9lDVedyKp_zCngJjyYqVjJlap4Wf-Xfum56UrRoIPsmqtCgeSAQD072jZ_q7sTl0WHXFj5JWIudwBHJaN-rSlSyzzcyk9RqX9ImkOOYp3PFv2CMXvyFrLeGLlhbhZJiL3JdFc4Vwjq3bYE22HRoPEmKEvcRmgrkwUGRaYvqefkHWj81HDksBfQq-7NV_px2aJiVGKrBd69_g&sai=AMfl-YSQTZk3ZAb6B9Pxg7xGWtEz8Wo4-0-ZG2WQdYj0IiwTicLn2P6E7BrKHmi7hWe82nk7-6-ZjPkl7X6NwEeKrEjKA9z-3TaQ6bSE20i7kXCvWqXu8TGDMs0aeSSc_GbFQue6Wa2aR2sYVcMoTlGlnjxbujVmGMqSSrF7Ikl_YxwHngPeuVBlF2_wfRPmI6aJcfs0QakotSZUmcW2tuIjlqmZ7zcVE4SNOy9hM9iyrezuaZpHSreNk5tvnGGdaUD4F5WE&sig=Cg0ArKJSzF9MuaY2GnloEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=380&cbvp=1&cstd=369&cisv=r20230828.90252&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 30 Aug 2023 10:10:26 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 30 Aug 2023 10:10:26 GMT
st
imprammp.taboola.com/ Frame 20B7 		439 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8YMgCLAaUF7zmBySnxBMoL3jND0hOiS8AAABgYID-AAnZbJblcGRcqyY2i1u022zcwo3H5ZbtVrPhZrdwbnyrISAhm82yHI6Ma9XEZnGLdpuNW7jxuNyy3Wo23OwWzo1vNQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIrDgjtdJpfdc3o57f4AAAAAAAIAAACABACC-G8JgBjcyRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAx5DcO0WJ2vgQRyIFoEUYAQAAAMiW0844MkknqFhU-f__77cCcAUAIECxiJ3HPIvuoMRbGAAAAAAxQvAlRCN3POhjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAzbgBAHgjACfkYKDpdPhc93rd73fXPcxmh13jtyvNftFJiNViMhlMJovVUYjdcLbYzRaLyewAAAAA3Pn____HIwRfQjRyx4OuB-QmNpdhNLEYZ56Vc-KbWFwbz2ZkG21GM4fFuDF5zxOYQEpaAjBCnwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFrMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGNZmIaDjcktMe02a9FwOHIrhxuPWzQZbUyriWc1mljWotfHdHEZlxPHYIsEA0T2InlapBPVbmPa7SbO5XJlW5lcM9twONwMl4vVZDEzTjymiViiOVmkE9ll35vYXIbRxGKceVbOiW9icW08m5FttBnNHBbjxuTvWBam4WBjcktMu81aNByO3MrhxuMWTUYb02riWY0mlrXo9TFdXMblxDHYN2bLzWY5mExG-8ZsudksB5PJaN9hMj1Tn7PRdcs4PiaptfmytW5Og8JlsHh_EtNi2p0dRCff0alySJdFndHv9_v9fr_f7_f7DVrPwWxQ-L5lv1G3FpuDxc3BIDYYFLFEcJFOdA-z2eE0u3UPs9lhEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcOstjNFYvRXLIYziWrVQIAAAAAAAAAsATTTDcBAAAAcDKo4WSzWa3TwUxWw9VitVwAFzCTun6EU3mI6at8d6UEKvFt12FLFGvssYZ7mM0Op9mte5jNDisDuHD5ZrbZZwSxVqtlDQAAQAAbAABAADfdeBNAFsX9____jwMAACAjhx4AAAD9PqCr2ZmZmZkZfgWxWA4G-wegQqzVanW7sVarFbDgZsvZYAL_____AQ!&cmcv=&pix=undefined&cb=1693390226428&uv=3322&tms=1693390226428&abt=aniview_inc_vA!ll427_vA!nonrv_vA!pl1545_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=dff298d8-5bfb-473c-8cce-6756837a9c75&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1ef3ae4d5f1feee4472bfbaefcaf623b30bbe15c3a77b73ab54275515eb94277

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Wed, 30 Aug 2023 10:10:26 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230082-FRA
x-timer
S1693390226.447692,VS0,VE10
sync
am-match.taboola.com/ Frame 2543 		422 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8YMgCLAaUF7zmBySnxBMoL3jND0hOiS8AAABgYID-AAnZbJblcGRcqyY2i1u022zcwo3H5ZbtVrPhZrdwbnyrISAhm82yHI6Ma9XEZnGLdpuNW7jxuNyy3Wo23OwWzo1vNQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIrDgjtdJpfdc3o57f4AAAAAAAIAAACABACC-G8JgBjcyRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAx5DcO0WJ2vgQRyIFoEUYAQAAAMiW0844MkknqFhU-f__77cCcAUAIECxiJ3HPIvuoMRbGAAAAAAxQvAlRCN3POhjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAzbgBAHgjACfkYKDpdPhc93rd73fXPcxmh13jtyvNftFJiNViMhlMJovVUYjdcLbYzRaLyewAAAAA3Pn____HIwRfQjRyx4OuB-QmNpdhNLEYZ56Vc-KbWFwbz2ZkG21GM4fFuDF5zxOYQEpaAjBCnwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFrMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGNZmIaDjcktMe02a9FwOHIrhxuPWzQZbUyriWc1mljWotfHdHEZlxPHYIsEA0T2InlapBPVbmPa7SbO5XJlW5lcM9twONwMl4vVZDEzTjymiViiOVmkE9ll35vYXIbRxGKceVbOiW9icW08m5FttBnNHBbjxuTvWBam4WBjcktMu81aNByO3MrhxuMWTUYb02riWY0mlrXo9TFdXMblxDHYN2bLzWY5mExG-8ZsudksB5PJaN9hMj1Tn7PRdcs4PiaptfmytW5Og8JlsHh_EtNi2p0dRCff0alySJdFndHv9_v9fr_f7_f7DVrPwWxQ-L5lv1G3FpuDxc3BIDYYFLFEcJFOdA-z2eE0u3UPs9lhEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcOstjNFYvRXLIYziWrVQIAAAAAAAAAsATTTDcBAAAAcDKo4WSzWa3TwUxWw9VitVwAFzCTun6EU3mI6at8d6UEKvFt12FLFGvssYZ7mM0Op9mte5jNDisDuHD5ZrbZZwSxVqtlDQAAQAAbAABAADfdeBNAFsX9____jwMAACAjhx4AAAD9PqCr2ZmZmZkZfgWxWA4G-wegQqzVanW7sVarFbDgZsvZYAL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
ab19afd8b72d401ae6c09fefbf2fcf1761039aa85a4800410b31d06b381333ae

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 30 Aug 2023 10:10:26 GMT
machineid
3402
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8YMgCLAaUF7zmBySnxBMoL3jND0hOiS8AAABgYID-AAnZbJblcGRcqyY2i1u022zcwo3H5ZbtVrPhZrdwbnyrISAhm82yHI6Ma9XEZnGLdpuNW7jxuNyy3Wo23OwWzo1vNQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIrDgjtdJpfdc3o57f4AAAAAAAIAAACABACC-G8JgBjcyRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAx5DcO0WJ2vgQRyIFoEUYAQAAAMiW0844MkknqFhU-f__77cCcAUAIECxiJ3HPIvuoMRbGAAAAAAxQvAlRCN3POhjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAzbgBAHgjACfkYKDpdPhc93rd73fXPcxmh13jtyvNftFJiNViMhlMJovVUYjdcLbYzRaLyewAAAAA3Pn____HIwRfQjRyx4OuB-QmNpdhNLEYZ56Vc-KbWFwbz2ZkG21GM4fFuDF5zxOYQEpaAjBCnwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFrMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGNZmIaDjcktMe02a9FwOHIrhxuPWzQZbUyriWc1mljWotfHdHEZlxPHYIsEA0T2InlapBPVbmPa7SbO5XJlW5lcM9twONwMl4vVZDEzTjymiViiOVmkE9ll35vYXIbRxGKceVbOiW9icW08m5FttBnNHBbjxuTvWBam4WBjcktMu81aNByO3MrhxuMWTUYb02riWY0mlrXo9TFdXMblxDHYN2bLzWY5mExG-8ZsudksB5PJaN9hMj1Tn7PRdcs4PiaptfmytW5Og8JlsHh_EtNi2p0dRCff0alySJdFndHv9_v9fr_f7_f7DVrPwWxQ-L5lv1G3FpuDxc3BIDYYFLFEcJFOdA-z2eE0u3UPs9lhEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcOstjNFYvRXLIYziWrVQIAAAAAAAAAsATTTDcBAAAAcDKo4WSzWa3TwUxWw9VitVwAFzCTun6EU3mI6at8d6UEKvFt12FLFGvssYZ7mM0Op9mte5jNDisDuHD5ZrbZZwSxVqtlDQAAQAAbAABAADfdeBNAFsX9____jwMAACAjhx4AAAD9PqCr2ZmZmZkZfgWxWA4G-wegQqzVanW7sVarFbDgZsvZYAL_____AQ!&cmcv=&pix=31589837&cb=1693390226428&uv=3322&tms=1693390226428&abt=aniview_inc_vA!ll427_vA!nonrv_vA!pl1545_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1693390222410.8!ts:1693390226428&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:26 GMT
content-length
0
server
nginx
i.match
s.tribalfusion.com/z/ Frame D1A9
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIdSrM8xsncYbLpYqlrUXVM&google_cver=1&google_push=AXcoOmSQyqttu-950nTjF2wNSkgSprywNfgIi6CDUIJGYA3sX7VyrCyZGRBXw_WWGAq3k3v9E74qZTmxacgOUN3nrzOc8UTfYyf9&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIdSrM8xsncYbLpYqlrUXVM&google_cver=1&google_push=AXcoOmSQyqttu-950nTjF2wNSkgSprywNfgIi6CDUIJGYA3sX7VyrCyZGRBXw_WWGAq3k3v9E74qZTmxacgOUN3nrzOc8UTfYyf...
43 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIdSrM8xsncYbLpYqlrUXVM&google_cver=1&google_push=AXcoOmSQyqttu-950nTjF2wNSkgSprywNfgIi6CDUIJGYA3sX7VyrCyZGRBXw_WWGAq3k3v9E74qZTmxacgOUN3nrzOc8UTfYyf9&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSQyqttu-950nTjF2wNSkgSprywNfgIi6CDUIJGYA3sX7VyrCyZGRBXw_WWGAq3k3v9E74qZTmxacgOUN3nrzOc8UTfYyf9%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7fec3e765f793816-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
8
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIdSrM8xsncYbLpYqlrUXVM&google_cver=1&google_push=AXcoOmSQyqttu-950nTjF2wNSkgSprywNfgIi6CDUIJGYA3sX7VyrCyZGRBXw_WWGAq3k3v9E74qZTmxacgOUN3nrzOc8UTfYyf9&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSQyqttu-950nTjF2wNSkgSprywNfgIi6CDUIJGYA3sX7VyrCyZGRBXw_WWGAq3k3v9E74qZTmxacgOUN3nrzOc8UTfYyf9%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7fec3e748cf23816-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D1A9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPRarsN5ERDz35wOGmAM9js&google_cver=1&google_push=AXcoOmRFThPllu_tviJ0MW2isf1xHW5X2Z5ZqtmgFkoZlJICL84FlUtvhwf5C-Ah8fmEBXiD11r5D_Wf4OJb2k8KDEHUSVI...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRFThPllu_tviJ0MW2isf1xHW5X2Z5ZqtmgFkoZlJICL84FlUtvhwf5C-Ah8fmEBXiD11r5D_Wf4OJb2k8KDEHUSVIQA6BC&google_hm=eS03N2FIUkx0RTJwR3p1RV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRFThPllu_tviJ0MW2isf1xHW5X2Z5ZqtmgFkoZlJICL84FlUtvhwf5C-Ah8fmEBXiD11r5D_Wf4OJb2k8KDEHUSVIQA6BC&google_hm=eS03N2FIUkx0RTJwR3p1RVhFb2FsTVpDZ0U3dENYYmRVX35B
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 30 Aug 2023 10:10:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRFThPllu_tviJ0MW2isf1xHW5X2Z5ZqtmgFkoZlJICL84FlUtvhwf5C-Ah8fmEBXiD11r5D_Wf4OJb2k8KDEHUSVIQA6BC&google_hm=eS03N2FIUkx0RTJwR3p1RVhFb2FsTVpDZ0U3dENYYmRVX35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame D1A9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ-dIGlCqa4Oq1xfbI4RMGM&google_cver=1&google_push=AXcoOmSpsRaMdGv4AFRy1r2PHbhVPIPnn31wGzL2lTqCeRBgBHqmqdNA0fBLPHeQpvRvyvndXv5RdIu5...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc2MTY5NzIyMTE4NjA5MDgxMA&google_push=AXcoOmSpsRaMdGv4AFRy1r2PHbhVPIPnn31wGzL2lTqCeRBgBHqmqdNA0fBLPHeQpvRvyvndXv5RdI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc2MTY5NzIyMTE4NjA5MDgxMA&google_push=AXcoOmSpsRaMdGv4AFRy1r2PHbhVPIPnn31wGzL2lTqCeRBgBHqmqdNA0fBLPHeQpvRvyvndXv5RdIu5Yk5hK7sR-UoGQkLRUPI
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc2MTY5NzIyMTE4NjA5MDgxMA&google_push=AXcoOmSpsRaMdGv4AFRy1r2PHbhVPIPnn31wGzL2lTqCeRBgBHqmqdNA0fBLPHeQpvRvyvndXv5RdIu5Yk5hK7sR-UoGQkLRUPI
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame D1A9
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQx-l...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-G12sODBoWvmHcOo-GSdbtL9ViurD-oizh_GdBw&google_push=AXcoOmQx-lEwCJM06Jf1jLLBc6FIoXxU2v6rEmkGth-_ufKLKjq5ajwVs5wzagtKDkuLDQQhBdn9IDJC5gwG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-G12sODBoWvmHcOo-GSdbtL9ViurD-oizh_GdBw&google_push=AXcoOmQx-lEwCJM06Jf1jLLBc6FIoXxU2v6rEmkGth-_ufKLKjq5ajwVs5wzagtKDkuLDQQhBdn9IDJC5gwGxBQoLrkEr75p6mn4
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-G12sODBoWvmHcOo-GSdbtL9ViurD-oizh_GdBw&google_push=AXcoOmQx-lEwCJM06Jf1jLLBc6FIoXxU2v6rEmkGth-_ufKLKjq5ajwVs5wzagtKDkuLDQQhBdn9IDJC5gwGxBQoLrkEr75p6mn4
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
563510
content-length
0
expires
Wed, 30 Aug 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D1A9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ-dIGlCqa4Oq1xfbI4RMGM&google_cver=1&google_push=AXcoOmRoDzVDCOmzB8cHWU6KDQPBLMNEwV1pdR2oSyZBYYZxskAPA49Zk1eZIPgzGqCKQErcmzmRPpgg...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc2MTY5NzIyMTE4NjA5MDgxMA&google_push=AXcoOmRoDzVDCOmzB8cHWU6KDQPBLMNEwV1pdR2oSyZBYYZxskAPA49Zk1eZIPgzGqCKQErcmzmRPp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc2MTY5NzIyMTE4NjA5MDgxMA&google_push=AXcoOmRoDzVDCOmzB8cHWU6KDQPBLMNEwV1pdR2oSyZBYYZxskAPA49Zk1eZIPgzGqCKQErcmzmRPpgg3fAnCl3GdevJfj4LIuh0
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc2MTY5NzIyMTE4NjA5MDgxMA&google_push=AXcoOmRoDzVDCOmzB8cHWU6KDQPBLMNEwV1pdR2oSyZBYYZxskAPA49Zk1eZIPgzGqCKQErcmzmRPpgg3fAnCl3GdevJfj4LIuh0
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
ups.analytics.yahoo.com/ups/58281/ Frame D1A9 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECHiO-9snqwMloeNLJ_sWug&google_cver=1&google_push=AXcoOmRUgNFcV_OfVgC-4_0HFL0Que96bjxG8XHEOHHLWoD0ijEQ_9n-ytx5xqvfU5EnvJJc_zOYSB70-AR9USn0P2YV5qxeqtxMIA
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame D1A9
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECIB_p-NXg3O86c5z5NGxtw&google_cver=1&google_push=AXcoOmTILnB9YqgVJ0xy66VREjDjhk0bqSEaTxaGVASPApenryMYm3ESOIrfzjaaqp2LKqu1pUvZjqqgBa0...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTILnB9YqgVJ0xy66VREjDjhk0bqSEaTxaGVASPApenryMYm3ESOIrfzjaaqp2LKqu1pUvZjqqgBa0fGu6EW6Hh-IYxZGGyhg
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame D1A9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iq0x5udvxpFRL7o5kl0_jaYXmJDc2bC37cW9kBHaGpv-LFk1mgNTT2he1_vfmiu4tM9X-bSW4
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame FDA6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308240101&jk=2290754539433368&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E559 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
272321
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 06:31:45 GMT
expires
Mon, 26 Aug 2024 06:31:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
style.css
s0.2mdn.net/sadbundle/1014895307437113344/ Frame 959C 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1014895307437113344/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1014895307437113344/index.html?e=69&leftOffset=0&topOffset=0&c=IE7FpTRZJR&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9bb1b002d861515055a69a40e3004b11041b8c7ba7d901be8c9337c958987f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1014895307437113344/index.html?e=69&leftOffset=0&topOffset=0&c=IE7FpTRZJR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 05:07:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363804
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1820
x-xss-protection
0
last-modified
Fri, 02 Jun 2023 16:31:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Aug 2024 05:07:02 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 959C 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1014895307437113344/index.html?e=69&leftOffset=0&topOffset=0&c=IE7FpTRZJR&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1014895307437113344/index.html?e=69&leftOffset=0&topOffset=0&c=IE7FpTRZJR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 06:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14292
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 06:12:14 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 959C 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1014895307437113344/index.html?e=69&leftOffset=0&topOffset=0&c=IE7FpTRZJR&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1014895307437113344/index.html?e=69&leftOffset=0&topOffset=0&c=IE7FpTRZJR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 10:10:26 GMT
pa.js
s0.2mdn.net/sadbundle/1014895307437113344/ Frame 959C 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1014895307437113344/pa.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1014895307437113344/index.html?e=69&leftOffset=0&topOffset=0&c=IE7FpTRZJR&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b88a304d6162d0e7bc1ea1c3b8c9e9f6b6751002a6d58b6a7bb2c4dd383dea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1014895307437113344/index.html?e=69&leftOffset=0&topOffset=0&c=IE7FpTRZJR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 05:25:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
449122
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1443
x-xss-protection
0
last-modified
Fri, 02 Jun 2023 16:31:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Aug 2024 05:25:04 GMT
logic.js
s0.2mdn.net/sadbundle/1014895307437113344/ Frame 959C 		26 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1014895307437113344/logic.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1014895307437113344/index.html?e=69&leftOffset=0&topOffset=0&c=IE7FpTRZJR&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d0143bdc0390e51948acf079ab4c1374f93ab7c5c03dfa47167f2a78870c2d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1014895307437113344/index.html?e=69&leftOffset=0&topOffset=0&c=IE7FpTRZJR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 05:01:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
536936
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3835
x-xss-protection
0
last-modified
Fri, 02 Jun 2023 16:31:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Aug 2024 05:01:30 GMT
pixel
cm.g.doubleclick.net/ Frame 1F63
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELYf-h60aapGQB8Q080pBiw&google_cver=1&google_push=AXcoOmSoxknDNKjaBChiDnEiEftqt9IwKshQQcRHzTML4Ec7AMF7ZUmVsk7pnj4W46n7xK5SAQBACeS_awyvGAe2...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSoxknDNKjaBChiDnEiEftqt9IwKshQQcRHzTML4Ec7AMF7ZUmVsk7pnj4W46n7xK5SAQBACeS_awyvGAe2dsC-qG7U3obB
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSoxknDNKjaBChiDnEiEftqt9IwKshQQcRHzTML4Ec7AMF7ZUmVsk7pnj4W46n7xK5SAQBACeS_awyvGAe2dsC-qG7U3obB
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 30 Aug 2023 10:10:26 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x14 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmSoxknDNKjaBChiDnEiEftqt9IwKshQQcRHzTML4Ec7AMF7ZUmVsk7pnj4W46n7xK5SAQBACeS_awyvGAe2dsC-qG7U3obB
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 30 Aug 2023 10:10:25 GMT
pixel
cm.g.doubleclick.net/ Frame 1F63
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBE7C7Y3JuK4BlK5WDDpkFw&google_cver=1&google_push=AXcoOmQ0G0zps_PMPlR82AyGbHRxpR24Tu3ot819WIwIU0_GFIlJwF-FkHUmtFK8yyv2ycvHtGu5E4I6OKa...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ0G0zps_PMPlR82AyGbHRxpR24Tu3ot819WIwIU0_GFIlJwF-FkHUmtFK8yyv2ycvHtGu5E4I6OKaHysfkqNq4a5K9z_lg&google_hm=UOTeS6VrTSiGHqiTzkNTaRk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ0G0zps_PMPlR82AyGbHRxpR24Tu3ot819WIwIU0_GFIlJwF-FkHUmtFK8yyv2ycvHtGu5E4I6OKaHysfkqNq4a5K9z_lg&google_hm=UOTeS6VrTSiGHqiTzkNTaRk
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:25 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ0G0zps_PMPlR82AyGbHRxpR24Tu3ot819WIwIU0_GFIlJwF-FkHUmtFK8yyv2ycvHtGu5E4I6OKaHysfkqNq4a5K9z_lg&google_hm=UOTeS6VrTSiGHqiTzkNTaRk
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 1F63 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAYrFWRatluICo_uiD1tnTg&google_cver=1&google_push=AXcoOmRAWmdUmP5Wcx08pYCyuxwCJ3gNEOwvdgxJ83mpqVdde8ulV5zK-lQCHF5hxgBJLBto6x6T8YBq4EezobvT4u419ZzX6dQ
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:26 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 1F63
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEMkkgkxD16sHOnHUnnhoO7A&google_cver=1&google_push=AXcoOmSS26lul3hMitMhjjjLkPmWL_dY2T6mqYoUyVyuXcLrbQAinT-hYb5GYYumbA_aXfwDWrmFPE5CRm9gHuzrqLlXztP...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMkkgkxD16sHOnHUnnhoO7A&google_cver=1&google_push=AXcoOmSS26lul3hMitMhjjjLkPmWL_dY2T6mqYoUyVyuXcLrbQAinT-hYb5GYYumbA_aXfwDWrmFPE5CRm9gHuzrqLlXz...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSS26lul3hMitMhjjjLkPmWL_dY2T6mqYoUyVyuXcLrbQAinT-hYb5GYYumbA_aXfwDWrmFPE5CRm9gHuzrqLlXztP4TzyU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSS26lul3hMitMhjjjLkPmWL_dY2T6mqYoUyVyuXcLrbQAinT-hYb5GYYumbA_aXfwDWrmFPE5CRm9gHuzrqLlXztP4TzyU
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSS26lul3hMitMhjjjLkPmWL_dY2T6mqYoUyVyuXcLrbQAinT-hYb5GYYumbA_aXfwDWrmFPE5CRm9gHuzrqLlXztP4TzyU
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 1F63
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBDwBH91y_HhntET4ji_yfo&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBDwBH91y_HhntET4ji_yfo&google_hm=ZO8Vkbtxviw0lCdvPLjgqwAADO4AAAAB&google_nid=index&google_push=AXcoOmREYIzsr_ST9kqI3iuOJsHty0vmeN2dP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBDwBH91y_HhntET4ji_yfo&google_hm=ZO8Vkbtxviw0lCdvPLjgqwAADO4AAAAB&google_nid=index&google_push=AXcoOmREYIzsr_ST9kqI3iuOJsHty0vmeN2dPjXRpK3p5dOgiYrQ6NlO1awszYAm89oX75nLtnzmNpeZX378RepZ52VsMCe7USE
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJjwtET8RgkKcKUq0JRmM2bXJ40EkhRwaHEhyGx%2FltX6sg%2BUBUfJMvfEFQoyEOUuCssqnz2i6BONaUuz5XUWLMPHpH3f6OAj0UuySk%2Fsn3rzMFgK4hxktJTlLsfBSqH8yrm%2F3A%2FYMTqD6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBDwBH91y_HhntET4ji_yfo&google_hm=ZO8Vkbtxviw0lCdvPLjgqwAADO4AAAAB&google_nid=index&google_push=AXcoOmREYIzsr_ST9kqI3iuOJsHty0vmeN2dPjXRpK3p5dOgiYrQ6NlO1awszYAm89oX75nLtnzmNpeZX378RepZ52VsMCe7USE
cache-control
no-cache
cf-ray
7fec3e73c8c5910a-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 1F63
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEATUhQpRGA9c3UWK2EyUOyM&google_cver=1&google_push=AXcoOmQ_UNuuDuU41fJhz_Uq4JW2bH1AtG-HxN2zLBP67smi-qfwrTHS7MD5DYONIFChpynA8-NxQnuwQlgdmrCV6rQxnc3_COWd
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQ_UNuuDuU41fJhz_Uq4JW2bH1AtG-HxN2zLBP67smi-qfwrTHS7MD5DYONIFChpynA8-NxQnuwQlgdmrCV6rQxnc3_COW...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY0NzIxMzcxOTA4MjE1MTAwMTY0NQ%3D%3D&google_push=AXcoOmQ_UNuuDuU41fJhz_Uq4JW2bH1AtG-HxN2zLBP67smi-qfwrTHS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY0NzIxMzcxOTA4MjE1MTAwMTY0NQ%3D%3D&google_push=AXcoOmQ_UNuuDuU41fJhz_Uq4JW2bH1AtG-HxN2zLBP67smi-qfwrTHS7MD5DYONIFChpynA8-NxQnuwQlgdmrCV6rQxnc3_COWd
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY0NzIxMzcxOTA4MjE1MTAwMTY0NQ%3D%3D&google_push=AXcoOmQ_UNuuDuU41fJhz_Uq4JW2bH1AtG-HxN2zLBP67smi-qfwrTHS7MD5DYONIFChpynA8-NxQnuwQlgdmrCV6rQxnc3_COWd
date
Wed, 30 Aug 2023 10:10:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ups.analytics.yahoo.com/ups/58281/ Frame 1F63 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECHiO-9snqwMloeNLJ_sWug&google_cver=1&google_push=AXcoOmTWYnw8-BLRrueOq48XeZL0jdlrSjObfBC8b7-XdjfMQd0WSqF06ZinWHcQx0HXhB1XpKsx8fB0vDex0__vtf1PpY9-3REw
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 1F63 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JDtnJbTFIwXWNOYZfRPIlMqnd3rGz4xSyBGs_i7LL3_eFIWGXVQGNkHDo6mHqDBbmq8PlJBw
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 8C24
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELYf-h60aapGQB8Q080pBiw&google_cver=1&google_push=AXcoOmRR7kikJW9AJrd9JoR2jbN6ZydjB2Vyq6C7jc5aSOW9m9R0_SoS1I1q2q8N4E2Q1b_0paViwQKH8l0vkuSA...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRR7kikJW9AJrd9JoR2jbN6ZydjB2Vyq6C7jc5aSOW9m9R0_SoS1I1q2q8N4E2Q1b_0paViwQKH8l0vkuSASVUkCy9nNCs22CAJaXbvonuThx2mpP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRR7kikJW9AJrd9JoR2jbN6ZydjB2Vyq6C7jc5aSOW9m9R0_SoS1I1q2q8N4E2Q1b_0paViwQKH8l0vkuSASVUkCy9nNCs22CAJaXbvonuThx2mpPL57NfZ3T9avWI33qnwec-Re2Im2w
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 30 Aug 2023 10:10:26 GMT
Server
MT3 1031 59fd23a master zrh zrh-pixel-x26 config_version:"1524"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRR7kikJW9AJrd9JoR2jbN6ZydjB2Vyq6C7jc5aSOW9m9R0_SoS1I1q2q8N4E2Q1b_0paViwQKH8l0vkuSASVUkCy9nNCs22CAJaXbvonuThx2mpPL57NfZ3T9avWI33qnwec-Re2Im2w
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 30 Aug 2023 10:10:25 GMT
i.match
s.tribalfusion.com/z/ Frame 8C24
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIdSrM8xsncYbLpYqlrUXVM&google_cver=1&google_push=AXcoOmSsj2svYeV2wxPsyj2_K1_f-v4NZluJa38d2w6aRWJFju0n21wCevIr43Lpeayiw-60Stpf9PiQ-vQqkAVsL8FlpYbQWibTL...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIdSrM8xsncYbLpYqlrUXVM&google_cver=1&google_push=AXcoOmSsj2svYeV2wxPsyj2_K1_f-v4NZluJa38d2w6aRWJFju0n21wCevIr43Lpeayiw-60Stpf9PiQ-vQqkAVsL8FlpYbQWib...
43 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIdSrM8xsncYbLpYqlrUXVM&google_cver=1&google_push=AXcoOmSsj2svYeV2wxPsyj2_K1_f-v4NZluJa38d2w6aRWJFju0n21wCevIr43Lpeayiw-60Stpf9PiQ-vQqkAVsL8FlpYbQWibTLZJ8_GLvvL4LaWh1Ty-Bw-htju__MHMZiaq04QuhmHq1Jw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSsj2svYeV2wxPsyj2_K1_f-v4NZluJa38d2w6aRWJFju0n21wCevIr43Lpeayiw-60Stpf9PiQ-vQqkAVsL8FlpYbQWibTLZJ8_GLvvL4LaWh1Ty-Bw-htju__MHMZiaq04QuhmHq1Jw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7fec3e765f763816-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
4
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIdSrM8xsncYbLpYqlrUXVM&google_cver=1&google_push=AXcoOmSsj2svYeV2wxPsyj2_K1_f-v4NZluJa38d2w6aRWJFju0n21wCevIr43Lpeayiw-60Stpf9PiQ-vQqkAVsL8FlpYbQWibTLZJ8_GLvvL4LaWh1Ty-Bw-htju__MHMZiaq04QuhmHq1Jw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSsj2svYeV2wxPsyj2_K1_f-v4NZluJa38d2w6aRWJFju0n21wCevIr43Lpeayiw-60Stpf9PiQ-vQqkAVsL8FlpYbQWibTLZJ8_GLvvL4LaWh1Ty-Bw-htju__MHMZiaq04QuhmHq1Jw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7fec3e748cf63816-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8C24
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEPXef7QrAZM7TOzJKORUDBw&google_cver=1&google_push=AXcoOmRurBUenR0OLULlbQkyzAQndG1QC4qQTK0A-sd0rxQlyEGxyHbNkK1RvWyrkCPCltVnVdax8o7hN9qc28TMup5IAJPRcTab8X...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9E42FD47FAEA42B6A9787FC7C62CEB7E&google_push=AXcoOmRurBUenR0OLULlbQkyzAQndG1QC4qQTK0A-sd0rxQlyEGxyHbNkK1RvWyrkCPCltVnVdax8o7hN9qc28T...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9E42FD47FAEA42B6A9787FC7C62CEB7E&google_push=AXcoOmRurBUenR0OLULlbQkyzAQndG1QC4qQTK0A-sd0rxQlyEGxyHbNkK1RvWyrkCPCltVnVdax8o7hN9qc28TMup5IAJPRcTab8X3pJv-YSS7-Q7Ei7cBahL51axTzeW-60uFMvSSdLdclnw
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 30 Aug 2023 10:10:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9E42FD47FAEA42B6A9787FC7C62CEB7E&google_push=AXcoOmRurBUenR0OLULlbQkyzAQndG1QC4qQTK0A-sd0rxQlyEGxyHbNkK1RvWyrkCPCltVnVdax8o7hN9qc28TMup5IAJPRcTab8X3pJv-YSS7-Q7Ei7cBahL51axTzeW-60uFMvSSdLdclnw
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 29 Aug 2023 10:10:26 GMT
pixel
cm.g.doubleclick.net/ Frame 8C24
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPRarsN5ERDz35wOGmAM9js&google_cver=1&google_push=AXcoOmQF6j0X6khdSgitewjILa7BHsU7SIaNOT1kxNM3IIg-mERPlfECTOaCmW7K0gDxTRdwlM2AERPWew9JUMyB38oJCtL...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQF6j0X6khdSgitewjILa7BHsU7SIaNOT1kxNM3IIg-mERPlfECTOaCmW7K0gDxTRdwlM2AERPWew9JUMyB38oJCtLtTd_oYPIBS-phUsTU3uuCdfmFkupVAU1Tk5lqd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQF6j0X6khdSgitewjILa7BHsU7SIaNOT1kxNM3IIg-mERPlfECTOaCmW7K0gDxTRdwlM2AERPWew9JUMyB38oJCtLtTd_oYPIBS-phUsTU3uuCdfmFkupVAU1Tk5lqdAufUSc94w1TrQ&google_hm=eS03N2FIUkx0RTJwR3p1RVhFb2FsTVpDZ0U3dENYYmRVX35B
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 30 Aug 2023 10:10:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQF6j0X6khdSgitewjILa7BHsU7SIaNOT1kxNM3IIg-mERPlfECTOaCmW7K0gDxTRdwlM2AERPWew9JUMyB38oJCtLtTd_oYPIBS-phUsTU3uuCdfmFkupVAU1Tk5lqdAufUSc94w1TrQ&google_hm=eS03N2FIUkx0RTJwR3p1RVhFb2FsTVpDZ0U3dENYYmRVX35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8C24
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJVKNoOmxzk-dheJox1fEhw&google_cver=1&google_push=AXcoOmR1-7T3kpc_sibcCs9-HtgqAQK2mpCgA-DK1d40j1TmsQc7LraFQu3JW_8Avquo44L6giG4VkqEYgK-Z2MZR...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJVKNoOmxzk-dheJox1fEhw&google_cver=1&google_push=AXcoOmR1-7T3kpc_sibcCs9-HtgqAQK2mpCgA-DK1d40j1TmsQc7LraFQu3JW_8Avquo44L6giG4VkqEYgK-Z2MZR...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmR1-7T3kpc_sibcCs9-HtgqAQK2mpCgA-DK1d40j1TmsQc7LraFQu3JW_8Avquo44L6giG4VkqEYgK-Z2MZRLj_VKOvTzUffVLAeu-HCe2qI3AplabN8Nm5seZod7QRg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmR1-7T3kpc_sibcCs9-HtgqAQK2mpCgA-DK1d40j1TmsQc7LraFQu3JW_8Avquo44L6giG4VkqEYgK-Z2MZRLj_VKOvTzUffVLAeu-HCe2qI3AplabN8Nm5seZod7QRgdtBRt1qzn9jIg&google_hm=HPKCuGZHMhmCnPE6RLKEFCya
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 30 Aug 2023 10:10:26 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmR1-7T3kpc_sibcCs9-HtgqAQK2mpCgA-DK1d40j1TmsQc7LraFQu3JW_8Avquo44L6giG4VkqEYgK-Z2MZRLj_VKOvTzUffVLAeu-HCe2qI3AplabN8Nm5seZod7QRgdtBRt1qzn9jIg&google_hm=HPKCuGZHMhmCnPE6RLKEFCya
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 8C24
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEATUhQpRGA9c3UWK2EyUOyM&google_cver=1&google_push=AXcoOmSkNFCm7cCvxLZL6VlKxNF1OqTAnRs5OephKO7tBZsVY2GRZxQN1AW7xeXogTZXAiOe472FIdLxchJQMQi0I9oCdheEnO...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSkNFCm7cCvxLZL6VlKxNF1OqTAnRs5OephKO7tBZsVY2GRZxQN1AW7xeXogTZXAiOe472FIdLxchJQMQi0I9oCdheEnOJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY0NzIxMzcxOTA4MjE1MTAwMTY0NQ%3D%3D&google_push=AXcoOmSkNFCm7cCvxLZL6VlKxNF1OqTAnRs5OephKO7tBZsVY2GRZxQN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY0NzIxMzcxOTA4MjE1MTAwMTY0NQ%3D%3D&google_push=AXcoOmSkNFCm7cCvxLZL6VlKxNF1OqTAnRs5OephKO7tBZsVY2GRZxQN1AW7xeXogTZXAiOe472FIdLxchJQMQi0I9oCdheEnOJZmXCLwNI3AGB8-AUB6qqmfRgwDpHBieEAHsvg1wS01Umqbg
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzY0NzIxMzcxOTA4MjE1MTAwMTY0NQ%3D%3D&google_push=AXcoOmSkNFCm7cCvxLZL6VlKxNF1OqTAnRs5OephKO7tBZsVY2GRZxQN1AW7xeXogTZXAiOe472FIdLxchJQMQi0I9oCdheEnOJZmXCLwNI3AGB8-AUB6qqmfRgwDpHBieEAHsvg1wS01Umqbg
date
Wed, 30 Aug 2023 10:10:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/match/ Frame 8C24
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECIB_p-NXg3O86c5z5NGxtw&google_cver=1&google_push=AXcoOmRBDP52-O0UE3Bk5Bk1pPOYVNS_v1V-Wgv7ckxx_HZxkuPbTd_JjOkyZd7F05N5aeSh2NB9Qqa2vKT...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRBDP52-O0UE3Bk5Bk1pPOYVNS_v1V-Wgv7ckxx_HZxkuPbTd_JjOkyZd7F05N5aeSh2NB9Qqa2vKTmUGstMWEfJrKVP8NfY6y-uy9o27x88sPj_c3Y...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 8C24 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IiS7qKGrFVCpbPnuTAVV3ORGOM9rX2QfQvN0G7HJaYwBg2nMUVmc203PmU5fwy9pvL9YqqwA
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
generic
match.adsrvr.org/track/cmf/ Frame 2543 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8YMgCLAaUF7zmBySnxBMoL3jND0hOiS8AAABgYID-AAnZbJblcGRcqyY2i1u022zcwo3H5ZbtVrPhZrdwbnyrISAhm82yHI6Ma9XEZnGLdpuNW7jxuNyy3Wo23OwWzo1vNQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIrDgjtdJpfdc3o57f4AAAAAAAIAAACABACC-G8JgBjcyRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAx5DcO0WJ2vgQRyIFoEUYAQAAAMiW0844MkknqFhU-f__77cCcAUAIECxiJ3HPIvuoMRbGAAAAAAxQvAlRCN3POhjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAzbgBAHgjACfkYKDpdPhc93rd73fXPcxmh13jtyvNftFJiNViMhlMJovVUYjdcLbYzRaLyewAAAAA3Pn____HIwRfQjRyx4OuB-QmNpdhNLEYZ56Vc-KbWFwbz2ZkG21GM4fFuDF5zxOYQEpaAjBCnwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFrMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGNZmIaDjcktMe02a9FwOHIrhxuPWzQZbUyriWc1mljWotfHdHEZlxPHYIsEA0T2InlapBPVbmPa7SbO5XJlW5lcM9twONwMl4vVZDEzTjymiViiOVmkE9ll35vYXIbRxGKceVbOiW9icW08m5FttBnNHBbjxuTvWBam4WBjcktMu81aNByO3MrhxuMWTUYb02riWY0mlrXo9TFdXMblxDHYN2bLzWY5mExG-8ZsudksB5PJaN9hMj1Tn7PRdcs4PiaptfmytW5Og8JlsHh_EtNi2p0dRCff0alySJdFndHv9_v9fr_f7_f7DVrPwWxQ-L5lv1G3FpuDxc3BIDYYFLFEcJFOdA-z2eE0u3UPs9lhEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcOstjNFYvRXLIYziWrVQIAAAAAAAAAsATTTDcBAAAAcDKo4WSzWa3TwUxWw9VitVwAFzCTun6EU3mI6at8d6UEKvFt12FLFGvssYZ7mM0Op9mte5jNDisDuHD5ZrbZZwSxVqtlDQAAQAAbAABAADfdeBNAFsX9____jwMAACAjhx4AAAD9PqCr2ZmZmZkZfgWxWA4G-wegQqzVanW7sVarFbDgZsvZYAL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 2543
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/c2a480cd-b473-488d-98cc-424c45b354b2-tuctbe89b10?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-bEo6RtRE2oSI3mbPbC4px7nhPGZgN_jatv_ijw--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-bEo6RtRE2oSI3mbPbC4px7nhPGZgN_jatv_ijw--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8YMgCLAaUF7zmBySnxBMoL3jND0hOiS8AAABgYID-AAnZbJblcGRcqyY2i1u022zcwo3H5ZbtVrPhZrdwbnyrISAhm82yHI6Ma9XEZnGLdpuNW7jxuNyy3Wo23OwWzo1vNQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIrDgjtdJpfdc3o57f4AAAAAAAIAAACABACC-G8JgBjcyRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAx5DcO0WJ2vgQRyIFoEUYAQAAAMiW0844MkknqFhU-f__77cCcAUAIECxiJ3HPIvuoMRbGAAAAAAxQvAlRCN3POhjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAzbgBAHgjACfkYKDpdPhc93rd73fXPcxmh13jtyvNftFJiNViMhlMJovVUYjdcLbYzRaLyewAAAAA3Pn____HIwRfQjRyx4OuB-QmNpdhNLEYZ56Vc-KbWFwbz2ZkG21GM4fFuDF5zxOYQEpaAjBCnwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFrMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGNZmIaDjcktMe02a9FwOHIrhxuPWzQZbUyriWc1mljWotfHdHEZlxPHYIsEA0T2InlapBPVbmPa7SbO5XJlW5lcM9twONwMl4vVZDEzTjymiViiOVmkE9ll35vYXIbRxGKceVbOiW9icW08m5FttBnNHBbjxuTvWBam4WBjcktMu81aNByO3MrhxuMWTUYb02riWY0mlrXo9TFdXMblxDHYN2bLzWY5mExG-8ZsudksB5PJaN9hMj1Tn7PRdcs4PiaptfmytW5Og8JlsHh_EtNi2p0dRCff0alySJdFndHv9_v9fr_f7_f7DVrPwWxQ-L5lv1G3FpuDxc3BIDYYFLFEcJFOdA-z2eE0u3UPs9lhEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcOstjNFYvRXLIYziWrVQIAAAAAAAAAsATTTDcBAAAAcDKo4WSzWa3TwUxWw9VitVwAFzCTun6EU3mI6at8d6UEKvFt12FLFGvssYZ7mM0Op9mte5jNDisDuHD5ZrbZZwSxVqtlDQAAQAAbAABAADfdeBNAFsX9____jwMAACAjhx4AAAD9PqCr2ZmZmZkZfgWxWA4G-wegQqzVanW7sVarFbDgZsvZYAL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:26 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
26020

