urlscan.io logo urlscan.io
SecurityTrails logo

www.walla.co.il Open in urlscan Pro
13.224.189.75  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://walla.co.il/
Effective URL: https://www.walla.co.il/
Submission: On August 09 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 140 IPs in 14 countries across 100 domains to perform 653 HTTP transactions. The main IP is 13.224.189.75, located in United States and belongs to AMAZON-02, US. The main domain is www.walla.co.il. The Cisco Umbrella rank of the primary domain is 146823.
TLS certificate: Issued by Amazon RSA 2048 M01 on March 27th 2023. Valid for: a year.
This is the only time www.walla.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.32.27.57 16509 (AMAZON-02)
1 1 13.32.27.118 16509 (AMAZON-02)
45 13.224.189.75 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 18.66.147.94 16509 (AMAZON-02)
2 2600:9000:205... 16509 (AMAZON-02)
12 34.160.198.118 396982 (GOOGLE-CL...)
1 205.185.216.10 20446 (STACKPATH...)
44 151.101.129.44 54113 (FASTLY)
2 2606:2800:234... 15133 (EDGECAST)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 104.19.149.54 13335 (CLOUDFLAR...)
1 2600:9000:211... 16509 (AMAZON-02)
1 52.71.47.12 14618 (AMAZON-AES)
1 16 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f04... 32934 (FACEBOOK)
2 142.250.185.194 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
8 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.72 13414 (TWITTER)
2 2a00:1450:400... 15169 (GOOGLE)
25 3.208.221.95 14618 (AMAZON-AES)
1 9 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 51.77.64.70 16276 (OVH)
1 18.66.122.88 16509 (AMAZON-02)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 34.120.218.58 396982 (GOOGLE-CL...)
2 2001:4860:480... 15169 (GOOGLE)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 65.9.66.68 16509 (AMAZON-02)
1 2600:9000:225... ()
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
12 2a02:2638:3::3 44788 (ASN-CRITE...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 104.18.24.112 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 216.52.2.6 32475 (SINGLEHOP...)
2 35.157.81.77 16509 (AMAZON-02)
6 2602:803:c003... 26667 (RUBICONPR...)
2 2a02:2638:d::a 44788 (ASN-CRITE...)
6 2a02:6b8::90 208722 (GLOBAL_DC)
2 185.64.189.112 62713 (AS-PUBMATIC)
9 185.86.138.124 201081 (SMARTADSE...)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 185.255.84.151 200271 (IGUANE-)
6 34.149.20.76 396982 (GOOGLE-CL...)
2 104.18.25.185 13335 (CLOUDFLAR...)
8 16 185.89.210.82 29990 (ASN-APPNEX)
1 18 104.22.68.131 13335 (CLOUDFLAR...)
2 4 185.184.8.90 204995 (RTB-HOUSE...)
5 51.38.120.206 16276 (OVH)
2 35.227.252.103 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 54.154.171.254 16509 (AMAZON-02)
5 10 2a02:2638:3::c 44788 (ASN-CRITE...)
4 2a03:2880:f14... 32934 (FACEBOOK)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
2 162.19.138.118 16276 (OVH)
1 34.241.170.80 16509 (AMAZON-02)
2 178.250.7.13 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
61 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
22 2a00:1450:400... 15169 (GOOGLE)
1 1 18.66.97.98 16509 (AMAZON-02)
3 99.86.4.49 16509 (AMAZON-02)
56 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 34.98.64.218 396982 (GOOGLE-CL...)
3 23.35.236.201 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 162.55.236.225 24940 (HETZNER-AS)
4 4 46.228.174.117 56396 (AMOBEE)
3 3 46.228.164.11 56396 (AMOBEE)
2 2 188.42.34.64 7979 (SERVERS-COM)
1 2a02:2638:d::4 44788 (ASN-CRITE...)
2 178.250.7.9 44788 (ASN-CRITE...)
4 8.2.108.175 46636 (NATCOWEB)
16 32 142.250.181.226 15169 (GOOGLE)
4 16 185.80.39.216 27381 (CASALE-MEDIA)
1 3 37.157.6.254 198622 (ADFORM)
3 23.35.237.56 16625 (AKAMAI-AS)
1 1 2.16.107.194 20940 (AKAMAI-ASN1)
5 2607:f8b0:400... 15169 (GOOGLE)
3 52.58.163.163 16509 (AMAZON-02)
8 141.226.228.48 200478 (TABOOLA-AS)
1 178.250.7.11 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 66.102.1.154 15169 (GOOGLE)
1 2a02:2638:d::11 44788 (ASN-CRITE...)
1 3 178.250.1.9 44788 (ASN-CRITE...)
3 7 3.76.178.166 16509 (AMAZON-02)
1 184.30.20.22 16625 (AKAMAI-AS)
1 4 69.173.144.165 26667 (RUBICONPR...)
1 185.86.139.93 201081 (SMARTADSE...)
2 13.248.245.213 16509 (AMAZON-02)
3 3.75.62.37 16509 (AMAZON-02)
1 185.255.84.152 200271 (IGUANE-)
1 2 34.249.203.210 16509 (AMAZON-02)
1 2 52.48.194.69 16509 (AMAZON-02)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 52.58.16.150 16509 (AMAZON-02)
1 64.202.112.255 23352 (SERVERCEN...)
9 185.64.191.210 62713 (AS-PUBMATIC)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 85.215.5.31 6786 (CRONON-BE...)
1 23.35.237.75 16625 (AKAMAI-AS)
1 54.72.193.170 16509 (AMAZON-02)
1 52.58.249.168 16509 (AMAZON-02)
7 142.250.185.130 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 6 52.29.235.189 16509 (AMAZON-02)
4 4 85.114.159.118 24961 (MYLOC-AS ...)
8 9 37.157.3.26 198622 (ADFORM)
6 3.33.220.150 16509 (AMAZON-02)
1 4 2a05:d018:d29... 16509 (AMAZON-02)
4 184.30.22.30 16625 (AKAMAI-AS)
1 52.31.154.19 16509 (AMAZON-02)
10 172.217.16.194 15169 (GOOGLE)
1 3.23.201.151 16509 (AMAZON-02)
1 69.173.151.100 26667 (RUBICONPR...)
1 151.101.1.108 54113 (FASTLY)
1 67.202.105.24 32748 (STEADFAST)
1 104.18.11.47 13335 (CLOUDFLAR...)
1 3 198.47.127.19 62713 (AS-PUBMATIC)
4 4 69.173.144.138 26667 (RUBICONPR...)
2 4 52.46.143.56 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 4 52.95.122.74 16509 (AMAZON-02)
2 2 213.155.156.181 1299 (TWELVE99 ...)
5 198.47.127.205 3257 (GTT-BACKB...)
1 1 193.0.160.130 54312 (ROCKETFUEL)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 52.49.58.171 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 34.235.212.6 14618 (AMAZON-AES)
1 35.204.74.118 396982 (GOOGLE-CL...)
1 1 185.183.112.148 60350 (VP)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 104.18.10.47 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
1 2 185.86.138.151 201081 (SMARTADSE...)
2 198.47.127.20 62713 (AS-PUBMATIC)
1 1 54.196.81.233 14618 (AMAZON-AES)
1 2 151.101.194.49 54113 (FASTLY)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.121 42697 (NETIC-AS)
1 1 141.94.171.213 16276 (OVH)
1 1 141.95.32.69 16276 (OVH)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 134.122.57.34 14061 (DIGITALOC...)
653 140
1    13.32.27.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-57.fra56.r.cloudfront.net
walla.co.il
1    13.32.27.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-118.fra56.r.cloudfront.net
walla.co.il
45    13.224.189.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-75.fra2.r.cloudfront.net
www.walla.co.il
6    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
5    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    18.66.147.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-94.fra60.r.cloudfront.net
tags.dxmdp.com
2    2600:9000:2057:ae00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
12    34.160.198.118 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.198.160.34.bc.googleusercontent.com
images.wcdn.co.il
1    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.valuad.cloud
44    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
4    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
web-sdk.smartlook.com
1    104.19.149.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    2600:9000:211a:6600:4:1c73:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2r08ja41ypc0t.cloudfront.net
1    52.71.47.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-47-12.compute-1.amazonaws.com
ping.chartbeat.net
16    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    142.250.185.194 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
www.googleadservices.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
12890047.adoric-om.com
1    2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
8    2a00:1450:4001:813::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
hb-dot-valuad.appspot.com
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
2    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
25    3.208.221.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-221-95.compute-1.amazonaws.com
mabping.chartbeat.net
9    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
1    18.66.122.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-88.fra60.r.cloudfront.net
dal.walla.co.il
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
static.adoric.com
1    34.120.218.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.218.120.34.bc.googleusercontent.com
app.adoric-om.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2250:6e00:a:e047:753:be1 (United States)

ASN- ()
cdn.prod.uidapi.com
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
12    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    104.18.24.112 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
4    216.52.2.6 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    35.157.81.77 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-81-77.eu-central-1.compute.amazonaws.com
tlx.3lift.com
6    2602:803:c003:200::44 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
6    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
bs.yandex.ru
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
9    185.86.138.124 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
2    2a02:fa8:8806:12::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
2    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
2    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
6    34.149.20.76 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
2    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
16    185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
18    104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
5    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
4    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
3    54.154.171.254 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-171-254.eu-west-1.compute.amazonaws.com
event.dxmdp.com
10    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
2    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
1    34.241.170.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-170-80.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
61    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
1    2600:9000:20eb:4c00:11:da61:a100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.dxmcdn.com
22    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    18.66.97.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-98.fra56.r.cloudfront.net
cdn-uw2-prod.tsv2.amagi.tv
3    99.86.4.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-49.fra6.r.cloudfront.net
amg01742-walla-wallanews-ono-btlna.amagi.tv
56    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
pixelgroup-d.openx.net
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
4    162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de
sync.richaudience.com
4    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
3    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    188.42.34.64 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr3.eu.criteo.com
4    8.2.108.175 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
32    142.250.181.226 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
16    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
r.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
3    37.157.6.254 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
3    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
sync.teads.tv
criteo-sync.teads.tv
1    2.16.107.194 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-194.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
5    2607:f8b0:4004:c08::78 (Ashburn, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
3    52.58.163.163 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-163-163.eu-central-1.compute.amazonaws.com
match.sharethrough.com
8    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
sync-t1.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
widget.fr3.eu.criteo.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    66.102.1.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f154.1e100.net
bid.g.doubleclick.net
1    2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
3    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
7    3.76.178.166 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-178-166.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    185.255.84.152 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    34.249.203.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-203-210.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    52.48.194.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-194-69.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
1    52.58.16.150 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-16-150.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
1    64.202.112.255 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
9    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    2600:1f18:612b:4200:b9f1:6dc9:7c36:1111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
1    85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)
a.twiago.com
1    23.35.237.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-75.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    54.72.193.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-193-170.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
1    52.58.249.168 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-249-168.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
7    142.250.185.130 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2a00:1450:4001:3c::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r3---sn-4g5e6nzl.c.2mdn.net
6    52.29.235.189 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-235-189.eu-central-1.compute.amazonaws.com
pm.w55c.net
4    85.114.159.118 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
9    37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
6    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    2a05:d018:d29:3605:116:34f8:6532:c6d0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    52.31.154.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-154-19.eu-west-1.compute.amazonaws.com
beacon.krxd.net
10    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
ade.googlesyndication.com
1    3.23.201.151 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-23-201-151.us-east-2.compute.amazonaws.com
s.thebrighttag.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
3    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    52.95.122.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    213.155.156.181 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
5    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image2.pubmatic.com
1    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    52.49.58.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-58-171.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    34.235.212.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-212-6.compute-1.amazonaws.com
a.audrte.com
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    185.183.112.148 (Meaux, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
1    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    185.86.138.151 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    54.196.81.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-81-233.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    141.94.171.213 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh
pixel.onaudience.com
1    141.95.32.69 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: haproxy-eu-004.roqad.pl
ws.rqtrk.eu
1    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
Apex Domain
Subdomains		 Transfer
93 googlesyndication.com
936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
tpc.googlesyndication.com — Cisco Umbrella Rank: 158
ade.googlesyndication.com — Cisco Umbrella Rank: 337
491 KB
66 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
stats.g.doubleclick.net — Cisco Umbrella Rank: 115
pubads.g.doubleclick.net — Cisco Umbrella Rank: 434
cm.g.doubleclick.net — Cisco Umbrella Rank: 244
bid.g.doubleclick.net — Cisco Umbrella Rank: 801
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 377
337 KB
58 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 326
gcdn.2mdn.net — Cisco Umbrella Rank: 1207
r3---sn-4g5e6nzl.c.2mdn.net
11 MB
54 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 926
pm-widget.taboola.com — Cisco Umbrella Rank: 3302
trc.taboola.com — Cisco Umbrella Rank: 672
vidstat.taboola.com — Cisco Umbrella Rank: 2808
am-trc-events.taboola.com — Cisco Umbrella Rank: 13151
images.taboola.com — Cisco Umbrella Rank: 1776
sync-t1.taboola.com — Cisco Umbrella Rank: 1369
imprammp.taboola.com — Cisco Umbrella Rank: 13531
am-match.taboola.com — Cisco Umbrella Rank: 13578
am-vid-events.taboola.com — Cisco Umbrella Rank: 12691
pips.taboola.com — Cisco Umbrella Rank: 1641
cds.taboola.com — Cisco Umbrella Rank: 1872
780 KB
48 walla.co.il
walla.co.il — Cisco Umbrella Rank: 75464
www.walla.co.il — Cisco Umbrella Rank: 146823
dal.walla.co.il — Cisco Umbrella Rank: 136072
1 MB
26 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1251
mabping.chartbeat.net — Cisco Umbrella Rank: 5723
5 KB
24 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 603
ads.pubmatic.com — Cisco Umbrella Rank: 574
simage2.pubmatic.com — Cisco Umbrella Rank: 793
image6.pubmatic.com — Cisco Umbrella Rank: 813
image2.pubmatic.com — Cisco Umbrella Rank: 1030
simage4.pubmatic.com — Cisco Umbrella Rank: 1315
95 KB
21 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 750
gum.criteo.com — Cisco Umbrella Rank: 431
mug.criteo.com — Cisco Umbrella Rank: 2526
ads.eu.criteo.com — Cisco Umbrella Rank: 8262
cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 9619
widget.fr3.eu.criteo.com — Cisco Umbrella Rank: 16962
dis.criteo.com — Cisco Umbrella Rank: 664
78 KB
19 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 584
pixel.rubiconproject.com — Cisco Umbrella Rank: 393
eus.rubiconproject.com — Cisco Umbrella Rank: 622
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1250
token.rubiconproject.com — Cisco Umbrella Rank: 648
28 KB
18 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 6645
csync.smilewanted.com — Cisco Umbrella Rank: 3381
static.smilewanted.com — Cisco Umbrella Rank: 11501
32 KB
18 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 676
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 633
r.casalemedia.com — Cisco Umbrella Rank: 1579
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
dsum.casalemedia.com — Cisco Umbrella Rank: 1549
13 KB
17 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 265
secure.adnxs.com — Cisco Umbrella Rank: 414
acdn.adnxs.com — Cisco Umbrella Rank: 594
29 KB
13 criteo.net
static.criteo.net — Cisco Umbrella Rank: 623
csm.eu.criteo.net — Cisco Umbrella Rank: 8330
103 KB
12 adform.net
cm.adform.net — Cisco Umbrella Rank: 1298
c1.adform.net — Cisco Umbrella Rank: 631
dmp.adform.net — Cisco Umbrella Rank: 3604
6 KB
12 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1550
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 721
sync.smartadserver.com — Cisco Umbrella Rank: 1464
3 KB
12 wcdn.co.il
images.wcdn.co.il — Cisco Umbrella Rank: 101853
250 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 2577
adservice.google.com — Cisco Umbrella Rank: 121
3 KB
9 dxmdp.com
tags.dxmdp.com — Cisco Umbrella Rank: 40330
event.dxmdp.com — Cisco Umbrella Rank: 40813
129 KB
8 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 325
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1114
6 KB
8 openx.net
rtb.openx.net — Cisco Umbrella Rank: 830
oajs.openx.net — Cisco Umbrella Rank: 1470
google-bidout-d.openx.net — Cisco Umbrella Rank: 1461
us-u.openx.net — Cisco Umbrella Rank: 496
pixelgroup-d.openx.net — Cisco Umbrella Rank: 88330
1 KB
8 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1371
ssc.33across.com — Cisco Umbrella Rank: 4567
ssc-cms.33across.com — Cisco Umbrella Rank: 1218
10 KB
8 appspot.com
hb-dot-valuad.appspot.com — Cisco Umbrella Rank: 62498
192 B
7 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 329
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
2 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 360
2 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 385
2 KB
6 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1047
5 KB
6 yandex.ru
bs.yandex.ru — Cisco Umbrella Rank: 15951
1 KB
5 gstatic.com
csi.gstatic.com
441 B
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 807
725 B
5 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1742
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6616
creativecdn.com — Cisco Umbrella Rank: 551
2 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 5576
753 B
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 55
region1.google-analytics.com — Cisco Umbrella Rank: 1869
21 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
409 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2942
3 KB
4 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1779
2 KB
4 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3464
4 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2136
840 B
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 219
225 KB
4 amagi.tv
cdn-uw2-prod.tsv2.amagi.tv — Cisco Umbrella Rank: 58637
amg01742-walla-wallanews-ono-btlna.amagi.tv — Cisco Umbrella Rank: 182644
5 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
249 B
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 667
eb2.3lift.com — Cisco Umbrella Rank: 429
1 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 766
906 B
4 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1605
mp.4dex.io — Cisco Umbrella Rank: 3003
25 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 23029
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 23281
898 B
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 590
34 B
3 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1446
criteo-sync.teads.tv — Cisco Umbrella Rank: 2214
489 B
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 987
1 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 613
2 KB
3 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4116
visitor.omnitagjs.com — Cisco Umbrella Rank: 1055
1 KB
3 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3447
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4289
401 B
3 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 874
id5-sync.com — Cisco Umbrella Rank: 440
27 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1044
bcp.crwdcntrl.net — Cisco Umbrella Rank: 904
sync.crwdcntrl.net — Cisco Umbrella Rank: 889
12 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 170
243 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1003
syndication.twitter.com — Cisco Umbrella Rank: 1212
132 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1637
mab.chartbeat.com — Cisco Umbrella Rank: 2410
30 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1313
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 775
772 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5239
562 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 718
cdn.indexww.com — Cisco Umbrella Rank: 1728
2 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 696
878 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 215
2 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1762
1 KB
2 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 526
350 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 369
3 KB
2 adoric-om.com
12890047.adoric-om.com — Cisco Umbrella Rank: 205861
app.adoric-om.com — Cisco Umbrella Rank: 37839
54 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 166
20 KB
2 smartlook.com
web-sdk.smartlook.com — Cisco Umbrella Rank: 21256
20 KB
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3017
555 B
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 3704
352 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3485
418 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3213
439 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 810
1 KB
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1867
423 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1680
281 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 836
610 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 878
589 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 892
793 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 391
650 B
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 2168
268 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 632
338 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 1957
44 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2285
38 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4417
400 B
1 twiago.com
a.twiago.com — Cisco Umbrella Rank: 29536
153 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2510
399 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 798
145 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1276
884 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 3034
274 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 655
794 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 257
5 KB
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 579
591 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1386
481 B
1 dxmcdn.com
cf.dxmcdn.com — Cisco Umbrella Rank: 60530
62 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1598
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1702
2 KB
1 adoric.com
static.adoric.com — Cisco Umbrella Rank: 51803
15 KB
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 6277
175 B
1 cloudfront.net
d2r08ja41ypc0t.cloudfront.net
464 B
1 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2820
1 valuad.cloud
cdn.valuad.cloud — Cisco Umbrella Rank: 90267
273 KB
653 100
Domain Requested by
57 pagead2.googlesyndication.com securepubads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
www.googletagservices.com
56 s0.2mdn.net imasdk.googleapis.com
www.walla.co.il
s0.2mdn.net
45 www.walla.co.il www.walla.co.il
32 cm.g.doubleclick.net 16 redirects googleads.g.doubleclick.net
936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
eus.rubiconproject.com
28 images.taboola.com
25 mabping.chartbeat.net www.walla.co.il
22 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
www.walla.co.il
s0.2mdn.net
imasdk.googleapis.com
16 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
www.googleadservices.com
936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
pagead2.googlesyndication.com
imasdk.googleapis.com
14 ib.adnxs.com 7 redirects cdn.valuad.cloud
googleads.g.doubleclick.net
acdn.adnxs.com
csync.smilewanted.com
12 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
12 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
cdnjs.cloudflare.com
static.criteo.net
cdn.valuad.cloud
12 images.wcdn.co.il www.walla.co.il
10 ade.googlesyndication.com
10 csync.smilewanted.com 1 redirects cdn.valuad.cloud
csync.smilewanted.com
10 gum.criteo.com 5 redirects cdn.taboola.com
static.criteo.net
cdn.valuad.cloud
10 cdn.taboola.com www.walla.co.il
cdn.taboola.com
9 simage2.pubmatic.com ads.eu.criteo.com
ads.pubmatic.com
9 prg.smartadserver.com cdn.valuad.cloud
9 www.google.com 1 redirects www.walla.co.il
tpc.googlesyndication.com
securepubads.g.doubleclick.net
936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
8 c1.adform.net 7 redirects ads.pubmatic.com
8 hb-dot-valuad.appspot.com cdn.valuad.cloud
12890047.adoric-om.com
7 googleads4.g.doubleclick.net www.walla.co.il
7 x.bidswitch.net 3 redirects ads.eu.criteo.com
936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
6 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
eus.rubiconproject.com
ads.pubmatic.com
ssum-sec.casalemedia.com
6 pm.w55c.net 6 redirects
6 prebid.smilewanted.com cdn.valuad.cloud
6 ssc.33across.com cdn.valuad.cloud
6 bs.yandex.ru cdn.valuad.cloud
6 fastlane.rubiconproject.com cdn.valuad.cloud
6 tags.dxmdp.com www.walla.co.il
tags.dxmdp.com
6 securepubads.g.doubleclick.net www.walla.co.il
securepubads.g.doubleclick.net
www.googletagservices.com
5 image2.pubmatic.com ads.pubmatic.com
5 am-trc-events.taboola.com cdn.taboola.com
5 csi.gstatic.com imasdk.googleapis.com
5 onetag-sys.com cdn.valuad.cloud
csync.smilewanted.com
5 www.google.de www.walla.co.il
5 www.googletagmanager.com www.walla.co.il
www.googletagmanager.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
ads.pubmatic.com
4 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
ssum-sec.casalemedia.com
4 token.rubiconproject.com 4 redirects
4 eus.rubiconproject.com imprammp.taboola.com
eus.rubiconproject.com
cdn.valuad.cloud
4 pr-bh.ybp.yahoo.com 1 redirects imprammp.taboola.com
am-match.taboola.com
4 dsp.adfarm1.adition.com 4 redirects
4 pixel.rubiconproject.com 1 redirects ads.eu.criteo.com
eus.rubiconproject.com
4 us.ck-ie.com csync.smilewanted.com
4 sync.richaudience.com 2 redirects csync.smilewanted.com
4 www.googletagservices.com securepubads.g.doubleclick.net
936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
4 www.facebook.com www.walla.co.il
4 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 ap.lijit.com cdn.valuad.cloud
csync.smilewanted.com
4 www.google-analytics.com www.walla.co.il
www.google-analytics.com
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 ups.analytics.yahoo.com ads.eu.criteo.com
am-match.taboola.com
3 dis.criteo.com 1 redirects ads.eu.criteo.com
3 match.sharethrough.com csync.smilewanted.com
ads.eu.criteo.com
3 cm.adform.net 1 redirects csync.smilewanted.com
ads.eu.criteo.com
3 ad.turn.com 3 redirects
3 sync.1rx.io 3 redirects
3 ads.pubmatic.com cdn.valuad.cloud
ads.pubmatic.com
3 amg01742-walla-wallanews-ono-btlna.amagi.tv www.walla.co.il
3 event.dxmdp.com tags.dxmdp.com
12890047.adoric-om.com
3 connect.facebook.net www.walla.co.il
connect.facebook.net
2 uipglob.semasio.net 1 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 simage4.pubmatic.com ads.pubmatic.com
2 sync.smartadserver.com 1 redirects csync.smilewanted.com
2 creativecdn.com 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 d5p.de17a.com 2 redirects
2 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
2 ad.360yield.com 1 redirects
2 dpm.demdex.net 1 redirects
2 eb2.3lift.com ads.eu.criteo.com
cdn.valuad.cloud
2 secure.adnxs.com 1 redirects ads.eu.criteo.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 cat.fr3.eu.criteo.com www.walla.co.il
ads.eu.criteo.com
2 ads.betweendigital.com 2 redirects
2 static.smilewanted.com csync.smilewanted.com
2 pubads.g.doubleclick.net imasdk.googleapis.com
2 trc.taboola.com cdn.taboola.com
2 imasdk.googleapis.com www.walla.co.il
imasdk.googleapis.com
2 mug.criteo.com www.walla.co.il
2 id5-sync.com cdn.id5-sync.com
ads.eu.criteo.com
2 oajs.openx.net 1 redirects www.walla.co.il
2 rtb.openx.net cdn.valuad.cloud
2 prebid-eu.creativecdn.com cdn.valuad.cloud
2 htlb.casalemedia.com cdn.valuad.cloud
2 hb-api.omnitagjs.com cdn.valuad.cloud
2 mp.4dex.io cdn.valuad.cloud
2 web.hb.ad.cpe.dotomi.com cdn.valuad.cloud
2 hbopenbid.pubmatic.com cdn.valuad.cloud
2 bidder.criteo.com cdn.valuad.cloud
2 tlx.3lift.com cdn.valuad.cloud
2 script.4dex.io cdn.valuad.cloud
12890047.adoric-om.com
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
cdn.valuad.cloud
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.googleadservices.com www.googletagmanager.com
2 web-sdk.smartlook.com www.walla.co.il
web-sdk.smartlook.com
2 platform.twitter.com www.walla.co.il
platform.twitter.com
2 static.chartbeat.com www.walla.co.il
2 walla.co.il 2 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com
1 ws.rqtrk.eu 1 redirects
1 pixel.onaudience.com 1 redirects
1 mwzeom.zeotap.com
1 sync.srv.stackadapt.com 1 redirects
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 sync.adotmob.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 p.rfihub.com 1 redirects
1 px.ads.linkedin.com eus.rubiconproject.com
1 js-sec.indexww.com cdn.valuad.cloud
1 pixelgroup-d.openx.net cdn.valuad.cloud
1 ssc-cms.33across.com cdn.valuad.cloud
1 acdn.adnxs.com cdn.valuad.cloud
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 s.thebrighttag.com
1 beacon.krxd.net
1 am-vid-events.taboola.com
1 am-match.taboola.com vidstat.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 r3---sn-4g5e6nzl.c.2mdn.net
1 gcdn.2mdn.net 1 redirects
1 e1.emxdgt.com ads.eu.criteo.com
1 sync-criteo.ads.yieldmo.com ads.eu.criteo.com
1 ad.yieldlab.net ads.eu.criteo.com
1 a.twiago.com ads.eu.criteo.com
1 criteo-partners.tremorhub.com ads.eu.criteo.com
1 sync.outbrain.com ads.eu.criteo.com
1 exchange.mediavine.com ads.eu.criteo.com
1 matching.ivitrack.com ads.eu.criteo.com
1 r.casalemedia.com ads.eu.criteo.com
1 visitor.omnitagjs.com ads.eu.criteo.com
1 criteo-sync.teads.tv ads.eu.criteo.com
1 sync-t1.taboola.com ads.eu.criteo.com
1 rtb-csync.smartadserver.com ads.eu.criteo.com
1 contextual.media.net ads.eu.criteo.com
1 csm.eu.criteo.net ads.eu.criteo.com
1 bid.g.doubleclick.net imasdk.googleapis.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 widget.fr3.eu.criteo.com ads.eu.criteo.com
1 vidstat.taboola.com cdn.taboola.com
1 ads.stickyadstv.com 1 redirects
1 ads.eu.criteo.com cdn.valuad.cloud
1 sync.targeting.unrulymedia.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 adservice.google.com imasdk.googleapis.com
1 cdn-uw2-prod.tsv2.amagi.tv 1 redirects
1 cf.dxmcdn.com tags.dxmdp.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 region1.analytics.google.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 app.adoric-om.com 12890047.adoric-om.com
1 static.adoric.com 12890047.adoric-om.com
1 dal.walla.co.il www.walla.co.il
1 pro.ip-api.com www.walla.co.il
1 syndication.twitter.com platform.twitter.com
1 mab.chartbeat.com static.chartbeat.com
1 12890047.adoric-om.com www.walla.co.il
1 ping.chartbeat.net www.walla.co.il
1 d2r08ja41ypc0t.cloudfront.net tags.dxmdp.com
1 cdn.permutive.com tags.dxmdp.com
1 cdn.valuad.cloud www.walla.co.il
653 181