Redirect headers

date
Wed, 30 Aug 2023 10:10:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-bEo6RtRE2oSI3mbPbC4px7nhPGZgN_jatv_ijw--~A
content-length
0
sync
x.bidswitch.net/ Frame 2543 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8YMgCLAaUF7zmBySnxBMoL3jND0hOiS8AAABgYID-AAnZbJblcGRcqyY2i1u022zcwo3H5ZbtVrPhZrdwbnyrISAhm82yHI6Ma9XEZnGLdpuNW7jxuNyy3Wo23OwWzo1vNQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIrDgjtdJpfdc3o57f4AAAAAAAIAAACABACC-G8JgBjcyRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAx5DcO0WJ2vgQRyIFoEUYAQAAAMiW0844MkknqFhU-f__77cCcAUAIECxiJ3HPIvuoMRbGAAAAAAxQvAlRCN3POhjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAzbgBAHgjACfkYKDpdPhc93rd73fXPcxmh13jtyvNftFJiNViMhlMJovVUYjdcLbYzRaLyewAAAAA3Pn____HIwRfQjRyx4OuB-QmNpdhNLEYZ56Vc-KbWFwbz2ZkG21GM4fFuDF5zxOYQEpaAjBCnwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFrMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGNZmIaDjcktMe02a9FwOHIrhxuPWzQZbUyriWc1mljWotfHdHEZlxPHYIsEA0T2InlapBPVbmPa7SbO5XJlW5lcM9twONwMl4vVZDEzTjymiViiOVmkE9ll35vYXIbRxGKceVbOiW9icW08m5FttBnNHBbjxuTvWBam4WBjcktMu81aNByO3MrhxuMWTUYb02riWY0mlrXo9TFdXMblxDHYN2bLzWY5mExG-8ZsudksB5PJaN9hMj1Tn7PRdcs4PiaptfmytW5Og8JlsHh_EtNi2p0dRCff0alySJdFndHv9_v9fr_f7_f7DVrPwWxQ-L5lv1G3FpuDxc3BIDYYFLFEcJFOdA-z2eE0u3UPs9lhEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcOstjNFYvRXLIYziWrVQIAAAAAAAAAsATTTDcBAAAAcDKo4WSzWa3TwUxWw9VitVwAFzCTun6EU3mI6at8d6UEKvFt12FLFGvssYZ7mM0Op9mte5jNDisDuHD5ZrbZZwSxVqtlDQAAQAAbAABAADfdeBNAFsX9____jwMAACAjhx4AAAD9PqCr2ZmZmZkZfgWxWA4G-wegQqzVanW7sVarFbDgZsvZYAL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.10.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-10-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 20B7 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8YMgCLAaUF7zmBySnxBMoL3jND0hOiS8AAABgYID-AAnZbJblcGRcqyY2i1u022zcwo3H5ZbtVrPhZrdwbnyrISAhm82yHI6Ma9XEZnGLdpuNW7jxuNyy3Wo23OwWzo1vNQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIrDgjtdJpfdc3o57f4AAAAAAAIAAACABACC-G8JgBjcyRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAx5DcO0WJ2vgQRyIFoEUYAQAAAMiW0844MkknqFhU-f__77cCcAUAIECxiJ3HPIvuoMRbGAAAAAAxQvAlRCN3POhjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAzbgBAHgjACfkYKDpdPhc93rd73fXPcxmh13jtyvNftFJiNViMhlMJovVUYjdcLbYzRaLyewAAAAA3Pn____HIwRfQjRyx4OuB-QmNpdhNLEYZ56Vc-KbWFwbz2ZkG21GM4fFuDF5zxOYQEpaAjBCnwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFrMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGNZmIaDjcktMe02a9FwOHIrhxuPWzQZbUyriWc1mljWotfHdHEZlxPHYIsEA0T2InlapBPVbmPa7SbO5XJlW5lcM9twONwMl4vVZDEzTjymiViiOVmkE9ll35vYXIbRxGKceVbOiW9icW08m5FttBnNHBbjxuTvWBam4WBjcktMu81aNByO3MrhxuMWTUYb02riWY0mlrXo9TFdXMblxDHYN2bLzWY5mExG-8ZsudksB5PJaN9hMj1Tn7PRdcs4PiaptfmytW5Og8JlsHh_EtNi2p0dRCff0alySJdFndHv9_v9fr_f7_f7DVrPwWxQ-L5lv1G3FpuDxc3BIDYYFLFEcJFOdA-z2eE0u3UPs9lhEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcOstjNFYvRXLIYziWrVQIAAAAAAAAAsATTTDcBAAAAcDKo4WSzWa3TwUxWw9VitVwAFzCTun6EU3mI6at8d6UEKvFt12FLFGvssYZ7mM0Op9mte5jNDisDuHD5ZrbZZwSxVqtlDQAAQAAbAABAADfdeBNAFsX9____jwMAACAjhx4AAAD9PqCr2ZmZmZkZfgWxWA4G-wegQqzVanW7sVarFbDgZsvZYAL_____AQ!&cmcv=&pix=undefined&cb=1693390226428&uv=3322&tms=1693390226428&abt=aniview_inc_vA!ll427_vA!nonrv_vA!pl1545_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=dff298d8-5bfb-473c-8cce-6756837a9c75&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 20B7
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/c2a480cd-b473-488d-98cc-424c45b354b2-tuctbe89b10?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-bEo6RtRE2oSI3mbPbC4px7nhPGZgN_jatv_ijw--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-bEo6RtRE2oSI3mbPbC4px7nhPGZgN_jatv_ijw--~A
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8YMgCLAaUF7zmBySnxBMoL3jND0hOiS8AAABgYID-AAnZbJblcGRcqyY2i1u022zcwo3H5ZbtVrPhZrdwbnyrISAhm82yHI6Ma9XEZnGLdpuNW7jxuNyy3Wo23OwWzo1vNQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIrDgjtdJpfdc3o57f4AAAAAAAIAAACABACC-G8JgBjcyRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAx5DcO0WJ2vgQRyIFoEUYAQAAAMiW0844MkknqFhU-f__77cCcAUAIECxiJ3HPIvuoMRbGAAAAAAxQvAlRCN3POhjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAzbgBAHgjACfkYKDpdPhc93rd73fXPcxmh13jtyvNftFJiNViMhlMJovVUYjdcLbYzRaLyewAAAAA3Pn____HIwRfQjRyx4OuB-QmNpdhNLEYZ56Vc-KbWFwbz2ZkG21GM4fFuDF5zxOYQEpaAjBCnwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFrMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGNZmIaDjcktMe02a9FwOHIrhxuPWzQZbUyriWc1mljWotfHdHEZlxPHYIsEA0T2InlapBPVbmPa7SbO5XJlW5lcM9twONwMl4vVZDEzTjymiViiOVmkE9ll35vYXIbRxGKceVbOiW9icW08m5FttBnNHBbjxuTvWBam4WBjcktMu81aNByO3MrhxuMWTUYb02riWY0mlrXo9TFdXMblxDHYN2bLzWY5mExG-8ZsudksB5PJaN9hMj1Tn7PRdcs4PiaptfmytW5Og8JlsHh_EtNi2p0dRCff0alySJdFndHv9_v9fr_f7_f7DVrPwWxQ-L5lv1G3FpuDxc3BIDYYFLFEcJFOdA-z2eE0u3UPs9lhEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcOstjNFYvRXLIYziWrVQIAAAAAAAAAsATTTDcBAAAAcDKo4WSzWa3TwUxWw9VitVwAFzCTun6EU3mI6at8d6UEKvFt12FLFGvssYZ7mM0Op9mte5jNDisDuHD5ZrbZZwSxVqtlDQAAQAAbAABAADfdeBNAFsX9____jwMAACAjhx4AAAD9PqCr2ZmZmZkZfgWxWA4G-wegQqzVanW7sVarFbDgZsvZYAL_____AQ!&cmcv=&pix=undefined&cb=1693390226428&uv=3322&tms=1693390226428&abt=aniview_inc_vA!ll427_vA!nonrv_vA!pl1545_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=dff298d8-5bfb-473c-8cce-6756837a9c75&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:26 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
26020