This site contains links to these domains. Also see Links.

Domain
weather.walla.co.il
mail.walla.co.il
mobile.walla.co.il
news.walla.co.il
sports.walla.co.il
e.walla.co.il
celebs.walla.co.il
finance.walla.co.il
food.walla.co.il
healthy.walla.co.il
travel.walla.co.il
fashion.walla.co.il
www.sheee.co.il
nadlan.walla.co.il
mekomi.walla.co.il
zoom.walla.co.il
cars.walla.co.il
tech.walla.co.il
home.walla.co.il
b.walla.co.il
marketing.walla.co.il
gaming.walla.co.il
mazaltov.walla.co.il
horoscope.walla.co.il
law.walla.co.il
judaism.walla.co.il
tld.walla.co.il
walla.co.il
calendar.walla.co.il
fun.walla.co.il
yoram.walla.co.il
vod.walla.co.il
viva.walla.co.il
www.wallashops.co.il
help.walla.co.il
dcx.walla.co.il
www.tiktok.com
www.instagram.com
twitter.com
www.facebook.com
beauty.walla.co.il
seniors.walla.co.il
doral.walla.co.il
stayinghealthy.walla.co.il
cannabis.walla.co.il
special.walla.co.il
b144.walla.co.il
galil.walla.co.il
showbiztip.walla.co.il
paisculture.walla.co.il
yarokkl.walla.co.il
sanofi.walla.co.il
103fm.maariv.co.il
eco99fm.maariv.co.il
www.maariv.co.il
tummytuckhipo.com
popup.taboola.com
sport1.maariv.co.il
magazine.shufersal.co.il
career.walla.co.il
www.b144.co.il
www.kamaze.co.il
www.hayoetzet.co.il
www.sugat.com
www.etzhazait.co.il
www.enaim.co.il
www.seolinks.co.il
intouch.wunderweib.de
barfuss-ratgeber.de
trc.taboola.com
teavishedconers.com
pro-verbraucher.info
www.enpal.de
tap.freenet.de
www.cosmopolitan.de
bredings-person.com
taongafarm.com
www.sixx.de
www.oref.org.il
Subject Issuer Validity Valid
*.walla.co.il
Amazon RSA 2048 M01		 2023-03-27 -
2024-04-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
tags.dxmdp.com
Amazon RSA 2048 M02		 2023-01-22 -
2024-02-21		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
images.wcdn.co.il
R3		 2023-06-29 -
2023-09-27		 3 months crt.sh
valuad.cloud
E1		 2023-07-28 -
2023-10-26		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
1688964705.rsc.cdn77.org
R3		 2023-07-27 -
2023-10-25		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-05-18 -
2023-08-16		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
adoric-om.com
E1		 2023-07-02 -
2023-09-30		 3 months crt.sh
*.appspot.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
adoric.com
GTS CA 1P5		 2023-07-17 -
2023-10-15		 3 months crt.sh
*.adoric.com
R3		 2023-08-08 -
2023-11-06		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-06-27 -
2023-09-25		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-05-18 -
2023-08-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-07-27 -
2023-10-25		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-04-08 -
2023-10-07		 6 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2023-07-03 -
2023-10-01		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
dxmdp.com
Amazon RSA 2048 M01		 2023-02-09 -
2024-02-16		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
cf.dxmcdn.com
Amazon RSA 2048 M02		 2023-03-27 -
2024-04-24		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.amagi.tv
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-13		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-21		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-29		 3 months crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2023-11-08		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
itm.ivitrack.com
R3		 2023-08-01 -
2023-10-30		 3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02		 2023-06-06 -
2024-07-04		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2022-11-06 -
2023-11-28		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-28 -
2023-12-29		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-15		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M01		 2023-05-03 -
2024-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh

This page contains 83 frames:

Primary Page: https://www.walla.co.il/
Frame ID: 5CA00EDC4D56AE035779B7DB25DD94A2
Requests: 268 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.walla.co.il
Frame ID: D3AF0203412BEB6180D52BFF3101825C
Requests: 2 HTTP requests in this frame

Frame: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Frame ID: B42AEDA653155C0B293B69E9076A5C3F
Requests: 18 HTTP requests in this frame

Frame: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0317FFDFF10EAFF6D6524E6BED5484C4
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.walla.co.il
Frame ID: 59D7A5C2ADCD5DF0EF7282E60E3D6EBE
Requests: 2 HTTP requests in this frame

Frame: https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=&monitoringConfig=%7B%22uuid%22%3A%22bc8a7a32-7d98-4226-8af9-d2a43a8621cc%22%2C%22enabled%22%3Afalse%2C%22verboseMode%22%3A%22ERRORS%22%2C%22sampling%22%3Anull%2C%22observedUserId%22%3Anull%2C%22includeDatabase%22%3Afalse%2C%22includeLocalStorage%22%3Afalse%2C%22includeLoggerState%22%3Afalse%7D
Frame ID: 1CD5493A9048891D0AF3EF96D98E2E23
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Frame ID: CED8FF0F4B60530E95472774F6CE14B9
Requests: 27 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FC4F4C90408DC54311215F59F4ACDA6C
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 0C373232341F873C82E4480223E74315
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3B2E9448277D3A7E337909E089D4948B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1C3237E3B7414BF28881F5BADDF0E422
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1C9B3DD132FFBA1C9F734F1C9BC20280
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 0EA54BB0486D9DE9DFD18F51C320AD5D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 119F2E34F8EF45521734BABD7F478CC1
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 57F9F8121D0CC7997B474F2680CAC35D
Requests: 1 HTTP requests in this frame

Frame: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 44B0BDCA7133C5B59556CB739EFE7DDF
Requests: 24 HTTP requests in this frame

Frame: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E67B3E86CD9B69B333191AA9B79627B5
Requests: 22 HTTP requests in this frame

Frame: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9F788B40C3EE96BF2DA7A0E56A00628F
Requests: 22 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9ULVXprwnnZL-BGAMwM2NdROIfH7NwCuzHxfDumxeAa_Y3w6RkEXv4yibbNfDMripJMNsYP1P2ioLOht7YONsmOCQFVOTW1gygoSiqaPUH-lajiyEJA69r_oNGs1KCjx8ujyiVIJL4_OiXxp8vYMj2qK_gVB_fZcjCKm046JAVBhsgX0uSt3Tz1zsEM2aUMrq5lSzbQ5rgy7Hj9u-6oZoPiwprqCsKCkOUEpkux8hgmnysjNZ_2QcY4cBk-iNix2_AQ7u3tykr_DMFbKcfmnw9yxVO5ly5sqhc5V9QaKbIk9XtfJaBQxDGwwRzIkEF0GnvZsh9jvErsIpIV2LTOAhT0XU3j0l44x7A7rbPw&sai=AMfl-YQukld-LERaX3mUldsakgU8IXO1Qg9zBHHtUui39vW9eZ9wEaPFiQgEnSKNzzdOY-TxiFa50Tg1fzNykH7tVQUs5JdD3EbBsvxxjOa21wnyt6KxtLdfzm-sMW445Q&sig=Cg0ArKJSzEp2N-VHB951EAE&uach_m=[UACH]&adurl=
Frame ID: 7A32F9A68B4ACE4C8688BF45337874AC
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 01A2F964350764B35DA7C635ED781D0F
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
Frame ID: 3D50997A7E719FA53C5D75EED5AD675F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-9672974b-8871-4a5e-8a78-70b8c34afcee-003
Frame ID: E18312A46558D52C3DA4981BA2B0896B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNXr8AKTu0z63-i4uo8n1g8xJDLjUiAHKczdH4Aw79GMvjQa6lQ0xutgvhrUI0QGS7lBZiqfpdE5U3393oFKr6T-f-x96IdDdMoQVB2GI3LFJctZ7HHXseX5WAlg30VeFmR_Xpu50Liqwkwjp-TLDIWNlbqh-xgohEoEYEEKkHJmeVvUcUM
Frame ID: 0C5DB2513A4828FBFDCE5C0C311BB056
Requests: 5 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/aa603f5a-4def-52dd-9aa0-c7c7fe7387c1
Frame ID: ACC65758B742933436DB6F19B65AF0FC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY1535xgEwAQ&v=APEucNVW0LDxYeBKXmMA4Hhmz2mhlOF7VuuR2I9rRmALRRxCFCIqqwJnhOnEcE0JUZ3Zr5ufiZMF-fzXW1rMnXqkOyoaBT3a8CIKGeADg_4tgJqmBPJCws0mcrnIacIWlr-o1LZE6WJh2CrZu1IH5cygbtMSv5IW0O6Oq7aB-Q5ONNDTt1IQJDs
Frame ID: 169E286A799349BB6EC2CB30F84BABB9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY1535xgEwAQ&v=APEucNX-zFCtQj0E-xXya47pex3UWebg9L09TnNLQUzw56MxECxFSk5TNs116H5LReCFzGsDLnzXG8fUxQW4EWfK3XUS_27rc426UO8cpjkF2VMj9t5XYaJWWY-t3mWJlKLCzw2VBmfgyR77XUVXb1524QOqA0Ow81jICBGY0iBdw5vlZgyZvtg
Frame ID: 103B2268FFC19F8449607D632873B795
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Frame ID: EEFBEE10472AA6829AC2364DFA9C23AF
Requests: 13 HTTP requests in this frame

Frame: https://cat.fr3.eu.criteo.com/tpd?dd=PoXRiF9BdlglMkZkJTJGT3QyM21pUk8ydThFam5VSmpIRjlzT0dNSW5MMkJ1QkNSakdORkxPcVpvQmpvb0NXU0k4WVR0UlQ5TmFCWW9ORVRaRm40NkNWdUNvVUYyTFFkRU96bEZQUng1TjFSd1dGNTFHUDM2bGZhUGxOU3oyWmwlMkJkZjBwUExFNDdjT0d1c3hGaFhubDZHWDg5YTdwWkRKMVlwTE5PcEZPTWhnVUtsRnBCRWVnVDFOMndsSjM1dTIxbWJIeHlTbmVSbFFjVWxRT0I2SUxvNlFDOUQ2UDdxYXdnTlNNeERNVG02WnFUejRBZlA2cUhKbVIlMkJSeUFRR1lsbTBpWGlJTmNSdFdPbUR2WE9NTUVDRmpXenhvQUxoTmtkMnJrekRLclpnenJ1d3ZGTWU1WmFMNjIzazdvMjZwd3Vpd1Roc1dkckNkTDJ3N0ljcHJEN3ZYQlM3Vkh0QlFjMjBPU0M5dUIwNWRKSmYxN2M0ZllWQTNYSUtQQ1NlMVBOTjYlMkZTUzJMNGFKZW1EbHNyMXlZdTFGZUUxYWVyMmlJJTJCWjNlVGlMZEpqcWJhNnVoUXZrb2MlMkZsSkk0JTJCakhPYzRqd2cyNmtaQg
Frame ID: F4678B50259EBF99763AFD8FFAC12660
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: ADA3316B7F591BF8B64B47D98A9B9C7C
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Frame ID: 6F64334BF7BAC1AC28752C9E311A8D09
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/a0654d8a11f89ccd35e6553e424e1f3?gdpr_consent=&gdpr=0
Frame ID: 9E8792DF8FB51294BE464C664FD0046D
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: F437F0D29B00A39159F855A1DA469E12
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: E5EC23241C677077EBC1A726322CCA8F
Requests: 1 HTTP requests in this frame