Redirect headers

date
Wed, 30 Aug 2023 10:10:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-bEo6RtRE2oSI3mbPbC4px7nhPGZgN_jatv_ijw--~A
content-length
0
sync
ups.analytics.yahoo.com/ups/58785/ Frame 20B7 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8YMgCLAaUF7zmBySnxBMoL3jND0hOiS8AAABgYID-AAnZbJblcGRcqyY2i1u022zcwo3H5ZbtVrPhZrdwbnyrISAhm82yHI6Ma9XEZnGLdpuNW7jxuNyy3Wo23OwWzo1vNQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIrDgjtdJpfdc3o57f4AAAAAAAIAAACABACC-G8JgBjcyRP__________zEG6DNvZPz____fMOgB8OAD4EEIAADAx5DcO0WJ2vgQRyIFoEUYAQAAAMiW0844MkknqFhU-f__77cCcAUAIECxiJ3HPIvuoMRbGAAAAAAxQvAlRCN3POhjFuhh8fvNDrvG73aZ_________38z_2f-0QgxrRemCao4clXzCwgAsOYXEACAzbgBAHgjACfkYKDpdPhc93rd73fXPcxmh13jtyvNftFJiNViMhlMJovVUYjdcLbYzRaLyewAAAAA3Pn____HIwRfQjRyx4OuB-QmNpdhNLEYZ56Vc-KbWFwbz2ZkG21GM4fFuDF5zxOYQEpaAjBCnwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFrMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGNZmIaDjcktMe02a9FwOHIrhxuPWzQZbUyriWc1mljWotfHdHEZlxPHYIsEA0T2InlapBPVbmPa7SbO5XJlW5lcM9twONwMl4vVZDEzTjymiViiOVmkE9ll35vYXIbRxGKceVbOiW9icW08m5FttBnNHBbjxuTvWBam4WBjcktMu81aNByO3MrhxuMWTUYb02riWY0mlrXo9TFdXMblxDHYN2bLzWY5mExG-8ZsudksB5PJaN9hMj1Tn7PRdcs4PiaptfmytW5Og8JlsHh_EtNi2p0dRCff0alySJdFndHv9_v9fr_f7_f7DVrPwWxQ-L5lv1G3FpuDxc3BIDYYFLFEcJFOdA-z2eE0u3UPs9lhEUuUpot0oi_63S7Dw-fyV8QSwekinQj9bpdF_UcOstjNFYvRXLIYziWrVQIAAAAAAAAAsATTTDcBAAAAcDKo4WSzWa3TwUxWw9VitVwAFzCTun6EU3mI6at8d6UEKvFt12FLFGvssYZ7mM0Op9mte5jNDisDuHD5ZrbZZwSxVqtlDQAAQAAbAABAADfdeBNAFsX9____jwMAACAjhx4AAAD9PqCr2ZmZmZkZfgWxWA4G-wegQqzVanW7sVarFbDgZsvZYAL_____AQ!&cmcv=&pix=undefined&cb=1693390226428&uv=3322&tms=1693390226428&abt=aniview_inc_vA!ll427_vA!nonrv_vA!pl1545_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=dff298d8-5bfb-473c-8cce-6756837a9c75&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
i.match
s.tribalfusion.com/z/ Frame 6019
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIdSrM8xsncYbLpYqlrUXVM&google_cver=1&google_push=AXcoOmSWiM3xw09A7fiyq8v30ZogWbm9_8qv_RXL6j6ac18M6awRAwpK8d45A2pWw2xLF-D4rylq-Q_6ZY54Kf2X8hPJ6HNseW5uD...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIdSrM8xsncYbLpYqlrUXVM&google_cver=1&google_push=AXcoOmSWiM3xw09A7fiyq8v30ZogWbm9_8qv_RXL6j6ac18M6awRAwpK8d45A2pWw2xLF-D4rylq-Q_6ZY54Kf2X8hPJ6HNseW5...
43 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIdSrM8xsncYbLpYqlrUXVM&google_cver=1&google_push=AXcoOmSWiM3xw09A7fiyq8v30ZogWbm9_8qv_RXL6j6ac18M6awRAwpK8d45A2pWw2xLF-D4rylq-Q_6ZY54Kf2X8hPJ6HNseW5uDA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSWiM3xw09A7fiyq8v30ZogWbm9_8qv_RXL6j6ac18M6awRAwpK8d45A2pWw2xLF-D4rylq-Q_6ZY54Kf2X8hPJ6HNseW5uDA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7fec3e765f773816-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
164
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIdSrM8xsncYbLpYqlrUXVM&google_cver=1&google_push=AXcoOmSWiM3xw09A7fiyq8v30ZogWbm9_8qv_RXL6j6ac18M6awRAwpK8d45A2pWw2xLF-D4rylq-Q_6ZY54Kf2X8hPJ6HNseW5uDA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSWiM3xw09A7fiyq8v30ZogWbm9_8qv_RXL6j6ac18M6awRAwpK8d45A2pWw2xLF-D4rylq-Q_6ZY54Kf2X8hPJ6HNseW5uDA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7fec3e748cf83816-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6019
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEPXef7QrAZM7TOzJKORUDBw&google_cver=1&google_push=AXcoOmQU_KVMkZBugtrR-UOEbFObTzV08PBVp3lEPQMr4XFZGElWL1iy5U9RiXWLrNyAvJ5hyPSjd4wzEMEus8j94QyXDH3RwLme
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DDD0AA3F36E640C2BD133C1B50E57E0E&google_push=AXcoOmQU_KVMkZBugtrR-UOEbFObTzV08PBVp3lEPQMr4XFZGElWL1iy5U9RiXWLrNyAvJ5hyPSjd4wzEMEus8j...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DDD0AA3F36E640C2BD133C1B50E57E0E&google_push=AXcoOmQU_KVMkZBugtrR-UOEbFObTzV08PBVp3lEPQMr4XFZGElWL1iy5U9RiXWLrNyAvJ5hyPSjd4wzEMEus8j94QyXDH3RwLme
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 30 Aug 2023 10:10:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DDD0AA3F36E640C2BD133C1B50E57E0E&google_push=AXcoOmQU_KVMkZBugtrR-UOEbFObTzV08PBVp3lEPQMr4XFZGElWL1iy5U9RiXWLrNyAvJ5hyPSjd4wzEMEus8j94QyXDH3RwLme
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 29 Aug 2023 10:10:26 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 6019 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEAYrFWRatluICo_uiD1tnTg&google_cver=1&google_push=AXcoOmQydMVNiyDVNlZBhGmp29wW-rAHsSYT3FJP4IzlszjCMfGtGvvGroGDsu8WEptmob9uq8AZ1lwIQjvri6Bya_AnXSc8H_NRGw
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:26 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 6019
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPRarsN5ERDz35wOGmAM9js&google_cver=1&google_push=AXcoOmRapZlZLGBYipM7vL30TKPW1rBq3m5DcQvb4Rsb0_lctKkZMig9HJybqPlaLsznP9Ryjzmp3JIdBwmVfqnjtv9t_L5...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRapZlZLGBYipM7vL30TKPW1rBq3m5DcQvb4Rsb0_lctKkZMig9HJybqPlaLsznP9Ryjzmp3JIdBwmVfqnjtv9t_L52LvELrA&google_hm=eS03N2FIUkx0RTJwR3p1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRapZlZLGBYipM7vL30TKPW1rBq3m5DcQvb4Rsb0_lctKkZMig9HJybqPlaLsznP9Ryjzmp3JIdBwmVfqnjtv9t_L52LvELrA&google_hm=eS03N2FIUkx0RTJwR3p1RVhFb2FsTVpDZ0U3dENYYmRVX35B
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 30 Aug 2023 10:10:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRapZlZLGBYipM7vL30TKPW1rBq3m5DcQvb4Rsb0_lctKkZMig9HJybqPlaLsznP9Ryjzmp3JIdBwmVfqnjtv9t_L52LvELrA&google_hm=eS03N2FIUkx0RTJwR3p1RVhFb2FsTVpDZ0U3dENYYmRVX35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6019
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEMkkgkxD16sHOnHUnnhoO7A&google_cver=1&google_push=AXcoOmT_Aib1ybstho3R5AEsZUzre4S1sEkSqsa4qCbbR3co6ogrw6aT9B6VJeo4BSrwDP9w_g-1-nm2pMzfd4BG_pp1aDm...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMkkgkxD16sHOnHUnnhoO7A&google_cver=1&google_push=AXcoOmT_Aib1ybstho3R5AEsZUzre4S1sEkSqsa4qCbbR3co6ogrw6aT9B6VJeo4BSrwDP9w_g-1-nm2pMzfd4BG_pp1a...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmT_Aib1ybstho3R5AEsZUzre4S1sEkSqsa4qCbbR3co6ogrw6aT9B6VJeo4BSrwDP9w_g-1-nm2pMzfd4BG_pp1aDmS6l_OwQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmT_Aib1ybstho3R5AEsZUzre4S1sEkSqsa4qCbbR3co6ogrw6aT9B6VJeo4BSrwDP9w_g-1-nm2pMzfd4BG_pp1aDmS6l_OwQ
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmT_Aib1ybstho3R5AEsZUzre4S1sEkSqsa4qCbbR3co6ogrw6aT9B6VJeo4BSrwDP9w_g-1-nm2pMzfd4BG_pp1aDmS6l_OwQ
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 6019
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=V_FQvfMoSUuK4ONyqrsw6w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=V_FQvfMoSUuK4ONyqrsw6w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTLcZEvQVG-ziWZX47GIvApTbhpkxZXwGIqcJEWqIIlTSfZyVPp_1Xs21YOfO-UAe6X4I0ywJjTU8JCB3Gb136TFBGTzTLxRw
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=V_FQvfMoSUuK4ONyqrsw6w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTLcZEvQVG-ziWZX47GIvApTbhpkxZXwGIqcJEWqIIlTSfZyVPp_1Xs21YOfO-UAe6X4I0ywJjTU8JCB3Gb136TFBGTzTLxRw
date
Wed, 30 Aug 2023 10:10:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 6019 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAPvE0Y3z5TlNNnfNhp-oCc&google_cver=1&google_push=AXcoOmSvW5hnzxNJTchlyrepoy6MakryVeZSDoGXZPt4y1I2-PGnhWUJuEhHrJLdv-xo2FEGz3JjdRcXf7zF1UxZc9r79Et7pmshiQ
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.10.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-10-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 6019 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L-pw9yy5029YX8QFk80V6QM794nm7MX3B1epNhAuM2hY_5khWCKNoQ2O1R9yU3JioXkvV4bg
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
pagead2.googlesyndication.com/bg/ Frame 8007 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 17:24:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
60381
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14706
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Aug 2024 17:24:05 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DBEF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
272321
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 06:31:45 GMT
expires
Mon, 26 Aug 2024 06:31:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/8545329873006492075/ Frame 2C46 		142 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
417563
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22810
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 25 Aug 2023 14:11:03 GMT
expires
Sat, 24 Aug 2024 14:11:03 GMT
last-modified
Wed, 09 Feb 2022 10:36:00 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B94B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstIb0xNOeOxTgbvtkxxdNDV-SU2_3duxRqAyHRYPlBtrAti3zV5TAtFIMedsHvakEhT6fv0dePthlLINbfVmEkxT9AfKoKjRJiEMQWD7eDWhAqMmOkwLqyZFlrPULBqYGcB-RsVtdRabRh9uEkoPHzBAAIHOlyBvsglslGPdSNTCYR0Kie7iSAj31kBDX6AR7KYilQMM8IlGEC7btpb8LWyJ0DBSz7Z5F8K-jxy2GJlaD2t7VLbwpzWovFk_Sq6MwultlmPVJe6Mm8I7PGMxGyd40r9pmwrkb7sCCB4VysqS0O813CvlkHzsVMauGhBmccgnlHcOrSYmMVCOYzdX81RnLTpQf5JiDwl4xT3KXYNUFchOMWYB5Cf7jdyvovCNfGQtylWH7cRJStYK3jQtBb3CUcGQsOTzrnR4OAVfmqwlVAqDm64zuriExOBD-CzfF8-vqgQAvj3GN0todVi35gJYyaTa-Dwqe6Ih1NcQwmr8y94Ve9kpGQLBP2P5VzMzwPotW0PnYPsGZWS6Sy-no11-WVl-S905l-Gr-RQgiVMAd3MGrHX-8ep9DXBbKIF4dikqpieVWknh_MK1x-M3x1zU6yWsBnnCvGfyCKyG5H49gc6ziMB7yoCuW7_MfhboM3nskdBk8xDKf8ZFe0XQwja3CSf-YaRpNCnoznPz9kXoffEQtwXGxbbyKEdhUcW1zHzoD68AxytS0xCOw7_wOVmqL7iMV4EYwAQz2WPZOM5HKcISa3J13ry1Og_ASzbLSL9vv8hdbZpZyCKEoHUee-bckoPyfqmHcHI-hN2dR247l1FSlfHPIFPsMVfeIctxIsTME0jwwBNNZG0caYgjVeHNEZlli-3CtwCFY9LJNKyfoTAcr5LwY6TGRbt8UUW2wQgDpMi_t-4rl8rYanAoKccO1cmstO_ncXBqLwUqEQ9jTfUng6y6vvEQZFh4dNwnnZLXMZr4Jv1k42VhbiRmneY9L_CE0Nb3tnP0iLSDK-c0tcOYKmlCF4c0gQDGiiIDsazKYJBxqaMNvPs5EngC2dhUnrDXMwrkezL8tHC2wRQ3ZNXrV-h-1juhvBk9p1mjMXn4CEGy4hDo-p43k6fBq3sF4-p0i4mfGe-BIAirECeSkVxc_VjLA722WLM16_IqOQRfuSuXfW4YiRmnZTKxOnqyGe5oOKcwCJRwIzeVE1_ScPuab9rq9xXlPqc4vU16Lco7dda5TWNtXYVeOfIdlJJOpiZJaszTk5nVMawkA4tzgwygCvNZ6eMh1V-e5JsHrc5d7vtIgRTnWlQyL6PZDBH_a6upRfGXpnndP2X_3YzslKOgb4aFHFGWvi6o-KmNyh0mmhsxAw&sai=AMfl-YRlvYZe4lQEN2yezfMV0AmkGdZaPtz7JjcXJFVv6VU3QifDJ99cNwIwjG13vXezVN5y6yxaP7nLSvm7Yb839scWJgHrRKUuf-qNnvLKVss0yF128vYq6lxmObPMFSDxRfWRcoNIUKPTBfG6gQ9r3jKpEIUhRQg3k22_yhQzTkSfjcO9x4CWkVP8OZzuBcYPxK-eMXaypXZzNXi0CIm0wHCBjWeeW9TKiZeAprqkPxIsAbK1eYBEfwlnkM3SwENH-npA&sig=Cg0ArKJSzFKPsBFyso-iEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=379&cbvp=1&cstd=376&cisv=r20230828.30025&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 30 Aug 2023 10:10:26 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 30 Aug 2023 10:10:26 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C840 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
272321
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 06:31:45 GMT
expires
Mon, 26 Aug 2024 06:31:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/8545329873006492075/ Frame 9529 		142 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
417563
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22810
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 25 Aug 2023 14:11:03 GMT
expires
Sat, 24 Aug 2024 14:11:03 GMT
last-modified
Wed, 09 Feb 2022 10:36:00 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E288 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0gCqtDS3t5PpERx4tnWWpyvbu0Ut-xJAnjRSyoXJRjImz9CvfduZJXCZeeYXxuaYCs7keZBfGqnk7s-vgNDV8D0w01HTahzkwRQtfzbt4087NbHs9a7OrOhuo5cN208PixcRIyroulLCZiHrbqhcl8TiFs1vcr1Wy6vY6L_lY9w93K2Q-oz6Tp9QAA7pAXcksQ3Frn8eil2FTGfCXZVKsrBJEnI3sSVNgRqxKpLE3f22CW2TmULJ-UjkOuyidBdAaj7AaR1jeA17NkxUAnj-yYXj8Qca4EIQbhmezZbYa6sWS1h39HdQ_cxGZyJQVAIvpiNl8ze9Y2gMC0_kGw_3rfoYVnIc_VK7ZIT8RuKDjRxyFHJmwYu-9PcJmDm5S2OyEt5s4AyG9wC1Px-eVYA4FOu5DuoQIQq2HvZTsmRTxA91lXlUCAVBXP-h8i1WtMnH3ccH1P9KA5VSBEnD6UmJeomaPuoF-sJnke_CSMKyXA1ZZ8_R4PI8uhcFnxdjcxIFIKB-NSquNR_aVe13PhdeKz6HSjskJ-JtTJti7WwqBTbq0JdhRcZvpYiz3LNoJdDHCOi7vU7bS0PdchGtG2geG1mSUfpxg68YaVWPqNcW23pfrd7thNUEpHiNIEvOvkEJRRSagN9-3nhLrYY2hxr36GNl8ZM4AsWEmG9WmL21bip4NEGgnL3VGL0Z4QRMugmI7NVUq8KXIXcwbQks6pOTvyoTp7rWQMDttWznqVjhUZCS6pz8-b-nwx_wkJW59yXS8RjtVvCMmVR1rABjgEGsnHyltpXKkaJmOW01VUcVwvEs0bRWIm1c0M82IabJFiZlLurMew2DYK11g0QzKixw373Ht9Djt3VZ2RXY_YA0Z6GFqryrye5onBBbdZju-18Os7kCtMr0eR2RhR5hQ1_hU3yzqNUnkYXxgwrlXE5DuYQF8D3DNXVwAkNOqYHadxP2KF9CvOgih991mvnrB5FY80i3nYMRX3DBlzq_qulF7hPStB8dN03ESt3pLusM81F3LYoxI7EX8U8m7kQyIUiTFSAhj32D8NICqheiFIQ8XOb0ZceIS4kR9z4UTLWbAJFX7hmL1zolGy1jYH6xwb_3OcLQ1IzEncRS5sfWHQYN672H7qwYVJYrXw6F-fzIAXaCNP_0NsyY7gz4lqs1NZayLxjKkoZZsH63zSm0Hu0LxFrOvfIlPUQI7iew1JM71ILM2l2_UHEAJlroT0h0Qy99HzlhT65PK4pLAkoulIoz58tjv7I0NKu5fE4mdzODMw83GIIC3iwSiPvE4OkStAliLt4IoXpTMYvYZkuti_GffR1Iuxf9u-s7G6UhtkLfb6V0TmDimC1A&sai=AMfl-YTZxqqsx2yrqebVkyLDMVZ6tsmqS7ylMdvAGPTZDixYuMaHc1EC-tgskC1xEy27vTQqmNqXnKj81DHlOfBHH_4URptE_zbDRTNPVrhfIW2tytGVLtQwkg0sqbbHFh2vmqVlMOgwVUGtP9H2duAxMKzbeTzSVXvfRj3Kdp3qfI5HI2YftdDGmSTPPTUBbLz-QCqWuqctkUslxnemcTlyIW3VNhtDDirl4Rc-BLUSwPdY4SbD9-t7kcCxh0vNb2alabIS&sig=Cg0ArKJSzJW7cjndx1UcEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=376&cbvp=1&cstd=374&cisv=r20230828.02501&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 30 Aug 2023 10:10:26 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 30 Aug 2023 10:10:26 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E4ED 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
272321
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 06:31:45 GMT
expires
Mon, 26 Aug 2024 06:31:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/8545329873006492075/ Frame 53A9 		142 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
417563
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22810
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 25 Aug 2023 14:11:03 GMT
expires
Sat, 24 Aug 2024 14:11:03 GMT
last-modified
Wed, 09 Feb 2022 10:36:00 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8DCB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstyin1LmHHnuYWjZyuE5J9Kg_1S3d-brexiwptk9ypFHTf4oKVhjMk9lm2pQJVcRWqHcyN9peYppUN4Inrj4d9hvtYot5t5K_aG1TCqXlCGrwUYHAcRlFOdudJYbLbSnBwhdWIGaA8AYkfYP4KufXU4xQ4TkVsOv0n8D9CNTZEAEQO1FNw_IGg0q5yYSyG_k6oE-i9e_OOqIV6afcHFwd688p35-84zRzBeZC31Ade4oqjFhQRdfZ3jM_32zMIcfpjthtWWV3-rgaK6XgoJP0s0wISGy-V7cYQr_PrXz_h15zs2eY9zFQU5HJrEqFAYN0NtAyqP57ZDXOG7KE3yLOkvksT0ZuXlgHJpgucbbxVQLkI__n05a8zZeszOlmhHefty9YcsupqCdwyLI5Wvz31AbT26-6qWLI1_7rHTDoNKjYW9HT_lhzRKezY15vh8jXgPOJxbFHIDfoh4LRR0JIRJ8WyHQaJwJsGeBKi4xEJhsYgtcDHjjhr9p4ou4nDl0f_TP7i5263SEJdxaPOrSQdYIRhAsCSP8jU0uWknNyxx3Nll67pcgyc4fq4pmSK2OQqbBnMxLRRy8M1MQyyLDuQyAVFA1Fabuun-xSDrCBrF8FbYW7JTrKzLyGIyyb3d4IIwuF9iFtS1T9_I5qOIA-Srm9_RQzfjvZSIVsTBT-5oczzvZfwq8NAutV0bWxWiLLxrqhCbSFGtG-nBxSbTd_ZfVZF_rsbQxnIt4q0uy5Lt5fMAzTbrCDSWnp70MvwsirRwrwlurW2j_5CgJdV9hnr-ApBdHRZxcvka7bISteRGBJy0_Z8hT-FItcW6NpnD4t_QP-g1OBhNFS8b9kCo6n5XEfiXbQE6T9zW694ZpzSN9O_KH5ipoM0TOT-sUDTMjS2qdzUdHHskS2w9aZuiyzuC1Wio1Eq2zZDNWnAuf7r6yHX-36qr6Cv9INkB9_Bq74Gkyo5Q8vW_9mVAEGk-Xq_vtqkbPG35PnJgtveTZotKGciDfBgRzOAyqgh-VqxUw0ziOOilMoeM4RynCr9ebYKYFePnEeCtGwFaJPBrqaRJUugU-vAKY72o6PiCEuFAvNJgd8kDoBtKW-Dpxc89R-NzoV9OEapsPsmJI4ekzxW67FOB39grbh3bOjW88LBZCIyLWXc7U6IGcWRQZVQmm9d6Oq8GcpDOYkyykvhxTdSrG7MYzNDv4xcKlDzB6zRoQPpT2MGPLgDoHLFZeSqyx1LCeG0_CMxYe-E_I4AxN_4H4MdVqasLMcBJ8Sofd4y1Xof26YcEhMN5SGdqOpOLFdfJ_7mLSwjPvCm1mqjdHX-ntWRfvP6AnuZ-h-wuox577BMXJYQqoHA&sai=AMfl-YQfvxPGq4SyTuU1xFuNqTFv67-KMjiYiQB1YpmAaK25whlknnifB8H0rYBld-VMx3JgVj_X_70gQDUPBWU-up3a_c4BatGoJYFjoQ00ZZRZnIiLeLG3rgSCdtbz7dGAePZev24XF01nbHJVBsXx_e28ejMTa4BquALTTbrpIS2vQqmCiQXLcY0TK0TI-hAlYVarSYMNjt4qdoYbl3yHUKwmzlKwt1wnbThxYA1YxAlhQ5sP9CsoeFXP1Poo6s1h4J_j&sig=Cg0ArKJSzE1Al53vDs3aEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=371&cbvp=1&cstd=369&cisv=r20230828.13014&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 30 Aug 2023 10:10:26 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 30 Aug 2023 10:10:26 GMT
4.js
static.adsafeprotected.com/ Frame E288
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20338656462&bidurl=https://www.walla.co.il/&...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_kRXvZK7RNp-wx_APo5en4As&cbFunctionName=goog_wrapCb_kRXvZK7RNp-wx_APo5en4As&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_kRXvZK7RNp-wx_APo5en4As&cbFunctionName=goog_wrapCb_kRXvZK7RNp-wx_APo5en4As&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:8e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding
gzip
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
date
Mon, 28 Aug 2023 15:03:03 GMT
x-amz-cf-pop
FRA56-P5
age
155244
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
H2fE9IX_OrqmayPeNPUQSfu-2U41xxjBzeVp-mgWHbqLBcA4j9RApg==

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
nginx
x-server-name
app06.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_kRXvZK7RNp-wx_APo5en4As&cbFunctionName=goog_wrapCb_kRXvZK7RNp-wx_APo5en4As&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 2F41 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
29615650
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
CerMMhJ4Eq8FeTZMLj8pc2Ax8Knu0L4ranq5EqWKDb0CTSQaaFfoLw==
4.js
static.adsafeprotected.com/ Frame B94B
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20338656462&bidurl=https://www.walla.co.il/&...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_kRXvZNadNojAx_AP3ZyBsAQ&cbFunctionName=goog_wrapCb_kRXvZNadNojAx_AP3ZyBsAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_kRXvZNadNojAx_AP3ZyBsAQ&cbFunctionName=goog_wrapCb_kRXvZNadNojAx_AP3ZyBsAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:8e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding
gzip
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
date
Mon, 28 Aug 2023 15:03:03 GMT
x-amz-cf-pop
FRA56-P5
age
155244
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
sUvlTJLP6YE5h7MsIJOjJhT1ldo29IsdY4WHcafWdqp6_LWZPqEm0g==

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
nginx
x-server-name
app15.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_kRXvZNadNojAx_AP3ZyBsAQ&cbFunctionName=goog_wrapCb_kRXvZNadNojAx_AP3ZyBsAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 9C7E 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
29615650
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
uLvBUYKT3Eqwq7ECFRPR_SXH2pg_Af8BVzzgxaX1mcp-nAlX0YZ-XQ==
4.js
static.adsafeprotected.com/ Frame 8DCB
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20338656462&bidurl=https://www.walla.co.il/&...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_kRXvZMTgNoOxx_AP2f-7mAY&cbFunctionName=goog_wrapCb_kRXvZMTgNoOxx_AP2f-7mAY&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_kRXvZMTgNoOxx_AP2f-7mAY&cbFunctionName=goog_wrapCb_kRXvZMTgNoOxx_AP2f-7mAY&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:8e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding
gzip
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
date
Mon, 28 Aug 2023 15:03:03 GMT
x-amz-cf-pop
FRA56-P5
age
155244
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:30 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
19999scgQW3djDdxZjaKLccCgyDUri5yG42iqjz5-5Rhy33tGwppmw==