Frame: https://widget.fr3.eu.criteo.com/dis/dis.aspx?pu=199639&cb=64d340067ef62a9549b22b6bd833308c&r=https%3a%2f%2fwww.walla.co.il%2f&crossorigin=false
Frame ID: CA42D2B11FF916DF2803188FE76753B1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 38545E1FABD8D2E879C3849F0E7AE17C
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0699DA5B59EC7C7123D39A159DF74485
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4087EC6C3574E3F2FA91E94E39AF2B23
Requests: 6 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-zsOwwNkV1tCCiEZ7uK5zfD_wv9EzZt7bAmLM1w&google_gid=CAESELjfwB8RcZh5O9krBsKvtuA&google_cver=1&google_ula=913071,0
Frame ID: C2390815131DD17CBB46F76055104245
Requests: 29 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=HmhRnyr5hz&t=1&renderingType=2&ev=01_250
Frame ID: 763A466EE19E9F93417748E09B84A49D
Requests: 22 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8eV4CLAascvWsn7g_wxBY5epZP3F_hikAAABgYID-AIkNN6ORZTVZi2aT3Vo02gzXwt1gtNZtVrPharEbDUa2ISCx4WY0sqwma9FssluLRpvhWrgbjNa6zWo2XC12o8HINgUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDhFkedq_NdTkdFG6D2uG0-wMAAAAACAAAAAASAAjivyUAYnAnT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ4RAzC5LlaADiBTkFmEEAAAAQPHYxPDIJJ2gYlHl__-_3wrAFQCAgMRsmQu-LLqDEm9hAAAAAMQIwZcQjdzxoI9ZoIfF7zc77Bq_22X-_________838n_lHI4RU-JEmSAFXSs0vIADAml9AAAA24wYA4E0AnJCDgabT4XPd63W_3133MJsddo3frjT7RScAVkchdsPZYjdbLCazAwAAAHDn____H48QfAnRyB0Puh6QsMx8C49t4htNJi7fZrTxzEweh8k2MTmMG4tn5j1sy9Rb6wd5LX0ykO92GR4-l0FFN5ldns9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVisBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHcxuTyDJaztWriWa1Fy5FzrdxsLGvNZDjyLRazyWSzcoteH9PF4_G4hqstEgwI2YvkaZFOJMPRaOXwWGYrw8Zk8Q1GM8fCZZk5JsPFxGaxbCZiieZkkU5kl33DMvMtPLaJbzSZuHyb0cYzM3kcJtvE5DBuLJ6Zv7cxuTyD5WytmnhWa9Fy5FwrNxvLWjMZjnyLxWwy2azcotfHdPF4PK7hat-YLRer2WwwXO0bs-ViNZsNhqt9h8n0TH3ORtct4_gIDdPzzTa5OQ0Kl8Hi_UlMi2l3dhCdfEenzOFRFnRGv9_v9_v9fr_f7zdoPQezQeH7TGsb1XHZMmebv8fBoIglgot0onuYzQ6n2a17mM0Oi1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j9yiM1wrlgu55rhXLEZrRIAAAAAAAAAgCWYZroJAAAAgJNBDSebzWqdDmayGq4Wq-UCuICZ1PWDC3K9GhttsyslUIlvuw5bolhjjzXcw2x2OM1u3cNsdlgZwIXLN7PNPiOItVotawAAAALYAAAAArjpxpsAsiju____fxwAAAAZOfQAAADo9wFVaYcfuVLs8SuIxXIw2D8AFWKtVqvbjbVarYAEsVtMJhCAwGYE!&cmcv=&pix=undefined&cb=1691566087602&uv=3314&tms=1691566087602&abt=aniview_inc_vA!expl_vE!nonrv_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=6834d252-4627-4438-8704-7356851740d6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 0665AC13DCD264BDEDFA9E2881DC1742
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8eV4CLAascvWsn7g_wxBY5epZP3F_hikAAABgYID-AIkNN6ORZTVZi2aT3Vo02gzXwt1gtNZtVrPharEbDUa2ISCx4WY0sqwma9FssluLRpvhWrgbjNa6zWo2XC12o8HINgUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDhFkedq_NdTkdFG6D2uG0-wMAAAAACAAAAAASAAjivyUAYnAnT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ4RAzC5LlaADiBTkFmEEAAAAQPHYxPDIJJ2gYlHl__-_3wrAFQCAgMRsmQu-LLqDEm9hAAAAAMQIwZcQjdzxoI9ZoIfF7zc77Bq_22X-_________838n_lHI4RU-JEmSAFXSs0vIADAml9AAAA24wYA4E0AnJCDgabT4XPd63W_3133MJsddo3frjT7RScAVkchdsPZYjdbLCazAwAAAHDn____H48QfAnRyB0Puh6QsMx8C49t4htNJi7fZrTxzEweh8k2MTmMG4tn5j1sy9Rb6wd5LX0ykO92GR4-l0FFN5ldns9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVisBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHcxuTyDJaztWriWa1Fy5FzrdxsLGvNZDjyLRazyWSzcoteH9PF4_G4hqstEgwI2YvkaZFOJMPRaOXwWGYrw8Zk8Q1GM8fCZZk5JsPFxGaxbCZiieZkkU5kl33DMvMtPLaJbzSZuHyb0cYzM3kcJtvE5DBuLJ6Zv7cxuTyD5WytmnhWa9Fy5FwrNxvLWjMZjnyLxWwy2azcotfHdPF4PK7hat-YLRer2WwwXO0bs-ViNZsNhqt9h8n0TH3ORtct4_gIDdPzzTa5OQ0Kl8Hi_UlMi2l3dhCdfEenzOFRFnRGv9_v9_v9fr_f7zdoPQezQeH7TGsb1XHZMmebv8fBoIglgot0onuYzQ6n2a17mM0Oi1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j9yiM1wrlgu55rhXLEZrRIAAAAAAAAAgCWYZroJAAAAgJNBDSebzWqdDmayGq4Wq-UCuICZ1PWDC3K9GhttsyslUIlvuw5bolhjjzXcw2x2OM1u3cNsdlgZwIXLN7PNPiOItVotawAAAALYAAAAArjpxpsAsiju____fxwAAAAZOfQAAADo9wFVaYcfuVLs8SuIxXIw2D8AFWKtVqvbjbVarYAEsVtMJhCAwGYE!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 589A1785A597A6E3371B2FFE938ADD38
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=VgWnuyLDF0&t=1&renderingType=2&ev=01_250
Frame ID: 0CF8624925A0BD42AB8811ED76680BAD
Requests: 18 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=NmYvsLjIs8&t=1&renderingType=2&ev=01_250
Frame ID: E662A008B12A4997B73331DD6F60D3FE
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 51B9E92C1E724243C2A58758D64A7D63
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 43EF49C88443A0CD5A7E383D9D8D707A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1EEA4D0E3698E8A5A11A7BB07800CBA6
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 3BC740AF455A68B3686DDBAAB61C9911
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Vloq3LDagqi2kuRGSt5vD8DbQH2ZGv6B4pAAPal6pxA.js
Frame ID: D32A33AEA7D63AD495FDD6E11D257813
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Vloq3LDagqi2kuRGSt5vD8DbQH2ZGv6B4pAAPal6pxA.js
Frame ID: BB96688F2C80C4F76FB5036701C7C31B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 13FFC661C6FCFC777D3E36E9DB12AF51
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Vloq3LDagqi2kuRGSt5vD8DbQH2ZGv6B4pAAPal6pxA.js
Frame ID: 6470BE47264D7D2E1AB3D5CB29EDA643
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il
Frame ID: D7168D47EA06A7D14C8C999FA2903AD0
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: D5E3214C8933BD94600EF443CBE8213A
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Frame ID: 4E5CEF699D11E5EEB10D95574E739E43
Requests: 23 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 09DCE24DBE3EEEF05D4912FCB9C35A53
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 825EFEFF219ED79A7253B0B51C2FB038
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 697D36562821B843C4A8438854E654F1
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1691566085403
Frame ID: B0E9C9DD037F38CBA6739DC1654A5B54
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cR0USG9OKr6ykwaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Frame ID: 8AF16CB509BD0B018CDAD889A4C0607E
Requests: 1 HTTP requests in this frame

Frame: https://pixelgroup-d.openx.net/w/1.0/pd
Frame ID: 430432179E33E259035DB31BAA15D672
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 609E2465D75162B61E0B0E6836A2277D
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: BC37D4BE99796604964DBE9277DF295B
Requests: 10 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5792769539606674633
Frame ID: 0A3C252FEE408BA51BB15A24EAF2D998
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 7EAED58077077F51C941019959551ED1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084926585163841
Frame ID: E3128AF17825F0F19DEBABD5FC548726
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: E5A35BDF1FF8BA158FD71A1821AA364B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vZW8D7-R6AWmkewFvcL1Wr3AvASmkesNvMMd4MvG
Frame ID: C2546F7AC5B801A7AF1C6B4CB5C8956D
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 8DB4C72000034553AE748E3FF533CF28
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 363B83E29A7EDBAADA5BF3A0D8D4F5BC
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: D66D8F3780DF6E32566AE96DBA49EB94
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: A4483A70EA219DB017CA47CAA6325A5A
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: D0D361F13486454B9C09FD703D8531E7
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/1649396646492352210
Frame ID: 68EA3F74644F3501901068E64CEACDDE
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: D66AB7C29CF0C7795DF850ACE5625EB2
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: EB79A45FA89C88E6A3EF9A98B2C374FB
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Q7lx6qAiMw6j4qBx2Xih?pi=smilewanted&tc=1
Frame ID: 54EA72435286B058E582CD2E9CDC2F22
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=b4785f0a318a2f87fdcd33386918e497
Frame ID: 6C58A12F1B41F27E7D15AF2266D7BCDA
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 3D3AB31E619303D80F8A7B4CB461EE4C
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE&gdpr=0&gdpr_consent=
Frame ID: 41184039CB06C2549526DFEC588B3398
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5875553252916743791&gdpr=0&gdpr_consent=
Frame ID: 698534C4C6FB599CCD6BE8ED9D53BF86
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7265221022709905559&gdpr=0&gdpr_consent=
Frame ID: F20CAB1A9A0B8CB5199EE5C8E5764E96
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jS6Ntnd-WchyfuQom6dWgorHJoY&gdpr=0&gdpr_consent=
Frame ID: D6F88CD472E9B754343DD89F5C9E0E56
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZNNADAAD91w4kwBV
Frame ID: 58F42F0EDA850783508A64C505B43570
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

וואלה! חדשות. ספורט. סלבס. אוכל - עדכונים ודיווחים שוטפים

Page URL History Show full URLs

  1. http://walla.co.il/ HTTP 301
    https://walla.co.il/ HTTP 301
    https://www.walla.co.il/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

653
Requests

91 %
HTTPS

31 %
IPv6

100
Domains

181
Subdomains

140
IPs

14
Countries

17031 kB
Transfer

32682 kB
Size

129
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://walla.co.il/ HTTP 301
    https://walla.co.il/ HTTP 301
    https://www.walla.co.il/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 113
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/777956447/?random=224442375&cv=11&fst=1691566084044&bg=ffffff&guid=ON&async=1&gtm=45He3870&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=1800141639.1691566084&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=BEDTZP3RBdSN7_UPwJimuAw&sscte=1&crd=&eitems=ChAI8PLMpgYQ4JvBhuLnmdEVEh0A6irxivZkPTeRdqneC92-O7SPegd0NfMhP7lMeg&pscrd=Ek9DaEVJOFBMTXBnWVFsZVhJajQySzNzbmJBUkltQUZWWm5HdDJPbXgyZnE1bkdOeUN2ekE1eGVDN1lDQXFrX1FtblpzMVJhcFVIT2FFVEVRGlhDaEFJOFBMTXBnWVFtSUtoN2VMS2o2b1pFaTRBUmg1MWQwMkJHQy1qR0hOSloyZUJWS3FNVUs4cjJIS3NGbGFxX2NDZWx2aFNKMHV1dW9aM1Z5RjBFZ2xsIhMI_eO53IbPgAMV1Ma7CB1AjAnH HTTP 302
  • https://www.google.com/pagead/1p-conversion/777956447/?random=224442375&cv=11&fst=1691566084044&bg=ffffff&guid=ON&async=1&gtm=45He3870&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=1800141639.1691566084&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOFBMTXBnWVFsZVhJajQySzNzbmJBUkltQUZWWm5HdDJPbXgyZnE1bkdOeUN2ekE1eGVDN1lDQXFrX1FtblpzMVJhcFVIT2FFVEVRGlhDaEFJOFBMTXBnWVFtSUtoN2VMS2o2b1pFaTRBUmg1MWQwMkJHQy1qR0hOSloyZUJWS3FNVUs4cjJIS3NGbGFxX2NDZWx2aFNKMHV1dW9aM1Z5RjBFZ2xsIhMI_eO53IbPgAMV1Ma7CB1AjAnH&is_vtc=1&ocp_id=BEDTZP3RBdSN7_UPwJimuAw&cid=CAQSKQBpAlJWUTSXMkEj68vHvceY5H8rWZm5qkKa31aAfR0Z81IZRBWH5h7f&eitems=ChAI8PLMpgYQ4JvBhuLnmdEVEh0A6irxiijEkUMZGGVv_oRbxa7dEonoSgTDzPVqUA&random=1230691344 HTTP 302
  • https://www.google.de/pagead/1p-conversion/777956447/?random=224442375&cv=11&fst=1691566084044&bg=ffffff&guid=ON&async=1&gtm=45He3870&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=1800141639.1691566084&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOFBMTXBnWVFsZVhJajQySzNzbmJBUkltQUZWWm5HdDJPbXgyZnE1bkdOeUN2ekE1eGVDN1lDQXFrX1FtblpzMVJhcFVIT2FFVEVRGlhDaEFJOFBMTXBnWVFtSUtoN2VMS2o2b1pFaTRBUmg1MWQwMkJHQy1qR0hOSloyZUJWS3FNVUs4cjJIS3NGbGFxX2NDZWx2aFNKMHV1dW9aM1Z5RjBFZ2xsIhMI_eO53IbPgAMV1Ma7CB1AjAnH&is_vtc=1&ocp_id=BEDTZP3RBdSN7_UPwJimuAw&cid=CAQSKQBpAlJWUTSXMkEj68vHvceY5H8rWZm5qkKa31aAfR0Z81IZRBWH5h7f&eitems=ChAI8PLMpgYQ4JvBhuLnmdEVEh0A6irxiijEkUMZGGVv_oRbxa7dEonoSgTDzPVqUA&random=1230691344&ipr=y
Request Chain 193
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.walla.co.il%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.walla.co.il%2F&rid=esp&cc=1
Request Chain 201
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=O-viLXxwcEdzMlZwMFhrZ0E5Q1NOY2VEZGZiM2JIcGI5RWZ5UkZKMC9ZcTBCZmVCWFBVRi9VMzVtaDQwcHE0RVMwZGxvQXBQeG8zUHVUMitmZEo2VFFUYWZhY2k3d2ZKK3U5bDJMeVNscGIxODE4VEM0dWpNRzBaNFVGL3cxdERRcFZNWUpWUHo1ZFVNVGZJVXVIZ0FOR0xJbTlnVW1rT2szNFlKUFRlYlEzZUJSRGxGOEZXSkdGcUtwYjcxbUd0Ry9NKzBMdEhXdlpLSVdwRmhoSmNvaWJNanAyN25KeXlGSnkvamVHeXpYbXltMC9LNnJERm10NXJiVTdmekNiM2NPNkVBK01GeDArdDcwd1dIZkJYQnFCOUhzZz09fA&cppv=2
Request Chain 212
  • https://cdn-uw2-prod.tsv2.amagi.tv/linear/amg01742-walla-wallanews-ono/playlist.m3u8 HTTP 302
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
Request Chain 262
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
Request Chain 263
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1691566086574 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=760331375 HTTP 302
  • https://sync.1rx.io/usersync/turn/2802653728290887916?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9672974b-8871-4a5e-8a78-70b8c34afcee-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-9672974b-8871-4a5e-8a78-70b8c34afcee-003 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-9672974b-8871-4a5e-8a78-70b8c34afcee-003
Request Chain 272
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=1152876241744598739 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/aa603f5a-4def-52dd-9aa0-c7c7fe7387c1
Request Chain 297
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIK0iZcJpFSxS1AudLFQMwU&google_cver=1
Request Chain 298
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNNABvwbBrOvRaj2tMD0sAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIK0iZcJpFSxS1AudLFQMwU&google_cver=1
Request Chain 299
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPYdog5eiqyUBDRyrCUBGfg&google_cver=1
Request Chain 300
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg3NTU1MzI1MjkxNjc0Mzc5MQ%3D%3D
Request Chain 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIK0iZcJpFSxS1AudLFQMwU&google_cver=1
Request Chain 303
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNNABvwbBrOvRaj2tMD0sAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIK0iZcJpFSxS1AudLFQMwU&google_cver=1
Request Chain 304
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPYdog5eiqyUBDRyrCUBGfg&google_cver=1
Request Chain 305
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg3NTU1MzI1MjkxNjc0Mzc5MQ%3D%3D
Request Chain 306
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIljk2HCmQ2GmjzXrG86z2Q&google_cver=1
Request Chain 308
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEPUPjasS_ui8JJhmKPfqiIY&google_cver=1
Request Chain 310
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/a0654d8a11f89ccd35e6553e424e1f3?gdpr_consent=&gdpr=0
Request Chain 404
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-zsOwwNkV1tCCiEZ7uK5zfD_wv9EzZt7bAmLM1w&google_cm&google_hm=ay16c093d05rVjF0Q0NpRVo3dUs1emZEX3d2OUV6WnQ3YkFtTE0xdw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-zsOwwNkV1tCCiEZ7uK5zfD_wv9EzZt7bAmLM1w&google_gid=CAESELjfwB8RcZh5O9krBsKvtuA&google_cver=1&google_ula=913071,0
Request Chain 406
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5875553252916743791
Request Chain 419
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=MhGxaN1UvH59fRAtZCW1bxa3vCwDhA91 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=MhGxaN1UvH59fRAtZCW1bxa3vCwDhA91
Request Chain 421
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-2sfVrdkV1tCCiEZ7uK5zfD_wv9HEwpcJ-kQq4w HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-2sfVrdkV1tCCiEZ7uK5zfD_wv9HEwpcJ-kQq4w
Request Chain 435
  • https://gcdn.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/4B69049688E4003122C135632A4CB3D76DE76066.51C337EF27BC065E67B4EB8743C183ED76ACD1A3/key/ck2/file/file.mp4?cpn=V5z37LLPjtgOL750 HTTP 302
  • https://r3---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/65CEA4F7D70766F852FBFD62D14C22A5CBAB8188.6EF0567C780B2BCC9FD639B98F2446E56E08A147/key/cms1/cms_redirect/yes/mh/FW/mip/2a02:6ea0:c71b:0:1011:ad12:274e:57bd/mm/42/mn/sn-4g5e6nzl/ms/onc/mt/1691565906/mv/m/mvi/3/pl/48?cpn=V5z37LLPjtgOL750&file=file.mp4
Request Chain 438
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP5EsvBODQak9yvIepZG3I8&google_cver=1&google_push=AXcoOmSUzFMUd9r1xjIPb5hXt4o6ChKXG26by46QTba7srv5vZwvUFf6z13HY_8GtH8YhDuWJCkveaZZgkQEGX2TR_yV0TtZJ5fHdw HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP5EsvBODQak9yvIepZG3I8&google_cver=1&google_push=AXcoOmSUzFMUd9r1xjIPb5hXt4o6ChKXG26by46QTba7srv5vZwvUFf6z13HY_8GtH8YhDuWJCkveaZZgkQEGX2TR_yV0TtZJ5fHdw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bUcxenREMVYxUXREQlo1&google_gid=CAESEP5EsvBODQak9yvIepZG3I8&google_cver=1&google_push=AXcoOmSUzFMUd9r1xjIPb5hXt4o6ChKXG26by46QTba7srv5vZwvUFf6z13HY_8GtH8YhDuWJCkveaZZgkQEGX2TR_yV0TtZJ5fHdw
Request Chain 439
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEERXaKjozI_IGBKCEH59-Xc&google_cver=1&google_push=AXcoOmSCfC2vfqvNzNEwXJTRbkJmgbL_D_s-69YwWV_SjY5pBXS1WA9-u__u8CP4NVyfnCftG8Gjk4nCQw8Bb6D6_w55O7dnxicucw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2NTIyMTAyMjcwNzY3NzMzNQ%3D%3D&google_push=AXcoOmSCfC2vfqvNzNEwXJTRbkJmgbL_D_s-69YwWV_SjY5pBXS1WA9-u__u8CP4NVyfnCftG8Gjk4nCQw8Bb6D6_w55O7dnxicucw
Request Chain 441
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIqWHMHrz8NPQ8TmFHcrt_g&google_cver=1&google_push=AXcoOmT3cKnaT9NkindjYxIj-w--me_q5P4ajXoj-yGtMdSi6OMTTsWomrxz8sCWu7n6de5Co4nkgPdwns6SaQwwc3Wd52aGqsTa HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIqWHMHrz8NPQ8TmFHcrt_g&google_cver=1&google_push=AXcoOmT3cKnaT9NkindjYxIj-w--me_q5P4ajXoj-yGtMdSi6OMTTsWomrxz8sCWu7n6de5Co4nkgPdwns6SaQwwc3Wd52aGqsTa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM0MzM2Mzc3NTU1MzYyODYwOA&google_push=AXcoOmT3cKnaT9NkindjYxIj-w--me_q5P4ajXoj-yGtMdSi6OMTTsWomrxz8sCWu7n6de5Co4nkgPdwns6SaQwwc3Wd52aGqsTa
Request Chain 451
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP5EsvBODQak9yvIepZG3I8&google_cver=1&google_push=AXcoOmStdJCQp4BqVdKBVtA89W_rB0UmvPqfYdoby95bkq_5f_Toj0ihjjCVpeJyUfRfGM_0PgkHfQFgKxypFFzNvdwiIA_Heg HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP5EsvBODQak9yvIepZG3I8&google_cver=1&google_push=AXcoOmStdJCQp4BqVdKBVtA89W_rB0UmvPqfYdoby95bkq_5f_Toj0ihjjCVpeJyUfRfGM_0PgkHfQFgKxypFFzNvdwiIA_Heg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bUcxenREMVYxUXREQlo1&google_gid=CAESEP5EsvBODQak9yvIepZG3I8&google_cver=1&google_push=AXcoOmStdJCQp4BqVdKBVtA89W_rB0UmvPqfYdoby95bkq_5f_Toj0ihjjCVpeJyUfRfGM_0PgkHfQFgKxypFFzNvdwiIA_Heg
Request Chain 452
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEERXaKjozI_IGBKCEH59-Xc&google_cver=1&google_push=AXcoOmREJ6w1RbbJe09hIrjtjKcn-beZpgqdd34jPSK40-PdzKAzOpYojCE7tmmC-JBQaRoN4Eojpr-nODIIquP0ZV7x7qxf-Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2NTIyMTAyMjcwODM5ODIzMQ%3D%3D&google_push=AXcoOmREJ6w1RbbJe09hIrjtjKcn-beZpgqdd34jPSK40-PdzKAzOpYojCE7tmmC-JBQaRoN4Eojpr-nODIIquP0ZV7x7qxf-Q
Request Chain 454
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIqWHMHrz8NPQ8TmFHcrt_g&google_cver=1&google_push=AXcoOmSP3ebCfpd24Pry9cPyYzoDuqPovPSTtq_ZViHNOvq4iNC-PeouteT5_06mxG9lvLnwvpRr0AiD2JvmIXr9InF_V-q1 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIqWHMHrz8NPQ8TmFHcrt_g&google_cver=1&google_push=AXcoOmSP3ebCfpd24Pry9cPyYzoDuqPovPSTtq_ZViHNOvq4iNC-PeouteT5_06mxG9lvLnwvpRr0AiD2JvmIXr9InF_V-q1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY0OTM5NjY0NjQ5MjM1MjIxMA&google_push=AXcoOmSP3ebCfpd24Pry9cPyYzoDuqPovPSTtq_ZViHNOvq4iNC-PeouteT5_06mxG9lvLnwvpRr0AiD2JvmIXr9InF_V-q1
Request Chain 456
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP5EsvBODQak9yvIepZG3I8&google_cver=1&google_push=AXcoOmTKgZi3BsUS2r5bGPk2mVlFI0Gj957W6aQIntLPNtq1oP98oZmnSAMWrmO_eyu6ilXH5LWXbqi8yfF4JHvsU7wvQm0KF0k HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP5EsvBODQak9yvIepZG3I8&google_cver=1&google_push=AXcoOmTKgZi3BsUS2r5bGPk2mVlFI0Gj957W6aQIntLPNtq1oP98oZmnSAMWrmO_eyu6ilXH5LWXbqi8yfF4JHvsU7wvQm0KF0k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bUcxenREMVYxUXREQlo1&google_gid=CAESEP5EsvBODQak9yvIepZG3I8&google_cver=1&google_push=AXcoOmTKgZi3BsUS2r5bGPk2mVlFI0Gj957W6aQIntLPNtq1oP98oZmnSAMWrmO_eyu6ilXH5LWXbqi8yfF4JHvsU7wvQm0KF0k
Request Chain 457
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEERXaKjozI_IGBKCEH59-Xc&google_cver=1&google_push=AXcoOmR0RtlXQ1I4_K8P9SsW1m0CyyFcq8ICj5rm8GpONeSyhLd4GBbXqHrpPCGr_8ONHCTSd8dCPswkWk9hwYZ6hgjr8FmcViV2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2NTIyMTAyMjcwOTkwNTU1OQ%3D%3D&google_push=AXcoOmR0RtlXQ1I4_K8P9SsW1m0CyyFcq8ICj5rm8GpONeSyhLd4GBbXqHrpPCGr_8ONHCTSd8dCPswkWk9hwYZ6hgjr8FmcViV2
Request Chain 459
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIqWHMHrz8NPQ8TmFHcrt_g&google_cver=1&google_push=AXcoOmT3AXOVqZLIDjQquiJDMHIJgeabvjSCjH54klGwrThURYFj-1hTKcjjM9eKZWEA65CNgUZJq82Z1Ece_W4wejPYUWXL0POa HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIqWHMHrz8NPQ8TmFHcrt_g&google_cver=1&google_push=AXcoOmT3AXOVqZLIDjQquiJDMHIJgeabvjSCjH54klGwrThURYFj-1hTKcjjM9eKZWEA65CNgUZJq82Z1Ece_W4wejPYUWXL0POa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTcyNTYzNzc5NzMyMzYwMzQ3NA&google_push=AXcoOmT3AXOVqZLIDjQquiJDMHIJgeabvjSCjH54klGwrThURYFj-1hTKcjjM9eKZWEA65CNgUZJq82Z1Ece_W4wejPYUWXL0POa
Request Chain 499
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=dGC5NEXMZbQqaT_0EIB_de0CG1fe9VnN
Request Chain 527
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=UJs6x9ABsGikmdKP3jTO48WFMUEEwK86
Request Chain 570
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=3&topUrl=www.walla.co.il&bundle=EHV1C196aFdHN1pCM0JLZVA4RmpSWkZPTyUyRmt1OUNQSXYzY2poQzVKNTBpMXhMWm9xaVJ6azZIb2xZRnlKVjlSN3RqZSUyRkUlMkYlMkZ5VUJHdmF0OFpWRm5FNElORDZjSDV1RXcxRFpxM2g4Z1ZGMlFGWE1yT0tYYVJaWTNZR1ZWcHBZOUdnUCUyQnJlUjI5em9VN1pZNzhxN1N4VG9zZkN3JTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=a43JoXw4VGIrc1IxNFZJV01iL3NOcHorU01wQWFndTg2M2JHRWxXd0FBVEx3VnhaT2tKdjNsaFQxc2JCNnFOT3drQjY1ZFlQR1ZWUkpmcE5ndHRacWxXM0VnMWZoUURXaG1EdzVPZVREUEllb3RUZEhSTWJGODRiWEdmRzc4M3ZOQXp4endXNGcwTWh0THFuaW5penV2S2hVamlFYzBIQmdFTkxURjg5bVpzUmZLbE1SR3M0MWJrZklVb1ZsOEh4RUNZaWRWY1U5UlpWUjlXbmQ3amdJWXV0Wld4UFdJbVJtL3lMazhDMkxPVkVYM1dKQ3krb2FLU3JuYXZoVGRNdk1qUzhscTYvRE55Rjh4OUVIWDNFMzFUeldYNGtCL0VsUXRrajVjZjZxK3pUNVZJMD18&cppv=2
Request Chain 572
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEMdX-Zri5d7a1TdawItOe5E&google_cver=1
Request Chain 573
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/dUNf1lWSe_0322YF5X1iAsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-L0.IvhVE2oIefWQgCHURJDgYdz5LGuZXK1of4g--~A
Request Chain 574
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Request Chain 575
  • https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL3ERSSV-1F-L594&gdpr=1&us_privacy=1---
Request Chain 577
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEwzRVJTU1YtMUYtTDU5NA==&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=1&google_gid=CAESEIRoyAZnjFYykFeg92ZLgvo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEwzRVJTU1YtMUYtTDU5NA==&google_push=&gdpr=1
Request Chain 578
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1--- HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Request Chain 579
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTZjNmZhMGFkYjIwNmY3Y2ZlOWY4NzQwZDljYTY2N2FhMjQ1ZGUxMQ&gdpr=1&us_privacy=1---
Request Chain 587
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5792769539606674633
Request Chain 588
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 589
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084926585163841
Request Chain 590
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 591
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vZW8D7-R6AWmkewFvcL1Wr3AvASmkesNvMMd4MvG
Request Chain 592
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yuDYw_R6QqKlhaovi1Rsvg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 594
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2946679493 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE
Request Chain 595
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NjIwNEkwRnFQczBUckdxMDd6eEVodE8wQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=1649396646492352210&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 596
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0FFMEQ4QzMtRjQ3QS00MkEyLUE1ODUtQUEyRjhCNTQ2Q0JF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 597
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA2bjIsMgamOnC36pgDBYMs&google_cver=1
Request Chain 599
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1649396646492352210
Request Chain 601
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZNNABvwbBrOvRaj2tMD0sAAADT8AAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZNNABvwbBrOvRaj2tMD0sAAADT8AAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 602
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZNNABvwbBrOvRaj2tMD0sAAADT8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELGmo2eXoo3xKGOqhBOZqNY&google_cver=1
Request Chain 604
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5875553252916743791
Request Chain 605
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 606
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1707463689&external_user_id=7c7a06e4-f58f-43fe-9fa8-29a1ccccc241
Request Chain 607
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5875553252916743791
Request Chain 608
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2802653728290887916
Request Chain 616
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 619
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/1649396646492352210
Request Chain 622
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Q7lx6qAiMw6j4qBx2Xih?pi=smilewanted&tc=1
Request Chain 623
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=b4785f0a318a2f87fdcd33386918e497
Request Chain 624
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 629
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5875553252916743791&gdpr=0&gdpr_consent=
Request Chain 630
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7265221022709905559&gdpr=0&gdpr_consent=
Request Chain 631
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jS6Ntnd-WchyfuQom6dWgorHJoY&gdpr=0&gdpr_consent=
Request Chain 632
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZNNADAAD91w4kwBV
Request Chain 634
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 635
  • https://pixel.onaudience.com/?partner=214&mapped=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 638
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ea9383fb-877e-43ac-b21a-1f1b4b4534b1&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 639
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2802653728290887916&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 641
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:83be4911-5267-49dd-879b-68628f7c74a5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