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:26 GMT
server
nginx
x-server-name
app07.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_kRXvZMTgNoOxx_AP2f-7mAY&cbFunctionName=goog_wrapCb_kRXvZMTgNoOxx_AP2f-7mAY&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 4154 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
29615650
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
AcGP3Awf4xX7KvpD7EzkQMFbetIiPn6BqVIUvW1MCkiaexmdy3RvTw==
dt
dt.adsafeprotected.com/ Frame E288 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=5952e237-63b2-f878-6283-c5d8110ad44a&tv=%7Bc:mLTsgB,pingTime:-3,time:247,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:70%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:247,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:70,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B241~0%5D,as:%5B241~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOpuOFw+11%7C121%7C1221%7C1222%7C1223%7C1224%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1k1%7C1k2%7C1k3%7C1k4%7C1l1%7C1l2%7C1l3%7C1l4%7C1m*.990511-61634100%7C1m1%7C1m2%7C1m3%7C1m4%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v%7C1w%7C1x%7C1y,idMap:1m*,rmeas:1,rend:0,renddet:DIV,siq:71%7D&br=c
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:78aa:1966:9c24:9c12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame E288 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=5952e237-63b2-f878-6283-c5d8110ad44a&tv=%7Bc:mLTsgC,pingTime:-6,time:248,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:248,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:70,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B242~0%5D,as:%5B242~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOpuOFw+11%7C121%7C1221%7C1222%7C1223%7C1224%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1k1%7C1k2%7C1k3%7C1k4%7C1l1%7C1l2%7C1l3%7C1l4%7C1m*.990511-61634100%7C1m1%7C1m2%7C1m3%7C1m4%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v%7C1w%7C1x%7C1y,idMap:1m*,rmeas:1,rend:0,renddet:DIV,siq:71%7D&tpiLookup=ao:www.walla.co.il*&br=c
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:78aa:1966:9c24:9c12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B94B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=ba140f8d-8ede-8ec5-42d7-9f159e706e0a&tv=%7Bc:mLTshl,pingTime:-3,time:194,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:194,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B188~0%5D,as:%5B188~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOpuOFw+11%7C121%7C1221%7C1222%7C1223%7C1224%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1k1%7C1k2%7C1k3%7C1k4%7C1l*.990511-61634100%7C1l1%7C1l2%7C1l3%7C1l4%7C1m.990511-61634100%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v%7C1w%7C1x%7C1y,idMap:1l*,rmeas:1,rend:0,renddet:DIV,siq:25%7D&br=c
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:78aa:1966:9c24:9c12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 2C46 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 14:31:30 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 9529 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 14:31:30 GMT
dt
dt.adsafeprotected.com/ Frame B94B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=ba140f8d-8ede-8ec5-42d7-9f159e706e0a&tv=%7Bc:mLTshC,pingTime:-6,time:211,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:211,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B205~0%5D,as:%5B205~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOpuOFw+11%7C121%7C1221%7C1222%7C1223%7C1224%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1k1%7C1k2%7C1k3%7C1k4%7C1l*.990511-61634100%7C1l1%7C1l2%7C1l3%7C1l4%7C1m.990511-61634100%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v%7C1w%7C1x%7C1y,idMap:1l*,rmeas:1,rend:0,renddet:DIV,siq:25%7D&tpiLookup=ao:www.walla.co.il*&br=c
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:78aa:1966:9c24:9c12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 53A9 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 14:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70736
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 14:31:30 GMT
dt
dt.adsafeprotected.com/ Frame 8DCB 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=231da780-d397-11ff-1b9e-20875e2ca1d5&tv=%7Bc:mLTsi2,pingTime:-3,time:148,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:23%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:148,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B141~0%5D,as:%5B141~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOpuOFw+11%7C121%7C1221%7C1222%7C1223%7C1224%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1k*.990511-61634100%7C1k1%7C1k2%7C1k3%7C1k4%7C1l.990511-61634100%7C1l1%7C1l2%7C1l3%7C1l4%7C1l5%7C1m.990511-61634100%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v%7C1w%7C1x%7C1y,idMap:1k*,rmeas:1,rend:0,renddet:DIV,siq:24%7D&br=c
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:78aa:1966:9c24:9c12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 8DCB 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=231da780-d397-11ff-1b9e-20875e2ca1d5&tv=%7Bc:mLTsia,pingTime:-6,time:156,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:156,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B149~0%5D,as:%5B149~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOpuOFw+11%7C121%7C1221%7C1222%7C1223%7C1224%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1k*.990511-61634100%7C1k1%7C1k2%7C1k3%7C1k4%7C1l.990511-61634100%7C1l1%7C1l2%7C1l3%7C1l4%7C1l5%7C1m.990511-61634100%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v%7C1w%7C1x%7C1y,idMap:1k*,rmeas:1,rend:0,renddet:DIV,siq:24%7D&tpiLookup=ao:www.walla.co.il*&br=c
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:78aa:1966:9c24:9c12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame E288 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=5952e237-63b2-f878-6283-c5d8110ad44a&tv=%7Bc:mLTsih,pingTime:-2,time:351,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1211,beZ:1212,mfA:1215,cmA:1216,inA:1216,inZ:1219,prA:1220,prZ:1277,si:1282,poA:1283,poZ:1305,cmZ:1305,mfZ:1305,loA:1459,loZ:1461,ltA:1562,ltZ:1562%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:70%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:352,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:70,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B346~0%5D,as:%5B346~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOpuOFw+11%7C121%7C1221%7C1222%7C1223%7C1224%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1k.990511-61634100%7C1k1%7C1k2%7C1k3%7C1k4%7C1l.990511-61634100%7C1l1%7C1l2%7C1l3%7C1l4%7C1m*.990511-61634100%7C1m1%7C1m2%7C1m3%7C1m4%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v%7C1w%7C1x%7C1y,idMap:1m*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,siq:71,sinceFw:279,readyFired:true%7D&br=c
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:78aa:1966:9c24:9c12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B94B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=ba140f8d-8ede-8ec5-42d7-9f159e706e0a&tv=%7Bc:mLTsiF,pingTime:-2,time:276,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1317,beZ:1318,mfA:1320,cmA:1321,inA:1321,inZ:1324,prA:1325,prZ:1335,si:1341,poA:1343,poZ:1405,cmZ:1405,mfZ:1405,loA:1527,loZ:1530,ltA:1593,ltZ:1593%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:24%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:277,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B271~0%5D,as:%5B271~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOpuOFw+11%7C121%7C1221%7C1222%7C1223%7C1224%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1k.990511-61634100%7C1k1%7C1k2%7C1k3%7C1k4%7C1l*.990511-61634100%7C1l1%7C1l2%7C1l3%7C1l4%7C1m.990511-61634100%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v%7C1w%7C1x%7C1y,idMap:1l*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:DIV,siq:25,sinceFw:250,readyFired:true%7D&br=c
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:78aa:1966:9c24:9c12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
bulk
trc.taboola.com/wallail-walla/log/3/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/wallail-walla/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=6
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
date
Wed, 30 Aug 2023 10:10:26 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7427
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230082-FRA
pragma
no-cache
server
nginx
x-timer
S1693390227.946985,VS0,VE10
content-type
image/gif
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
dt
dt.adsafeprotected.com/ Frame 8DCB 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=231da780-d397-11ff-1b9e-20875e2ca1d5&tv=%7Bc:mLTsiV,pingTime:-2,time:203,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1412,beZ:1413,mfA:1416,cmA:1417,inA:1417,inZ:1421,prA:1421,prZ:1431,si:1436,poA:1437,poZ:1456,cmZ:1456,mfZ:1456,loA:1567,loZ:1570,ltA:1615,ltZ:1615%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:23%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:203,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B196~0%5D,as:%5B196~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tOpuOFw+11%7C121%7C1221%7C1222%7C1223%7C1224%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1k*.990511-61634100%7C1k1%7C1k2%7C1k3%7C1k4%7C1l.990511-61634100%7C1l1%7C1l2%7C1l3%7C1l4%7C1l5%7C1m.990511-61634100%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v%7C1w%7C1x%7C1y,idMap:1k*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:DIV,siq:24,sinceFw:178,readyFired:true%7D&br=c
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:78aa:1966:9c24:9c12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
M-HeFlSCME_k5Ph7lXtMc9K-bQ1dlElVsMlNN0Ru4uM.js
pagead2.googlesyndication.com/bg/ Frame E559 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/M-HeFlSCME_k5Ph7lXtMc9K-bQ1dlElVsMlNN0Ru4uM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33e1de165482304fe4e4f87b957b4c73d2be6d0d5d944955b0c94d37446ee2e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 15:15:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
586493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14677
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Aug 2024 15:15:33 GMT
0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
pagead2.googlesyndication.com/bg/ Frame DBEF 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 17:24:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
60382
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14706
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Aug 2024 17:24:05 GMT
0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
pagead2.googlesyndication.com/bg/ Frame C840 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 17:24:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
60382
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14706
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Aug 2024 17:24:05 GMT
0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
pagead2.googlesyndication.com/bg/ Frame E4ED 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 17:24:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
60382
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14706
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Aug 2024 17:24:05 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3CBA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6qJ4EFLaQhnyPLvIhZgbmvsprclBSKFaxMiANrxTNjkwrDTjoYueRli6Oe4yV7EBbUKdxSzM2v2ETvqPQ-eJFaddmXYGQk8wwh18xNxucB70hpFNBEzH91inMgoPspkfqJX9Mdj8AVXFZd6Jq2xG7_I7HSBaK7FBUgAgr1xq3zzSnhhF38C33paMa86VzJi8CD-u4AAgfwAimHmIgFamH8v_2E84GsUS24g48mOWyZHN0g0FV9sREqkg8z0IbRM4HaXKv0_dpHxsoXP_N2urme1Crdr4r1u0OlzI1OndKsR-pWhUviPIeYi4Riw9wRjodE08OyNaMM66xcIVQfNNSwbGp2z5G_sFy3Hz_puUL7pnByJpgHsyhkNm3WNZfX39Nz7brGgGrbDYNwj3nQP2ggG9Yuaa9DLQ_B0CfDG-t9xX-Bxr9lPkQHu9r8aqekSlTdXkPinwsZYMguwBhtZjpDmQg3NWpD0fYYXwTRJ8PFJUtTk70Jxn-LN1fSUMfFopvnKi_gQsfdrA-4OXSLLKelX-jSUYGZxjrplaEtetgvhaMuXJlCTKWNByWn65Nwzcd2Mv0LiqoQxYCeL81EBILOoXmiAtMlQ4AVZ-EFWtHZ1oYEAHA-15Ip_t8j0hkPNHOetcu8vcDgbF3r3NEHDx02dDP2VejDW_zEqbk1RS7tdxrHte1dfv9EROr2wSxTGWJz8czgsX6GtZVxmJvU6oJ1GoC1Z6sHrpbQKZJX-Jh05AXGLG3SuHDfG9fdhAkhvVASc0Puh6cznH52AN7N_y990ISI2OY-DQ85lMHGi9Kofe0_AzTDZCYGLSnvxCib-yQ_ymOzRHbY9p5ssvOttHoQMW6e0EZfqnQuBsOafkEVHtVroBY1VnP3aappprxEAYrSPV52f6PJ-TTiRLND8rAu3MlM_40Trix3jFBuSPlx77tk3MYZE1-L4tLMCpR0MKkJUJUOuZhaFtuVxfowa9Q1RSounhvX3RHz_XvV81rLqp43eEalhfnaKSVOYHVdJ_SGjnECAOeLPGhJr7syiMxyUUlBZKCuoAoXPPuSQkBtYW-Gdy3U4eBv_akckWo5GuVimSmUV5rDrANmUmGw0leJrlTs1_ioNYwVJTQdSTY4b4Sh-9lDVedyKp_zCngJjyYqVjJlap4Wf-Xfum56UrRoIPsmqtCgeSAQD072jZ_q7sTl0WHXFj5JWIudwBHJaN-rSlSyzzcyk9RqX9ImkOOYp3PFv2CMXvyFrLeGLlhbhZJiL3JdFc4Vwjq3bYE22HRoPEmKEvcRmgrkwUGRaYvqefkHWj81HDksBfQq-7NV_px2aJiVGKrBd69_g&sai=AMfl-YSQTZk3ZAb6B9Pxg7xGWtEz8Wo4-0-ZG2WQdYj0IiwTicLn2P6E7BrKHmi7hWe82nk7-6-ZjPkl7X6NwEeKrEjKA9z-3TaQ6bSE20i7kXCvWqXu8TGDMs0aeSSc_GbFQue6Wa2aR2sYVcMoTlGlnjxbujVmGMqSSrF7Ikl_YxwHngPeuVBlF2_wfRPmI6aJcfs0QakotSZUmcW2tuIjlqmZ7zcVE4SNOy9hM9iyrezuaZpHSreNk5tvnGGdaUD4F5WE&sig=Cg0ArKJSzF9MuaY2GnloEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1008&vt=11&dtpt=628&dett=3&cstd=369&cisv=r20230828.90252&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 30 Aug 2023 10:10:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B94B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstIb0xNOeOxTgbvtkxxdNDV-SU2_3duxRqAyHRYPlBtrAti3zV5TAtFIMedsHvakEhT6fv0dePthlLINbfVmEkxT9AfKoKjRJiEMQWD7eDWhAqMmOkwLqyZFlrPULBqYGcB-RsVtdRabRh9uEkoPHzBAAIHOlyBvsglslGPdSNTCYR0Kie7iSAj31kBDX6AR7KYilQMM8IlGEC7btpb8LWyJ0DBSz7Z5F8K-jxy2GJlaD2t7VLbwpzWovFk_Sq6MwultlmPVJe6Mm8I7PGMxGyd40r9pmwrkb7sCCB4VysqS0O813CvlkHzsVMauGhBmccgnlHcOrSYmMVCOYzdX81RnLTpQf5JiDwl4xT3KXYNUFchOMWYB5Cf7jdyvovCNfGQtylWH7cRJStYK3jQtBb3CUcGQsOTzrnR4OAVfmqwlVAqDm64zuriExOBD-CzfF8-vqgQAvj3GN0todVi35gJYyaTa-Dwqe6Ih1NcQwmr8y94Ve9kpGQLBP2P5VzMzwPotW0PnYPsGZWS6Sy-no11-WVl-S905l-Gr-RQgiVMAd3MGrHX-8ep9DXBbKIF4dikqpieVWknh_MK1x-M3x1zU6yWsBnnCvGfyCKyG5H49gc6ziMB7yoCuW7_MfhboM3nskdBk8xDKf8ZFe0XQwja3CSf-YaRpNCnoznPz9kXoffEQtwXGxbbyKEdhUcW1zHzoD68AxytS0xCOw7_wOVmqL7iMV4EYwAQz2WPZOM5HKcISa3J13ry1Og_ASzbLSL9vv8hdbZpZyCKEoHUee-bckoPyfqmHcHI-hN2dR247l1FSlfHPIFPsMVfeIctxIsTME0jwwBNNZG0caYgjVeHNEZlli-3CtwCFY9LJNKyfoTAcr5LwY6TGRbt8UUW2wQgDpMi_t-4rl8rYanAoKccO1cmstO_ncXBqLwUqEQ9jTfUng6y6vvEQZFh4dNwnnZLXMZr4Jv1k42VhbiRmneY9L_CE0Nb3tnP0iLSDK-c0tcOYKmlCF4c0gQDGiiIDsazKYJBxqaMNvPs5EngC2dhUnrDXMwrkezL8tHC2wRQ3ZNXrV-h-1juhvBk9p1mjMXn4CEGy4hDo-p43k6fBq3sF4-p0i4mfGe-BIAirECeSkVxc_VjLA722WLM16_IqOQRfuSuXfW4YiRmnZTKxOnqyGe5oOKcwCJRwIzeVE1_ScPuab9rq9xXlPqc4vU16Lco7dda5TWNtXYVeOfIdlJJOpiZJaszTk5nVMawkA4tzgwygCvNZ6eMh1V-e5JsHrc5d7vtIgRTnWlQyL6PZDBH_a6upRfGXpnndP2X_3YzslKOgb4aFHFGWvi6o-KmNyh0mmhsxAw&sai=AMfl-YRlvYZe4lQEN2yezfMV0AmkGdZaPtz7JjcXJFVv6VU3QifDJ99cNwIwjG13vXezVN5y6yxaP7nLSvm7Yb839scWJgHrRKUuf-qNnvLKVss0yF128vYq6lxmObPMFSDxRfWRcoNIUKPTBfG6gQ9r3jKpEIUhRQg3k22_yhQzTkSfjcO9x4CWkVP8OZzuBcYPxK-eMXaypXZzNXi0CIm0wHCBjWeeW9TKiZeAprqkPxIsAbK1eYBEfwlnkM3SwENH-npA&sig=Cg0ArKJSzFKPsBFyso-iEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=873&vt=11&dtpt=494&dett=3&cstd=376&cisv=r20230828.30025&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 30 Aug 2023 10:10:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E288 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0gCqtDS3t5PpERx4tnWWpyvbu0Ut-xJAnjRSyoXJRjImz9CvfduZJXCZeeYXxuaYCs7keZBfGqnk7s-vgNDV8D0w01HTahzkwRQtfzbt4087NbHs9a7OrOhuo5cN208PixcRIyroulLCZiHrbqhcl8TiFs1vcr1Wy6vY6L_lY9w93K2Q-oz6Tp9QAA7pAXcksQ3Frn8eil2FTGfCXZVKsrBJEnI3sSVNgRqxKpLE3f22CW2TmULJ-UjkOuyidBdAaj7AaR1jeA17NkxUAnj-yYXj8Qca4EIQbhmezZbYa6sWS1h39HdQ_cxGZyJQVAIvpiNl8ze9Y2gMC0_kGw_3rfoYVnIc_VK7ZIT8RuKDjRxyFHJmwYu-9PcJmDm5S2OyEt5s4AyG9wC1Px-eVYA4FOu5DuoQIQq2HvZTsmRTxA91lXlUCAVBXP-h8i1WtMnH3ccH1P9KA5VSBEnD6UmJeomaPuoF-sJnke_CSMKyXA1ZZ8_R4PI8uhcFnxdjcxIFIKB-NSquNR_aVe13PhdeKz6HSjskJ-JtTJti7WwqBTbq0JdhRcZvpYiz3LNoJdDHCOi7vU7bS0PdchGtG2geG1mSUfpxg68YaVWPqNcW23pfrd7thNUEpHiNIEvOvkEJRRSagN9-3nhLrYY2hxr36GNl8ZM4AsWEmG9WmL21bip4NEGgnL3VGL0Z4QRMugmI7NVUq8KXIXcwbQks6pOTvyoTp7rWQMDttWznqVjhUZCS6pz8-b-nwx_wkJW59yXS8RjtVvCMmVR1rABjgEGsnHyltpXKkaJmOW01VUcVwvEs0bRWIm1c0M82IabJFiZlLurMew2DYK11g0QzKixw373Ht9Djt3VZ2RXY_YA0Z6GFqryrye5onBBbdZju-18Os7kCtMr0eR2RhR5hQ1_hU3yzqNUnkYXxgwrlXE5DuYQF8D3DNXVwAkNOqYHadxP2KF9CvOgih991mvnrB5FY80i3nYMRX3DBlzq_qulF7hPStB8dN03ESt3pLusM81F3LYoxI7EX8U8m7kQyIUiTFSAhj32D8NICqheiFIQ8XOb0ZceIS4kR9z4UTLWbAJFX7hmL1zolGy1jYH6xwb_3OcLQ1IzEncRS5sfWHQYN672H7qwYVJYrXw6F-fzIAXaCNP_0NsyY7gz4lqs1NZayLxjKkoZZsH63zSm0Hu0LxFrOvfIlPUQI7iew1JM71ILM2l2_UHEAJlroT0h0Qy99HzlhT65PK4pLAkoulIoz58tjv7I0NKu5fE4mdzODMw83GIIC3iwSiPvE4OkStAliLt4IoXpTMYvYZkuti_GffR1Iuxf9u-s7G6UhtkLfb6V0TmDimC1A&sai=AMfl-YTZxqqsx2yrqebVkyLDMVZ6tsmqS7ylMdvAGPTZDixYuMaHc1EC-tgskC1xEy27vTQqmNqXnKj81DHlOfBHH_4URptE_zbDRTNPVrhfIW2tytGVLtQwkg0sqbbHFh2vmqVlMOgwVUGtP9H2duAxMKzbeTzSVXvfRj3Kdp3qfI5HI2YftdDGmSTPPTUBbLz-QCqWuqctkUslxnemcTlyIW3VNhtDDirl4Rc-BLUSwPdY4SbD9-t7kcCxh0vNb2alabIS&sig=Cg0ArKJSzJW7cjndx1UcEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=865&vt=11&dtpt=489&dett=3&cstd=374&cisv=r20230828.02501&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 30 Aug 2023 10:10:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8DCB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstyin1LmHHnuYWjZyuE5J9Kg_1S3d-brexiwptk9ypFHTf4oKVhjMk9lm2pQJVcRWqHcyN9peYppUN4Inrj4d9hvtYot5t5K_aG1TCqXlCGrwUYHAcRlFOdudJYbLbSnBwhdWIGaA8AYkfYP4KufXU4xQ4TkVsOv0n8D9CNTZEAEQO1FNw_IGg0q5yYSyG_k6oE-i9e_OOqIV6afcHFwd688p35-84zRzBeZC31Ade4oqjFhQRdfZ3jM_32zMIcfpjthtWWV3-rgaK6XgoJP0s0wISGy-V7cYQr_PrXz_h15zs2eY9zFQU5HJrEqFAYN0NtAyqP57ZDXOG7KE3yLOkvksT0ZuXlgHJpgucbbxVQLkI__n05a8zZeszOlmhHefty9YcsupqCdwyLI5Wvz31AbT26-6qWLI1_7rHTDoNKjYW9HT_lhzRKezY15vh8jXgPOJxbFHIDfoh4LRR0JIRJ8WyHQaJwJsGeBKi4xEJhsYgtcDHjjhr9p4ou4nDl0f_TP7i5263SEJdxaPOrSQdYIRhAsCSP8jU0uWknNyxx3Nll67pcgyc4fq4pmSK2OQqbBnMxLRRy8M1MQyyLDuQyAVFA1Fabuun-xSDrCBrF8FbYW7JTrKzLyGIyyb3d4IIwuF9iFtS1T9_I5qOIA-Srm9_RQzfjvZSIVsTBT-5oczzvZfwq8NAutV0bWxWiLLxrqhCbSFGtG-nBxSbTd_ZfVZF_rsbQxnIt4q0uy5Lt5fMAzTbrCDSWnp70MvwsirRwrwlurW2j_5CgJdV9hnr-ApBdHRZxcvka7bISteRGBJy0_Z8hT-FItcW6NpnD4t_QP-g1OBhNFS8b9kCo6n5XEfiXbQE6T9zW694ZpzSN9O_KH5ipoM0TOT-sUDTMjS2qdzUdHHskS2w9aZuiyzuC1Wio1Eq2zZDNWnAuf7r6yHX-36qr6Cv9INkB9_Bq74Gkyo5Q8vW_9mVAEGk-Xq_vtqkbPG35PnJgtveTZotKGciDfBgRzOAyqgh-VqxUw0ziOOilMoeM4RynCr9ebYKYFePnEeCtGwFaJPBrqaRJUugU-vAKY72o6PiCEuFAvNJgd8kDoBtKW-Dpxc89R-NzoV9OEapsPsmJI4ekzxW67FOB39grbh3bOjW88LBZCIyLWXc7U6IGcWRQZVQmm9d6Oq8GcpDOYkyykvhxTdSrG7MYzNDv4xcKlDzB6zRoQPpT2MGPLgDoHLFZeSqyx1LCeG0_CMxYe-E_I4AxN_4H4MdVqasLMcBJ8Sofd4y1Xof26YcEhMN5SGdqOpOLFdfJ_7mLSwjPvCm1mqjdHX-ntWRfvP6AnuZ-h-wuox577BMXJYQqoHA&sai=AMfl-YQfvxPGq4SyTuU1xFuNqTFv67-KMjiYiQB1YpmAaK25whlknnifB8H0rYBld-VMx3JgVj_X_70gQDUPBWU-up3a_c4BatGoJYFjoQ00ZZRZnIiLeLG3rgSCdtbz7dGAePZev24XF01nbHJVBsXx_e28ejMTa4BquALTTbrpIS2vQqmCiQXLcY0TK0TI-hAlYVarSYMNjt4qdoYbl3yHUKwmzlKwt1wnbThxYA1YxAlhQ5sP9CsoeFXP1Poo6s1h4J_j&sig=Cg0ArKJSzE1Al53vDs3aEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=858&vt=11&dtpt=487&dett=3&cstd=369&cisv=r20230828.13014&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 30 Aug 2023 10:10:27 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 975F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubT_DjHgCqarjrRDx4w0V5Po8wl0D_WTnxS5QpvsFliL9dJwf-X8qrqD51uvvelBMDdAAYgdyJdVbE9BAOQMAJ0OkmuI4a5vHdRqA&sig=Cg0ArKJSzDlFvxrpxdIwEAE&id=lidar2&mcvt=1016&p=173,315,423,1285&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=885339186&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693390225319&rpt=632&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 885F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_eLZkRXvZJ2jC76C2fcPt7WHyA_r0sWTb9jTw8-JEb__uePXAhABIJmjzypglYr7gZQHoAHIx7XyAsgBBagDAcgDE5gEAKoEgwJP0CCLUmZPeZRklsP9H6oboeyR6KGgn5_RVLWAEZcy_ZGvG3dRP4Ggg7PkmTbzBAFORhayJ5WSlGuNHvWMrRD7dtDi34fUOhs3G26-0DD7bZ2jWQ6FLbodSw-4sMrbuAVgjnJglOBDG4bfUfwmV9j9N5XrMmnG-9pXY6BM_GrjGZ9BgmEnXINe0YaItFcRZT3pgFi6H_ZHz2xW3BLoLuD7bqPppiw1UuLWVnQnDolkOHrZTxIs1UhxK5359QW179CgiGhh4zBGuBDHsA3qCep_MH-kWUqoE4_Q1FfpRr-cejOPNUBVDjzpdgjQawlW1g0AwWHESm1x6ifwFnuB4k3dkchywAS7tLi-3APgBAOIBa2Xp4s3kAYBoAZOgAeguMqNAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE6Ks2RHQEwDYEwyIFALYFAHQFQH4FgGAFwE&sigh=vyPhfcZaB2Y&label=video_ad_loaded&sdkv=h.3.586.0&vci=CkUIAhoLQWRTZW5zZS9BZFggAyoMNjM3NzE2NzM4ODkyQABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KigEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gAyoJNTQ0MzY3MTIxMgkxODI2NDM2NzRArgJSMgi0IRAPJQAAIEEoAToHdW5rbm93bkIHdW5rbm93blAAWhBUMGtNXzJfUF9NbWdtRDdfWhtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
btn_cta_arrow.svg
s0.2mdn.net/sadbundle/1014895307437113344/ Frame 959C 		363 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1014895307437113344/btn_cta_arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1014895307437113344/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47a278025cea905349e975bf082b6d027e22a536a4b3d370afeb04d8fc5b2ca4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1014895307437113344/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 07:24:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
355549
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
265
x-xss-protection
0
last-modified
Fri, 02 Jun 2023 16:31:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 25 Aug 2024 07:24:38 GMT
kia.woff
s0.2mdn.net/sadbundle/1014895307437113344/ Frame 959C 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1014895307437113344/kia.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1014895307437113344/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1014895307437113344/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:05:33 GMT
x-content-type-options
nosniff
age
294
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23072
x-xss-protection
0
last-modified
Fri, 02 Jun 2023 16:31:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Aug 2024 10:05:33 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 959C 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
abd9c49049f4015fc64c11b2aeb82ecc582d7748e33544770a6abb27c67d3454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5747
x-xss-protection
0
60029391_20230503010142811_logo_kia.svg
s0.2mdn.net/ads/richmedia/studio/60029391/ Frame 959C 		1 KB
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60029391/60029391_20230503010142811_logo_kia.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1014895307437113344/index.html?e=69&leftOffset=0&topOffset=0&c=IE7FpTRZJR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 11:12:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82654
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
674
x-xss-protection
0
last-modified
Thu, 08 Jun 2023 13:51:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 11:12:53 GMT
60029391_20230515060605179_SportageHEV_160x600_01.jpg
s0.2mdn.net/ads/richmedia/studio/60029391/ Frame 959C 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60029391/60029391_20230515060605179_SportageHEV_160x600_01.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9200987889bfaba6e60bd1f3d72821ecd22ee8330ce275a05b08f83a176382b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1014895307437113344/index.html?e=69&leftOffset=0&topOffset=0&c=IE7FpTRZJR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 06:12:15 GMT
x-content-type-options
nosniff
age
14292
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38783
x-xss-protection
0
last-modified
Mon, 15 May 2023 13:06:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 06:12:15 GMT
60029391_20230515060607456_SportageHEV_160x600_02.jpg
s0.2mdn.net/ads/richmedia/studio/60029391/ Frame 959C 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60029391/60029391_20230515060607456_SportageHEV_160x600_02.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2509467deed3a61af2b22c891e3f07d057fb81f9c40331aa9f4a4e43d13f9419
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1014895307437113344/index.html?e=69&leftOffset=0&topOffset=0&c=IE7FpTRZJR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 21:05:22 GMT
x-content-type-options
nosniff
age
47105
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20923
x-xss-protection
0
last-modified
Mon, 15 May 2023 13:06:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 21:05:22 GMT
60029391_20230515060610845_SportageHEV_160x600_03.jpg
s0.2mdn.net/ads/richmedia/studio/60029391/ Frame 959C 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60029391/60029391_20230515060610845_SportageHEV_160x600_03.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
675fd6176abddbdf835315a83f6ba8a8563ef48d574854a752d6cb704ed82296
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1014895307437113344/index.html?e=69&leftOffset=0&topOffset=0&c=IE7FpTRZJR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 06:12:15 GMT
x-content-type-options
nosniff
age
14292
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21061
x-xss-protection
0
last-modified
Mon, 15 May 2023 13:06:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Aug 2023 06:12:15 GMT
60029391_20230515060612379_SportageHEV_160x600_04.jpg
s0.2mdn.net/ads/richmedia/studio/60029391/ Frame 959C 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60029391/60029391_20230515060612379_SportageHEV_160x600_04.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf62610cc96236cda33392b3126f900a6b5f298886f9667db0c551ab567fcdc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1014895307437113344/index.html?e=69&leftOffset=0&topOffset=0&c=IE7FpTRZJR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 11:03:07 GMT
x-content-type-options
nosniff
age
83240
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18782
x-xss-protection
0
last-modified
Mon, 15 May 2023 13:06:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 11:03:07 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 885F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=1018958856&message=i&sdkv=h.3.586.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 885F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 06:25:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
359093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 06:25:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 885F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=1018958856&message=ps&sdkv=h.3.586.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 885F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 885F 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsutx71YEpDhj-CZAB3rLFDKMLnAy49qvqeSzp58RnSUJpG6pQ9I7X2Wf7elCzSXygzzeyvuA8iR0DZzQ04dVZ-Oi2iPO9xw-EHLH4PJZZsXIXWSiOOL9ueBnJAa47LSIWgXJxu1ivfggYlEelPXXfG_EYGdtGmVPB9oLAitci9VeVmLzeXmVcGCqhUvxikztbNdBG9nBZ0iUUxa7y_JyjkKXOE53PW-_WdY497CkNeNShtx_Ik-pqvOucsagMzXXhYrXv9Np08h6cFj00UC-SPe2Ktc5xEPxEDyOjHLsQTV3-TmQ2g3puMEzGRtZdR9VYMEdL4X7hVVvQPgKfNR2DfYe3MxCXIGfvRZ-iodwFiNXamRqYcR84zEYH3NoEkmYajTykzZNnCz5RZ7HDuQL_-CHLYPNCWJd3xpbU09nY9FCwySkZCOL7VVQn3aoPI58PNEQp1An6PHMQ0brQ2dn9nofpPZ_ktcDNhXRL-jQ7QBq_ICoR8CHiR-jo_tCyDqvfzMCVfVwqm8oufJxmWpw4nsNqNM0DJrz7JorLWY7YTHHkxte5M6ciklhFervkt6W1TxQ1lkAoCYD1jdwcFcmE91Z0s4y-J6CyAEXKOZ8uOS_zn2Vvf2vuw28rSEiG7s2IQlSnTGo3VXocJRjCf9cTQt0Yy5vlcRLhRZmbVljr5hYprk04jUwS1iONL81Q9hMxnFvTxG59vhcnUYYI-whmzPaMU5b7TkIi21tkf9CN4Zc4e5A4s7hdqjfR07UDvF_cjfAaekXVCWBX8EG5S15DG3Jr6V_HlDukaI-fNshFLWRwLWjWBCf0ykp6f87DLn0xwyNA5i5ekHTGlx5bb31nymiu3aQcLEx7qYCEzFAVfIDF7tFwk9DXFpVqjjm0vRBsF1eEudmR2JOxzhDFxARUg-IwYeGkIFAXQCE1-w2JwLd9xHN_GhmXcKnzzdH2QLQ6aXGrhGXTxfujqtuRDIYPZYlgBCxL4N-X_ldejcRGQe4mLn3Egt0mUbBYnfyuBsj2nKyMwLxGi5W3gyBj8te5rrbOJJMhhkyJzbS_KhPE42g53hg5X5FMJ1taSl-9UuCLwYcurp1zTopvaY99DCy4XuFZ5gt_g_3ZwkeFn22MmOgQShlBFHO0UdjylqTPmlSyTTn8kdBze6_NHPVazUa54mRoCW5803pXZ-WOHwfzItrejJdQEE_29Qc1wG2vKOK9KeDISXF2BBvywgJ3Utl8VGehHBG-sea8HlEcT8laUjz8CIki0x4Hic&sai=AMfl-YSgXK7y-eaFwoDd3xJxMT6_cuy2hKCw4q2UDch3psTCuNZyzLg4oOQ4xOMpKKE1nXLWwwEv0zkbzBhMeHUKVd8woQ-ipyDzLwCnrbSD3ijP-M1ACNz_dD31lpahiSTkCrLOAhIptUGx75nMPnkwYuk704CjaaVp8RSdYt3UQZoXnS0084CKPlubKUxjkw8JxIR4mXyNYsgPInVJGaynTfl0BF-P1gAa5qFbLCAbWVo1RCcrfZkk_mMNoEwmzMr_FTeJ&sig=Cg0ArKJSzN8FAaVo35axEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.586.0&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 30 Aug 2023 10:10:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 885F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi_l_naASABMAE&v=APEucNUfFQtRv1ha9b0FykdbwmQUBdF1crV2Y3nHdtENpSlGh04mRUWlL3svRociyrLloYKpjQGmB8iQS6WQpxfNJHc281afTA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 885F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_eLZkRXvZJ2jC76C2fcPt7WHyA_r0sWTb9jTw8-JEb__uePXAhABIJmjzypglYr7gZQHoAHIx7XyAsgBBagDAcgDE5gEAKoEgwJP0CCLUmZPeZRklsP9H6oboeyR6KGgn5_RVLWAEZcy_ZGvG3dRP4Ggg7PkmTbzBAFORhayJ5WSlGuNHvWMrRD7dtDi34fUOhs3G26-0DD7bZ2jWQ6FLbodSw-4sMrbuAVgjnJglOBDG4bfUfwmV9j9N5XrMmnG-9pXY6BM_GrjGZ9BgmEnXINe0YaItFcRZT3pgFi6H_ZHz2xW3BLoLuD7bqPppiw1UuLWVnQnDolkOHrZTxIs1UhxK5359QW179CgiGhh4zBGuBDHsA3qCep_MH-kWUqoE4_Q1FfpRr-cejOPNUBVDjzpdgjQawlW1g0AwWHESm1x6ifwFnuB4k3dkchywAS7tLi-3APgBAOIBa2Xp4s3kAYBoAZOgAeguMqNAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE6Ks2RHQEwDYEwyIFALYFAHQFQH4FgGAFwE&sigh=vyPhfcZaB2Y&label=vast_creativeview&ad_mt=0&sdkv=h.3.586.0&vci=CkUIAhoLQWRTZW5zZS9BZFggAyoMNjM3NzE2NzM4ODkyQABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KjQEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gAyoJNTQ0MzY3MTIxMgkxODI2NDM2NzRArgJSNQi0IRAPJQAAIEEoAToHdW5rbm93bkIHdW5rbm93bkjNCVAAWhBUMGtNXzJfUF9NbWdtRDdfWhtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIycT1lpKEgQMVK0r2CB2yGw4pEAAYACDa14tXQhMI3a_alpKEgQMVPkH2CB232gH5;met=1;ecn1=1;etm1=0;eid1=11;
ade.googlesyndication.com/ddm/activity/ Frame 885F 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIycT1lpKEgQMVK0r2CB2yGw4pEAAYACDa14tXQhMI3a_alpKEgQMVPkH2CB232gH5;met=1;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 885F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_eLZkRXvZJ2jC76C2fcPt7WHyA_r0sWTb9jTw8-JEb__uePXAhABIJmjzypglYr7gZQHoAHIx7XyAsgBBagDAcgDE5gEAKoEgwJP0CCLUmZPeZRklsP9H6oboeyR6KGgn5_RVLWAEZcy_ZGvG3dRP4Ggg7PkmTbzBAFORhayJ5WSlGuNHvWMrRD7dtDi34fUOhs3G26-0DD7bZ2jWQ6FLbodSw-4sMrbuAVgjnJglOBDG4bfUfwmV9j9N5XrMmnG-9pXY6BM_GrjGZ9BgmEnXINe0YaItFcRZT3pgFi6H_ZHz2xW3BLoLuD7bqPppiw1UuLWVnQnDolkOHrZTxIs1UhxK5359QW179CgiGhh4zBGuBDHsA3qCep_MH-kWUqoE4_Q1FfpRr-cejOPNUBVDjzpdgjQawlW1g0AwWHESm1x6ifwFnuB4k3dkchywAS7tLi-3APgBAOIBa2Xp4s3kAYBoAZOgAeguMqNAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE6Ks2RHQEwDYEwyIFALYFAHQFQH4FgGAFwE&sigh=vyPhfcZaB2Y&label=part2viewed&ad_mt=0&sdkv=h.3.586.0&vci=CkUIAhoLQWRTZW5zZS9BZFggAyoMNjM3NzE2NzM4ODkyQABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KjQEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gAyoJNTQ0MzY3MTIxMgkxODI2NDM2NzRArgJSNQi0IRAPJQAAIEEoAToHdW5rbm93bkIHdW5rbm93bkjNCVAAWhBUMGtNXzJfUF9NbWdtRDdfWhtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIycT1lpKEgQMVK0r2CB2yGw4pEAAYACDa14tXQhMI3a_alpKEgQMVPkH2CB232gH5;met=1;ecn1=1;etm1=0;eid1=16;
ade.googlesyndication.com/ddm/activity/ Frame 885F 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIycT1lpKEgQMVK0r2CB2yGw4pEAAYACDa14tXQhMI3a_alpKEgQMVPkH2CB232gH5;met=1;ecn1=1;etm1=0;eid1=16;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 885F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_eLZkRXvZJ2jC76C2fcPt7WHyA_r0sWTb9jTw8-JEb__uePXAhABIJmjzypglYr7gZQHoAHIx7XyAsgBBagDAcgDE5gEAKoEgwJP0CCLUmZPeZRklsP9H6oboeyR6KGgn5_RVLWAEZcy_ZGvG3dRP4Ggg7PkmTbzBAFORhayJ5WSlGuNHvWMrRD7dtDi34fUOhs3G26-0DD7bZ2jWQ6FLbodSw-4sMrbuAVgjnJglOBDG4bfUfwmV9j9N5XrMmnG-9pXY6BM_GrjGZ9BgmEnXINe0YaItFcRZT3pgFi6H_ZHz2xW3BLoLuD7bqPppiw1UuLWVnQnDolkOHrZTxIs1UhxK5359QW179CgiGhh4zBGuBDHsA3qCep_MH-kWUqoE4_Q1FfpRr-cejOPNUBVDjzpdgjQawlW1g0AwWHESm1x6ifwFnuB4k3dkchywAS7tLi-3APgBAOIBa2Xp4s3kAYBoAZOgAeguMqNAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE6Ks2RHQEwDYEwyIFALYFAHQFQH4FgGAFwE&sigh=vyPhfcZaB2Y&label=admute&ad_mt=0&sdkv=h.3.586.0&vci=CkUIAhoLQWRTZW5zZS9BZFggAyoMNjM3NzE2NzM4ODkyQABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KjQEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gAyoJNTQ0MzY3MTIxMgkxODI2NDM2NzRArgJSNQi0IRAPJQAAIEEoAToHdW5rbm93bkIHdW5rbm93bkjNCVAAWhBUMGtNXzJfUF9NbWdtRDdfWhtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 31 Aug 2023 10:10:27 GMT
cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 2C46 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:07:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1056
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 09:19:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 10:22:13 GMT
flex_tarif_white.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 2C46 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/flex_tarif_white.svg
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:09:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1508
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 10:24:23 GMT
head2_3line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 2C46 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head2_3line_paare.svg
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:09:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3285
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 10:24:22 GMT
head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 2C46 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:09:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1610
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 10:24:22 GMT
tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 2C46 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:07:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2072
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 07:44:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 10:22:13 GMT
300x250_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 2C46 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/300x250_kv_paar.jpg
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:02:47 GMT
x-content-type-options
nosniff
age
460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38528
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 10:17:47 GMT
cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 9529 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:07:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1056
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 09:19:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 10:22:13 GMT
flex_tarif_white.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 9529 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/flex_tarif_white.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:09:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1508
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 10:24:23 GMT
head2_3line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 9529 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head2_3line_paare.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:09:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3285
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 10:24:22 GMT
head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 9529 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:09:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1610
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 10:24:22 GMT
tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 9529 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:07:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2072
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 07:44:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 10:22:13 GMT
300x250_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 9529 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/300x250_kv_paar.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:02:47 GMT
x-content-type-options
nosniff
age
460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38528
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 10:17:47 GMT
cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 53A9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:07:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1056
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 09:19:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 10:22:13 GMT
flex_tarif_white.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 53A9 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/flex_tarif_white.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:09:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1508
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 10:24:23 GMT
head2_3line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 53A9 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head2_3line_paare.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:09:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3285
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 10:24:22 GMT
head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 53A9 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:09:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1610
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 10:24:22 GMT
tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 53A9 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:07:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2072
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 07:44:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 10:22:13 GMT
300x250_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 53A9 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/300x250_kv_paar.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:02:47 GMT
x-content-type-options
nosniff
age
460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38528
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 30 Aug 2023 10:17:47 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 959C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Aug 2023 10:10:27 GMT
all
csm.eu.criteo.net/ Frame 4BA3 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=bc7H1kOMckU4c2dyjvvp7vE20bFfFc3Dx9AlsQfmyOYZjcHHPen7EO6n7zo1-zV0zbOFrCCDAhltJdqN6ANWMQ9sr_3c8sqCKxNpvxVLstOd7_c_DEWkREUCswQh83H7IMijsPsw9UYiJa335eLUGbCswS_0tHb9sHm2f5xbSHYQxxdHsARdPqBJsGvB8aNBJ_3Gwj1zv-kq0Gp6w3dowrobzdZvG4mkwVObBFvSO9WD6-W4k7J_fdax3otCpuMNZRfjUw&sds=2&rev=88100&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 30 Aug 2023 10:10:26 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Wed, 30 Aug 2023 10:10:27 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
13388
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230082-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1693390227.368216,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
11
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
10875
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 4905 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
100340
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Aug 2023 06:18:07 GMT
expires
Wed, 28 Aug 2024 06:18:07 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 8DCB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsfg0O43DnOVB0d4TOB8lOWR_h9YRwbF_m0gDl2PIfIKKk4k67TUT8rbpxVX4F-xjY504_57zR4DPyd8Km-ojndRoypBcjmhRTBxAq-y-tILMDbp6IXnCP965zu5Wfmzl7LKnEwRI48XxM&sai=AMfl-YQcWBtI0bGNJkVC_E70fR0jmvHAl89zspm_Tmul7YW7t8B-KcWfzJCsKup7lWjphinmuTqYgkVCsPAv4PwmjiL-psDsilZ-Z3Kg5_I2mnUPFJQk7DSAAQW-NUo&sig=Cg0ArKJSzPKnmZpewiE6EAE&cid=CAQSOwBpAlJW7K0BTd1R7DNqprW6P2XQmKlu4L7zgwiI56hsZlcc3K7kkt3AJLI80QL6mOCCAQGgWjO-acWpGAE&id=lidar2&mcvt=1061&p=1000,515,1250,815&mtos=0,1061,1061,1061,1061&tos=0,1061,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=0.79&if=1&vu=1&app=0&itpl=20&adk=1717219177&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693390225326&rpt=955&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B94B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOUUGXbpc83zTPpjdMAV6DdctDteGvEfn9nqVp8Nt8uP2jaIiB5V9WZg6LNKcqGxvrq5diAaAX6MGY5zl3C-GFJ7cHG04BDCH7OhgYi53jhOw5raZkay_VdRyBNADrfFZ2chOgCCVBWM5f&sai=AMfl-YTlivrlDncgCautuNOsJd9bvoQI5W5---rSB1jwT-lOUleJZjXwXiWCoMNpuJB6pY5lLMwREjSQ_pMkNxmwWHaako8s8LYRn4MLG2OPSD0ChO4tuTgEGYuok6A&sig=Cg0ArKJSzExWC7sJCx-2EAE&cid=CAQSOwBpAlJW7K0BTd1R7DNqprW6P2XQmKlu4L7zgwiI56hsZlcc3K7kkt3AJLI80QL6mOCCAQGgWjO-acWpGAE&id=lidar2&mcvt=1064&p=1000,199,1250,499&mtos=0,1064,1064,1064,1064&tos=0,1064,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=0.79&if=1&vu=1&app=0&itpl=20&adk=1472875564&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693390225333&rpt=900&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame E288 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=5952e237-63b2-f878-6283-c5d8110ad44a&tv=%7Bc:mLTsqB,pingTime:-10,time:867,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS4xNDAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1693390227416%7C%7C12324727ec4bfcf49c3a9154eef0d552%7C%7C0f286e8f7fa153358c622af13d09b529%7C%7C350c67e8a3c62d0255341bc5467409f3%7C%7Cd839d48ec4496b883299bb443961b211%7C%7C3610c14874fc82bb67680f44e700f0e5%7C%7C05d6de743bfd70dc127e5824ff09764f%7C%7C62832f39c68a6aabce5ed5bdf1fde51d%7C%7C1663701684%7D
Requested by
Host: f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:78aa:1966:9c24:9c12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
syncframe
gum.criteo.com/ Frame FBCB 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 10:10:26 GMT
server
Kestrel
server-processing-duration-in-ticks
630514
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 31 Aug 2023 10:10:27 GMT
generate_204
tpc.googlesyndication.com/ Frame 8007 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?9Dq8-A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 3CBA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8DJefGDSYR3zL9DGttu0E3u264XKufAjzVlOc0veBmaVEG_GIwNs_IGYeHkXNL1gWmF17OCyq0W6Wx6gOOvrCfUTWEtsrrbOJr3nXDM9VHDEWvxt2uc_k2c67RZRIU27aDTrze51VllPS&sai=AMfl-YRnhjKKFavh1waVDH_PvwUprXXQKYqVvGpUQBak2qF-8fJ260qBzBQJ6VW__UrNdTf9RwOgmuhpWpK8Gen5bpZPlIVbpfewuTbQRdSN3JXMrAkzfT7-ny5ZJI4&sig=Cg0ArKJSzA6NdmybALayEAE&cid=CAQSOwBpAlJW7K0BTd1R7DNqprW6P2XQmKlu4L7zgwiI56hsZlcc3K7kkt3AJLI80QL6mOCCAQGgWjO-acWpGAE&id=lidar2&mcvt=1134&p=161,1558,201,1599&mtos=1134,1134,1134,1134,1134&tos=1134,0,0,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2273020715&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693390225304&rpt=819&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
pagead2.googlesyndication.com/bg/ Frame 2586 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0w4HeoaYEDyr3MppZwiwXJgG2WIOQk_JViOVQEuG4uU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 17:24:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
60382
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14706
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Aug 2024 17:24:05 GMT
sid
mug.criteo.com/ Frame FBCB
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=3&topUrl=www.walla.co.il&bundle=KAaUhF9tbUc2YjNBMXpBYWQyb0xKWWN4T0ExajBRWDlaOWhkY2J6UmhqcUxDU2tSY3l4dEM5...
  • https://mug.criteo.com/sid?cpp=-9_mBnxjTklFSTBHUzdJbnY5WEhjN29nMFJBa3k0aHk4WGdyL05GUExZSlpuSTlXYTlLRVIyeFpzdENwU2lrSDk5YTM1VStGbHl3Mi85dUdtbjVOTG56K1krblV6TVgvbndvS0RXb2licXM3cnRsL0UvQlpyeW9mSjQvd3...
422 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=-9_mBnxjTklFSTBHUzdJbnY5WEhjN29nMFJBa3k0aHk4WGdyL05GUExZSlpuSTlXYTlLRVIyeFpzdENwU2lrSDk5YTM1VStGbHl3Mi85dUdtbjVOTG56K1krblV6TVgvbndvS0RXb2licXM3cnRsL0UvQlpyeW9mSjQvd3J6anByZHlQRndsK1VTN200T2k5ODNud3RTTWRrOUVDVnVFYlJhaDFrMnVtT01oR2tlWnlWY0hKREFVU1dqRURyY1RDNVhKR0JSZzZZQ0Y2TUNlTW1iNWpzemkySGlqdHJ2RC9pRWdXVWZ3bmE4VnNoSjZBaFhGaHllS0YvT2taSm5iRzI4U0VmamlpM2gxWnpMbUx0UXhWMG9rVmNGM3MwVVh3aU1mUUxGVnlFcUJpTldvQT18&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ee41362c2597d421a74f2bc099a049d9a85d57284f5818f758f77f9eae51bbec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2468147
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=-9_mBnxjTklFSTBHUzdJbnY5WEhjN29nMFJBa3k0aHk4WGdyL05GUExZSlpuSTlXYTlLRVIyeFpzdENwU2lrSDk5YTM1VStGbHl3Mi85dUdtbjVOTG56K1krblV6TVgvbndvS0RXb2licXM3cnRsL0UvQlpyeW9mSjQvd3J6anByZHlQRndsK1VTN200T2k5ODNud3RTTWRrOUVDVnVFYlJhaDFrMnVtT01oR2tlWnlWY0hKREFVU1dqRURyY1RDNVhKR0JSZzZZQ0Y2TUNlTW1iNWpzemkySGlqdHJ2RC9pRWdXVWZ3bmE4VnNoSjZBaFhGaHllS0YvT2taSm5iRzI4U0VmamlpM2gxWnpMbUx0UXhWMG9rVmNGM3MwVVh3aU1mUUxGVnlFcUJpTldvQT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
368940
content-length
0
expires
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=211845584&t=event&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=ForcedPlay&el=Google&_u=aDDAAEABEAAAACAUI~&jid=&gjid=&cid=578001927.1693390223&tid=UA-4780630-1&_gid=389152161.1693390224&gtm=45He38s0n71T728TH&cd1=578001927.1693390223&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=0&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&cd122=GTM%20video%20event%20To%20GA&cd123=https%3A%2F%2Fwww.walla.co.il%2F&cd124=&cd35=editorial&cd38=Live&cd39=Live&cd44=true&cd45=Google&cd47=Live&cd49=&cd50=Live&cd72=true&cm9=1&z=1773471454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 01:30:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31191
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
M-HeFlSCME_k5Ph7lXtMc9K-bQ1dlElVsMlNN0Ru4uM.js
pagead2.googlesyndication.com/bg/ Frame 4905 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/M-HeFlSCME_k5Ph7lXtMc9K-bQ1dlElVsMlNN0Ru4uM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33e1de165482304fe4e4f87b957b4c73d2be6d0d5d944955b0c94d37446ee2e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 15:15:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
586494
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14677
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Aug 2024 15:15:33 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Wed, 30 Aug 2023 10:10:27 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
1466
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230082-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1693390228.763094,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
67
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
7340
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 30 Aug 2023 10:10:27 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
189326
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
235792
expires
0
usync.html
eus.rubiconproject.com/ Frame F514 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 30 Aug 2023 10:10:30 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 278D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cR0USG9OKr6ykwaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP006 /
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 30 Aug 2023 10:10:27 GMT
server
33XP006
x-33x-status
2000208
beacon
ap.lijit.com/ Frame F41B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13421168
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Wed, 30 Aug 2023 10:10:27 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap6ams1
pd
pixelgroup-d.openx.net/w/1.0/ Frame 4EE5 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixelgroup-d.openx.net/w/1.0/pd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 30 Aug 2023 10:10:27 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame EF16 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
582
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7fec3e7c3d5d451c-TXL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 10:10:27 GMT
expires
Wed, 30 Aug 2023 14:10:27 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 33DF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1693390224275
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
csync.smilewanted.com/ Frame E379 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c538d1453cbf1c7230438f564bc621bc3ecb2aa208453196ca85c9d8188e2a4a

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7fec3e7bde7c4db2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 10:10:27 GMT
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame FAEE 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Wed, 30 Aug 2023 10:10:27 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E246 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=62003
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 30 Aug 2023 10:10:27 GMT
expires
Thu, 31 Aug 2023 03:23:50 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 53C9 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1693353600000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 30 Aug 2023 10:10:27 GMT
ETag
"623de86a-cf34"
Expires
Thu, 31 Aug 2023 10:10:29 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
gen_204
pagead2.googlesyndication.com/pagead/ Frame DBEF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIsHTkRXvZNadNojAx_AP3ZyBsAQAAAAAOAHgBAI&bg=!VFelVxjNAAYkVgHwBFY7ADQBe5WfOFde67_PskYr_h0H7W7ZE-yxDU6Q3qVPX3Qd_dS0x47bM9upjtyhfT4ie3p95oWhAgAAAm5SAAAACWgBBwoAdDGCVbwSpBovXl8WI5QVkjSn8MuZhiueMcTCnUWdxCL9DAmNa3w7pPBrTzKRMLr4Osx-k1V5bwgkpiDiVEopEasFtsijQ-ZIFZwsXI1AW3TpbHXojHdrGakjexD5gl9O9VfLk830KLl30-80ovgHSyYDoiORmQMKgvifCCR35p3RAi3VHCaTx7yNZnuW6O-Axz9PSSds8Id-UlQM-y1MskaK_4dPCS_kL1XWUiv9xfod2HASYKaYOwb_l1wrm1jTKEItStrwRkUJ4GtDwcTf9orJsrE8k8tYs8KEWQAdteXMuUcBkZY-bxVH_BZNrqG6DEMtbH-JG8Qx4tKs2A9eLhqspQAhXlIMVg9wYZCpKI5oQnTsEs_L-4em8N2X9OEqjYze-c2fD8tUBznO9UjQKMOGuXWQGtgtS6tlkBmdy6ripA1dKigP501t2CDjIExJB6TTS1l0WO2GPwcc_Bzuw_KQ6v5c1JCL-AA03DTRnig_kHqMDdCdiPDrgyysgBirVxt3iH_UCrDkRyMnq7UGd9PUtVu0Hrbcvu3Hl7OO_lFMbDZxNoibic0all2XTU_Oxeqx1XAR3Mloxb6HGF1qajy8x3ISa4u-7CWpMnBStTyuDVFiJbq-_odgXcqirhd431GZc7YeuIxDYp8x65WHT9vp0NW-kzqyTUlD0OY5P6xBf-KzJcjMOVA0Kz1VqQFeiVaihin4P9WuQDqit_j2X4hx2VqC4S7KUQbLGuOUGiEw7LzB6KVlBgggZRr51i3m2L6hnkc7LZbp0Q9fd3LX0lt2e5c-YbRZ4csGxXJB5RM3yVADOEX6q9uRNXRKifLOXaDoz3W2Wl6pRyKk5nciUCxW2_l4BFaO_Y7Dn25FQmLo-VMJ54mLphyDptuqC_yvVQJe70oaPKcI09SYD2pbN06w89La6F23v0vdan1GHNI5dFOXzkpVgnvvJlQg06GtTOQ5R1PBiIowEfyqcdVFf4bcr3nlGaGoY6CalDenyPBC-SZ9mJOCTwoydsCH7XHpJH08ZQ8QsmnM3tv-71DThqWtV5JXh_G_muhP6kmAfDBakNdF4Ba7ycvTy__WlV38BmjHBOr7YZ5KL11_mu1Rlak2A6ojpq8tbMYi8luPEGIn-yJFDDucHxslQiPCW2N2cQPzm5Hjzu5yQ_hmsMX9TgITy9x7IMnjK-TaYMgcRvVxTg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame B94B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=ba140f8d-8ede-8ec5-42d7-9f159e706e0a&tv=%7Bc:mLTsyZ,pingTime:-10,time:1288,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS4xNDAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1693390227416%7C%7C12324727ec4bfcf49c3a9154eef0d552%7C%7C0f286e8f7fa153358c622af13d09b529%7C%7C350c67e8a3c62d0255341bc5467409f3%7C%7Cd839d48ec4496b883299bb443961b211%7C%7C3610c14874fc82bb67680f44e700f0e5%7C%7C05d6de743bfd70dc127e5824ff09764f%7C%7C62832f39c68a6aabce5ed5bdf1fde51d%7C%7C1663701684,im:%7Bpci:%7Btdr:1036%7D%7D,sca:%7Bspg:5952e237-63b2-f878-6283-c5d8110ad44a%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:78aa:1966:9c24:9c12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:28 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame E4ED 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCf8rkRXvZMTgNoOxx_AP2f-7mAYAAAAAOAHgBAI&bg=!cnGlcT7NAAYkVgHwBFY7ADQBe5WfOEBNQptNSKGjbtdWiVt7h_0J0JBvoujcfxOqvGUluotN8fojsqzMUFCS1KpZN-NwAgAAAoJSAAAADGgBBwoAO9ucUIcXouXuDPUasMEYbKFMEfNgs3I6C8RmXbqipCkUlaIBhyjsC09HEPrepn-xYKuqKcHdJlG5OySZmQMAzbbSFA3H2m5T1iqtMqkrGfWOPmn7EGZXbA32QnakGP-pbA2Vn7MXGtmLJa7woPrXm3_prv9MLGKE3tYXBaCa9h_0R3tXDIxY-WOkNBPGZ28l2zpoubhcN3M8MAAIEJ-VO0ydae7nU8TkjPOikL8ymfzExa0nBSum8ui4y6ZRjRHrYoHgAQqsrfrc-16npERQEVkBD4CefDsznU7m8s-ulUsVQ92yFWzbBPS9dlD3lhuZN3-SjFSPge6ON3SQ1NC1G_74WDKeoydY50W3Htmlg7x-61gu8_l0wh3hofYNjoLuR8sKLlvTPWthh07c51e7kiwUwV5IkcwBoJRiBEcooNVmI4L6RtDgBEq59YoEH4G9nFtwuf1nq2kguMN2Y250UVNyfRPz8cAKej-uQ3knvVMEFbd28jANGlQ5FraghZI86W9fN_gY8BmWTcJvXwf8wt6M-p_ZHeyjVXmU4gAbOGe2dquxTyQacDew1hK5EBGp8rgZPZ-mZ8tnzzszFOuWPKaEYFjDL7XIK9MKoq78nabdmBpmexjLfy5J3OakCT_mmM2_z8eBXHBBejEKy88D8kPDlaFcdF1J1714xx0m98A4j8nQG_zjxYGVnehBnSZQozs413SOwD9un09Rf2bz7Ijy_SEqmmBWmGYOuM3taneQB1jW_-z3eyf66BCToTc6U5LMsK-uVCSCnS7SofLzwv-rrU6GMMkQ_yopG0-ozewdlUjdUmLR7_CmbErehp2tvdhJIsqzMCXfeYRHdNzdCHYoD0Fr8q05YjYWCY5EB6HShpKie3za57ynUJAIF58EZkHkLjq1Po1fyUBxvlwSlOvP1olJl_FvpP7g8_B8pWtZ4E7_mls-lXdLGabrGnk45HrqLBKHH1EpJJuBm4C5Jhu1hVfvz82HSJkMgT7XMjAjjqKcP5w6Oa30oaatnf7GA2AOf9DB_rqbIXLdMvlmMBLoIVftxpK858mIEjoDVfRuvTlXweCSCm8UId9yzKi-hiRUaMtROVjZ2dPSe7gX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E559 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1WbCkRXvZOeBKvu7x_APpsyFsAYAAAAAOAHgBAI&bg=!IiGlIW7NAAbGwlhq5sI7ADQBe5WfOKmudjYmEddHsSaW3-ERA_38aO90xclRva4Gf_3gVX1mb20kIsXX1Z79iTycd14YAgAAAtxSAAAACGgBBwoAitKvNaL8UE7SJZuxVVKoal9VepRdxKPlj1rWfvouBLDQvwG1YW1AJog82z653Jzvm6NwMyJRmBBBED2RUszj22Q-4M14Oz-uAH_sGtGBQMg2Xx-5Bjd7k3P4Tm4lCq0Dcc2uV_yYb8UI73Z_a_hA8vN2DFI-nzwSzV2dFF9kbH9POlUimzvTkJVblZkDBdquPIIymEULC04m3B0Z5w-FVyvqCWJX11LnoWAHbOIqlkt9OYE7PZFNnwzzgGwFk9HZwvhQGGrSOuR_oIrCYsVN4UmklJj4ILae3pfv1DYX7AuChD6Hfb9ZgpYrcfpVu-CxrkZEt9-nxLS3JmsE_DGkGdzQzGZRND-3o5sdNwqwHUFyOm4XdOhMI35gY6aNbXeo9jLD-Cz2WLKX1YVM0L4TxqvDDu7nUm3kog8fV_WpiYnyALBDmk-J1dBxf4XZHNuAiIOXpZ_EB-Kghyz10Ui2USqivJWMo5TDj3iggJ9_ILxrrpjp-gWSwKYj-MWT5a7cqOpTL0i5wIJfMeQHJ9nl37qXO1tUwwAzcGSh8NdnwpE6RbODDHk1fMNkEIPumS0K6-MbBGIuNG8byIr8bNCB4FV4LHmIA3_z2hhduLZ9G4KwOG5uWFyRsgYranYlpTcdglE_iE2ItDsG6DpqvZV3kUNmCzSV6M9_W1K0fr7Ar-h8sL6jmcLxHC6Fn1LZH11WdkpzEsPGPWsQZPb3SPxpeaa3bp6CXdXwMJQyXVZz6xAdGAb8lJp1XAsn2DaF_CPzpuMKZPjrBZrpwXDjxcek8BdeazsGYbnqlYIQGyKFxi4z07qodkl3n3eE6yyTlqYzPoqRDd62N23Wb7XrhWR7hWEkJP61vc4RUVHGxQ2rDK7vmA-aXLB1cgtlYMn76EgwUFH-Xl61KSYwtzeiPFHhV-o5ATeurCeApvndwc5Xq94n8-9cTE2CsDbd_Af7_P1ixEizAQcoqEFAUaFpjKDmT0B79PYlhFEZpPPhz8iUWpudx-xNszenz3dHhpcuVpaSKwRVMAh0VSIXVdElaAdU6UIg4DcW5Uu4Yl33UBLTTTwb8eJX8SGgtXIw3Ft6WJCllFDRd-AmmGDbtl_ostM2SdMzKKhpm-1LdYGWb57DH5PhP9xoxLGBi_2A4cCYFPA2atx7SjtZOLhuVXXxWpmnvM1zfrmAM3YgtG2bPJbJU9t9UDCRLspEyGk7jCf8BWLYMGyo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pips.taboola.com/ 		64 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
4a2bde4a3004d17e0964f748d871d975fd43f86807d0ea90c600595f4bbdffb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230038-FRA
date
Wed, 30 Aug 2023 10:10:28 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.walla.co.il
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
PugMaster
image6.pubmatic.com/AdServer/ Frame E246 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=9372917&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0efef49068ac9b60b7dc209730c6878a1db4d0f75af4422cef7f6ac3a62e4b25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 10:10:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
gen_204
pagead2.googlesyndication.com/pagead/ Frame C840 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bw_ZpkRXvZK7RNp-wx_APo5en4AsAAAAAOAHgBAI&bg=!5eal5qnNAAYkVgHwBFY7ADQBe5WfOMFPNf2zJ2bi-qz54Ymcsz0ycCuUv4NWzMFr5VVyyQq25kalvVHx3Qvb23zzDB7DAgAAArhSAAAAB2gBB5kDFY2AgvvcR-Gjbj31A_80uz_fljkgOC61Eh5ehgwjKHLx3YVbtIp7TrYekGmMXlPhjlGXPVHvHhj3gNyn730wA9uHK4PHnY109u1M0xvWrl5GxEM_CZn9SIuc5tEMYcnQmWZO3XY0YNdJWnUtbaaTutSIMBKlJJCnbjhAbUN6zroukqadIivar2puwbvst-0DeUOhk2-HlyfL5C0hXSi_Us-0F03yDmVo9T7fmL1VIzsPN8XwBORwEA7aSuoV7Pw6r9xsxh2ClXEAwYLKMzz87T3gCJRIOvnyYtKuE8Zd98rspgNT6MVMuEurNe-LIZ55nGwTr3fBM8-1DvprfHY-nZXpKuZ-j5azCORa9KotdD66G6TE5ARKLmM0NepkCldQ14qkiQlpy9MDJV7IztIJYQyEoEUUpYTrPzLJxNEqsyXsHk0fLnxhNuBTWPr61ftxFsznGEaaLPRUTMTZF0OYT9fnB5PJMKaUKSHbVwMhVO17OC9pKn-vjH373fXWJ39648eQ0aixeC89o7OcnBbocKdQ8JzzQOeuHfJyIrDyuElR54M-LaMolyKYIfH6DSlgEp7xsBPyfwOeaM46tODdRjur1a4PNhYOH-tmZAt24w9SGLzag8OAC6MW5Sp8OyDJblrFD-zfHtOqXzPK2eBRhhx9_rwupA5QBaoh9d-QyTtBASf_zjaKysqRYrvt3SFzM30jg7wovcgVK6Pyj1PuCYe3WGvrNRAf9vAgpeo3mI--K26E6zFhQCixY828oDIxUYr0MhB6ltOAitfR-oDZIDHf2CriXX1nskcP_mPu4lGuzle0PhlVf1Zt4NOappFuxvhLKohzgol2g-goHnT4j2RfzdjNQP3jPLo0kSArTlduZcoeY1kV7OAJNB5ze8kMp1BB8-zRO1h53HMpgFSx5g96lelVFZvOxQvS8KE_pfDHCxfL_XsCHw2YJZPSJ6rlUeU1E7_u3BYTL3oAQqP4vxn7aarHQ_-jRH1iQK90EcMpGv9dM1cQH9SIPJzyz1YyWGYNM8y2W4ea-UbcCq0nfL6tq6Dvjg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 196B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
246fd4181dabbd9cc681272ebde85cc3ddd2ff4e3f8ab8918ba5e06723911960