653 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.walla.co.il/
Redirect Chain
  • http://walla.co.il/
  • https://walla.co.il/
  • https://www.walla.co.il/
587 KB
266 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
39ae1b9382a25828a604dd464d0ac83618f92debc938501ffc77a36af2d60a57

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=30
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 09 Aug 2023 07:28:03 GMT
etag
W/"92c33-oiqhswqTUf8uG9ePg5OGNVIqP/M"
server
openresty/1.15.8.1
vary
Accept-Encoding
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-id
2844A8khUBEN3keBJQFrjSlvj9rTLO4XD8vmTY8zHspxcywkdKxOwQ==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-cached
HIT

Redirect headers

age
811
content-length
0
date
Wed, 09 Aug 2023 07:14:33 GMT
location
https://www.walla.co.il/
server
AmazonS3
via
1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
x-amz-cf-id
8bg4kXY5lGUHtvTVwPBbZtGgb_pjsFfirLIOHxXR2Lk8R09ecj_UQg==
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		84 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0e0089a884fddaa32eba32c25a37e4a013ca0627bdae312fa5dc6448ffa4fab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28504
x-xss-protection
0
server
cafe
etag
749 / 19578 / m202308030101 / config-hash: 11967403657897501401
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 07:28:03 GMT
js
www.googletagmanager.com/gtag/ 		197 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11170679829
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
168edf0838d701121364b17edd02bdf7b6fc38b4fc32320ea0239a8c56e31089
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71955
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 09 Aug 2023 07:28:03 GMT
dmp-provider.js
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/ 		208 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-94.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
0d89a6cbc5121b01d9c85d8a2b8616e9be66606aea1c0736d03d8f0ed78d82f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 12:30:37 GMT
content-encoding
br
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA60-P4
age
68246
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
7EjvjX9ulK0evhy-KgBURw1ytVoWPIgpN_B4k2W89F6FJzLJWXwM5w==
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ae00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 06:55:12 GMT
content-encoding
gzip
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 00:37:14 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
1971
etag
W/"649b80ba-5df1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
Htc8-msJuP_S_x-AHAWbJqDSGdgfK_ma_BjY7drkNsS3vque6pF1hQ==
expires
Wed, 09 Aug 2023 08:55:12 GMT
new-logo-mobile.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
966 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/new-logo-mobile.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a1cb876b8d4ac161aa3960063801ce2a3e1f893863524b9132de74867fe9d16b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:38 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"473-189d48c64f0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
pkc2e7CcMwAPGcJbpQthDeDyNRYOetohqOK9GMo40EBQsvHC0F3IgQ==
x-cached
MISS
icon-weather-mobile.svg
www.walla.co.il/public/assets/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-weather-mobile.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:39 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"7ee-189d48c68d8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
qS9-kUxknfbj1heysNUPtalqhvyF0rOhkAG3bYrBLjm56LJA5POfjg==
x-cached
HIT
icon-mail-no-bg.svg
www.walla.co.il/public/assets/homepage2/ 		464 B
823 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-mail-no-bg.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:38 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"1d0-189d48c64f0"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
464
x-cached
MISS
x-amz-cf-id
B7xxrxxvqf2xQi8FRNhe3Hn_GdCgO1tYz1VFFblIN3V13hDSZJcAxA==
new-logo.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/new-logo.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:38 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"492-189d48c64f0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
EFTrYHWTHSEsRiS7zV5f7HJ17lxcZ0h0QnTbM-vcvmI7rLjXTfZcsg==
x-cached
MISS
allay-icon.svg
www.walla.co.il/public/assets/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/allay-icon.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:39 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"c00-189d48c68d8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
eaGJfx6iNYknJv0qhT2fj8bhVtaf2mYxTHJ-f2hZB1Qd5yr13sLjfQ==
x-cached
HIT
tiktok.svg
www.walla.co.il/public/assets/navigation/ 		628 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/navigation/tiktok.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
40083197f6c3fad2ef5d99095c72f3a60072e92bdfcd920dd91299f3679027b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:38 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"274-189d48c64f0"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
628
x-cached
MISS
x-amz-cf-id
IhKmWtLad4-L3zHlNc7D5PHEhO0zWfVouum-Uy4Wtjdi0k0s2kHiHg==
insta.svg
www.walla.co.il/public/assets/navigation/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/navigation/insta.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
23e2409494818d5a7bbcf232f0818db8599da2d9c3c1856572f95ffc7b4b1d2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:38 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"79e-189d48c64f0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
5cV__gfL3fSzbzSHHFMyMF_eNmBbvZVS000D3kcZoftZWrkOFYA_TA==
x-cached
HIT
twitter.svg
www.walla.co.il/public/assets/navigation/ 		1004 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/navigation/twitter.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
d685d349bc446d06cf68755fd4dbd95bb51f8913ad08cea281e371aa1fc284eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:38 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"3ec-189d48c64f0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
hsKw8C72e7_SM82Ngp2RvWJZj2BPWQOaTFjS_ufiJOvfjQfJaWvNQg==
x-cached
MISS
facebook.svg
www.walla.co.il/public/assets/navigation/ 		471 B
830 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/navigation/facebook.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5d2840fc0bf868ec7e60c9e2f14a0f623b865ee0a7f8459fbfb25881709f7838

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:38 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"1d7-189d48c64f0"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
471
x-cached
MISS
x-amz-cf-id
v-LsfRRqUHcOTHWIAiFolD7QIIHC_oDrdRZvVvy11aBspidJc7GdEg==
3583013-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/3/5/8/3/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/3/5/8/3/3583013-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
80f819a041ff7f6406c6eb6831eeddf78f31708b106e819bcc9618ad0e5251f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 06:19:55 GMT
via
1.1 google
age
4088
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70480
invalid-name2.svg
www.walla.co.il/public/assets/shivuki/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/shivuki/invalid-name2.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:38 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"834-189d48c64f0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
iCJANrHGHhYC97TQIc8weORkcpxuPKcBlROWgMZDdJxzHb7tKWi_bw==
x-cached
HIT
3579142-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/7/9/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/7/9/3579142-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
ddb1ee78b17d7ca125eb601b5e5ba5a48e58521b2273c2ff78a684cab74c4e10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 22:32:36 GMT
via
1.1 google
age
32127
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10872
3562598-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/6/2/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/6/2/3562598-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
04af9b5f5e7d4140b6b8e4610c0f93714093f9f7bfe6df57766f70a4caf8c80d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 10:31:51 GMT
via
1.1 google
age
75372
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30042
3579021-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/7/9/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/7/9/3579021-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
371d0217263a461238e913e66a65f25fad046af5cec08ed2e43d0c43ac5a944a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 20:52:35 GMT
via
1.1 google
age
38128
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7902
logo_walla+.png
www.walla.co.il/public/assets/homepage2/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/logo_walla+.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
301bf90c72cd880946376981a30c087ebfdb02bf1a96780e311b7c48a0ed03a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:38 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"26ba-189d48c64f0"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
9914
x-cached
MISS
x-amz-cf-id
LWINrXYmeRQrKkPhWQ7Vg-R4AoMozQOsmg4nq2vL6OWk_cH89RneFQ==
3458709-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/5/8/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/5/8/3458709-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
15263253d6161fbb8f7b1f205f6679608cb803efbd20659c4031f7f72c061410

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 22:05:45 GMT
via
1.1 google
age
33738
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10832
3582162-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/8/2/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/8/2/3582162-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
4de9be729dd6a4db5f4e886c0e04721b69d609428ad382ccf8ddcad86b80b98a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 06:34:11 GMT
via
1.1 google
age
3232
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12050
3578676-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/7/8/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/7/8/3578676-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
c79acdc1107dbddcc434e8d680a1dfa4df5f7d8a009927de5a38963821e426cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 21:51:58 GMT
via
1.1 google
age
34565
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6800
wallacoil-prod.js
cdn.valuad.cloud/hb/ 		999 KB
273 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
a61ad3eed56758f2e8f0d052c402fa74459dc686adf3334bc0bff18d167211e1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Mon, 07 Aug 2023 13:36:19 GMT
x-amz-request-id
tx000000000000009e1b713-0064d27731-3b030715-fra1a
etag
"52d6601931b22d1f993e4db7ae28b8d5"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1691566083.dop154.fr8.t,1691566083.cds254.fr8.hn,1691566083.cds288.fr8.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
278910
loader.js
cdn.taboola.com/libtrc/wallail-walla/ 		798 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bee88049b26e1a4963cf62a86ef6e35311aae31791e179089f782923923b5cb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
KKdfgOf.nd0lv8AJcloZX.wcpdS8jaBZ
content-encoding
gzip
via
1.1 varnish
date
Wed, 09 Aug 2023 07:28:03 GMT
x-amz-request-id
F167HB1MA1E0GC8M
age
9
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
64661
x-amz-id-2
qjmmZpDm0ehaXIdaJ2Y0p38c0dDR2YZ7qEr8X9Wv5o01mBWYeW/hQLPsGGz9rC0arEyKlVqNKw8=
x-served-by
cache-fra-eddf8230031-FRA
last-modified
Tue, 08 Aug 2023 18:54:20 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1691566084.761699,VS0,VE3
etag
"6795952e7c47bdb80664d7207a91a8b6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
45
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F346) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 07:28:03 GMT
Content-Encoding
gzip
Age
898
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (via/F346)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
gtm.js
www.googletagmanager.com/ 		473 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a641d3f105feb870d43e0f7b444ac2eb9e7a69416311c7b7ffcbee708e6b2668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105292
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 09 Aug 2023 07:28:03 GMT
gtm.js
www.googletagmanager.com/ 		468 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a0364e3f82a9d2ef34febfa8ad48e25f0ad46c9bf955705a58e71a38b62728a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82648
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 09 Aug 2023 07:28:03 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 09 Aug 2023 05:44:23 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6220
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 09 Aug 2023 07:44:23 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ae00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:20:39 GMT
content-encoding
gzip
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 00:45:38 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
444
etag
W/"64d2e1b2-94a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
EaMPVNnKDCQPGVgCHLkqubv1SUjeDrL8HR2BU69iSnOYSJ3lw6pOig==
expires
Wed, 09 Aug 2023 09:20:39 GMT
google.gif
www.walla.co.il/public/assets/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/google.gif
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:39 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"5b6-189d48c68d8"
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1462
x-cached
HIT
x-amz-cf-id
xXb_UFCrQ8_5RtnQMTB63eRQoXXAR_NWHEQrHIZu-qZxa8_mEip9lA==
icon-serch.svg
www.walla.co.il/public/assets/homepage2/ 		743 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-serch.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:38 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"2e7-189d48c64f0"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
743
x-cached
HIT
x-amz-cf-id
FDlmZaOKkEjFxNSy3y8XuflqlpgPNLLNDhkjgT6flgyUCwQohwLdlw==
icon-5-g.svg
www.walla.co.il/public/assets/icons/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-5-g.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
9e3035b7f5b0074bf8401e498b2160a29e3f13741f03e537ad98e9a1836a701f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:39 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"b30-189d48c68d8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
d4XVc-HeTZaTv132YrBzQGpupogCAEHI_9q2cisPASInJm0X4TOVQg==
x-cached
HIT
icon-wather.svg
www.walla.co.il/public/assets/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-wather.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:39 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"85c-189d48c68d8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
DxNvYfnvlsUcZF2MKIqaLOnWwItBq9ibCVFJi98gv7DLUcfWaYgRSQ==
x-cached
HIT
icon-mail-empty.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-mail-empty.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:38 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"5f6-189d48c64f0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
860qWTcg6_iqW3qUqEXFsWeun6AZdU89QglkMEk4efCNeFyFv4I98w==
x-cached
HIT
video@2x.webp
www.walla.co.il/public/assets/icons/homepage3/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/homepage3/video@2x.webp
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
1c4dcf3b62662f4aa2a585956c0a77eb845c6bb99dbc5d71263f742286d79c18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:39 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"74c-189d48c68d8"
x-cache
Miss from cloudfront
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1868
x-cached
HIT
x-amz-cf-id
kIK_HuzhMey63XRBoWPu1Qt_xPfijP2SNWTwewUoPQlomnkyrmDevA==
almoni-neue-aaa-600.woff
www.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:38 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"e954-189d48c64f0"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59732
x-cached
HIT
x-amz-cf-id
S7BsdQYsW-otQOBpX0RsPonfkERrWd8df1G1sZR9Gswq63rnFSgr3Q==
almoni-neue-aaa-700.woff
www.walla.co.il/public/font/almoni/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-700.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:38 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"ea00-189d48c64f0"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59904
x-cached
HIT
x-amz-cf-id
D_5cu_SQd6pEYx7EV8RedIs4gUfvsShfJJ7szfo0oAnN_5KCsHdHvw==
almoni-neue-aaa-400.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-400.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:38 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"e770-189d48c64f0"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59248
x-cached
HIT
x-amz-cf-id
89lJBrDAfieNi8gkpaxVwBvOVVZ1OD0imWStBVgL02suFXgdCcwjEA==
almoni-neue-aaa-500.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:38 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"e7c0-189d48c64f0"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59328
x-cached
HIT
x-amz-cf-id
uxsz1q0cVAsmEEpu211Dr2HrSpWVobOHxPxRdTW6F0KEnd_KeppNsA==
wallaicons.woff
www.walla.co.il/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:38 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"3bdc-189d48c64f0"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15324
x-cached
HIT
x-amz-cf-id
2FNTkR5zyTibFl2KAidSmIg70CDDR9MhWgNhkKR_ouARAmuAqFz4Zg==
3933_bb5737f98d64ae161531_bb5737f98d64ae161531_walla.js
www.walla.co.il/public/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/3933_bb5737f98d64ae161531_bb5737f98d64ae161531_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
0502011de71862f9a147fa4b55e598afa9cce058839d593ae72f45c3aa0382b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:51:10 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"3077-189d48eb6b0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
Fcy9nBMk7hIOg6y604a9V2rbmdFViYj3AfToLFo3ZO4uQCUPIY7naw==
x-cached
HIT
2415_1964ea1482fc9bb00b2a_1964ea1482fc9bb00b2a_walla.js
www.walla.co.il/public/ 		310 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/2415_1964ea1482fc9bb00b2a_1964ea1482fc9bb00b2a_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
fba5c7d3750000b669c9c3bd2d7fa3bd1eb6a1dc564a9752c4116ad0f7562c1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:51:10 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"4d9e4-189d48eb6b0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
4Y9x2Cy7bkxZ0oSou0oCvp_Tp_athFjFTib-vWlHg2ubKjrZFqWkQw==
x-cached
MISS
main_1e4744910d59dae7d5e5_1e4744910d59dae7d5e5_walla.js
www.walla.co.il/public/ 		993 KB
220 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/main_1e4744910d59dae7d5e5_1e4744910d59dae7d5e5_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
dec38ad798114a73cb2b7759e21dfbf7880d34da66857d3510a3172239bee3bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:51:10 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"f84f1-189d48eb6b0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
wcuCtCc31gKJnluXBq0qZbkkzMUpw4Dki5uAH-IL15L3ftM6n44Uew==
x-cached
HIT
9561_a6cb45b79e6001ccc514_a6cb45b79e6001ccc514_walla.js
www.walla.co.il/public/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/9561_a6cb45b79e6001ccc514_a6cb45b79e6001ccc514_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
801d6ff0dd3191cc7e44d8060ed2336706e8301bf4478df935f1ef87a82c11de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:51:10 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"6b6b-189d48eb6b0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
xp4NnalnOVbUlhqdVKJA9xzfKg0P42wq0Wd0rm8BZdjlfbVCpzx1tg==
x-cached
MISS
homepage_63f4721d7ae5adac60b1_63f4721d7ae5adac60b1_walla.js
www.walla.co.il/public/ 		217 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/homepage_63f4721d7ae5adac60b1_63f4721d7ae5adac60b1_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e6d6defa67b3b89cb20b719ccc49bf489ab3fc19a0426620b55d513859c5acca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:51:10 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"362a2-189d48eb6b0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
6k_QRNwQ6zmibe_aI8ISgMQxHnKwoTfRFc7cHp60oKsyGio21UsJ_g==
x-cached
HIT
recorder.js
web-sdk.smartlook.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/recorder.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ef39d0d27b499b0fe070bd0961dbd9ca1aeb0ada339c62fe14dc65177d4c3f96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 09 Aug 2023 07:28:03 GMT
strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
398
x-accel-date
1691565685
x-77-nzt
AcO1ryc43iT/jgEAAA
x-accel-expires
@1691566285
last-modified
Wed, 02 Aug 2023 09:33:40 GMT
server
CDN77-Turbo
etag
W/"64ca22f4-10f6"
x-77-nzt-ray
25b0213154ff0c1f0340d364bea2bf32
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
PRE
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/PRE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-94.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
1800
age
68150
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Tue, 08 Aug 2023 12:32:13 GMT
server
nginx/1.20.0
vary
Origin
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
x-amz-cf-id
AKj-cgnDy3APSChIeKFsxOnCSXIWT-_ZAOeAMHH-yt_R3NOcoQKIGQ==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
POST
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/POST
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-94.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
1800
age
68150
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Tue, 08 Aug 2023 12:32:13 GMT
server
nginx/1.20.0
vary
Origin
via
1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
x-amz-cf-id
6bsctWvzT2IfdGi2vWVZz8RtfPd4wk839G4b9ETsoN0TsMYO4xprWA==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js
cdn.permutive.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2023-08-09
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
kahoona-idx-live.js
d2r08ja41ypc0t.cloudfront.net/WALLA/ 		52 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6600:4:1c73:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad9dc28caa0fca7a160f2f4c9907725629603a32a137934e5cdcc2652323f637

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
ij0H4Ovav57a0UP4tyuRnZhuK0a2LmIu
date
Tue, 08 Aug 2023 14:23:47 GMT
via
1.1 4ca98b546b8d71c72caf6a3d8f75dc24.cloudfront.net (CloudFront)
last-modified
Mon, 23 Jan 2023 15:24:02 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
age
61477
x-amz-server-side-encryption
AES256
etag
"ac76f968cf4a4fbbb4cd41cc0f5c401c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
52
x-amz-cf-id
s8lXoEC7JRDD2mLlH7gnQOIFWzGLZCOfrcX_7lkvDujlzKxL493TxA==
PRE
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ 		0
319 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/PRE
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-94.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/javascript

Response headers

date
Tue, 08 Aug 2023 12:31:06 GMT
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA60-P4
age
68217
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
FzIoM42UshheXumJF2_k93MT1yq2rxkJVHqEaDlg2ubBbFSu0keg8A==
POST
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ 		0
320 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/POST
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-94.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/javascript

Response headers

date
Tue, 08 Aug 2023 12:31:06 GMT
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA60-P4
age
68217
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
YBxYLzhjmYrfGPXg2pM_Sx60HpebvqWZpTIUNogc_au2mW7tWDsJPw==
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=walla.co.il&p=%2F&u=CO75uNxEMCiDBHM7D&d=walla.co.il&g=20047&g0=%D7%95%D7%95%D7%90%D7%9C%D7%94&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11392&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.walla.co.il%2F&b=472&t=CtzZmvCzM79qNqy7_E9cp1BwUCza&V=141&i=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&tz=0&sn=1&sv=8_g11nlwWlCovUCm-6_pQCOWVQG&sd=1&im=067b2fff&_
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.47.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-47-12.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11170679829/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11170679829/?random=1691566084001&cv=11&fst=1691566084001&bg=ffffff&guid=ON&async=1&gtm=45be3870&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&auid=1800141639.1691566084&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11170679829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7884193161b70833585ed5f20291b15614f7fe930379a3830848e235c6b75393
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1384
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		172 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 09 Aug 2023 07:28:04 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
47151
x-xss-protection
0
pragma
public
x-fb-debug
Au4OoM+yNPAEx5FuT+Lj5pDNc6ZS/3yDjY1pos+xp+RSepUrmq8dqfHj19MbVvJM2mdSzuDbJXfMIU7+/fAwNA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2010905537&t=pageview&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAACAAI~&jid=416673212&gjid=1669368344&cid=696463884.1691566084&tid=UA-4780630-1&_gid=1062162117.1691566084&_r=1&_slc=1&gtm=45He3870n71T728TH&cd1=&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=0&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&cd117=&cd118=&cd119=&cd120=&cd121=&cd122=gtm.js&cd123=https%3A%2F%2Fwww.walla.co.il%2F&cd124=&z=786083503
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/777956447/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/777956447/?random=1691566084044&cv=11&fst=1691566084044&bg=ffffff&guid=ON&async=1&gtm=45He3870&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&bttype=purchase&auid=1800141639.1691566084&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
5c05b391859d833d27483981561f3863ca1c0106dcc18fd3ea177620bcc0da92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1677
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion.js
www.googleadservices.com/pagead/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
56e72c6148e99351b645552587d81d6d06d0b1179a232790549681542240b7de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18398
x-xss-protection
0
server
cafe
etag
12875370331647131904
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 07:28:04 GMT
adoric.js
12890047.adoric-om.com/ 		193 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://12890047.adoric-om.com/adoric.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7e72485d422e16e084c44e6e3117081442f7b4ee80aa4ebd67013ae831a10f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
via
1.1 google
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
381
x-dns-prefetch-control
off
content-range
bytes 50-10000/*
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-adoric-api-version
9.0.1
server
cloudflare
etag
W/"305a4-3oET5eQIkqf/Z1K9GvqC5jB7a1o"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
movetogcp2020.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z783JZbzVatSKDMlRVO%2FGGdW76kAJhr%2FRVLCWiC90t5EDKQMQtOnAe38xBfu%2FgOvQlrcmxyQmaPtOWHbKR1aAptJrLhamdMI83AqBM3uJLNwQWY62Ti1Cl19rb3z%2FH2Sh7U5mSolY1dkAifjdL5uwxdl0yFI"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
access-control-allow-credentials
*
vary
Accept-Encoding
cf-ray
7f3e47b98f378fda-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
js
www.googletagmanager.com/gtag/ 		244 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8289820b0720a36d099b95932f821e7551b0b91f6395301c31b715e8f51acca9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85753
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 09 Aug 2023 07:28:04 GMT
js
www.googletagmanager.com/gtag/ 		192 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TSQY5YTYZ0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2c8d5499ac9d95e39f5e9919861e73480b909a40caabc5005c7d97bb4d53e868
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
72147
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 09 Aug 2023 07:28:04 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		31 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=walla.co.il&domain=walla.co.il&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9e122ea02c8e7657d8ed18437a5e8e43244b55bbad4022c0192eb6fddc584d42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits
1
date
Wed, 09 Aug 2023 07:28:04 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
24
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
5206
x-served-by
cache-fra-eddf8230033-FRA
x-timer
S1691566084.126877,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Mon, 07 Aug 2023 07:27:39 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/ 		400 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95a0a6e3823b20170bbae77c19ce189d6a1b178f6230ed124cc85da8011bdf28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 05:43:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
6297
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129393
x-xss-protection
0
server
cafe
etag
2294886439466480038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 08 Aug 2024 05:43:07 GMT
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame D3AF 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.walla.co.il
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F33D) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
547146
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Wed, 09 Aug 2023 07:28:04 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (via/F33D)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
init
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 09 Aug 2023 07:28:04 GMT
server
Google Frontend
x-cloud-trace-context
bf5d8a48e0eb0d5e8b9b0776f1f5b6fd
x-request-id
undefined
init
hb-dot-valuad.appspot.com/ 		38 B
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
x-request-id
203e22b4-1632-4a07-a3b7-e7312af0f4e7
x-vad-version
0.13.10

Response headers

date
Wed, 09 Aug 2023 07:28:04 GMT
content-encoding
gzip
server
Google Frontend
etag
W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
e7998b68e494dbaa2bbccab79bc82ef4
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64
x-request-id
undefined
dmp-main.js
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/ 		221 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-94.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
d7dd6a88dffdede74facabb3e5a6a4824c28e3d4195adbcd16fc4a47dec08d7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 12:30:36 GMT
content-encoding
br
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA60-P4
age
68248
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
d0MGMIUbRrItKamBLJepUaCYxuatWSGd98GWRBATJTiVos8aknwzQw==
init.74946084e8628b267740.js
web-sdk.smartlook.com/es6/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/es6/init.74946084e8628b267740.js
Requested by
Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d5c2f46f6fa1c65285c59762ea527a94eae3baa7e84969e11dcc2b8000bc79dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 09 Aug 2023 07:28:04 GMT
strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
594325
x-accel-date
1690971759
x-77-nzt
AcO1rycGRVz/lREJAA
x-accel-expires
@1722507759
last-modified
Wed, 02 Aug 2023 09:33:40 GMT
server
CDN77-Turbo
etag
W/"64ca22f4-f2aa"
x-77-nzt-ray
25b021316ef860290440d36491cda20f
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
settings
syndication.twitter.com/ Frame D3AF 		869 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=23bd591fd9a3e0ac9fc30e435a83dbc26289dc2e
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.walla.co.il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-response-time
111
date
Wed, 09 Aug 2023 07:28:04 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Wed, 09 Aug 2023 07:28:04 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
c8ea33b548da5dd4
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
34e535530fd6e4c2650ccfe19dcea0ea009c1f1c790e6719ddd8cd195dcce893
content-length
337
collect
stats.g.doubleclick.net/j/ 		4 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-4780630-1&cid=696463884.1691566084&jid=416673212&gjid=1669368344&_gid=1062162117.1691566084&_u=aEBAAEAAEAAAACAAI~&z=828219540
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 09 Aug 2023 07:28:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&x=57wVCAD767iyQ&v=B&ml=m&sl=CtxK9r&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&x=FXcsAFycGkRv5&v=C&ml=m&sl=BXA25k&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&x=LAmDI9gg4tA8o&v=C&ml=m&sl=DbiI3w&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&x=q8sfo1rs0ZFuE&v=B&ml=m&sl=Dmm4Q&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&x=xS9Npg72pRtRl&v=A&ml=m&sl=BVnUcu&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&x=K7X3Tx9G7LFfD&v=B&ml=m&sl=CDKSXU&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&x=zGey5g5uhF4Yp&v=A&ml=m&sl=buy-B&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&x=vkFDH4HIyiWHx&v=B&ml=m&sl=CAUx6&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&x=XYNIHRH7uurLk&v=B&ml=m&sl=DqRt3q&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&x=OAFJ0r9IHXehA&v=A&ml=m&sl=D_Pf1u&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&x=l95vC3ps5Cg3y&v=A&ml=m&sl=DaOFWe&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&x=tgNWACrUK3HWn&v=B&ml=m&sl=zX7Um&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&x=zAX1MixpjAVYn&v=D&ml=m&sl=oHO1s&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&x=uK5QQ23LraQhI&v=A&ml=m&sl=OP-W4&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&x=S6IDw2HZEm8vy&v=A&ml=m&sl=OdMtu&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&x=TyXyHwUNyoNRt&v=B&ml=m&sl=BL6FZS&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&x=a15pd5p3ZPiX5&v=B&ml=m&sl=Et7S2&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&x=59emfnuJ5k3fQ&v=A&ml=m&sl=CdbOMH&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&x=hQoDxiyqTndVj&v=B&ml=m&sl=Duj-HF&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&x=t3wmymCuBOAuN&v=A&ml=m&sl=xutbb&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&x=L2WIeytEXLBJ5&v=B&ml=m&sl=Bk05_t&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&x=7HBSXGiLPq8Dk&v=A&ml=m&sl=DtDSso&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&x=BEH78wPaxgrHj&v=A&ml=m&sl=CA4S8g&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&me=3&ml=m&x=qHnsEEtcMpVPO
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=CO75uNxEMCiDBHM7D&c=0.01&V=141&me=3&ml=m&x=G6MOc3d34TGNw
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.221.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-221-95.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
/
www.google.com/pagead/1p-user-list/11170679829/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11170679829/?random=1691566084001&cv=11&fst=1691564400000&bg=ffffff&guid=ON&async=1&gtm=45be3870&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2526157763&rmt_tld=0&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/11170679829/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/11170679829/?random=1691566084001&cv=11&fst=1691564400000&bg=ffffff&guid=ON&async=1&gtm=45be3870&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2526157763&rmt_tld=1&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
pro.ip-api.com/ 		20 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json?key=ay3FPSS6OcBXPHg&fields=countryCode
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/2415_1964ea1482fc9bb00b2a_1964ea1482fc9bb00b2a_walla.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 09 Aug 2023 07:28:04 GMT
Content-Length
20
Content-Type
application/json; charset=utf-8
3452_28c1808d0814a46feaca_28c1808d0814a46feaca_walla.js
www.walla.co.il/public/ 		123 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/3452_28c1808d0814a46feaca_28c1808d0814a46feaca_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_1e4744910d59dae7d5e5_1e4744910d59dae7d5e5_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
6dba6e329dfb9cefab40d65bd87209b0f98f585e82f455bff4ffb75e99573a23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:04 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:51:10 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"1eb65-189d48eb6b0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
vx-Zq_XFGYmOaDMVlXqAXNW21GkUHgb0b5Lr_6rYg6-OEXdypEBddA==
x-cached
MISS
PikudInner_2e1eca4b5cb115902ee9_2e1eca4b5cb115902ee9_walla.js
www.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/PikudInner_2e1eca4b5cb115902ee9_2e1eca4b5cb115902ee9_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_1e4744910d59dae7d5e5_1e4744910d59dae7d5e5_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
55e1bb5ac96493124163d21acdc1a9e620d826d6654f94a9fab30cd8a648c0b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:04 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:51:10 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"cfe-189d48eb6b0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
ptO4u-0De5ubWRC9K3FWEy6c1bK-klJtm7EhwSWXid7sOrG6J7QTmg==
x-cached
HIT
load.js
pm-widget.taboola.com/wallail-walla/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/wallail-walla/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef9f4e5595c87f7bab17859c9e649bc27a66aae8e407d0c72b179a336f6be282

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
Nc3GQX_FPWE4JJa4d6ElLMboprgduwrj
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Wed, 09 Aug 2023 07:28:04 GMT
x-amz-request-id
0VD1J1PJT1RH4YSP
age
2050
x-cache
HIT, HIT
content-length
1107
x-amz-id-2
nQ5KgmGamRhHaGVVUnJ5e8T/9HHNiy++nysEvp7snNr3JiZXb3w//Zd7YQsYu2HuRd69QLjOnss=
x-served-by
cache-sjc1000140-SJC, cache-fra-eddf8230031-FRA
last-modified
Tue, 18 Apr 2023 12:24:46 GMT
server
AmazonS3
x-timer
S1691566085.823325,VS0,VE0
etag
"ba233cf579e81e13395451d440481864"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
1876, 3
impl.20230808-7-RELEASE.js
cdn.taboola.com/libtrc/ 		799 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230808-7-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
827ff2a22197d89bc8ca247e8f37232b133ab679bcfdd37bd4bb47326270f5ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
ArdiSHEr87Dy0EJDRm8y1NOhIYG4o81D
content-encoding
br
via
1.1 varnish
date
Wed, 09 Aug 2023 07:28:04 GMT
x-amz-request-id
RZQGX9DYKCKD1B8V
age
21871
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
169248
x-amz-id-2
njbD9ufLR+MVsUi43ePQzaDYIMCqldzTyeOGAlD7XT2CODd7dtAf5txVNMXf9/rpRHpM+9Ibyso=
x-served-by
cache-fra-eddf8230031-FRA
last-modified
Tue, 08 Aug 2023 09:23:31 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1691566085.823217,VS0,VE0
etag
"c6c90724feeac1b7b8fd8bf5625efd26"
vary
Accept-Encoding
content-type
application/javascript
abp
87
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
18983
2323
dal.walla.co.il/editor/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dal.walla.co.il/editor/2323?from=www.walla.co.il
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/2415_1964ea1482fc9bb00b2a_1964ea1482fc9bb00b2a_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-88.fra60.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
549fdf51dffb7775d8c80636a55d83434588fc0b6a3d4fd2c0477748aa652854

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:27:21 GMT
content-encoding
gzip
via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
43
x-srkey
9ca383bf7f5c06689b373a08cfd03266
x-cache
Hit from cloudfront
x-cached
HIT
pragma
cache
server
openresty/1.15.8.1
x-speed
0.0496089458
vary
Accept-Encoding
x-hostname
9e080ca21688
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
x-ip-x
147.234.20.100, 64.252.86.177
x-ip-r
10.30.21.128
cache-control
max-age=60
x-amz-cf-id
DaacV7QHTiqu6CC-nCk6hx1QSKkC2MruyE4wzpPTnvfeLHrgk_pCtQ==
expires
Wed, 09 Aug 2023 07:28:18 GMT
7309_9e237d99c75cf4f9de9e_9e237d99c75cf4f9de9e_walla.js
www.walla.co.il/public/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/7309_9e237d99c75cf4f9de9e_9e237d99c75cf4f9de9e_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_1e4744910d59dae7d5e5_1e4744910d59dae7d5e5_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
02b9a34773ec700d23a92657536ca41b37bdd6012f2604ed935ebc25b5cbccd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:04 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:51:10 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"ae04-189d48eb6b0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
UHmm2CFGYvNmuKz4oMmSPtYt2kuCTt90fnIsHyokhyJDXXdJC7Xo9w==
x-cached
MISS
player.html
www.walla.co.il/public/ Frame B42A 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/2415_1964ea1482fc9bb00b2a_1964ea1482fc9bb00b2a_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e51252194955e2dfe332108e4982cc87c3b10ea2bc25017382cdb39fb513cf28

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 09 Aug 2023 07:28:04 GMT
etag
W/"b90-189d48eb6b0"
last-modified
Tue, 08 Aug 2023 09:51:10 GMT
server
openresty/1.15.8.1
vary
Accept-Encoding
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-id
cAwutLVBRGjnre-p-Xp_YVoXbBrsPppm3P4PoKE5N1QcF3K72O1VsA==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-cached
HIT
video.webp
www.walla.co.il/public/assets/icons/homepage3/ 		930 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/homepage3/video.webp
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
8cce178d2af1945d796fb0f59a956e2d51086ed8d5dd8152efc951c05ecf1f6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:04 GMT
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:39 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"3a2-189d48c68d8"
x-cache
Miss from cloudfront
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
930
x-cached
HIT
x-amz-cf-id
PzUYo4O3Q3uyJ25swmldL-K9gXiyGPtBSUdodtBnF5YnOZDAiVU8Rg==
1626_f5f3b35c90a142b6399c_f5f3b35c90a142b6399c_walla.js
www.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/1626_f5f3b35c90a142b6399c_f5f3b35c90a142b6399c_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_1e4744910d59dae7d5e5_1e4744910d59dae7d5e5_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
b3eac0550b379114427c1361eccd17319ca02132838d4f93b2d39666c2ba53a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:04 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:51:10 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"c35-189d48eb6b0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
EnXKQpXiBWhMmMj-uFGVGvM8q_SwnWvc8ZhUwY0RiUGGofNxef_FNw==
x-cached
HIT
close.png
www.walla.co.il/public/assets/ads/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/ads/close.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:04 GMT
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:38 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"46c-189d48c64f0"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1132
x-cached
HIT
x-amz-cf-id
EFdTXmtOGeHPJdLZ0bj6gB-aqJwQ445DkscG8ycOXOxty4_mX5hArw==
3293634-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/2/9/3/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/2/9/3/3293634-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
21198eb63886595661560f0524036833aa74dccd92ef053037fd4e19dbfeb1d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:00:22 GMT
via
1.1 google
age
1662
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10919
3582891-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/8/2/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/8/2/3582891-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
9c4a66440211036699ae73862b8412aea62628b8c74d64ea0ab5ccbe50c0a6ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 06:05:42 GMT
via
1.1 google
age
4942
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3130
3582899-46.png
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/8/2/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/8/2/3582899-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
efd4cdbad8f543175a0c4950771947d4f5933afbd1d4f5fe68b8b077cefd7cb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 05:49:08 GMT
via
1.1 google
age
5936
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3422
3582567-46.png
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/8/2/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/8/2/3582567-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
a7b7a60edd47c554b4f801a5eea2b919a15bec1dc1717e3263f2b4465fca88d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 04:49:08 GMT
via
1.1 google
age
9536
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3462
3453007-46.png
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/5/3/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/5/3/3453007-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
4730ad80df82b4b80a09d3e6c50d00e23eee1d05c589b91c24789e0119a36325