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7fec3e7d2a1a910a-FRA
content-encoding
br
content-type
text/html
date
Wed, 30 Aug 2023 10:10:28 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mi%2F6QoDQJcqeqdcLkXbhXOAcIgNhje%2FS1ezfUsfHah7pDZ6GSKgl6JuV5bn7BfPdQxGppYo6aBZ5dtNYoqlJLD%2BSfYaiPoQFANubJ7H%2FI%2B26aGLLz%2B4RllQRUMIcf8ThucBXY%2FDi1G9r8g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 53C9 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:28 GMT
an-x-request-uuid
a5fb27c3-3377-4829-b0c5-9e9479572013
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.25; 217.114.218.25; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame E379 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
504599
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7fec3e7d58654db2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CBA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4324184250491&version=m202307240101&ct=76&x=1&cor=8312018398775045000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=c2a480cd-b473-488d-98cc-424c45b354b2-tuctbe89b10&uad=72cc2f91b041e44fac52826f0b0d3036d31741d4cfc73c0f0e7def705671b078&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 30 Aug 2023 10:10:28 GMT
cache-control
no-store
server
nginx
casale
match.adsrvr.org/track/cmf/ Frame 196B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 196B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZO8Vkbtxviw0lCdvPLjgqwAADO4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBDwBH91y_HhntET4ji_yfo&google_cver=1
43 B
777 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBDwBH91y_HhntET4ji_yfo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyMnlJehxRdN%2FHLwpnO2m7JyCRdeGUAhoEKuHZyQwNHcJPhm5GbO%2FoStaV5a%2BL%2FKpEpEna9zdYYNTyeJR%2F86ROC5UmPqWLvSxnewcEh%2BqETv27ry9rMsn%2F%2F6ERr0Tfq6wW6LTm4qX5O3kw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7fec3e7debe918b7-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEBDwBH91y_HhntET4ji_yfo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 196B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO8Vkbtxviw0lCdvPLjgqwAADO4AAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO8Vkbtxviw0lCdvPLjgqwAADO4AAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO8Vkbtxviw0lCdvPLjgqwAADO4AAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 10:10:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BBF16JN09KGZ2W47E134
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 10:10:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1XYVR71F66PPAYM2GHF7
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZO8Vkbtxviw0lCdvPLjgqwAADO4AAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ZO8Vkbtxviw0lCdvPLjgqwAADO4AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 196B 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZO8Vkbtxviw0lCdvPLjgqwAADO4AAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:f60d:7f4e:ab14:8158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 196B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4761697221186090810&expiration=1694599828
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4761697221186090810&expiration=1694599828
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 10:10:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4761697221186090810&expiration=1694599828
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
user-registering
ads.stickyadstv.com/ Frame 196B 		43 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZO8Vkbtxviw0lCdvPLjgqwAADO4AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-106.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 10:10:28 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1693390228080067-352
Expires
Wed, 30 Aug 2023 10:10:28 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 196B 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
ddos.com
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:27 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame 196B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2472533790212609381
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2472533790212609381
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 10:10:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:28 GMT
an-x-request-uuid
69e3e231-759b-4811-8bd2-b01b7138b53c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2472533790212609381
x-proxy-origin
217.114.218.25; 217.114.218.25; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 196B 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZO8Vkbtxviw0lCdvPLjgqwAA%263310
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:28 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
24921
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7fec3e7e4cc558ea-TXL
content-length
43
expires
Thu, 31 Aug 2023 10:10:28 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D976
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 10:10:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 30 Aug 2023 10:10:27 GMT
expires
Wed, 30 Aug 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
575559
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame B67E
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=57F150BD-F328-494B-8AE0-E372AABB30EB&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=57F150BD-F328-494B-8AE0-E372AABB30EB&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=57F150BD-F328-494B-8AE0-E372AABB30EB&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 30 Aug 2023 10:10:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
DR872TDVHV2X5B8CSAV2

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 30 Aug 2023 10:10:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=57F150BD-F328-494B-8AE0-E372AABB30EB&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
9F5HQB5YSDCBVZK7E903
Pug
image2.pubmatic.com/AdServer/ Frame 102D
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=v5SocLiV9CKkkq4jusXgLu_Eq3OkkfwnsJMSaYmL
42 B
569 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=v5SocLiV9CKkkq4jusXgLu_Eq3OkkfwnsJMSaYmL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 10:10:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 30 Aug 2023 10:10:28 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=v5SocLiV9CKkkq4jusXgLu_Eq3OkkfwnsJMSaYmL
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E246
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=V_FQvfMoSUuK4ONyqrsw6w%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:28 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=62002
accept-ranges
bytes
content-length
5606
expires
Thu, 31 Aug 2023 03:23:50 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame E246 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=57F150BD-F328-494B-8AE0-E372AABB30EB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.14.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-14-223.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:28 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.19.16
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame E246
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3524358078
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=57F150BD-F328-494B-8AE0-E372AABB30EB
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=57F150BD-F328-494B-8AE0-E372AABB30EB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:28 GMT
via
1.1 google
last-modified
Wed, 30 Aug 2023 10:10:28 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=57F150BD-F328-494B-8AE0-E372AABB30EB
date
Wed, 30 Aug 2023 10:10:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame E246
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=57F150BD-F328-494B-8AE0-E372AABB30EB
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ODY4ZFBCcE1Ia1JULWlvaENiZnBTc25YZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=4761697221186090810&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Server
34.238.5.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-5-208.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 10:10:29 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 30 Aug 2023 10:10:28 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame E246
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTdGMTUwQkQtRjMyOC00OTRCLThBRTAtRTM3MkFBQkIzMEVC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 10:10:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E246
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMwOG60Be6mnUMX9qyTZD8g&google_cver=1
42 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMwOG60Be6mnUMX9qyTZD8g&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 10:10:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMwOG60Be6mnUMX9qyTZD8g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame E246 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:28 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 29 Aug 2023 10:10:28 GMT
generic
match.adsrvr.org/track/cmf/ Frame E246 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame E246
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4761697221186090810
42 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4761697221186090810
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 10:10:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4761697221186090810
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
57F150BD-F328-494B-8AE0-E372AABB30EB
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame E246 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/57F150BD-F328-494B-8AE0-E372AABB30EB?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:f60d:7f4e:ab14:8158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame E246 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=57F150BD-F328-494B-8AE0-E372AABB30EB&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
drop_cookie_sw.php
csync.smilewanted.com/ Frame D1DF 		0
660 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7fec3e7e19594db2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 10:10:28 GMT
server
cloudflare
vary
Accept-Encoding
dt
dt.adsafeprotected.com/ Frame E288 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=5952e237-63b2-f878-6283-c5d8110ad44a&tv=%7Bc:mLTsCI,time:1618,type:e,im:%7Bpci:%7Btdr:1071%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1619,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:70,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1613~0%5D,as:%5B1613~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:269,fm:tOpuOFw+11%7C121%7C1221%7C1222%7C1223%7C1224%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1k.990511-61634100%7C1k1%7C1k2%7C1k3%7C1k4%7C1l.990511-61634100%7C1l1%7C1l2%7C1l3%7C1l4%7C1m*.990511-61634100%7C1m1%7C1m2%7C1m3%7C1m4%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v%7C1w%7C1x%7C1y,idMap:1m*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:71,sis:458%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:78aa:1966:9c24:9c12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:28 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 8DCB 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=231da780-d397-11ff-1b9e-20875e2ca1d5&tv=%7Bc:mLTsCK,pingTime:-10,time:1432,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS4xNDAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1693390227416%7C%7C12324727ec4bfcf49c3a9154eef0d552%7C%7C0f286e8f7fa153358c622af13d09b529%7C%7C350c67e8a3c62d0255341bc5467409f3%7C%7Cd839d48ec4496b883299bb443961b211%7C%7C3610c14874fc82bb67680f44e700f0e5%7C%7C05d6de743bfd70dc127e5824ff09764f%7C%7C62832f39c68a6aabce5ed5bdf1fde51d%7C%7C1663701684,im:%7Bpci:%7Btdr:1059%7D%7D,sca:%7Bspg:5952e237-63b2-f878-6283-c5d8110ad44a%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:78aa:1966:9c24:9c12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:28 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
onetag-sys.com/usync/ Frame B82C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pixel
ap.lijit.com/ Frame EC28 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Wed, 30 Aug 2023 10:10:28 GMT
X-Sovrn-Pod
ad_ap6ams1
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308240101&jk=2290754539433368&bg=!oqGloe7NAAYkVgHwBFY7ADQBe5WfOPW2l7BJRIWmJvoKSUuMjjTXDOS5JU1CNyF-_TWyEK5YzuiXcwsoIffwregRIg4-AgAAApJSAAAACGgBBwoAQnx6ccZWZ-3Yb9r8aZSe6JRicCQOvEmvTJjsR3jhXielCG_ca-WVl5vdYC-eG9X7biIBNI97BjTWO5A04Z8QAe_7ZJkCstD4zMIUYrj2CXzHHI4GlcWcoIM-wzYFV6pRIPp7Rw4mdJ0-8lGLq0pw40tkqXUy6MCzX91ydK1J5_hBys7FgG71UUXvVE6DRCwjg0O4GIlfn2XuogTzob6g2OLRfu2uuMtlweI0uHKWuI0z3OQCVaP4lBAAoGfemIDqV6d7jsBhivxfK632URvWl_Jn2bDITMoYXbuOUs61yw2w7KxrUx-yKzXTz119a3Qf152g9VUMmQZhDUj8SwUp2xQbFOOCa2_uEdepnHSaDxJBxBnMwAHIvmYBZPRE83ZF9MDs09OLKIMxSSqmq7aGN3g25Iq3aG7HeETezFM0eYbyTtgl2HxVjhw9nPVYbOyGXEZCTcqn1ImIS4AqwBOBZkL5nI36lSRlPJxhChxRKlRlWt8zrv5fUd7sGoFiqhS0T1AhVquwtf5bBnvpKjf37d-GSAC_jiFa0rzfWNWADBRfAWTi2tYKnUj5QJdJ6qj5mDmIG5PySRn7IUq3DOdGu9HJKL7GddzCQD8ABFW3z_1Y6MMSsm4r6UoiFl0QRCqsFWJKCGCZQHuvTfMbr93zpWaMdzA0w05b6cbe7pB5PVfAddhnoL79dypRYyPw1CxLlm70UrXdY_7HtbmvezmMUJGuq-BW0UJXSX9_bpYubyvq0gNG3J4KaPB-lLdd42UEtDFD5aFz7jonM0gjGOtGmt2E0GQken-62SOhJaIhNZszqcd_C-RN-NLbPuT590U5nBN217ySj76xHI60mKn05KdL9NMy1OSktcFC9FIYHbLHyzylc7lz0bqQPTBxikvBBd4nVnSdqOVqFDEp1iv82PPXbCNTpAxV-dbOSkyLeLzmmrDM6AM4jKldXSZvSSPwHl3NpQLKZ7WF_SZlsUdmZjvvypQoKtFgReJmlmLIvC-aZjDsVOQAnQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 877E
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Wed, 30 Aug 2023 10:09:12 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
x-powered-by
PHP/8.2.5

Redirect headers

content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 10:09:12 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx
x-powered-by
PHP/8.2.5
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4905 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.586.0&bgai=B6q_ikRXvZIm4JquU2fcPsre4yAIAAAAAOAHgBAI&bg=!6uml6abNAAbGwlhq5sI7ADQBe5WfOAV4V6-jTzmde9Pa4a_IUZv_hgArEkXdRe2JfvVVpwkaZjBZ_UeYgaKdWyxnQtc1AgAAAYZSAAAABGgBB5kC7lva_glwHttcMkea_hG3VhFbQ0QEePMXCydEdkLWWcmbM8X0jSqxvvamLims0usnjW-xIN2rmdhSBDCicVuOM02dYdVOgM9XUKBV_wJ4iRBE_T2mCgFOkxLUKylyFYUy9Fz4gAkEFRP5RGQ-qGzNHRiw-612I5iqZYEZUjJN2dDX_Fs7_KBcq0hWQDU7Ui5bcNZ77sGTuqvX-4mFJPliRERb5NMjgLMtY_LcCTRsykbX-ZBMq5xwN_EGzqVGlmkXBlGxIsIRoHMrHQSiUbu4c-44fko9x0y0iMyiAqYBNdVmz3snclM2Hg4hKB2LCBvf7xK-WIuh8FiS5X-9Z41VAVexE9frLv7zzapsOKs1sRXTi70ZuGqI-yXiHSFiPxC8nQzjPi8veMtyp3OJftjXjCKJWxhohrxVhsompSsMUvcJB9Fh5BvHMGVTs-gpn8vPPBXwq6yoIiPVwI45PdpwCQReVc_RbkTxAU5_pW2OVrB03KnMVhE3kirMUv6gZkXdEhZjPJTL7xjc9eqd-OeVGbYxHcxvucck2R7z9VeIREqVYP72R3FHRcBD1jdcVkWydiHlYHOKg8kaEazdnQMfq4FQ1aASeRr7fdzKnEwnD56APHyQYkikh2don6S3kLeoI7K7P-ZaLwvLp10zLAFu3W2gXs70-Qky9YXAOU0flZ5zOEm-9KF0Bqud9NQbyvlyjBH1seCfWUI44JiM-PCT99cg6FT4FxvI1UBOG7-6d4LAT44pP6uqjTVuP5w7gP2UTVfa5LMKpob8_otxQcnl4vA_DL3QyUBZMB0ZYzfS7PaX8WN5ikXzyM3J__4AmlpFyXese1e4oPOMLmjzExp9JXF98CnoT7ZWzXrX5ufAr72tsYvYFtnfDnKTjyB92DtV0QGbx6Kl4DwYmbPXH1R314-hGYvIfX9E710dV13bW6PK4DOoOB0B2pONS5P95ooOHbhSwRHmEUyXna8F5ro9mO9r88zXQWEOK1mpV-xH8g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
smwt256.gif
us.ck-ie.com/ Frame 0629 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Wed, 30 Aug 2023 10:10:28 GMT
Server
nginx
4761697221186090810
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 00FD
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/4761697221186090810
0
491 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/4761697221186090810
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7fec3e7f8b9e4db2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 10:10:28 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Wed, 30 Aug 2023 10:10:28 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/4761697221186090810
server
nginx
c86ddc974113c5fc36138c3d09ee4bf
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 74DE
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/c86ddc974113c5fc36138c3d09ee4bf?gdpr_consent=&gdpr=0
0
512 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/c86ddc974113c5fc36138c3d09ee4bf?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7fec3e7fdc094db2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 10:10:28 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Wed, 30 Aug 2023 10:10:28 GMT
Expires
Wed, 30 Aug 2023 10:10:28 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/c86ddc974113c5fc36138c3d09ee4bf?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1693390228388069-371
v1
match.sharethrough.com/universal/ Frame 1FE1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.139.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-139-48.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 30 Aug 2023 10:10:28 GMT
smw888.gif
us.ck-ie.com/ Frame BDD0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Wed, 30 Aug 2023 10:10:28 GMT
Server
nginx
Px2mur4X0hdxGzX0GRJE
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame B847
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Px2mur4X0hdxGzX0GRJE?pi=smilewanted&tc=1
0
582 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Px2mur4X0hdxGzX0GRJE?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7fec3e810dd34db2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 10:10:28 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 30 Aug 2023 10:10:28 GMT Wed, 30 Aug 2023 10:10:28 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Px2mur4X0hdxGzX0GRJE?pi=smilewanted&tc=1
pragma
no-cache
setuid
ib.adnxs.com/prebid/ Frame 7450
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=d2d0ac41b2f73069127b27a56e0c307a
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=d2d0ac41b2f73069127b27a56e0c307a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
an-x-request-uuid
87c99871-a079-4b46-9825-1bd5b4b3c670
cache-control
no-store, no-cache, private
content-length
43
content-type
image/gif
date
Wed, 30 Aug 2023 10:10:28 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
217.114.218.25; 217.114.218.25; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7fec3e80fdc44db2-FRA
content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 10:10:28 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=d2d0ac41b2f73069127b27a56e0c307a
server
cloudflare
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8DCB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8662449538355&version=m202307240101&ct=76&x=1&cor=11278931248339397000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B94B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7860312822803&version=m202307240101&ct=76&x=1&cor=2144809379395157000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E288 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3202967365502&version=m202307240101&ct=76&x=1&cor=2554340492466510300
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 8DCB 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=231da780-d397-11ff-1b9e-20875e2ca1d5&tv=%7Bc:mLTsQd,pingTime:1,time:2267,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:23%7D,%7Bpiv:79,vs:i,r:,t:1265%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1002,o:1265,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1258~0,1~75%5D,as:%5B1259~300.250%5D%7D%7D,%7Bsl:i,t:1265,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:79,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~75%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:173,fm:tOpuOFw+11%7C121%7C1221%7C1222%7C1223%7C1224%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1k*.990511-61634100%7C1k1%7C1k2%7C1k3%7C1k4%7C1l.990511-61634100%7C1l1%7C1l2%7C1l3%7C1l4%7C1l5%7C1m.990511-61634100%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v%7C1w%7C1x%7C1y,idMap:1k*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:24,sis:291%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:78aa:1966:9c24:9c12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:29 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B94B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=ba140f8d-8ede-8ec5-42d7-9f159e706e0a&tv=%7Bc:mLTsQe,pingTime:1,time:2357,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:24%7D,%7Bpiv:79,vs:i,r:,t:1355%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1002,o:1355,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1349~0,1~75%5D,as:%5B1350~300.250%5D%7D%7D,%7Bsl:i,t:1355,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:79,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~75%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:209,fm:tOpuOFw+11%7C121%7C1221%7C1222%7C1223%7C1224%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1k.990511-61634100%7C1k1%7C1k2%7C1k3%7C1k4%7C1l*.990511-61634100%7C1l1%7C1l2%7C1l3%7C1l4%7C1m.990511-61634100%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v%7C1w%7C1x%7C1y,idMap:1l*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:25,sis:362%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:78aa:1966:9c24:9c12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:29 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
async_usersync
ib.adnxs.com/ Frame 53C9 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:29 GMT
an-x-request-uuid
5ca6c4a4-92f5-42c9-9691-da52889ea8ba
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.25; 217.114.218.25; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
dc_oe=ChMIycT1lpKEgQMVK0r2CB2yGw4pEAAYACDa14tXQhMI3a_alpKEgQMVPkH2CB232gH5;met=1;ecn1=1;etm1=0;eid1=960584;
ade.googlesyndication.com/ddm/activity/ Frame 885F 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIycT1lpKEgQMVK0r2CB2yGw4pEAAYACDa14tXQhMI3a_alpKEgQMVPkH2CB232gH5;met=1;ecn1=1;etm1=0;eid1=960584;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 885F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_eLZkRXvZJ2jC76C2fcPt7WHyA_r0sWTb9jTw8-JEb__uePXAhABIJmjzypglYr7gZQHoAHIx7XyAsgBBagDAcgDE5gEAKoEgwJP0CCLUmZPeZRklsP9H6oboeyR6KGgn5_RVLWAEZcy_ZGvG3dRP4Ggg7PkmTbzBAFORhayJ5WSlGuNHvWMrRD7dtDi34fUOhs3G26-0DD7bZ2jWQ6FLbodSw-4sMrbuAVgjnJglOBDG4bfUfwmV9j9N5XrMmnG-9pXY6BM_GrjGZ9BgmEnXINe0YaItFcRZT3pgFi6H_ZHz2xW3BLoLuD7bqPppiw1UuLWVnQnDolkOHrZTxIs1UhxK5359QW179CgiGhh4zBGuBDHsA3qCep_MH-kWUqoE4_Q1FfpRr-cejOPNUBVDjzpdgjQawlW1g0AwWHESm1x6ifwFnuB4k3dkchywAS7tLi-3APgBAOIBa2Xp4s3kAYBoAZOgAeguMqNAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE6Ks2RHQEwDYEwyIFALYFAHQFQH4FgGAFwE&sigh=vyPhfcZaB2Y&label=videoplaytime25&ad_mt=2544&sdkv=h.3.586.0&vci=CkUIAhoLQWRTZW5zZS9BZFggAyoMNjM3NzE2NzM4ODkyQABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KjQEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gAyoJNTQ0MzY3MTIxMgkxODI2NDM2NzRArgJSNQi0IRAPJQAAIEEoAToHdW5rbm93bkIHdW5rbm93bkjNCVAAWhBUMGtNXzJfUF9NbWdtRDdfWhtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame E246 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160447&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame F514 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b778f554e281a21411931314b1c251c8646469c0a8ae31e053b94afff238dc2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 10:10:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Aug 2023 15:51:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20423
Connection
keep-alive
Content-Length
10116
Expires
Wed, 30 Aug 2023 15:50:53 GMT
tap.php
pixel.rubiconproject.com/ Frame F514
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAMailicG_zR6ATrj1zd5t8&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAMailicG_zR6ATrj1zd5t8&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAMailicG_zR6ATrj1zd5t8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame F514
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/tOGzXH03tteYUuvJev-FZ8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VLXkgEZE2oJdVzMnLwXTacWwDP2rfSndGUKA3g--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VLXkgEZE2oJdVzMnLwXTacWwDP2rfSndGUKA3g--~A
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 30 Aug 2023 10:10:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VLXkgEZE2oJdVzMnLwXTacWwDP2rfSndGUKA3g--~A
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame F514 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
aax-eu.amazon-adsystem.com/s/ Frame F514 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 10:10:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
S2YTBSEZ7X6WS9GDRAFE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F514
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjFhYWU5OWFmNWM4Y2ZlNzA5ODJiMzY1NzA0MjJiMjc3ZDRlZWI1ZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjFhYWU5OWFmNWM4Y2ZlNzA5ODJiMzY1NzA0MjJiMjc3ZDRlZWI1ZA
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YjFhYWU5OWFmNWM4Y2ZlNzA5ODJiMzY1NzA0MjJiMjc3ZDRlZWI1ZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame F514
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ThE0UTQeQmKOHas0b2XUKQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ThE0UTQeQmKOHas0b2XUKQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ThE0UTQeQmKOHas0b2XUKQ
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2023 10:10:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Y14KJZTJA2XQBHDYCCW4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ThE0UTQeQmKOHas0b2XUKQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame F514
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLXKTFEL-13-DCNT
0
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLXKTFEL-13-DCNT
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:30 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 7571C59CC9704BE8B4AC8049F0E91203 Ref B: FRAEDGE1817 Ref C: 2023-08-30T10:10:30Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEISMr6vwaf+gg2lLXTA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLXKTFEL-13-DCNT
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame F514
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExYS1RGRUwtMTMtRENOVA==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPJ8pFF30PvFq6ImU86xH40&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExYS1RGRUwtMTMtRENOVA==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExYS1RGRUwtMTMtRENOVA==&google_push=
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExYS1RGRUwtMTMtRENOVA==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame E246 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65231713&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
94d61fd425621e379844ca5e565a39f6cc5a923cdc9b1705d101437826b81297