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 06:30:00 GMT
via
1.1 google
age
3484
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85561
/
www.google.de/pagead/1p-conversion/777956447/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/777956447/?random=224442375&cv=11&fst=1691566084044&bg=ffffff&guid=ON&async=1&gtm=45He3870&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.w...
  • https://www.google.com/pagead/1p-conversion/777956447/?random=224442375&cv=11&fst=1691566084044&bg=ffffff&guid=ON&async=1&gtm=45He3870&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=m...
  • https://www.google.de/pagead/1p-conversion/777956447/?random=224442375&cv=11&fst=1691566084044&bg=ffffff&guid=ON&async=1&gtm=45He3870&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZ...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/777956447/?random=224442375&cv=11&fst=1691566084044&bg=ffffff&guid=ON&async=1&gtm=45He3870&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=1800141639.1691566084&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOFBMTXBnWVFsZVhJajQySzNzbmJBUkltQUZWWm5HdDJPbXgyZnE1bkdOeUN2ekE1eGVDN1lDQXFrX1FtblpzMVJhcFVIT2FFVEVRGlhDaEFJOFBMTXBnWVFtSUtoN2VMS2o2b1pFaTRBUmg1MWQwMkJHQy1qR0hOSloyZUJWS3FNVUs4cjJIS3NGbGFxX2NDZWx2aFNKMHV1dW9aM1Z5RjBFZ2xsIhMI_eO53IbPgAMV1Ma7CB1AjAnH&is_vtc=1&ocp_id=BEDTZP3RBdSN7_UPwJimuAw&cid=CAQSKQBpAlJWUTSXMkEj68vHvceY5H8rWZm5qkKa31aAfR0Z81IZRBWH5h7f&eitems=ChAI8PLMpgYQ4JvBhuLnmdEVEh0A6irxiijEkUMZGGVv_oRbxa7dEonoSgTDzPVqUA&random=1230691344&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/777956447/?random=224442375&cv=11&fst=1691566084044&bg=ffffff&guid=ON&async=1&gtm=45He3870&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=1800141639.1691566084&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOFBMTXBnWVFsZVhJajQySzNzbmJBUkltQUZWWm5HdDJPbXgyZnE1bkdOeUN2ekE1eGVDN1lDQXFrX1FtblpzMVJhcFVIT2FFVEVRGlhDaEFJOFBMTXBnWVFtSUtoN2VMS2o2b1pFaTRBUmg1MWQwMkJHQy1qR0hOSloyZUJWS3FNVUs4cjJIS3NGbGFxX2NDZWx2aFNKMHV1dW9aM1Z5RjBFZ2xsIhMI_eO53IbPgAMV1Ma7CB1AjAnH&is_vtc=1&ocp_id=BEDTZP3RBdSN7_UPwJimuAw&cid=CAQSKQBpAlJWUTSXMkEj68vHvceY5H8rWZm5qkKa31aAfR0Z81IZRBWH5h7f&eitems=ChAI8PLMpgYQ4JvBhuLnmdEVEh0A6irxiijEkUMZGGVv_oRbxa7dEonoSgTDzPVqUA&random=1230691344&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
170717926997655
connect.facebook.net/signals/config/ 		383 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/170717926997655?v=2.9.121&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
deac5353deef8d74e1034e2a8b1c592dd83695a929b2c6a1227a9c506034bbd8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 09 Aug 2023 07:28:04 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
111618
x-xss-protection
0
pragma
public
x-fb-debug
uIhJ8IatFzhyZKLTRntwW1n6At/2i1vZ7i9N8VB4HOlFW2tyPy9quhjgS8gc6PUjL2m9T6bcq8+/PXC6gXx2nQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1691566084942&cv=9&fst=1691566084942&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c457171116b22c2c4828083c1f99975c24edb845f88ebf063afa967ac70df0d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1441
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adoric.v9.1.min.css
static.adoric.com/ 		164 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.adoric.com/adoric.v9.1.min.css
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77f6652f82b148e61c424fc396fb86932cfd2ce1573c9303922679b61384224c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2331
x-guploader-uploadid
ADPycdteZvw7_JZCGyLOYAPgySUiel1ZjRdUt1smqZ5pZrwKl39zlM8dCtJdb9bNNfxwEc2iqseWXxowO_V-YEXHaJPfbwPG_tfh
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 02 Aug 2023 20:35:32 GMT
server
cloudflare
etag
W/"5b7d127f22736b02770ae3382f728778"
vary
Accept-Encoding
x-goog-hash
crc32c=+XwQDA==, md5=W30SfyJzawJ3CuM4L3KHeA==
x-goog-generation
1691008532290579
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQ%2FslVVgJUnkRtVUBCUIiQJSFK%2FCgFoqD1lcxQ9bmW%2BrTJThx8wgMpwegl2DUyd0yKi1XV9CT64CrwO8bDW4YNWZsXjvIkrPErevWjwEf4BwMpjbOa0sDCSxHK3Mg%2B%2FGYk6UzY9rYvOLMeh7PbBolw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
13882
cf-ray
7f3e47bf2ca9927a-FRA
expires
Wed, 09 Aug 2023 07:49:13 GMT
/
app.adoric-om.com/v1/campaigns/ 		758 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.adoric-om.com/v1/campaigns/?u=9cf2e1a44ca72a3fec13c925568a4883&l=en&cc=0&b=chrome&os=win&h=https%3A%2F%2Fwww.walla.co.il%2F&d=desktop&lsps=0&pd=M&nv=true&tz=0&cIds=%5B%5D
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.218.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
58.218.120.34.bc.googleusercontent.com
Software
/
Resource Hash
cc9c668d0adc9d6964c36112ce8684317d1948d507d3951bcb3b43810527a5e4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
date
Wed, 09 Aug 2023 07:28:05 GMT
x-content-type-options
nosniff
via
1.1 google
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
758
x-xss-protection
1; mode=block
x-adoric-api-version
9.0.1
etag
W/"2f6-oBj2W41J5MMMqXvxqcVn+3OzELU"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
collect
region1.google-analytics.com/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TSQY5YTYZ0&gtm=45je3870&_p=2010905537&cid=696463884.1691566084&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691566084&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSQY5YTYZ0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RYD7X7E8VN&gtm=45je3870&_p=2010905537&_gaz=1&cid=696463884.1691566084&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2F&sid=1691566084&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&en=page_view&_fv=1&_ss=1&ep.ga_client_id=&epn.vertical_id=173&ep.vertical_name=%D7%95%D7%95%D7%90%D7%9C%D7%94&ep.category_id=&ep.item_id=&ep.item_type=&ep.item_publication_date=&ep.item_last_update=&ep.content_provider=&ep.item_title=&ep.item_author=&ep.hostname=walla.co.il&ep.item_sections_words_count=&ep.tags=&ep.editor=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RYD7X7E8VN&cid=696463884.1691566084&gtm=45je3870&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RYD7X7E8VN&cid=696463884.1691566084&gtm=45je3870&aip=1&z=1366893607
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
45c3b5dad0424e0c2eec5b4a8e26be85
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 11:15:11 GMT
content-encoding
gzip
via
1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
72775
x-amz-server-side-encryption
AES256
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
LmklfgU83n_u_I_G1VCnm-DYiy_N1MHwaSd5tLG231z3PvlvxwmZ9w==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:6e00:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
null
Date
Wed, 09 Aug 2023 01:26:27 GMT
Via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
21699
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
0-5KZJCbBEKoM3Cu-Q1XcjW8_P7rXym6pMbBf6jxYw7WizqsvYLKQg==
esp.js
cdn.id5-sync.com/api/1.0/ 		112 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Aug 2023 11:32:19 GMT
server
cloudflare
x-amz-request-id
9JD2PVWRNGH6W9D6
age
3552
etag
W/"25c6f4638264ba52fb77e06351d38d61"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7f3e47c098b8928d-FRA
x-amz-id-2
C78NJH9XkIV+sX3gWmjnQ0d7A0CrZ/OSO/7CSNMeogj/qizLfap+8xu2sOYpsPd/7/w1SlaLgeQGDUvfhgOumQ==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4133
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VV2q2gMjWb9YAsZjCtx3qRiQ%2FLDLh6KKMAG9XyCglHysfeb%2BfmppJtRMzYjCq5hNtNZIIgcd8PkCjNqIis5EDVN49rRJiiY6867wLEUft1BLV0cC1WPIZk3doIGDXTCO6Yuph1zPTPgvOlB4szc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7f3e47c09c6a5c32-FRA
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-aa04"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Aug 2023 07:28:05 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 23:58:04 GMT
content-encoding
gzip
age
1150201
x-guploader-uploadid
ADPycdsJEoGEdACkPhEpLcadnh3aQlj77UDinvOmb6bbnYP4ZBIZ1c4FNa4dKEFL9W-lxAEBMvtWjPiKZu_LC3LquNuUVfFyLVER
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 25 Jul 2024 23:58:04 GMT
ob.js
cdn-ima.33across.com/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.112 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca372f1d4ced7e2a37e83eb5b880159ba569a4fbf613b9cc2894a6c8726c13f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 20 Jul 2023 17:46:36 GMT
server
cloudflare
age
46760
etag
W/"64b972fc-a13f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
7f3e47c0d81a3673-FRA
expires
Thu, 10 Aug 2023 07:28:05 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4780630-1&cid=696463884.1691566084&jid=416673212&_u=aEBAAEAAEAAAACAAI~&z=1704828270
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4780630-1&cid=696463884.1691566084&jid=416673212&_u=aEBAAEAAEAAAACAAI~&z=1704828270
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3933_bb5737f98d64ae161531_bb5737f98d64ae161531_walla.js
www.walla.co.il/public/ Frame B42A 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/3933_bb5737f98d64ae161531_bb5737f98d64ae161531_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
0502011de71862f9a147fa4b55e598afa9cce058839d593ae72f45c3aa0382b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:51:10 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
2
etag
W/"3077-189d48eb6b0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
8Jq0tE8IFl5dYYTI80xhjPsao4jr2_6thw8zPBzXZAGTgKItgsni-g==
x-cached
HIT
9330_f4446c29729bfb4db823_f4446c29729bfb4db823_walla.js
www.walla.co.il/public/ Frame B42A 		725 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/9330_f4446c29729bfb4db823_f4446c29729bfb4db823_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
795a830b0b31bbb525291b12e54586cc1a04986b913e6354a10cf03a17189e2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:51:10 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"b558b-189d48eb6b0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
O-UoqFZIRkacwW_RWy_LIe6JcmHknMcHlxV73o8gf4QtmD7dDB5dbg==
x-cached
MISS
player_445607a52df06e395055_445607a52df06e395055_walla.js
www.walla.co.il/public/ Frame B42A 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player_445607a52df06e395055_445607a52df06e395055_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
d5cd01e2ad16f34488c095f6c25f3c891c6a29419368f96fba0b28cab42789f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
content-encoding
gzip
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:51:10 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"7724-189d48eb6b0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
LpnR0va8dqED-p5dK2rTapv4zzJmLXfGfM77W1o65k_vUN9TU1tunw==
x-cached
MISS
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230809
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6870c02877e2dca9a557186fdcceed729cf07aa5f3dc93f0965c2836b19f0ca6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12424
x-jsd-version
1.0.1776
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4537-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"643-y9lAEfXML71LlvOvNPspHBj43cs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ha%2BkxeR79%2B1ANx6yXAqiE7RP25YPFq4DLS1%2BOBw22KegqvdKOQL8sUdVrLPweSu2kFMedxI1%2FxxVdSe1FAACgc2V3v7t%2Bx5O0agPU1cx9tKTlYuPNBxSZfo%2BK1E0aJsdZGn%2B%2BYCo65JWF23iy8k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7f3e47c09b15bbc8-FRA
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 07:28:05 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Thu, 03 Aug 2023 15:25:22 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
489147
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OG%2Fw211BKExV%2BdwF2A3Bcue7IpK7YO78Z8qzH3gVqF0tXyz68xAAq4XkHNrccN5BE5Hh%2BvFO%2FlLod3Hhesm%2FeUDBmKXnQoxVWx3ZsVe6PQLbphii9ukyykAKABLhSxgVMjgQz%2FUN7tBi4vZf"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7f3e47c0cf4d1e18-FRA
bid
ap.lijit.com/rtb/ 		25 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.5.0
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
49fd8c78131d0033c3aa1efa60edf3d51eae345f330d3372aae9f47d4186f2e1

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 09 Aug 2023 07:28:05 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.walla.co.il
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
auction
tlx.3lift.com/header/ 		19 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.5.0&referrer=https%3A%2F%2Fwww.walla.co.il%2F&tmax=3000
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.157.81.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-81-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
accept-ch
sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt
x-auction-status
12, 12, 12, 12, 12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		380 B
894 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=36de72c1-d22e-4d6e-ae55-21600d5df343&l_pb_bid_id=2087399e16b89f6&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=44fe17fd-250e-4647-a55c-91cfc521d77c&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&slots=1&rand=0.5231795619434387
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
12d694156b5dff2d4f06b3a12b73d89f93876bea9f719e461cfc5a6007b3cf45

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
380
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		377 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Ftop_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=36de72c1-d22e-4d6e-ae55-21600d5df343&l_pb_bid_id=21bc0c29268fb9c&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=72703f28-f3ca-4720-95b2-d18a300638de&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Ftop_desktop&slots=1&rand=0.9121725293208021
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
450a80c7735ce639b05893350c17b653c8ea0dfbad64f0d66c0147e479cf0f33

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
377
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		365 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Frectangle_hp3_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=36de72c1-d22e-4d6e-ae55-21600d5df343&l_pb_bid_id=22fe76dd8a86ee1&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=85325d49-76bc-4cbe-a20b-ec05e22dfe00&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Frectangle_hp3_desktop&slots=1&rand=0.020817328825201376
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7dc8c0053a4ed3257bb446cb8ad5e0351f07f4f8a022d70e02111b40a380536d

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
365
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		370 B
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fpremium_rectangle1_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=36de72c1-d22e-4d6e-ae55-21600d5df343&l_pb_bid_id=23650a8e4ee0b7c&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=6955c10a-9c2b-44df-b5ed-345ae51ae219&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fpremium_rectangle1_desktop&slots=1&rand=0.9972736926816386
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3b517952eb850d7ee92664751fff57a14186ccb0b26f9842cff7a1960a81d7c2

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
370
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		366 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=36de72c1-d22e-4d6e-ae55-21600d5df343&l_pb_bid_id=245cc23b8f7c4bd&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=1f3edf5d-524b-4c0f-b31f-a3e96d9f910b&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&slots=1&rand=0.9900277887556383
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
20e8905d7ee4f0029ee39488d3aec72976492c8ec2e4fa9407b0dbc64b8c7e9a

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
366
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.5.0&cb=68307789269&lsavail=1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Wed, 09 Aug 2023 07:28:05 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
2214040
bs.yandex.ru/prebid/ 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
last-modified
Wed, 09 Aug 2023 07:28:05 GMT
x-yandex-req-id
1691566085295193-925751216463080110000250-production-app-host-sas-pcode-430
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Wed, 09 Aug 2023 07:28:05 GMT
2214040
bs.yandex.ru/prebid/ 		0
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 09 Aug 2023 07:28:05 GMT
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
0
uniformat-product-type
None
x-xss-protection
1; mode=block
expires
Wed, 09 Aug 2023 07:28:05 GMT
2214040
bs.yandex.ru/prebid/ 		0
76 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
last-modified
Wed, 09 Aug 2023 07:28:05 GMT
x-yandex-req-id
1691566085294846-1127847152212012652000292-production-app-host-sas-pcode-60
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Wed, 09 Aug 2023 07:28:05 GMT
2214040
bs.yandex.ru/prebid/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 09 Aug 2023 07:28:05 GMT
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
0
uniformat-product-type
None
x-xss-protection
1; mode=block
expires
Wed, 09 Aug 2023 07:28:05 GMT
2214040
bs.yandex.ru/prebid/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
last-modified
Wed, 09 Aug 2023 07:28:05 GMT
x-yandex-req-id
1691566085333646-755076029863368498900299-production-app-host-vla-pcode-411
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Wed, 09 Aug 2023 07:28:05 GMT
translator
hbopenbid.pubmatic.com/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Wed, 09 Aug 2023 07:28:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
prebid
mp.4dex.io/ 		60 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Wed, 09 Aug 2023 07:28:05 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: adSlot-2, Process Seats Booster. unable to get the seat booster engine for organization: 1241
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f3e47c0db751c9f-FRA
expires
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		1 KB
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.walla.co.il%2F&PageUrl=https%3A%2F%2Fwww.walla.co.il%2F&PageReferrer=https%3A%2F%2Fwww.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
8c71a9da01c985b867a6b5cf8f6ae8dc59247281ce4feb6a3b96920595515f34
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
216
content-length
350
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
d32abc540d04e112ddca7cf97c3838a4cb117107f04cb0a188162b5986e9e16a

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
d32abc540d04e112ddca7cf97c3838a4cb117107f04cb0a188162b5986e9e16a

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
d32abc540d04e112ddca7cf97c3838a4cb117107f04cb0a188162b5986e9e16a

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
d32abc540d04e112ddca7cf97c3838a4cb117107f04cb0a188162b5986e9e16a

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
d32abc540d04e112ddca7cf97c3838a4cb117107f04cb0a188162b5986e9e16a

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=715831
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7f28bda6eccb78c08a8e4c34f27e7580c4e29798a570c7819da42767f8df6f

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gz22dkPZlwpBS8eg46bQ4Bj5sN5O3HtQYK0Gr6CEcp%2Bs7P1Z%2F6uBUCB2e%2Fil2oWAznCGQk7T6DB%2BBzCyWL1%2Byg8eDLPo0qkrgiM51Tc4CF%2Flkqu8MNmph1Hndxl0PQ2L1F2daSfF"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f3e47c0d94d35f0-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
an-x-request-uuid
9c6c3282-8d6f-4722-a2fc-8c413d95dc5b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.38.134; 138.199.38.134; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
prebid.smilewanted.com/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7f3e47c0dc0c2c76-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7f3e47c0dc0d2c76-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7f3e47c0dc0e2c76-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7f3e47c0dc102c76-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7f3e47c0dc122c76-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Wed, 09 Aug 2023 07:28:05 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
60050d2afcf72b69704917710ab11566a7bc21d23f05d566554dac8222c1e493

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
ads
securepubads.g.doubleclick.net/gampad/ 		9 KB
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2455748603182811&correlator=902874599307809&eid=31076398&output=ldjh&gdfp_req=1&vrg=202308030101&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Crm1_desktop%2Crm2_desktop%2Crm3_desktop%2Crm4_desktop%2Crm5_desktop%2Crm6_desktop%2Crm7_desktop%2Crm8_desktop%2Crm9_desktop%2Crm10_desktop%2Crm11_desktop%2Crm12_desktop%2Crm13_desktop%2Crm14_desktop%2Crm15_desktop%2Cnickbar_desktop%2Cdontmiss_strip_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17%2C0%2F1%2F2%2F18%2C0%2F1%2F2%2F19&prev_iu_szs=1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1200x40%2C320x50%7C865x190&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight&ifi=1&didk=1909289936~4078182110~845420629~2737176580~3757563159~2051796368~2459729993~3096182529~3770086168~3931141563~3707026742~2555613071~45217321~479599996~2547616871~1193244743~1193245117&sfv=1-0-40&ists=131068&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1691566085219&lmt=1691566085&adxs=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C200%2C535&adys=11497%2C11497%2C11497%2C11497%2C11497%2C11497%2C11497%2C11497%2C11497%2C11497%2C11497%2C11497%2C11497%2C11497%2C11497%2C1200%2C2723&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15%7C16%7C17&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=1600x11497%7C1600x11497%7C1600x11497%7C1600x11497%7C1600x11497%7C1600x11497%7C1600x11497%7C1600x11497%7C1600x11497%7C1600x11497%7C1600x11497%7C1600x11497%7C1600x11497%7C1600x11497%7C1600x11497%7C0x-1%7C864x0&msz=1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1200x-1%7C865x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C644%2C132&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C864&ga_vid=696463884.1691566084&ga_sid=1691566085&ga_hid=2010905537&ga_fc=true&dlt=1691566083632&idt=1381&prev_scp=slot_name%3Drm1_desktop%7Cslot_name%3Drm2_desktop%7Cslot_name%3Drm3_desktop%7Cslot_name%3Drm4_desktop%7Cslot_name%3Drm5_desktop%7Cslot_name%3Drm6_desktop%7Cslot_name%3Drm7_desktop%7Cslot_name%3Drm8_desktop%7Cslot_name%3Drm9_desktop%7Cslot_name%3Drm10_desktop%7Cslot_name%3Drm11_desktop%7Cslot_name%3Drm12_desktop%7Cslot_name%3Drm13_desktop%7Cslot_name%3Drm14_desktop%7Cslot_name%3Drm15_desktop%7Cslot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Ddontmiss_strip_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&cust_params=permutive%3D&adks=3574292238%2C3281790396%2C98111979%2C284161084%2C2694544435%2C99995744%2C2663655591%2C1832766528%2C3711358991%2C3169800366%2C3148243285%2C211575734%2C3583292036%2C2042096236%2C3658430203%2C1750305995%2C3185403617
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ae826ea2d2466b35e251306f530ef7c7d62f50745cae8356ec0c29140bb7996
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
494
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0317 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 07:28:05 GMT
expires
Thu, 08 Aug 2024 07:28:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
state
event.dxmdp.com/rest/api/v1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/state
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.171.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-171-254.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
pmk-20220605.1.js
pm-widget.taboola.com/wallail-walla/ 		115 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/wallail-walla/pmk-20220605.1.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/wallail-walla/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7e3e2281e670435dd46492437a30bcf0c59368d824ac1aa591571d35c81d88b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
YaUoVhRXeV8pgb7fnBF6NLXk_e7KSGb2
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Wed, 09 Aug 2023 07:28:05 GMT
x-amz-request-id
1ZRF9AZMSP1MXZKY
age
1898898
x-cache
HIT, HIT
content-length
31819
x-amz-id-2
OUckhCCBQyRlZ54uGukfAk+IL/wJcaCb6S8Qtf8Omgh3owsecWM0riI5KUBsohxeZh5TodRrLw4=
x-served-by
cache-sjc10027-SJC, cache-fra-eddf8230031-FRA
last-modified
Tue, 18 Apr 2023 12:24:45 GMT
server
AmazonS3
x-timer
S1691566085.408290,VS0,VE0
etag
"4bbfdfa56e1850f61d8804a24a682324"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
5313, 36
logo.png
www.walla.co.il/public/assets/pikud/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/pikud/logo.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:39 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"558e-189d48c68d8"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
21902
x-cached
MISS
x-amz-cf-id
Gzu-Kh0p5KN12p1EXSFJIXs2KV2-uhnDIbJuwIywBx3dH4-Itx2ZAA==
almoni-neue-aaa-600.woff
www.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:38 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
2
etag
W/"e954-189d48c64f0"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59732
x-cached
HIT
x-amz-cf-id
daII2PrZcipuY5kWz_xK6rlGwiV9xJDSRv_ZyU2d0E1qK7xzTJpiDw==
almoni-neue-aaa-700.woff
www.walla.co.il/public/font/almoni/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-700.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:38 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
2
etag
W/"ea00-189d48c64f0"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59904
x-cached
HIT
x-amz-cf-id
1c4K_JJMhKZqs7Z9hKCSrr1ifuqz5J-ypoX2NfbHkN0Vjk7i8xLOcw==
almoni-neue-aaa-400.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-400.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:38 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
2
etag
W/"e770-189d48c64f0"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59248
x-cached
HIT
x-amz-cf-id
UWp0w_ZGbdIgyTyKsrw4X6G2IdTfuVffKuH1MGfKtGgu7yDLXXtAzw==
almoni-neue-aaa-500.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:38 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
2
etag
W/"e7c0-189d48c64f0"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59328
x-cached
HIT
x-amz-cf-id
B60Zy7jmpVQoLonpHMkqsuq8eQAmxcg3nUmJKFgZt5CqP-UVlBwpbA==
wallaicons.woff
www.walla.co.il/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:03 GMT
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:38 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
age
2
etag
W/"3bdc-189d48c64f0"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15324
x-cached
HIT
x-amz-cf-id
obE3LQp8UpbnOZKBk6ZR9X8gZf-gQvUVi432lIbSsYtGJ1M4dS7utQ==
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230808-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:04 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
227286
expires
60
/
www.google.com/pagead/1p-user-list/964224610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/964224610/?random=1691566084942&cv=9&fst=1691564400000&num=1&guid=ON&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&fmt=3&is_vtc=1&random=314085983&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/964224610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/964224610/?random=1691566084942&cv=9&fst=1691564400000&num=1&guid=ON&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&fmt=3&is_vtc=1&random=314085983&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1616785908557850
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1616785908557850?v=2.9.121&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6d27cd6533be72e68832a393f3b7cf61a7635496ede26b8a7acbb985565e24a0
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 09 Aug 2023 07:28:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89034
x-xss-protection
0
pragma
public
x-fb-debug
XjBHwHc+Asu+8kbAhkuihc8cxX7q07rEHQwKah1WxWgw7AvfP9y11yvxVYBMLPkuCdA6WSR6xwtY9KWwGDShDw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1691566085527&sw=1600&sh=1200&v=2.9.121&r=stable&ec=0&o=30&fbp=fb.2.1691566085526.682578137&cs_est=true&it=1691566084939&coo=false&exp=a1&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 07:28:05 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
walla.json
www.walla.co.il/public/player-config/ Frame B42A 		111 B
481 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player-config/walla.json?cache=1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player_445607a52df06e395055_445607a52df06e395055_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
51f3359dfda7f7e3bb7ca5440eba096f6b170c38da65853d53fc56bdd65f396a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified
Tue, 08 Aug 2023 09:48:38 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C1
etag
W/"6f-189d48c64f0"
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
111
x-cached
HIT
x-amz-cf-id
gsAWCn1_ynhuOWQ----X9Rl-GjrNqwr0t27-TZdFR_ofZlKknfcWUQ==
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.walla.co.il%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.walla.co.il%2F&rid=esp&cc=1
85 B
201 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.walla.co.il%2F&rid=esp&cc=1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
38ab42b3fc46201e8596ed0b1640d0525838ab325b5437a387c2978a359d20b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-/CF2TDi1fPS5nbW0rtaIuasou4Y"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 09 Aug 2023 07:28:05 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.walla.co.il
location
/esp?url=https%3A%2F%2Fwww.walla.co.il%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ef6e6dfd4d82f26303e757b5895d9c9aac7424484bc74cf386055d1bb3e940f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 07:28:05 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
489123
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Thu, 03 Aug 2023 15:25:21 GMT
Server
cloudflare
ETag
W/"d28a1b0d6dc3203c62f341488d62736b"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVS8wJFODXFoEfMYMhatGWfDu9N4SkbiizzXm0H1DpKKlPKxTpEREC%2BI85lIfH6rqglJ1uK2tq8ZPyCVHq9chZr9h2%2FHBc0PnTurk%2FJx7Qvycki5MfrVpS5qvXVAbKeVew00Qn63iDH1pPWL"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7f3e47c3592719af-FRA
syncframe
gum.criteo.com/ Frame 59D7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.walla.co.il
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 07:28:04 GMT
server
Kestrel
server-processing-duration-in-ticks
233007
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
increment
id5-sync.com/api/esp/ 		0
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Wed, 09 Aug 2023 07:28:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 09 Aug 2023 07:28:05 GMT
server
Google Frontend
x-cloud-trace-context
7184ea633e2e40fc64d445a2df4685f6
x-request-id
undefined
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
x-request-id
744409f0-8c65-46e0-8254-4ec1e58e3e04
x-vad-version
0.13.10

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
764f8f894abc8f39bbd007e409836916
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
x-request-id
undefined
ads
securepubads.g.doubleclick.net/gampad/ 		109 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2455748603182811&correlator=2249336859389642&eid=31076398&output=ldjh&gdfp_req=1&vrg=202308030101&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cskyscraper_desktop%2Ctop_desktop%2Crectangle_hp3_desktop%2Cpremium_rectangle1_desktop%2Cyad2_rectangle_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7&prev_iu_szs=120x600%7C160x600%2C1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%7C1200x1%7C1200x90%7C1200x250%7C1200x330%7C1200x350%7C1200x550%2C300x250%2C300x250%2C300x250&ifi=18&didk=1193244742~1193245113~1193245112~1193245115~1193245114&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1691566085688&lmt=1691566085&adxs=1480%2C920%2C516%2C200%2C516&adys=160%2C173%2C839%2C839%2C1105&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0&ucis=i%7Cj%7Ck%7Cl%7Cm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=120x0%7C1200x0%7C300x0%7C300x0%7C300x0&msz=120x0%7C1200x0%7C300x0%7C300x0%7C300x0&fws=4%2C4%2C4%2C4%2C4&ohw=120%2C1200%2C300%2C300%2C300&ga_vid=696463884.1691566084&ga_sid=1691566085&ga_hid=2010905537&ga_fc=true&ga_cid=1062162117.1691566084&dlt=1691566083632&idt=1381&prev_scp=slot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drectangle_hp3_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dpremium_rectangle1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dyad2_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&cust_params=permutive%3D&adks=2273020715%2C885339186%2C1717219177%2C1472875564%2C2299111211
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f46cd668eeff4772722ba6e57ae87351c1ba6209745cf6a26f1371294e13420c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33072
x-xss-protection
0
google-lineitem-id
-2,-1,-1,-1,6354285027
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1,-1,-1,138441479801
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.170.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-170-80.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
130ce0343a43f45256e2d6bf2dffe8392fb2fbb795b2a27513661280456f9924

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache
x-server
10.45.29.74
access-control-allow-credentials
true
content-length
60
expires
0
sid
mug.criteo.com/ Frame 59D7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=O-viLXxwcEdzMlZwMFhrZ0E5Q1NOY2VEZGZiM2JIcGI5RWZ5UkZKMC9ZcTBCZmVCWFBVRi9VMzVtaDQwcHE0RVMwZGxvQXBQeG8zUHVUMitmZEo2VFFUYWZhY2k3d2ZKK3U5bDJMeVNscGIxODE4VEM0dWpNRzBaNFVGL3...
435 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=O-viLXxwcEdzMlZwMFhrZ0E5Q1NOY2VEZGZiM2JIcGI5RWZ5UkZKMC9ZcTBCZmVCWFBVRi9VMzVtaDQwcHE0RVMwZGxvQXBQeG8zUHVUMitmZEo2VFFUYWZhY2k3d2ZKK3U5bDJMeVNscGIxODE4VEM0dWpNRzBaNFVGL3cxdERRcFZNWUpWUHo1ZFVNVGZJVXVIZ0FOR0xJbTlnVW1rT2szNFlKUFRlYlEzZUJSRGxGOEZXSkdGcUtwYjcxbUd0Ry9NKzBMdEhXdlpLSVdwRmhoSmNvaWJNanAyN25KeXlGSnkvamVHeXpYbXltMC9LNnJERm10NXJiVTdmekNiM2NPNkVBK01GeDArdDcwd1dIZkJYQnFCOUhzZz09fA&cppv=2
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8746c2486406c13a1447d2f4c155e42d866b54b8df6c929d54e61370f72dbeb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1160388
expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:04 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=O-viLXxwcEdzMlZwMFhrZ0E5Q1NOY2VEZGZiM2JIcGI5RWZ5UkZKMC9ZcTBCZmVCWFBVRi9VMzVtaDQwcHE0RVMwZGxvQXBQeG8zUHVUMitmZEo2VFFUYWZhY2k3d2ZKK3U5bDJMeVNscGIxODE4VEM0dWpNRzBaNFVGL3cxdERRcFZNWUpWUHo1ZFVNVGZJVXVIZ0FOR0xJbTlnVW1rT2szNFlKUFRlYlEzZUJSRGxGOEZXSkdGcUtwYjcxbUd0Ry9NKzBMdEhXdlpLSVdwRmhoSmNvaWJNanAyN25KeXlGSnkvamVHeXpYbXltMC9LNnJERm10NXJiVTdmekNiM2NPNkVBK01GeDArdDcwd1dIZkJYQnFCOUhzZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
234781
content-length
0
expires
0
sync
event.dxmdp.com/rest/api/v1/ 		13 B
326 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.171.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-171-254.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Wed, 09 Aug 2023 07:28:05 GMT
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame B42A 		345 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player_445607a52df06e395055_445607a52df06e395055_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cc8c89436c57b5812f3d1ad26420a90f2102682d5e262dc289a1214c9010204
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121802
x-xss-protection
0
expires
Wed, 09 Aug 2023 07:28:05 GMT
truncated
/ Frame B42A 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
json
trc.taboola.com/wallail-walla/trc/3/ 		99 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/wallail-walla/trc/3/json?tim=07%3A28%3A05.882&lti=deflated&data=%7B%22id%22%3A643%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1691520857697%2C%22vi%22%3A1691566085878%2C%22cv%22%3A%2220230808-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A11482%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Left%20Rail%20Homepage%22%2C%22orig_uip%22%3A%22Left%20Rail%20Homepage%22%2C%22cd%22%3A1106.484375%2C%22mw%22%3A298%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-g%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Homepage%201%22%2C%22orig_uip%22%3A%22Mid%20Homepage%201%22%2C%22cd%22%3A4298.984375%2C%22mw%22%3A864%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-g%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Homepage%202%22%2C%22orig_uip%22%3A%22Mid%20Homepage%202%22%2C%22cd%22%3A5465.984375%2C%22mw%22%3A864%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-g%3Aabp%3D0%22%2C%22uip%22%3A%22Homepage%20Endless%22%2C%22orig_uip%22%3A%22Homepage%20Endless%22%2C%22cd%22%3A11482.0625%2C%22mw%22%3A863%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHomepage%20Endless%3Dthumbnails-g%3Aabp%3D0%2C%2CLeft%20Rail%20Homepage%3Dthumbnails-a%3Aabp%3D0%2C%2CMid%20Homepage%201%3Dthumbnails-g%3Aabp%3D0%2C%2CMid%20Homepage%202%3Dthumbnails-g%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230808-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9440b1359bb2fec7074717565f7e4346cf9d48161d294ff95d1340d7fb7340a4

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
883
date
Wed, 09 Aug 2023 07:28:06 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
7479
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230031-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1691566086.891520,VS0,VE883
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1691566085885&sw=1600&sh=1200&v=2.9.121&r=stable&ec=0&o=30&fbp=fb.2.1691566085526.682578137&it=1691566084939&coo=false&exp=a1&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 09 Aug 2023 07:28:05 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
sync
event.dxmdp.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.171.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-171-254.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Wed, 09 Aug 2023 07:28:05 GMT
server
nginx/1.20.0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308030101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ad53957ac72c8e4dd7d1786689889bade3f9aff63118fc36118600cc6fd7574
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11791
x-xss-protection
0
dmp-common-iframe.html
cf.dxmcdn.com/dta/ Frame 1CD5 		193 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=&monitoringConfig=%7B%22uuid%22%3A%22bc8a7a32-7d98-4226-8af9-d2a43a8621cc%22%2C%22enabled%22%3Afalse%2C%22verboseMode%22%3A%22ERRORS%22%2C%22sampling%22%3Anull%2C%22observedUserId%22%3Anull%2C%22includeDatabase%22%3Afalse%2C%22includeLocalStorage%22%3Afalse%2C%22includeLoggerState%22%3Afalse%7D
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4c00:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62db05cbc08f8a152afa78e6c309221aac46be5a9927d700dc5dcd79b694af7d

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72972
content-encoding
gzip
content-type
text/html
date
Tue, 08 Aug 2023 11:11:54 GMT
etag
W/"26fac2aab0da1220dfb31537337da864"
last-modified
Thu, 27 Jul 2023 07:10:40 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
x-amz-cf-id
Lega6Zhy-TOYgaArteLbyYEt_J7sEmCo4O94Q8Ec9Qx81NoNOYRrsQ==
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
qHjCUfZm1tQdGgBJuTqxtyNTpiQNb5ro
x-cache
Hit from cloudfront
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:28:06 GMT
c4b7cb53-dcfd-4366-a094-0b48c991c9c2
https://www.walla.co.il/ Frame B42A 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/c4b7cb53-dcfd-4366-a094-0b48c991c9c2
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
playlist.m3u8
amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/ Frame B42A
Redirect Chain
  • https://cdn-uw2-prod.tsv2.amagi.tv/linear/amg01742-walla-wallanews-ono/playlist.m3u8
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
Protocol
H2
Server
99.86.4.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-49.fra6.r.cloudfront.net
Software
/
Resource Hash
8e8e99a6d11656786a8e692f3cbfcae9bbb6c02a2583360abcfdf2d9b2cc1dd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
via
1.1 google, 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Wed, 09 Aug 2023 07:28:06 GMT
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
null
x-cache
Miss from cloudfront
cache-control
max-age=0
access-control-allow-credentials
true
x-amz-cf-id
jZUgx3ImXzjBXo7HSYXSLtwQgvzphMs04XVkOwrJtJ033XktjEMvTg==

Redirect headers

date
Wed, 09 Aug 2023 07:28:06 GMT
via
1.1 e44e0b24e706487eaec6b9e01f2166dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
vary
origin
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
access-control-allow-origin
https://www.walla.co.il
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
0aEIrR7tYE32jJ2rQmZO_n9UOjBZYHh_XXfOXRjLIPcUKfwbBWHTbg==
bridge3.584.2_en.html
imasdk.googleapis.com/js/core/ Frame CED8 		718 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0267d5ec7e7ef7a525893a3fe2d6833c3a3810a12d45907c2017e9c45159a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
18372
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
235822
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 02:21:54 GMT
expires
Thu, 08 Aug 2024 02:21:54 GMT
last-modified
Wed, 02 Aug 2023 14:27:41 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame B42A 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 07:28:06 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FC4F 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ea555c1e979c28e1d20d729c64ff36b267b83dcabdefe96460d9ae860e4082f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 06:30:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13681
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 22:37:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:30:51 GMT
integrator.js
adservice.google.com/adsid/ Frame B42A 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 0C37 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 09 Aug 2023 07:28:06 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
f8187e3d-4b2b-47dd-aafd-6843c4579f8e
https://www.walla.co.il/ Frame B42A 		6 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/f8187e3d-4b2b-47dd-aafd-6843c4579f8e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
443343d25e80e7e80b0ed2f16bb6aeab2fa933b1ec58470234ef3505eb56e73e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
5872
Content-Type
application/javascript
f617b3ef-fada-4ab1-9eb8-83c7135a48d5
https://www.walla.co.il/ Frame B42A 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/f617b3ef-fada-4ab1-9eb8-83c7135a48d5
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31f4c5a62160b5b5551d04087e5b4d28a320414b826e210c82030e179badfcfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
80351
Content-Type
application/javascript
76030a11-17e3-4767-b2a6-4913afee08a9
https://www.walla.co.il/ Frame B42A 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/76030a11-17e3-4767-b2a6-4913afee08a9
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31f4c5a62160b5b5551d04087e5b4d28a320414b826e210c82030e179badfcfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
80351
Content-Type
application/javascript
/
www.facebook.com/tr/ Frame 3B2E 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.walla.co.il
Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 07:28:06 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 		210 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fdb3a5f6e3182c980503f12c3b7d7a6cbbf899db34df26816ac905acb58f7cdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:35:42 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=153511
accept-ranges
bytes
content-length
65459
expires
Fri, 11 Aug 2023 02:06:37 GMT
/
csync.smilewanted.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b62a89701f26ec1da28a7957e9dbdf26c5151089025c31795f9534a0ea878600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
7f3e47c69b8b2c76-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1C32 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2495
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 06:46:31 GMT
expires
Thu, 08 Aug 2024 06:46:31 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1C9B 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9587711047179611217ac50366774405d064bcece0024d060ed88f8023f493c6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Z0zAsiSTtU2m1p_wza8ttg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-Z0zAsiSTtU2m1p_wza8ttg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 07:28:06 GMT
expires
Wed, 09 Aug 2023 07:28:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ads
pubads.g.doubleclick.net/gampad/ Frame CED8 		44 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=43010785%2Fwallanews%2Fmain%2Fpre_desktop&sz=635x360%7C640x480%7C640x480%7C640x360%7C635x360&url=https%3A%2F%2Fwww.walla.co.il%2F&description_url=https%3A%2F%2Fwww.walla.co.il%2F&cust_params=app_name%3Dfalse%26providerId%3D0%26item_id%3D0%26vertical_id%3D173%26vertical_name%3D%D7%95%D7%95%D7%90%D7%9C%D7%94%26category_id%3D0%26item_type%3D%26exclusive%3Dnot%26login%3Dno%26isMobileApp%3Dfalse&output=xml_vmap1&vpi=1&gdfp_req=1&env=vp&unviewed_position_start=1&vpa=click&vpmute=1&sdkv=h.3.584.2&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=2054437229&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.584.2&media_url=blob%3Ahttps%253a%2F%2Fwww.walla.co.il%2F506f3371-f390-4528-8fa9-521d64bec594&sid=80DE81BA-2371-4162-9BDF-A4550CE4B9D8&a3p=EhsKDDMzYWNyb3NzLmNvbRi8p8jJnTFIAFICCGQSGQoKdWlkYXBpLmNvbRi8p8jJnTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGOWsyMmdMUgAUgIIahIcCg1jcndkY250cmwubmV0GLynyMmdMUgAUgIIZBIZCgpwdWJjaWQub3JnGIOsyMmdMUgAUgIIahIXCghydGJob3VzZRiBrMjJnTFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YvKfIyZ0xSABSAghkEj4KBW9wZW54EixleUpwSWpvaVFUQjNlR0ZMTjFoVGJVTkJOVzluTmpZdk5FZHdaejA5SW4wPRi3r8jJnTFIAA..&nel=0&eid=44752711%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fwww.walla.co.il%2F&top=https%3A%2F%2Fwww.walla.co.il%2F&loc=https%3A%2F%2Fwww.walla.co.il%2Fpublic%2Fplayer.html%3Fautoplay%3Dtrue%26imaAdUnit%3D43010785%252Fwallanews%252Fmain%252Fpre_desktop%26imaKeyValues%3D%257B%2522app_name%2522%253Afalse%252C%2522providerId%2522%253A0%252C%2522item_id%2522%253A0%252C%2522vertical_id%2522%253A173%252C%2522vertical_name%2522%253A%2522%25D7%2595%25D7%2595%25D7%2590%25D7%259C%25D7%2594%2522%252C%2522category_id%2522%253A0%252C%2522item_type%2522%253A%2522%2522%252C%2522exclusive%2522%253A%2522not%2522%252C%2522login%2522%253A%2522no%2522%252C%2522isMobileApp%2522%253Afalse%257D%26muted%3Dtrue%26player%3Dwalla%26stream%3Dhttps%253A%252F%252Fcdn-uw2-prod.tsv2.amagi.tv%252Flinear%252Famg01742-walla-wallanews-ono%252Fplaylist.m3u8%26url%3Dhttps%253A%252F%252Fwww.walla.co.il%252F%26ver%3D2023&dlt=1691566085066&idt=1117&dt=1691566086241&cookie=ID%3D85658738cf374ece%3AT%3D1691566085%3ART%3D1691566085%3AS%3DALNI_MYTjO8ks-KAx5puemUIZEKBq5-c3Q&gpic=UID%3D00000c7bec87bb50%3AT%3D1691566085%3ART%3D1691566085%3AS%3DALNI_MbLHyYQnGkJe-uHx-uhL9PB13YwAA&correlator=4436977849903369&scor=748345943750764&ged=ve4_td1_tt0_pd1_la1000_er1700.200.1700.200_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6917b33076ffd259c69c11e93820e07dc58ff4c018311ec3989ea11093777d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7842
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
162
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7f3e47c73c202c76-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1C9B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308030101&jk=2455748603182811&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
Vloq3LDagqi2kuRGSt5vD8DbQH2ZGv6B4pAAPal6pxA.js
pagead2.googlesyndication.com/bg/ Frame 1C32 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Vloq3LDagqi2kuRGSt5vD8DbQH2ZGv6B4pAAPal6pxA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
565a2adcb0da82a8b692e4464ade6f0fc0db407d991afe81e290003da97aa710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 07:44:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
85400
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14582
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 07:44:46 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 0EA5 		0
336 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f3e47c79c882c76-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 09 Aug 2023 07:28:06 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 119F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
generate_204
tpc.googlesyndication.com/ Frame 1C32 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?wBLONw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
ap.lijit.com/ Frame 57F9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Wed, 09 Aug 2023 07:28:06 GMT
X-Sovrn-Pod
ad_ap2ams1
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
bid
ap.lijit.com/rtb/ 		95 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.5.0
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
cd61182b65f2a79943ceea15b05057776a50ffb301cbb950a4af792e0b78bece