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 30 Aug 2023 10:10:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
index.m3u8
amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb543e1f7c6c648f9ed43d67d8ef42a5f9421fde1d6988693eb5518975d1073edce2a59caa08ff16388f1ede7f0a66413a3e951fda77118fd87... Frame 6CCE 		13 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb543e1f7c6c648f9ed43d67d8ef42a5f9421fde1d6988693eb5518975d1073edce2a59caa08ff16388f1ede7f0a66413a3e951fda77118fd87eb141453c5728cfffe729a2c05616b7db083429b56a062a866a68ac39437ed0e21f48a238b6720a5aa82a66443d80b846ac7754db80148e772d8eb3dc65396d390ec90c1fbcbf5ba0f8ff5e43ca78a7e74f40917c43e59f46ced548a681d50ecb5ed471f9128096a1d9d417d7879860af55e306123256152d44abf2b93cccb8be4c7bfb562d541354e8bae18f245ea37233907c62a9c503da06dc8635841a5ad3e27c80e542ec46bf07aee246e2dfd320b79558d6a679585dc7c7a19cfa273abc2c9cc88c85232bc0a0463c2f5d0ea9d1e2daa1d4be3ca4ba415462741df62e3d72adb4508992a286a0928858902cc4fd26f95756636c1e0b8a51a3d53895799d309fc71d25535a57edb46184d7891060390fb18950824740f9c3ddd7964e1ada70175fdf65db700c7883613f2bab7eafda7447a11227a9797df7513e8502dbbd2ffea892a52533a7d1ca47b03ebee34482b857f139691753e7a26c6c444a7cc2e72958632e8d16b2a1bf8b1d3e09e2f3c2e9d31369574b707c38cbb3b73ecbf483437b31ce5c216c716a67b50cc466d205094d6efe17dda8066396444609e3b43449557c9caae5d14ec0c5eb682c044c4a4e23689c6b527d/40/640x360_642400/index.m3u8
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/3589_26d30df0f2e2888527b1_26d30df0f2e2888527b1_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.139.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-139-98.ams50.r.cloudfront.net
Software
/
Resource Hash
777b0f6e84a8c435c8471db6342552c0367444e4b2ce8485ca548515e1912cbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:31 GMT
via
1.1 google, 1.1 614841c4d4b9d16b3be042dd1938400c.cloudfront.net (CloudFront)
content-encoding
br
last-modified
Wed, 30 Aug 2023 10:10:31 GMT
x-amz-cf-pop
AMS50-C1
x-cache-status
AMS-cba56054, miss
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
https://www.walla.co.il
x-cache
Miss from cloudfront
cache-control
max-age=1
access-control-allow-credentials
true
accept-ranges
none
x-amz-cf-id
ZJztqb4G4otZ6-YWzH2I7tOwtRLAnQ86Ekurz7T87xTLLqEWxrKtuw==
match
c1.adform.net/serving/cookie/ Frame 1C3F 		35 B
599 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=57F150BD-F328-494B-8AE0-E372AABB30EB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 30 Aug 2023 10:10:31 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame EBBE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2472533790212609381&gdpr=0&gdpr_consent=
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2472533790212609381&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 10:10:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
fab364eb-19c6-4ab6-bd35-62a4ccb502e6
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 10:10:31 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2472533790212609381&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
217.114.218.25; 217.114.218.25; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame FFAB
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7273055635756611742&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7273055635756611742&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 10:10:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Wed, 30 Aug 2023 10:10:31 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7273055635756611742&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 14FB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=cR6Tg2yQXFdTnP_fSGNuwNly2hk&gdpr=0&gdpr_consent=
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=cR6Tg2yQXFdTnP_fSGNuwNly2hk&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 10:10:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Wed, 30 Aug 2023 10:10:31 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=cR6Tg2yQXFdTnP_fSGNuwNly2hk&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 1889
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZO8VlwAMesb49ABY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 30 Aug 2023 10:10:31 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230132-FRA
x-timer
S1693390231.349394,VS0,VE95

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Wed, 30 Aug 2023 10:10:31 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZO8VlwAMesb49ABY
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230132-FRA
x-timer
S1693390231.234601,VS0,VE95
Pug
image2.pubmatic.com/AdServer/ Frame 6801
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU35d3a1cf1b4d47b988485429b9e1556b
42 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU35d3a1cf1b4d47b988485429b9e1556b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 10:10:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 10:10:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU35d3a1cf1b4d47b988485429b9e1556b
pragma
no-cache
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame FE60
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 10:10:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 30 Aug 2023 10:10:31 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
mw
mwzeom.zeotap.com/ Frame E246 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=57F150BD-F328-494B-8AE0-E372AABB30EB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:31 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7fec3e9118de4d4f-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame E246
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=57F150BD-F328-494B-8AE0-E372AABB30EB&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=57F150BD-F328-494B-8AE0-E372AABB30EB&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=57F150BD-F328-494B-8AE0-E372AABB30EB&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:38 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:38 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=57F150BD-F328-494B-8AE0-E372AABB30EB&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame E246
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=57F150BD-F328-494B-8AE0-E372AABB30EB&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:31 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
sync
x.bidswitch.net/ Frame E246
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=c0ed94ef-b43c-4a77-85c3-475a815f5296&gdpr=0&gdpr_consent=
  • https://sync.bumlam.com/?src=bsw2&s_data=CAIQARiXq7ynBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEHOKZcBHHRHusdoAJZDIJDeqAQhwdWJtYXRpY7IBJGMwZWQ5NGVmLWI0M2MtNGE3Ny04NWMzLTQ3NWE4MTVmNTI5Ng**
  • https://x.bidswitch.net/sync?dsp_id=476&user_id=738a65c0-471d-11ee-b1da-002590c82437&expires=90&ssp=pubmatic&bsw_param=c0ed94ef-b43c-4a77-85c3-475a815f5296
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=476&user_id=738a65c0-471d-11ee-b1da-002590c82437&expires=90&ssp=pubmatic&bsw_param=c0ed94ef-b43c-4a77-85c3-475a815f5296
Protocol
H2
Server
18.159.10.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-10-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Date
Wed, 30 Aug 2023 10:10:31 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://x.bidswitch.net/sync?dsp_id=476&user_id=738a65c0-471d-11ee-b1da-002590c82437&expires=90&ssp=pubmatic&bsw_param=c0ed94ef-b43c-4a77-85c3-475a815f5296
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame E246 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=57F150BD-F328-494B-8AE0-E372AABB30EB&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:31 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame E246
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2535591895242875208&gdpr=0&gdpr_consent=&us_privacy=
1 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2535591895242875208&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 30 Aug 2023 10:10:30 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2535591895242875208&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame E246
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:55dc0c74-a031-4182-ad24-4202d1a30313&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:55dc0c74-a031-4182-ad24-4202d1a30313&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 30 Aug 2023 10:10:31 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:55dc0c74-a031-4182-ad24-4202d1a30313&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 30 Aug 2023 10:10:31 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
dc_oe=ChMIycT1lpKEgQMVK0r2CB2yGw4pEAAYACDa14tXQhMI3a_alpKEgQMVPkH2CB232gH5;met=1;ecn1=1;etm1=0;eid1=18;
ade.googlesyndication.com/ddm/activity/ Frame 885F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIycT1lpKEgQMVK0r2CB2yGw4pEAAYACDa14tXQhMI3a_alpKEgQMVPkH2CB232gH5;met=1;ecn1=1;etm1=0;eid1=18;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 885F 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C_eLZkRXvZJ2jC76C2fcPt7WHyA_r0sWTb9jTw8-JEb__uePXAhABIJmjzypglYr7gZQHoAHIx7XyAsgBBagDAcgDE5gEAKoEgwJP0CCLUmZPeZRklsP9H6oboeyR6KGgn5_RVLWAEZcy_ZGvG3dRP4Ggg7PkmTbzBAFORhayJ5WSlGuNHvWMrRD7dtDi34fUOhs3G26-0DD7bZ2jWQ6FLbodSw-4sMrbuAVgjnJglOBDG4bfUfwmV9j9N5XrMmnG-9pXY6BM_GrjGZ9BgmEnXINe0YaItFcRZT3pgFi6H_ZHz2xW3BLoLuD7bqPppiw1UuLWVnQnDolkOHrZTxIs1UhxK5359QW179CgiGhh4zBGuBDHsA3qCep_MH-kWUqoE4_Q1FfpRr-cejOPNUBVDjzpdgjQawlW1g0AwWHESm1x6ifwFnuB4k3dkchywAS7tLi-3APgBAOIBa2Xp4s3kAYBoAZOgAeguMqNAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE6Ks2RHQEwDYEwyIFALYFAHQFQH4FgGAFwE&sigh=vyPhfcZaB2Y&label=videoplaytime50&ad_mt=5219&sdkv=h.3.586.0&vci=CkUIAhoLQWRTZW5zZS9BZFggAyoMNjM3NzE2NzM4ODkyQABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KjQEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gAyoJNTQ0MzY3MTIxMgkxODI2NDM2NzRArgJSNQi0IRAPJQAAIEEoAToHdW5rbm93bkIHdW5rbm93bkjNCVAAWhBUMGtNXzJfUF9NbWdtRDdfWhtkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1kc3AYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
perf
am-trc-events.taboola.com/wallail-walla/log/3/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/3/perf?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230830-8-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Wed, 30 Aug 2023 10:10:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
dt
dt.adsafeprotected.com/ Frame 8DCB 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=231da780-d397-11ff-1b9e-20875e2ca1d5&tv=%7Bc:mLTtSI,pingTime:5,time:6266,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:23%7D,%7Bpiv:79,vs:i,r:,t:1265%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:5001,o:1265,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:23,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1258~0,1~75%5D,as:%5B1259~300.250%5D%7D%7D,%7Bsl:i,t:1265,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:79,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~75%5D,as:%5B5000~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:174,fm:tOpuOFw+11%7C121%7C1221%7C1222%7C1223%7C1224%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1k*.990511-61634100%7C1k1%7C1k2%7C1k3%7C1k4%7C1l.990511-61634100%7C1l1%7C1l2%7C1l3%7C1l4%7C1l5%7C1m.990511-61634100%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v%7C1w%7C1x%7C1y,idMap:1k*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:24,sis:291%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:78aa:1966:9c24:9c12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:33 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame B94B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=ba140f8d-8ede-8ec5-42d7-9f159e706e0a&tv=%7Bc:mLTtSJ,pingTime:5,time:6356,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:24%7D,%7Bpiv:79,vs:i,r:,t:1355%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:5001,o:1355,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1349~0,1~75%5D,as:%5B1350~300.250%5D%7D%7D,%7Bsl:i,t:1355,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:79,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~75%5D,as:%5B5000~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:182,fm:tOpuOFw+11%7C121%7C1221%7C1222%7C1223%7C1224%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1k.990511-61634100%7C1k1%7C1k2%7C1k3%7C1k4%7C1l*.990511-61634100%7C1l1%7C1l2%7C1l3%7C1l4%7C1m.990511-61634100%7C1m1%7C1m2%7C1m3%7C1m4%7C1m5%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v%7C1w%7C1x%7C1y,idMap:1l*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:25,sis:362%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:78aa:1966:9c24:9c12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Aug 2023 10:10:33 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
SPug
simage4.pubmatic.com/AdServer/ Frame E246 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160447&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 10:10:31 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
all
csm.eu.criteo.net/ Frame 4BA3 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=bc7H1kOMckU4c2dyjvvp7vE20bFfFc3Dx9AlsQfmyOYZjcHHPen7EO6n7zo1-zV0zbOFrCCDAhltJdqN6ANWMQ9sr_3c8sqCKxNpvxVLstOd7_c_DEWkREUCswQh83H7IMijsPsw9UYiJa335eLUGbCswS_0tHb9sHm2f5xbSHYQxxdHsARdPqBJsGvB8aNBJ_3Gwj1zv-kq0Gp6w3dowrobzdZvG4mkwVObBFvSO9WD6-W4k7J_fdax3otCpuMNZRfjUw&sds=2&rev=88100&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZO8VkAAMme4EpFAIAAWiuVFhN-Lh4RlnBas5JQ&u=%7ClXvZp2LMhFoKErNdU%2Fdke%2BHEGtfeMZyIkcaLFC0ak20%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANcLZ-Sp1Xyj4OpIHLcL8IoHNIZZ7dQug5nYbRyoq_jbj_SzKYWf198QSVr-zVF6QIiUAkDC3y755J4j79I9-1K0ulpIKrZZtU_BPKu5ChJsdgBMZoqVb9atKyUQUwbdlt5Vb3b_xPaS9gpOGrclRWZ_rtY3zi5Atr-6LCGCeZedhWlTfHmaLj96V-2CMBbRlRiJEM3ZDnjSFWqDPfFsXLzb0llkQmj9Tjg3wZvFlUajENRhEmIlmqgU8iBtikV2Gsr_m4_bjqlpG7W5_NtiDU6lhyNTKyzB01M9wdD_qRtvi59pJR97il8IyGaKxbgXQDDF6V6D5qXZ2y8P4V4dZAIojU1a6YhaEAcuOuBBRNeqUQTD8hAO3mbaQ9iW3ylNgFFNU_UOxcWaoIO_BWoBMgpmqKSITLeDeFXZ4fD-i6aQ7yiNCi7Q_S_jaNA9TtZDMFaB_ftk53LyQSHJIBDHbTDRbBgxMNcNlT9rowDkXSyaA6iaL78dAKncA9w-1Jev6EhehfIqImACzJAWhnpw2z1MNwQxOIikOQZNsukDD2eyjIg0DQL5wSYMtJN-hDDZDUg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEENvkBXvZO6zMoigkdUPucWWmA3JntKxXNWdkfdwwI23ARABIABglYr4gZQHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkTLtHHvO7I-4AIAqAMByAMCqgSIAk_QntlXMXuDlQnbbC6lwulaItk0bzFSHGeK4C4bvT9Xcrxn4SUvTL-21C2H6IHDTHYztksYL0tVjo_ar-D3xBuGWwOMlZ8SIxP6paWR7_iaQUlrI0LfG5TzaEsxxxUZb5JbLejeK58g0y8dNGkXn5EJvQ7G89uLlZo0wdZfpnG_RAiweB1W-ne2KJ27dWdaZjMMl3bGUXNu2NLULrY0qdqty24rFVaEPhkeFBNacrThLjLvk0L-k0BybsyoYqimhFxop14gVuyFpZnM3G9GnRlUwa-bQHdCfgGNDHiJz2BSCkrRuiQOzrEIlYeR-o3TPo3VfB1qUZhKc3uDJ6J8Gz2RhzqrRglBJOAEAYAGt82s066CkqvvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1xQuEysCncnyvF213B1ki2ICE0GA%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 30 Aug 2023 10:10:33 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEM1XTz_pJhKywQZalc07kP8&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Verdicts & Comments Add Verdict or Comment

394 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| 43 object| documentPictureInPicture function| addScriptPromise object| _0x1a15 function| _0x14cd object| googletag object| WallaTargeting string| _taboolaOS object| twttr string| isAAB string| pageNumberInSession string| fatherSessionInSession object| dataLayer object| wallaGlobalEventData object| wallaEnv object| slotslist function| gtag function| ga object| _sf_async_config string| loadDataState function| smartlook boolean| isMobile undefined| showInterstitial undefined| interstitialData undefined| timestamp undefined| attempts undefined| served undefined| hourPassed undefined| url undefined| ref undefined| refFits undefined| adunit undefined| getInterstitialData function| _ object| dmp object| permutive object| _taboola object| TRC function| _typeof object| _tblConsole object| google_tag_data object| gaplugins object| __twttrll object| __twttr object| google_tag_manager function| postscribe object| google_tag_manager_external object| _0x2043 function| _0x2fcd object| _vadHb object| vadprebidChunk object| vadprebid object| _pbjsGlobals object| ADAGIO object| __LOADABLE_LOADED_CHUNKS__ function| onYouTubeIframeAPIReady object| gaGlobal object| GooglebQhCsO function| fbq function| _fbq object| ggeac object| google_js_reporting_queue object| regeneratorRuntime string| __strip_step__ boolean| WallaA11 string| pm_pgtp undefined| msg object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY string| GoogleAnalyticsObject object| gaData object| google_conversion_id object| google_custom_params object| google_remarketing_only object| adoric boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| PlayerSdk object| WallaPlayerApi object| _cbm function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id string| trc_item_url object| TRCImpl undefined| google_measure_js_timing object| Criteo number| google_unique_id object| _pmk function| TBWidgetFacebook function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| pi object| _pm_mcg object| image object| __adoric__ boolean| IS_ADORIC_LOADED object| webpackChunk_smartlook_recorder function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| __uid2SecureSignalProvider object| __uid2 object| ox_esp function| setImmediate function| clearImmediate object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_140 object| Criteo_identitytag_140 object| pbjs function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| _33across number| google_global_correlator number| taboola_view_id object| sas object| apntag object| _ADAGIO object| closure_lm_517087 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| a object| sw_consent object| owpbjsChunk object| owpbjs object| PWT object| ONFOCUS object| GoogleGcLKhOms string| nam object| placementData object| tbopt object| cmTag object| _cm_wfCounters object| criteo_pubtag_prebid_136 object| Criteo_prebid_136 object| google_image_requests

107 Cookies

Domain/Path Name / Value
.walla.co.il/ Name: _ga_RYD7X7E8VN
Value: GS1.1.1693390222.1.0.1693390222.60.0.0
.walla.co.il/ Name: _gcl_au
Value: 1.1.2078294940.1693390223
www.walla.co.il/ Name: strip_step
Value: 2
.walla.co.il/ Name: _wpnis
Value: 2
.walla.co.il/ Name: _wfsis
Value: https://www.walla.co.il
.walla.co.il/ Name: _cb
Value: 1C7Sqt6YIg763o-
.walla.co.il/ Name: _chartbeat2
Value: .1693390223569.1693390223569.1.BZxUahBnVu2JBQ2h7jDuzOvMDdoGFb.1
.walla.co.il/ Name: _cb_svref
Value: null
.walla.co.il/ Name: _gid
Value: GA1.3.389152161.1693390224
.walla.co.il/ Name: _gat_UA-4780630-1
Value: 1
.walla.co.il/ Name: _t_tests
Value: eyJkaDI4azhNQ1RKZ1dhIjp7ImNob3NlblZhcmlhbnQiOiJCIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJEbEdDZXYiXX0sIkVidHhWMkZobTFhT3ciOnsiY2hvc2VuVmFyaWFudCI6IkEiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkNTZDRLNiJdfSwiYUhmSjd3TmhKcmNSOCI6eyJjaG9zZW5WYXJpYW50IjoiQyIsInNwZWNpZmljTG9jYXRpb24iOlsiQ2M4Y2tlIl19LCIyUDFnMGtMakZYTGU5Ijp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJDQVo3NFQiXX0sIlFZd0FwMXM4MHNIbUYiOnsiY2hvc2VuVmFyaWFudCI6IkIiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkx1RUNkIl19LCJMdnN3WFVtVTI2WEtBIjp7ImNob3NlblZhcmlhbnQiOiJGIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJCTG5pZl8iXX0sImZ2ZUVxblZJQzlWbWsiOnsiY2hvc2VuVmFyaWFudCI6IkEiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIlZKUWFMIl19LCJHV1Y4Vmh1OTRLcWV5Ijp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJCYUlwZnkiXX0sIkpYWjRNYjFCbm9iR0giOnsiY2hvc2VuVmFyaWFudCI6IkIiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkJCTS1NQyJdfSwiUWZ1Q2Q5cVN5YTBkOSI6eyJjaG9zZW5WYXJpYW50IjoiQSIsInNwZWNpZmljTG9jYXRpb24iOlsiQnRFOWJWIl19LCJIRW1HMEI0NTZYMWxRIjp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJld1lZQyJdfSwiRXRKb01xZ3dlNjJKRyI6eyJjaG9zZW5WYXJpYW50IjoiQiIsInNwZWNpZmljTG9jYXRpb24iOlsiQml5ZXZNIl19LCJZSE95TmVSS3JOaHIyIjp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJENHlIR3QiXX0sImFLS3d2dmE3aktQZ0giOnsiY2hvc2VuVmFyaWFudCI6IkIiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkNaZEZ2XyJdfSwicXBqdFBVc3B6cUUyNiI6eyJjaG9zZW5WYXJpYW50IjoiQSIsInNwZWNpZmljTG9jYXRpb24iOlsiREd1VGFhIl19LCJmR3RNUGRKemoyeHN3Ijp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJDRG5KQWsiXX0sImxpZnRfZXhwIjoibSJ9
.walla.co.il/ Name: _ga_TSQY5YTYZ0
Value: GS1.1.1693390223.1.0.1693390223.0.0.0
.dxmdp.com/ Name: dmpid
Value: bc1d6bca-947d-46c1-b43f-4cb5fc64870c
www.walla.co.il/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.walla.co.il/ Name: _fbp
Value: fb.2.1693390224194.113569553
.walla.co.il/ Name: vad-loc-code
Value: de
.walla.co.il/ Name: lotame_domain_check
Value: walla.co.il
.criteo.com/ Name: uid
Value: 697ae574-b118-4419-83d0-34416dea49cd
.walla.co.il/ Name: _ga
Value: GA1.3.578001927.1693390223
.adnxs.com/ Name: icu
Value: ChgIgKNkEAoYASABKAEwkKu8pwY4AUABSAEQkKu8pwYYAA..
.adnxs.com/ Name: uuid2
Value: 2472533790212609381
.rubiconproject.com/ Name: khaos
Value: LLXKTFEL-13-DCNT
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qp26rp4llS8I7U1ZxogGjlwOA+xFj1I9sfQKCb/4IkTDqigB+5kUn2BuOYdOTdJHhkjwJGYVf1/R+BxGCOXoSK1/sl3J0mLRJa+xUA9sgf/4b7FQD2yB//h
.dxmdp.com/ Name: audids
Value:
.script.ac/ Name: __cf_bm
Value: 1np.1P3pvJXDJvgsD_EQEZzuh7lODcD_MEs3xU39Rk8-1693390224-0-ARO4YZFLWXER5cwgcSAiWTpCitRH54NWhQq1VO3VP4q2WWXwOz+otpZZ1bcmRsC9pLvPhEQLewNc0lC6opWItB4=
.openx.net/ Name: i
Value: 9e4e171c-9312-4b6e-b635-9bde5a6fff32|1693390224
.doubleclick.net/ Name: IDE
Value: AHWqTUlGc9gSqrwyXZ7Qj4KfBZpVmpmykyCS1ihNihZqODk3Ih9FIJcGrnljYxMquwM
.doubleclick.net/ Name: DSID
Value: NO_DATA
.casalemedia.com/ Name: CMID
Value: ZO8Vkbtxviw0lCdvPLjgqwAA
.casalemedia.com/ Name: CMPS
Value: 3310
.casalemedia.com/ Name: CMPRO
Value: 3310
.adfarm1.adition.com/ Name: UserID1
Value: 7273055635756611742
.adform.net/ Name: C
Value: 1
.doubleclick.net/ Name: APC
Value: AfxxVi7_GbFze9hi3yH2fOdAOT9-jTM3H-gwMuXSY_8S4yAZ2lY_NA
.turn.com/ Name: uid
Value: 2535591895242875208
www.walla.co.il/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Dc2a480cd-b473-488d-98cc-424c45b354b2-tuctbe89b10
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: d6a17f44-7554-52f2-b666-c553d289d0c2
.betweendigital.com/ Name: ss
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4f1d9cdf-53e5-4942-8191-5c24ba78bda9-003%22%2C%22nxtrdr%22%3Afalse%7D
.betweendigital.com/ Name: ut
Value: ZO8VkQAKzaDhVezutS6k_FzITWZZ47fx-C4uiQ==
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4f1d9cdf-53e5-4942-8191-5c24ba78bda9-003%22%7D
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 57F150BD-F328-494B-8AE0-E372AABB30EB
.adform.net/ Name: uid
Value: 4761697221186090810
.walla.co.il/ Name: __gads
Value: ID=b55b87c7cdd4242b:T=1693390225:RT=1693390225:S=ALNI_MZ7atZnjmtO0WUwnApL-Takr-ddEA
.walla.co.il/ Name: __gpi
Value: UID=00000c9295329682:T=1693390225:RT=1693390225:S=ALNI_MYxezn2uBZBsxvTMP4D5vFRMzwjlA
.yahoo.com/ Name: A3
Value: d=AQABBJEV72QCEJOYY7xBqOARm8gyTzr0UWAFEgEBAQFn8GT4ZAAAAAAA_eMAAA&S=AQAAAq29WEjOTxPQVW08sGfm8rk
.lijit.com/ Name: ljt_reader
Value: HPKCuGZHMhmCnPE6RLKEFCya
.3lift.com/ Name: tluid
Value: 3647213719082151001645
.ctnsnet.com/ Name: cid_50e4de4ba56b4d28861ea893ce435369
Value: 1
.ctnsnet.com/ Name: gid_CAESEBE7C7Y3JuK4BlK5WDDpkFw
Value: 1
.blismedia.com/ Name: b
Value: 64EF159222B2D3836DEA3E61BLIS
.simpli.fi/ Name: suid
Value: DDD0AA3F36E640C2BD133C1B50E57E0E
.mathtag.com/ Name: mt_mop
Value: 4:1693390227
.de17a.com/ Name: guid
Value: 1.4858335521192505612
.tribalfusion.com/ Name: ANON_ID
Value: aFntAZcrZcAQ9BqEr72it9ZdQVJyyZdTv46gLRZayqf0qeZcRG66V1CiQHxtlLVTsUZbDN51IYZdSxGeGUGZbmFiNYsYdXIXfbiTdZaT89
.walla.co.il/ Name: cto_bundle
Value: S4WIHV9tbUc2YjNBMXpBYWQyb0xKWWN4T0EwSmE5YyUyQkJFUUNiQmdsdDBEQW94SmRBeDhrR056WHNXTVBiOE9YWkNacmtnd1JlZlN2OEdDOEZSeDRqREdhbTV5WFE3VnhMajA4dFJKemh5c3hKeHhjTlVPSGpTcEk0d3V3UFc3N1phY2tXdyUyRlFsN0J3c0hsZ0tYdlRnTWR0Z3NBJTNEJTNE
.quantserve.com/ Name: d
Value: EIMBCwHqKfijAA
.quantserve.com/ Name: mc
Value: 64ef1594-2c53e-8fdfe-11193
.weborama.fr/ Name: AFFICHE_W
Value: 5RawcbL0AYrl60
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4761697221186090810&KRTB&23263-4761697221186090810&KRTB&23481-4761697221186090810
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-v5SocLiV9CKkkq4jusXgLu_Eq3OkkfwnsJMSaYmL&KRTB&19420-v5SocLiV9CKkkq4jusXgLu_Eq3OkkfwnsJMSaYmL&KRTB&22979-v5SocLiV9CKkkq4jusXgLu_Eq3OkkfwnsJMSaYmL&KRTB&23403-v5SocLiV9CKkkq4jusXgLu_Eq3OkkfwnsJMSaYmL
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEMwOG60Be6mnUMX9qyTZD8g&KRTB&23025-CAESEMwOG60Be6mnUMX9qyTZD8g&KRTB&23386-CAESEMwOG60Be6mnUMX9qyTZD8g
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.audrte.com/ Name: arcki2
Value: 868dPBpMHkRT-iohCbfpSsnXg!20220908!1693390228525!ip#217.114.218.25
.audrte.com/ Name: arcki2_pubmatic
Value: 57F150BD-F328-494B-8AE0-E372AABB30EB!20220908!1693390228528
.creativecdn.com/ Name: u
Value: Px2mur4X0hdxGzX0GRJE
.creativecdn.com/ Name: ts
Value: 1693390228
.smilewanted.com/ Name: sw_user_params_infos
Value: QsEI8xgmME8Q7WFFqz48CSQ87hEE8vPRoH0sIjocA1PtvGHlXWQvR2Y%2BsqZk5oxSz%2FnA5iRBmIyPVRtc6QRPPQM0Mzd5RMCYEjiiOrEX2tNTMyCDjwqDAjZ1IobtCcBU8gaFZXLHUeDqL1WV2b8oRVPX1ViuRV8XMhcQE6ziRjFPYZEYrHQAjzVPLmrdTi1ej0KGmh6RXTFB2vam7ITMFDhuQmI%2FFQX3gJD1K%2BrUChHvbS7sg%2BE2BSMU4hRbqOe%2FhjlMJMJYotm5zFEpPkELGbmCPMIUN5Ru%2BFmOSpdz9YAK%2FpxKb5Hx8shOYcTZCTrDfdDiDHXsEb65il%2BtzWEDCMGFAZKOEiSH89BC0SjZNHBNS9KhuD97l%2BJgjG2M2IEVF3R03CmoeMIq0KiNhcVSfUwHPOu9zhUynEKaUTECwYwJ%2FyAlEpUs4MJupXFMk9ho
.amazon-adsystem.com/ Name: ad-id
Value: A8QGS8DhfErfp_hE6jxVR5Q
.adnxs.com/ Name: anj
Value: dTM7k!M40<EVNsVF']wIg2GVOl8l??!]taq8i_iqf!oN/@E'zz<*Z0Q-yS#BbNDlONt'BfZubyE124%fR*EQZ]:s2]TD._*Pl[i'pRL>iih.1v3mS2p=O#Z!41oBb5HHLt4gvnc42Fdf=2X9z5HDtDUng_:e+.<Q!$*59vzCbx
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiJkMmQwYWM0MWIyZjczMDY5MTI3YjI3YTU2ZTBjMzA3YSIsImV4cGlyZXMiOiIyMDIzLTExLTI4VDEwOjEwOjI4WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTA4LTMwVDEwOjEwOjI4WiJ9
.audrte.com/ Name: arcki2_ddp2
Value: 868dPBpMHkRT-iohCbfpSsnXg!20220908!1693390228687
.audrte.com/ Name: arcki2_adform
Value: 4761697221186090810!20220908!1693390228973
.pubmatic.com/ Name: SPugT
Value: 1693390228
.linkedin.com/ Name: bcookie
Value: "v=2&72ed41d7-e941-438b-8439-3a2b22f3562d"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTMzOTAyMzA7MjswMjFq9IHrLZHuEwLJAY0KgV5ym/x+sBFZ0wmXISPlC84+2A==
.linkedin.com/ Name: lidc
Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2628:u=1:x=1:i=1693390230:t=1693476630:v=2:sig=AQHslEwwrVOf3oW_MOSRXun7auQODSjf"
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 160447:4
.pubmatic.com/ Name: DPSync3
Value: 1694563200%3A227_226_219_197_201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1693958400%3A2_15_223%7C1694563200%3A13_251_56_21_71_233_81_3_22_264_234_220_8_54%7C1695945600%3A203%7C1694649600%3A35%7C1694217600%3A63
.bidswitch.net/ Name: tuuid
Value: c0ed94ef-b43c-4a77-85c3-475a815f5296
.bidswitch.net/ Name: c
Value: 1693390231
.bidswitch.net/ Name: tuuid_lu
Value: 1693390231
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7273055635756611742&KRTB&23369-7273055635756611742
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2472533790212609381&KRTB&23339-2472533790212609381
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2535591895242875208&KRTB&23150-2535591895242875208
.zeotap.com/ Name: zc
Value: 9fecbf82-1e21-4911-7acf-3e6348adc693
.adsby.bidtheatre.com/ Name: __kuid
Value: 55dc0c74-a031-4182-ad24-4202d1a30313.462604231
.adx.opera.com/ Name: UID
Value: OPU35d3a1cf1b4d47b988485429b9e1556b
.csync.loopme.me/ Name: viewer_token
Value: 04a68c61-095c-4260-bfd4-8ed9f99579f4
.bumlam.com/ Name: suuid3
Value: IiQ3MzhhNjVjMC00NzFkLTExZWUtYjFkYS0wMDI1OTBjODI0Mzc*
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU35d3a1cf1b4d47b988485429b9e1556b&KRTB&23485-OPU35d3a1cf1b4d47b988485429b9e1556b
.pubmatic.com/ Name: PugT
Value: 1693390231
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZO8VlwAMesb49ABY
.semasio.net/ Name: SEUNCY
Value: A6740C2557477523
.onaudience.com/ Name: cookie
Value: 07b14bc0f646ddd3
.onaudience.com/ Name: done_redirects147
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-711e9383-6c90-5c57-539c-ffdf48636ec0.dC6SkBadM1w0Y1uVkoEoQDEWMMldX8XNCzr7HMLzOEc
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-711e9383-6c90-5c57-539c-ffdf48636ec0.dC6SkBadM1w0Y1uVkoEoQDEWMMldX8XNCzr7HMLzOEc
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AcR6Tg2yQXFdTnP_fSGNuwNly2hk.gkYBN%2FbQNM2xEbnVNO1QtdSE6fU%2FW4t3L%2BNYdZV7y%2BM
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AcR6Tg2yQXFdTnP_fSGNuwNly2hk.gkYBN%2FbQNM2xEbnVNO1QtdSE6fU%2FW4t3L%2BNYdZV7y%2BM
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIK9fnHTuHt2kpEVJ7kCaxcl9mxImWGuAsNPz0DK4Fsu6EHwYBCCXq7ynBjABOgRDMKv5QgSL3hTT.0GaqD1R3AYqM2v7%2FXz9Ak4z%2FcrIF9cHFOPazbdeRxNg
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIK9fnHTuHt2kpEVJ7kCaxcl9mxImWGuAsNPz0DK4Fsu6EHwYBCCXq7ynBjABOgRDMKv5QgSL3hTT.0GaqD1R3AYqM2v7%2FXz9Ak4z%2FcrIF9cHFOPazbdeRxNg
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-cR6Tg2yQXFdTnP_fSGNuwNly2hk&KRTB&23334-cR6Tg2yQXFdTnP_fSGNuwNly2hk&KRTB&23417-cR6Tg2yQXFdTnP_fSGNuwNly2hk&KRTB&23426-cR6Tg2yQXFdTnP_fSGNuwNly2hk

6 Console Messages

Source Level URL
Text
network error URL: https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2023-08-30
Message:
Failed to load resource: the server responded with a status of 403 ()
deprecation warning URL: https://script.4dex.io/localstore.js
Message:
Listener added for a synchronous 'DOMNodeRemoved' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
other warning URL: https://f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEM1XTz_pJhKywQZalc07kP8&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=57F150BD-F328-494B-8AE0-E372AABB30EB&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12890047.adoric-om.com
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ade.googlesyndication.com
ads.betweendigital.com
ads.eu.criteo.com
ads.pubmatic.com
ads.stickyadstv.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
amg01742-walla-wallanews-ono-btlna.amagi.tv
ap.lijit.com
app.adoric-om.com
bcp.crwdcntrl.net
bid.g.doubleclick.net
bidder.criteo.com
bs.yandex.ru
c1.adform.net
cadmus.script.ac
cat.nl3.eu.criteo.com
cdn-ima.33across.com
cdn-uw2-prod.tsv2.amagi.tv
cdn.ampproject.org
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.permutive.com
cdn.prod.uidapi.com
cdn.taboola.com
cdn.valuad.cloud
cdnjs.cloudflare.com
cds.taboola.com
cf.dxmcdn.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cr.frontend.weborama.fr
creativecdn.com
csi.gstatic.com
csm.eu.criteo.net
csync.loopme.me
csync.smilewanted.com
d2r08ja41ypc0t.cloudfront.net
d5p.de17a.com
dal.walla.co.il
dclk-match.dotomi.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
event.dxmdp.com
f0e5c45c86e86e0d6420b3650f35ccaa.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
gcm.ctnsnet.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hb-dot-valuad.appspot.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
imageproxy.eu.criteo.net
images.taboola.com
images.wcdn.co.il
imasdk.googleapis.com
imprammp.taboola.com
invstatic101.creativecdn.com
js-sec.indexww.com
mab.chartbeat.com
mabping.chartbeat.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.sharethrough.com
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pixelgroup-d.openx.net
platform.twitter.com
pm-widget.taboola.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.smilewanted.com
prg.smartadserver.com
pro.ip-api.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
r1---sn-4g5edns6.c.2mdn.net
region1.analytics.google.com
region1.google-analytics.com
rtb.nl3.eu.criteo.com
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure-gl.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static.adoric.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.bumlam.com
sync.crwdcntrl.net
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
syndication.twitter.com
t.adx.opera.com
tags.crwdcntrl.net
tags.dxmdp.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
vidstat.taboola.com
web-sdk.smartlook.com
web.hb.ad.cpe.dotomi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.walla.co.il
x.bidswitch.net
sync.search.spotxchange.com
104.18.35.167
104.18.38.76
104.19.150.54
104.22.69.131
104.244.42.8
104.75.89.75
13.224.189.35
13.248.245.213
141.226.224.32
141.226.228.48
142.250.184.226
142.250.185.162
142.250.185.194
15.197.193.217
15.235.15.221
151.101.129.44
151.101.66.49
162.19.138.83
168.119.72.236
172.64.148.101
178.250.1.11
178.250.1.6
178.250.1.9
18.159.10.79
18.193.181.140
18.66.122.88
18.66.147.111
18.66.97.88
18.66.97.98
185.184.8.90
185.255.84.150
185.29.132.245
185.64.189.112
185.64.190.78
185.64.191.210
185.80.39.216
185.86.138.122
185.86.138.150
185.89.210.101
188.166.17.21
188.42.34.65
198.47.127.20
198.47.127.205
2.16.202.106
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
205.185.216.42
213.155.156.182
216.52.2.30
23.35.236.188
23.35.236.201
2404:6800:4004:80f::2003
2600:1f13:800:7780:78aa:1966:9c24:9c12
2600:9000:2057:8e00:4:1c73:c740:93a1
2600:9000:2057:c00:18:1fcd:353:c61
2600:9000:20eb:8000:11:da61:a100:93a1
2600:9000:21f3:5600:1e:a43d:b640:93a1
2600:9000:223f:8e00:8:48e:53c0:93a1
2600:9000:25a2:7e00:a:e047:753:6381
2602:803:c003:200::41
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:3556
2606:4700:10::ac43:db6
2606:4700:20::681a:8a9
2606:4700::6810:5914
2606:4700::6811:190e
2606:4700::6812:1691
2606:4700::6812:19ad
2606:4700::6812:372
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2a00:1450:4001:6d::6
2a00:1450:4001:800::2003
2a00:1450:4001:800::2014
2a00:1450:4001:802::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2006
2a00:1450:400c:c00::9d
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::9
2a02:2638:3::c
2a02:2638:d::11
2a02:6b8::90
2a02:6ea0:c700::18
2a02:fa8:8806:12::1370
2a02:fa8:8806:16::1370
2a02:fa8:8806:16::1460
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::300
2a04:4e42::714
2a05:d018:d29:3601:f60d:7f4e:ab14:8158
2a06:98c1:3120::3
2a06:98c1:3121::3
3.71.149.231
31.172.81.172
34.102.146.192
34.111.129.221
34.111.131.239
34.120.135.53
34.120.218.58
34.149.20.76
34.160.198.118
34.238.5.208
34.96.105.8
34.96.70.87
35.157.139.48
35.186.193.173
35.204.74.118
35.214.144.172
35.227.252.103
35.244.159.8
37.157.3.26
37.157.5.132
46.228.174.117
51.75.86.98
51.77.64.70
52.222.139.98
52.46.128.147
54.155.202.110
54.167.22.22
54.171.14.223
54.85.118.140
66.102.1.156
67.202.105.24
67.220.228.200
69.173.144.138
69.173.144.165
77.243.51.121
8.2.110.114
82.145.213.8
85.114.159.118
95.101.149.233
98.98.134.243
99.81.111.55
00e2ff280d45d352b18689fd9b6725dd524d86b89081d40008a5b480ddb53c9a
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
023bccef2ce86e217cc76fc982d47f45d838ae9be6aaf57f461255e1be4326d9
02b9a34773ec700d23a92657536ca41b37bdd6012f2604ed935ebc25b5cbccd0
03d3f85197360e4684f26a00d33541910a8e4c157c6372d09e41994ad039a727
04af9b5f5e7d4140b6b8e4610c0f93714093f9f7bfe6df57766f70a4caf8c80d
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
056e721ba249408b569260cc649c9f89f00b71885f60e93682d61f8375ffa926
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534
068eb3e4d07d606a09b54b707f5b07bea6100b984ca99e6d932bce2ccc2b9ae3
070d0a4174fc4c7478297798e7eaf00482abe6bd764a41f2132d1b01194d402f
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
081eb80088f5ab0ff581870bac0a06f8e82097a2a4fa400cc8019cfcacb22377
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c18aac62d5ed49abfd8c1a900d5a0ca72d9d11810d6a1410033be0409dfe1c2
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0c7f06d5926f4da53559d7f0e3b7db9c2f0d1ec51884459c31348a6377903114
0c94f7120af1dd1e52881cfb218fb4fda3f26d6971c0ebd317ba23b459dcaa1e
0efef49068ac9b60b7dc209730c6878a1db4d0f75af4422cef7f6ac3a62e4b25
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
11a8a6c9ae53194f06f4ac62c8be800fed3f392ae35723d85bbd9f0543a48dff
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
147776762ece31694cfd2c93ee7a87f10645ed1afa355621b2c6b6aad242b4ca
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
176efc1123d845d5f4c83c6193709ed2d2054826ea87a4564cab8b6ca886d1f1
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18f1ce708d0c91a8d25802a2fbaae6624b10db8c9c2362ddcd6914993cbe493a
19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc
19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c
1b27d15f4c8dab73e7b067f59bd381ba4c7aec7cb4e0754b3574964513860b49
1c23686a15255953e51e375b06af067cebe30f6efd4a04aef9912cfe5679b868
1c4dcf3b62662f4aa2a585956c0a77eb845c6bb99dbc5d71263f742286d79c18
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e8c662da1566e07c02a254f3487aafa6bef0934e319f8a448d97d2e1258c8aa
1ef3ae4d5f1feee4472bfbaefcaf623b30bbe15c3a77b73ab54275515eb94277
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
23382b9534161712a2dee8f93216a483bb32997e1ecb9ca3dbab7079553cc75d
23e2409494818d5a7bbcf232f0818db8599da2d9c3c1856572f95ffc7b4b1d2e
246fd4181dabbd9cc681272ebde85cc3ddd2ff4e3f8ab8918ba5e06723911960
2509467deed3a61af2b22c891e3f07d057fb81f9c40331aa9f4a4e43d13f9419
2515e0dd2c20753a79e366358691c2dee6f0001596bbb92a24ab406da34e0205
25523cd8889c2269c239061abbc29fb4a9b033e5ecf795344149ca0f50137ce6
257a1b9cb2c46b4c5ca12f641367bd551223379a0010c909e333d9ab64e3c123
263eac65cbacd42ecd7fdd0b5d9d0fcb3670c26003e428a3aa7bab65c533f707
26cd08f1566ba2cf280c41768cdb82113945a0676046c51ebb50f61efcef8dd6
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
27c97eb1768f87105d65e6b5d1a12f2265dfecdc9544fb39f42deedd94e24cbc
292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7
29522943838b347b7c13c5f50eb4e4912ea6e7f3beae8082c8da68b0c2c10a40
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b
2e2aec096f79ba68c029c32ce9959945b486bad2626a819567d5887f33890ce8
2f5280c09703e016cb472ca2c78590d46a6c203f92c8586c1673a6d17d75a38d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
301bf90c72cd880946376981a30c087ebfdb02bf1a96780e311b7c48a0ed03a2
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
30eee3320e723c6f03c1a9de228c0bd9f58a528742526e9fc80b36be98fb06dd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
31dcb885f54c9bfd03a6c5b30c4c422bf9f7bc716b6e4b75ac2364bab2dbb937
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3290c092bb4df9f7429398cc191d51cc4a6d9e3c9d6c97ac497411628b60ddb3
32ba30fabef8a3646d3449ae6e2af4a6fadd893988410fd1ea78759403cd5f81
32eae5ac37a6fa422532679db09a5ba09e1fb0559d191208ff1babbc1be1fe7a
33c3d7ccb6d430664ab6c7f66d8b848095e54432fc3c3340d6033190b60e1ef5
33e1de165482304fe4e4f87b957b4c73d2be6d0d5d944955b0c94d37446ee2e3
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3430f2b10affe53b571fdb6172ccdd08b06807c358a25a7f4540f1d39f37f4d5
3493d2d659aa266bb340ad1715a41bad4ab434d58474cafcd1c49a2174eb966d
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
37cad418c36ef3bcbffbee28600e2cdb2339a754ef141fb75c0de3c15523cd44
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b7e72485d422e16e084c44e6e3117081442f7b4ee80aa4ebd67013ae831a10f
3c6647f1acdba53e69a0831258cf8ee281705a438ddbca515f28d93c661d71af
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034
3d0143bdc0390e51948acf079ab4c1374f93ab7c5c03dfa47167f2a78870c2d1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fc358735f4fe6a1df0bd358a1249d2d24f9fef756378f87f85e32c42bf7a755
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
40083197f6c3fad2ef5d99095c72f3a60072e92bdfcd920dd91299f3679027b7
40407df0b0464ca5bf4dd118e93607617418769bb20c3ba1ed336541b60b15cb
415ad36537ef1bc50e2cc62e176f1ec407382478b67f4973c5b4ee69e087b953
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc
42b67ac69bbb72f3aef7a7c78738bc0dc2c5067031de210c36307276c618ca69
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44451df2812a88daec2f07410c31926f5ab7c66d4df85970fd60b1175dc64a46
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a278025cea905349e975bf082b6d027e22a536a4b3d370afeb04d8fc5b2ca4
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b62168fcf244bd85b4cb8d50785346a504ec73b315f2d77adc3d6bc243a396
4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c
49d91a749f03e1881e9916184d1a49bbf429c92e2072dde77f79877aea05e3b6
4a2bde4a3004d17e0964f748d871d975fd43f86807d0ea90c600595f4bbdffb8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4b88a304d6162d0e7bc1ea1c3b8c9e9f6b6751002a6d58b6a7bb2c4dd383dea8
4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86
500a0ec996d91320c8e4ca1b71317872904f89ff37740693002daae32bde3669
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5062b4854df82539482d1b759cddb9080a87bbef0872fca1e26f3ff1d4adf5fb
50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
51f3359dfda7f7e3bb7ca5440eba096f6b170c38da65853d53fc56bdd65f396a
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5
5301d9a0cded3974f112e5121ed1c0f84f934962778865d5bb29594a74fd5c2e
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53c801510315b14526932f139640e20b4b223a7214e89857b4d061b3f9566137
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549fdf51dffb7775d8c80636a55d83434588fc0b6a3d4fd2c0477748aa652854
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e1bb5ac96493124163d21acdc1a9e620d826d6654f94a9fab30cd8a648c0b3
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd
5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e
582263bc8efc1c057338fda8fbaee1208a16b6fc6c00d3057d6c8cbe0308bb03
58a5a96754c36c456f443fc94e7fc06a02097efe3e2e44d2718b2f88e80587ff
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a
59cee72f02f9792c048862b0903a69f042e9c65ae6c65634a6b83edc0dfa8aa3
5d2840fc0bf868ec7e60c9e2f14a0f623b865ee0a7f8459fbfb25881709f7838
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f21119a95821599c2449b6c3cc9b0eb820fe65a13eb481364b23811c9c1adc4
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62db05cbc08f8a152afa78e6c309221aac46be5a9927d700dc5dcd79b694af7d
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6697de21e51ff0ae3ef3118cd671318573b57ab71c06d73aafd08b973d490ea4
675fd6176abddbdf835315a83f6ba8a8563ef48d574854a752d6cb704ed82296
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6b9bb1b002d861515055a69a40e3004b11041b8c7ba7d901be8c9337c958987f
6c96868205ff762e7dba7da2237d6584fcbcb6dece067bb564b234dfd7b7c341
6d06019641a320f78477dcf28b94fa1207c2ee07893f427850e45ba30df5a787
6dba6e329dfb9cefab40d65bd87209b0f98f585e82f455bff4ffb75e99573a23
6e4ead23863a53e4268e00ebc3bdc598cc60439bd6264b3da0c53b23bcaece11
6ef4ed027b1892f41dd49c3f926b378f1fb0ecc03b1d6008ceac12128d9747a2
708cd92ad2d8017513154e77ceb24999d8b684eb81b3ba7360a88d8d0abc99e9
721d1ff07d1902515fcff6339871f8875b2bd63d9dbdd97e6748934a2378998e
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7619df691e783c907c04c0bfea49f2889d4be6a446b7c72cc1ea4747cc8c99b2
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309
76e7bb4b02302c86d2609703d5e3bd8d6f406201268a9092eddd6d537db8d0e4
773ef390c0650fce7fe2832f5427c428f943a630c21f166a316384937006720f
777b0f6e84a8c435c8471db6342552c0367444e4b2ce8485ca548515e1912cbe
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
7af3f3112479efd6da96c8e2ba21953abb8a8d9274be90096533f754750fd121
7c17cdf296d38016360b8db6b8865222781e03df3c0b9b836be67c45597bfa51
7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d
801d6ff0dd3191cc7e44d8060ed2336706e8301bf4478df935f1ef87a82c11de
81f5c6e1abf8d3d9a30e2ae804208b24e57fa5de96856eb8a9b8f61312e9f914
8256ac23744cfb49162ea7ccfaf3b53df00bc6661f0e50ebc875ac4b5e58fa2f
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
8ad73ceb974899cec99e08a8661dd464f77c4d1ca946647150bbb2d5237373a4
8bbe9554acdc9fc122c3aad62ead41c1a503320adc8b145e67b1f37de5740db8
8cce178d2af1945d796fb0f59a956e2d51086ed8d5dd8152efc951c05ecf1f6b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9200987889bfaba6e60bd1f3d72821ecd22ee8330ce275a05b08f83a176382b3
9219b7327f80a7844fcc0193242d7897c4ec79339631b98ea9f8c0676f8a1863
931ea2be4ac0b47d38c0386cd57cb6b155e00e9a4570fe309cc9056219ec974e
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94d61fd425621e379844ca5e565a39f6cc5a923cdc9b1705d101437826b81297
95e0babcd3ebd7d779616840c67854fff20ed897f6df5c25e059aea540cec551
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8
96599e22c4c92ef570094f365f8305a709fb368d1dd163c4fefeffc25d4d3cb9
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
98493f3c05b8d61f9b1b6a01ce3ad92cf16d577dfe841a9a7da13a9bc10cb9af
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a43100304a2104a52d94c896ee8d78396afd29af281889c3f5c500a8bbd3b14
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ca29b9f71e9035bb21b24d9825de750bfdf957a7d38323a3602a07c25049e2b
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
9e3035b7f5b0074bf8401e498b2160a29e3f13741f03e537ad98e9a1836a701f
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
9fe56616f2b1075320f46ff6d47f19a7af9cb3a3386886395a8fea5b52d5e529
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ffa7d3bcfa1f8b335f688cf14b469ede7d8e1aed04c7785a68e0cb605536e91
a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a06aa7d05c7f7282e54c5174a3b89c1f34acbd199b859985f2aaa86538db59dd
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1cb876b8d4ac161aa3960063801ce2a3e1f893863524b9132de74867fe9d16b
a258f670ce128451fd686e2f9dd5bd38fae6a2dec3abab6f850a3ee6312a96ec
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a335dc3e76f6f418f38dfec1b105b3bf7899d8265e3ad23f98f43a413670b451
a41b061cab0b78987ef20ee2da139aa2c6ec28308a9a7463f0ce2a3033a81f04
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a798b646958b0b4e6ee43e6fa835ca1bada28d11c27be84407e11eeb8f387339
a808443c33b35b61a773d6308db0dffdfd3a228e2c853fc4515679c8f204e472
a8b5e25c80ee88b60dd1457e6189631ddf2c5f3f9b5a5903e806237facb6edae
a9018e9381e1bd50d3314593c424f249d021269239ebcf46ebc4485ee2dc83a5
a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab19afd8b72d401ae6c09fefbf2fcf1761039aa85a4800410b31d06b381333ae
abd9c49049f4015fc64c11b2aeb82ecc582d7748e33544770a6abb27c67d3454
abe96ce9f3aaf5e534c3b33e0adfdfe6b8207d2263a2227d4479924e7187bf25
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acd135577fe1c483594b4784ec20821d2b86466c8d7bed041e9ac520df378ab4
ad527d7ac9e5c62049e2d0186ab8a60a4a6d8527b78711a37be14a8bfc557d44
ad9dc28caa0fca7a160f2f4c9907725629603a32a137934e5cdcc2652323f637
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afacde615f2f9e444c55dc2253c4f677de413474a3731a0b78940868025cb8ab
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b081f758eb4f787016ce0140a615934de59a34e01843db159c37bfe059440986
b09be6428164fee0a979e31a87c194996e2bfe86d55a6789558b983b4cad6319
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d1e5b926bb4860d220d6b819fd35ec8b48bd7b06d32dd7d7871ce1c71615e8
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b3610a6e5327f2748fce71244972ccd7dcc6ad96ac04c61bc731200d0274b3c7
b3eac0550b379114427c1361eccd17319ca02132838d4f93b2d39666c2ba53a4
b62a89701f26ec1da28a7957e9dbdf26c5151089025c31795f9534a0ea878600
b6cb302e681df7352d4d577c0315d21dd0626089d058cf3b883e3dec6fba807f
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
b71e96dedafb4879e37a2d99ea16c1ebfe856a788845cccfe29c377fe9a0d275
b778f554e281a21411931314b1c251c8646469c0a8ae31e053b94afff238dc2c
b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817
b94a77fa0aa100733aaea38ce611cc70fd81ebf17c1727a8511cb2bde47e2106
ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcd1f84a5b68c7d4418a74837999de51fde30e5edaa4bc363ccdbddb5139852d
bf62610cc96236cda33392b3126f900a6b5f298886f9667db0c551ab567fcdc7
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1
c058de93593543989437b6a869ff5a71eff15cc89de805137c323a28ce4503f0
c0b8cf95d32ca4940b378560b53cb10ebc5a6daf9185e65967d0a5f6dcebd4d2
c0f5ec327ede551150eed9db5080c8bc56def38eeac351a0931fd2c6761c24db
c13552ab72431f6b55440c6b5b91f26415059ab0779ee104288b57a330112d48
c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c538d1453cbf1c7230438f564bc621bc3ecb2aa208453196ca85c9d8188e2a4a
c6fbadbce2625fb7016f3a1ff98b819f14affa13b5b7a08ccaea281092a6376f
c7e3e2281e670435dd46492437a30bcf0c59368d824ac1aa591571d35c81d88b
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cd34490a8b0273708562f14bedf6cf072eaa5b82ce29a16b5b328e0198de643a
cdc1e08f780fdf868e464ed255414de3b09f19016dbc350f92706d499b530bdf
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d18cd3b8eacb6fe2fefe9f23cadfcd6e3fd2d1765dc934481ba31d63c1402089
d2f42817076c77b4f4088346b2e89b3ae1f60d82b782392d75214a141d881e78
d30e077a8698103cabdcca696708b05c9806d9620e424fc9562395404b86e2e5
d43af1a3fa24cab28c013043adcb3cc40f1fb3871f53d430338beabc84468a5c
d61b6952261c247b92a5518171fdd6fd83dabb30265c303d3476873e705b8121
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790
d685d349bc446d06cf68755fd4dbd95bb51f8913ad08cea281e371aa1fc284eb
d6c84b6607a1fb1669e2110c8f5cb7af35b2f5d6c2aa06ce0a6e9d1be2af99fa
dbc7b166f1d8936e918d8827b937990139056904b47f7ef6505f0e8c64b1dc94
dd6486e4abd0cb739612973fb1c3511782e63aab3d890aa4b55cf0eabdf99392
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def1345460373d9057e35ea7cf89dad69dd1d2954906252a8fc7f3dccc4af4d0
df9a74ba55b4b89b027a8123540004258e9b4396f1bd73e258af6adfac037750
e0509efa58dce7c40825244075f4ba03dff2a13e8930ad4f3dd7cec760a08911
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e583df8f9d259bf1cceb7af8e08534e8160cbf1147e5a39c1422fb5c21beca80
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
e743c2180c959d98be885d9ae0940d49d2e06bf25e8a07c552f67c3beabfb9a3
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ee41362c2597d421a74f2bc099a049d9a85d57284f5818f758f77f9eae51bbec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef50dbb637dd47c5839df33fe8e21aa7a8fdf8838748bff0a8ac012a2cdee031
ef9f4e5595c87f7bab17859c9e649bc27a66aae8e407d0c72b179a336f6be282
f1bc3e0462659028ca9acda7101deb10385733a5e33004e7c1cca0ae795f361f
f20aa3c1f32442a08428b3f922e78848c790294e3acb607322a235c1ad7fc9c6
f28c57fdc3ffc7a3bbe7c4e728fb80ecd2fbb95f0401fbe5aca18568834b9fd5
f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0
f4709f7cb1090e8481c1afaaf1ba9174cdbb33ecd42f5a959c7c575640045105
f47b133f092884c5436505dcdcb7a7c1b2f5dc579aa44c567266fcb743af1997
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7cdb6e853af5cca292315c58f1866648b2c94623a2e03a30df950e236e138d7
f86d0322fdc1a470eaaa49114438b9fd7d7bb585cba3bf4469c02c8942556ffe
fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382
fdb3a5f6e3182c980503f12c3b7d7a6cbbf899db34df26816ac905acb58f7cdb
ff293cce1a9193d70095d628cfa5ac28642070aa806951429e96bbcdb329f36f