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 09 Aug 2023 07:28:06 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.walla.co.il
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
prebidjs
rtb.openx.net/openrtbb/ 		53 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4981f065490974105603631a34f5101c85dc3bac08be7057f546e1ebcd682e9e

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ib.adnxs.com/ut/v3/ 		140 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c49df16b0ef2dccd70ef3976c112e9d8ec1303319ead1cf54eb7de63a8260ea5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
an-x-request-uuid
1bfe0353-86bc-4278-b9ef-0aa0b4c00bda
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.38.134; 138.199.38.134; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=715831
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d7c5d19d034af10c6cf56239d9a8c3991144d3da6fac1bbd14dfec193de1120

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZBO1s60zbCyn2XTDODdAhQILB9bMtR13PwlSjYVb71frf%2FQSvazaqTr8bhavsDoZWbrhFdrLU0H7AE8UMptTK45TQeGWa3NUIEguZVG8zU%2BeZ0gGX%2FfHTSwOl7MwkxKoUER5y%2FNq"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f3e47c82ad735f0-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Wed, 09 Aug 2023 07:28:06 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
hb
ssc.33across.com/api/v1/ 		67 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
b11c98023d9dd0752e8774b1d7cfde728054b4ab4de9b275271e2222584c96f2

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7f3e47c82d572c76-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
2214040
bs.yandex.ru/prebid/ 		0
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
last-modified
Wed, 09 Aug 2023 07:28:06 GMT
x-yandex-req-id
1691566086443613-1093210768485401481500301-production-app-host-vla-pcode-451
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Wed, 09 Aug 2023 07:28:06 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		380 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=765c2207-9a9e-4119-afd0-92ece6a0faf9&l_pb_bid_id=148b1048e82f8bad&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=27c22edf-4442-421a-98af-3e7e6d2e873c&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&slots=1&rand=0.04225677270712569
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
dcbe550169d226bb268697e6fcdb33a4e546a6fd7c75dcf269afb53943a97ac7

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
380
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.5.0&cb=19402897207&lsavail=1&bundle=EHV1C196aFdHN1pCM0JLZVA4RmpSWkZPTyUyRmt1OUNQSXYzY2poQzVKNTBpMXhMWm9xaVJ6azZIb2xZRnlKVjlSN3RqZSUyRkUlMkYlMkZ5VUJHdmF0OFpWRm5FNElORDZjSDV1RXcxRFpxM2g4Z1ZGMlFGWE1yT0tYYVJaWTNZR1ZWcHBZOUdnUCUyQnJlUjI5em9VN1pZNzhxN1N4VG9zZkN3JTNEJTNE
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d4942b70cf508e133781ee59af4563401e595263ad6e55a68f905531aeb498c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		360 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.walla.co.il%2F&PageUrl=https%3A%2F%2Fwww.walla.co.il%2F&PageReferrer=https%3A%2F%2Fwww.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
6d524b11312b9b706f71ab88b918c07609aad905462c7cdfd707edf7d7f9778c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
52
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
360
expires
0
prebid
mp.4dex.io/ 		60 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Wed, 09 Aug 2023 07:28:06 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1241
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f3e47c83ef31c9f-FRA
expires
0
auction
tlx.3lift.com/header/ 		19 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.5.0&referrer=https%3A%2F%2Fwww.walla.co.il%2F&tmax=3000
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.157.81.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-81-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
accept-ch
sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height
x-auction-status
12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Wed, 09 Aug 2023 07:28:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
container.html
936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 44B0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 07:28:05 GMT
expires
Thu, 08 Aug 2024 07:28:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E67B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 07:28:05 GMT
expires
Thu, 08 Aug 2024 07:28:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9F78 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 07:28:05 GMT
expires
Thu, 08 Aug 2024 07:28:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 7A32 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9ULVXprwnnZL-BGAMwM2NdROIfH7NwCuzHxfDumxeAa_Y3w6RkEXv4yibbNfDMripJMNsYP1P2ioLOht7YONsmOCQFVOTW1gygoSiqaPUH-lajiyEJA69r_oNGs1KCjx8ujyiVIJL4_OiXxp8vYMj2qK_gVB_fZcjCKm046JAVBhsgX0uSt3Tz1zsEM2aUMrq5lSzbQ5rgy7Hj9u-6oZoPiwprqCsKCkOUEpkux8hgmnysjNZ_2QcY4cBk-iNix2_AQ7u3tykr_DMFbKcfmnw9yxVO5ly5sqhc5V9QaKbIk9XtfJaBQxDGwwRzIkEF0GnvZsh9jvErsIpIV2LTOAhT0XU3j0l44x7A7rbPw&sai=AMfl-YQukld-LERaX3mUldsakgU8IXO1Qg9zBHHtUui39vW9eZ9wEaPFiQgEnSKNzzdOY-TxiFa50Tg1fzNykH7tVQUs5JdD3EbBsvxxjOa21wnyt6KxtLdfzm-sMW445Q&sig=Cg0ArKJSzEp2N-VHB951EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230807/r20110914/client/ Frame 7A32 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230807/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 18:26:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
46889
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 18:26:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7A32 		179 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57420
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691408699217355"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Aug 2023 07:28:06 GMT
3367633535501878256
tpc.googlesyndication.com/simgad/ Frame 7A32 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3367633535501878256
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
677e47016f92a93a26d7ec18f62b8a7fc61cc5db11a44f0c123ba11deea241bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 07:22:36 GMT
x-content-type-options
nosniff
age
86730
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39142
x-xss-protection
0
last-modified
Tue, 01 Aug 2023 07:20:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 07 Aug 2024 07:22:36 GMT
l
www.google.com/ads/measurement/ Frame 7A32 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTYzUtKczoe2dS45Id6TlhjtZEEouelw9jtep8MLhBrQ8SryjJh-XI81cKGe9e8NxLVsyWQVbQtgj8dVSIHb1B_Iy2Ybg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
truncated
/ Frame 7A32 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e20086d70b0cad1c8fa9d16ad11e0f5c1c142c274b25edb986c31836df86ecf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/ Frame 01A2 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.walla.co.il
Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 07:28:06 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
index.m3u8
amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb543d1d736c648793d43c6ecef043a4f9421fde1d6988693eb5518975d1073edce2a59caa08ff16388f1ede7f0a66413a3e951fda77118fd87... Frame B42A 		13 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb543d1d736c648793d43c6ecef043a4f9421fde1d6988693eb5518975d1073edce2a59caa08ff16388f1ede7f0a66413a3e951fda77118fd87eb141453c5728cfffe729a2c05616b7db083429b56a062a866a68ac39437ed0e21f48a238b6720a5aa82a66443d80b846ac7757db80148e78208bb3dc66396d390ec90c1fbcbf5ba0f8ff5e43ca78a5b91b4cc12a46e59f41cfdc1aa681d50ecb5ed770f7118094f2da811783d5c264af04b206ed394809f134bd41a82dd7a0f84d1cde160f430c58e7ad8a8c3f56e462762c347b56dd1f9936db9b2a91654dc36825e85651f81a8c1ba6ef45a6b8a9cb024034e4e95a6829e295c81832e452cf04d38793b85b798ae5113220a3088e727869c3af8f7c2ca26413b7e233e0063418b9cd6b2a6c8ebdae90c727b930d8c8e49d72604b71080b886770fb07cf04d262a1c21f2013180afdda1df38fd75a3f755cc6ae6a94424bf78bd0c3e807359c34401af0368d12454ddc246079d228fbb13578c67359d27b6ead187dab6ac89500b9e7d7ec0d3ef5f9c241f460a6f529dae40da468730853e6bc7c11101b2480a0375a6039f044e2d2d8e8385c53bbb99ea8b226526d0e1e5c0884f5f430cadeb24e33228102762e246a54fc62f166d007450554b93ddbbe067980466c6dd1ae3159557b858ad6a582c5c150ba6fd9acac607b7838783e05bf945b05356002c7c3e8c6/194/640x360_642400/index.m3u8
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/9330_f4446c29729bfb4db823_f4446c29729bfb4db823_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-49.fra6.r.cloudfront.net
Software
/
Resource Hash
7d3bb7053dfc6db6c440055af968857d61a3f5dc5da9ca284349b61395719a2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
via
1.1 google, 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
content-encoding
br
last-modified
Wed, 09 Aug 2023 07:28:06 GMT
x-amz-cf-pop
FRA6-C1
x-cache-status
FRA-fa985ced, miss
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
https://www.walla.co.il
x-cache
Miss from cloudfront
cache-control
max-age=1
access-control-allow-credentials
true
accept-ranges
none
x-amz-cf-id
5fUZ3W6F3gb42FPBoCrirbhqjX6LVmPW9zs-dA7bMu_jfzOtWfOVmA==
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 3D50
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
95 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Wed, 09 Aug 2023 07:27:59 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Wed, 09 Aug 2023 07:27:59 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
RX-9672974b-8871-4a5e-8a78-70b8c34afcee-003
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame E183
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1691566086574
  • https://ad.turn.com/r/cs?pid=45&rndcb=760331375
  • https://sync.1rx.io/usersync/turn/2802653728290887916?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-9672974b-8871-4a5e-8a78-70b8c34afcee-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-9672974b-8871-4a5e-8a78-70b...
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-9672974b-8871-4a5e-8a78-70b8c34afcee-003
0
518 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-9672974b-8871-4a5e-8a78-70b8c34afcee-003
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f3e47cc39f32c76-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 09 Aug 2023 07:28:07 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-type
text/html
date
Wed, 09 Aug 2023 07:28:07 GMT
etag
RX9672974b88714a5e8a7870b8c34afcee003
location
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-9672974b-8871-4a5e-8a78-70b8c34afcee-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0C5D 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNXr8AKTu0z63-i4uo8n1g8xJDLjUiAHKczdH4Aw79GMvjQa6lQ0xutgvhrUI0QGS7lBZiqfpdE5U3393oFKr6T-f-x96IdDdMoQVB2GI3LFJctZ7HHXseX5WAlg30VeFmR_Xpu50Liqwkwjp-TLDIWNlbqh-xgohEoEYEEKkHJmeVvUcUM
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 07:28:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 44B0 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 07:28:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 44B0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DoHJWH5dHa1VMFHBg4STDjbWSmoeGzDCUizRdGI1BaLOJFluSkKAQqxc_-8Ofx0Zr2aBdSCfWw65ABWeof0Ot2iuiHr8GRlOvBcqVT6uhHrRQPXzk
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 44B0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1583146144171356920&x=1&ct=76
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230807/r20110914/client/ Frame 44B0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230807/r20110914/client/window_focus_fy2021.js
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 18:26:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
46889
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 18:26:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230807/r20110914/client/ Frame 44B0 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230807/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 14:19:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
61724
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8261
x-xss-protection
0
server
cafe
etag
3571037177597359341
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 14:19:22 GMT
l
www.google.com/ads/measurement/ Frame 44B0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTEVFIEMCaisLxIe9bjUZRATxZHcjQaKiZ5h-W4NJuKDZ8ZbsyXCQieiRr8Uz8uNcSeuKHrMzf3S_Q_CJI3UP0jXSnkRw
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 44B0 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57420
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691408699217355"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Aug 2023 07:28:06 GMT
aa603f5a-4def-52dd-9aa0-c7c7fe7387c1
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame ACC6
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=1152876241744598739
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/aa603f5a-4def-52dd-9aa0-c7c7fe7387c1
0
393 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/aa603f5a-4def-52dd-9aa0-c7c7fe7387c1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f3e47c9befa2c76-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 09 Aug 2023 07:28:06 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/aa603f5a-4def-52dd-9aa0-c7c7fe7387c1
pixel
googleads.g.doubleclick.net/xbbe/ Frame 169E 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY1535xgEwAQ&v=APEucNVW0LDxYeBKXmMA4Hhmz2mhlOF7VuuR2I9rRmALRRxCFCIqqwJnhOnEcE0JUZ3Zr5ufiZMF-fzXW1rMnXqkOyoaBT3a8CIKGeADg_4tgJqmBPJCws0mcrnIacIWlr-o1LZE6WJh2CrZu1IH5cygbtMSv5IW0O6Oq7aB-Q5ONNDTt1IQJDs
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 07:28:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E67B 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 07:28:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E67B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CkjjeSCdTL57IxyMqLAW_Nxp3b1wCK0s0dE7caBBK6j4tGtoPai6VpWvAVdg03zuHu3wJmDVeGkXFL9dsiRm0OeSUxs12ELRa4SuZVrLnX2g-YdS8
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E67B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5254536827591249564&x=1&ct=76
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230807/r20110914/client/ Frame E67B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230807/r20110914/client/window_focus_fy2021.js
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 18:26:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
46889
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 18:26:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230807/r20110914/client/ Frame E67B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230807/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 14:19:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
61724
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8261
x-xss-protection
0
server
cafe
etag
3571037177597359341
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 14:19:22 GMT
l
www.google.com/ads/measurement/ Frame E67B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQAuSH72QAnlQJviWPlytp_xpLyQIbZQ1PEmpuh0SwyjOBIiOiKHETNYdYVlp58pY5NB2Ow-IQovgKp0sJDZdPcINkdDw
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E67B 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57420
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691408699217355"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Aug 2023 07:28:06 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 103B 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY1535xgEwAQ&v=APEucNX-zFCtQj0E-xXya47pex3UWebg9L09TnNLQUzw56MxECxFSk5TNs116H5LReCFzGsDLnzXG8fUxQW4EWfK3XUS_27rc426UO8cpjkF2VMj9t5XYaJWWY-t3mWJlKLCzw2VBmfgyR77XUVXb1524QOqA0Ow81jICBGY0iBdw5vlZgyZvtg
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 07:28:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 9F78 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30167
x-xss-protection
0
server
cafe
etag
12949109546734229676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 09 Aug 2023 07:28:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F78 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CqWNz0ZZDCgwEJVVr0Rp4Xw-OLBrUgt3LsH-aC-COFpg40LxKPY1Kb0nqce387hnLjMoMvLESzeKGVoTS77R-31ej_0OLOP1Gm5Ec8uRoMmDrG9fo
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F78 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11443601781309093063&x=1&ct=76
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230807/r20110914/client/ Frame 9F78 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230807/r20110914/client/window_focus_fy2021.js
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 18:26:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
46889
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 18:26:37 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230807/r20110914/client/ Frame 9F78 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230807/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 14:19:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
61724
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8261
x-xss-protection
0
server
cafe
etag
3571037177597359341
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 14:19:22 GMT
l
www.google.com/ads/measurement/ Frame 9F78 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR1faPyqHJaZDdA7fPv8agyTDGnS7TGDNhyY3WRelw4Y8aWAuRfEvrL2nJlX0aNDCZPOJLhXheczMJaLRj0yrMNe4e34A
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9F78 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57420
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1691408699217355"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Aug 2023 07:28:06 GMT
winner
hb-dot-valuad.appspot.com/analytics/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics/winner
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
x-request-id
a12f2376-7b5e-4862-978d-371953fa5e5e
x-vad-version
0.13.10

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
f32c684a7e1bd2393a13488ce1428ca8
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
x-request-id
undefined
winner
hb-dot-valuad.appspot.com/analytics/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics/winner
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 09 Aug 2023 07:28:06 GMT
server
Google Frontend
x-cloud-trace-context
ecdf4a53dea496a1486beaa5c3897b8f
x-request-id
undefined
afr.php
ads.eu.criteo.com/delivery/r/ Frame EEFB 		184 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c552060330a3da38377c93a64bb61791fc2f31548244d3d23f38d101555ab70b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 07:28:06 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=zjK1Z6oo7hQZ5HEVxWa_i9qJxJJfZ10vV1bUJjYpNbifkIAenjw1BO1BqR4HDIXbaPuUu2T9M4lRVhv8pqD9yAQhMBDu-6-edYDGKvXw9DuRpvIs3wTbU-0MlFncjhwvOIP2UQ0ycaGQ3Omcs5K5IIe21vreqSoxAtRjElYzXsCDCToz_haRc9_lqX4jxh1FmMSgSDSlDsP94zFrAi9GwND39SN5jFHa9OmSgU059e-XpnMJIscbsSzhTuQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
79001973
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 09 Aug 2023 07:28:06 GMT
server
Google Frontend
x-cloud-trace-context
9513899ce1c221e387db94eda10dee15
x-request-id
undefined
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
x-request-id
2295f571-4fe6-4055-b673-ed95401a8a8a
x-vad-version
0.13.10

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
78de5de8cc95af9a8fac797ea307cf3f
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
x-request-id
undefined
tpd
cat.fr3.eu.criteo.com/ Frame F467 		43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/tpd?dd=PoXRiF9BdlglMkZkJTJGT3QyM21pUk8ydThFam5VSmpIRjlzT0dNSW5MMkJ1QkNSakdORkxPcVpvQmpvb0NXU0k4WVR0UlQ5TmFCWW9ORVRaRm40NkNWdUNvVUYyTFFkRU96bEZQUng1TjFSd1dGNTFHUDM2bGZhUGxOU3oyWmwlMkJkZjBwUExFNDdjT0d1c3hGaFhubDZHWDg5YTdwWkRKMVlwTE5PcEZPTWhnVUtsRnBCRWVnVDFOMndsSjM1dTIxbWJIeHlTbmVSbFFjVWxRT0I2SUxvNlFDOUQ2UDdxYXdnTlNNeERNVG02WnFUejRBZlA2cUhKbVIlMkJSeUFRR1lsbTBpWGlJTmNSdFdPbUR2WE9NTUVDRmpXenhvQUxoTmtkMnJrekRLclpnenJ1d3ZGTWU1WmFMNjIzazdvMjZwd3Vpd1Roc1dkckNkTDJ3N0ljcHJEN3ZYQlM3Vkh0QlFjMjBPU0M5dUIwNWRKSmYxN2M0ZllWQTNYSUtQQ1NlMVBOTjYlMkZTUzJMNGFKZW1EbHNyMXlZdTFGZUUxYWVyMmlJJTJCWjNlVGlMZEpqcWJhNnVoUXZrb2MlMkZsSkk0JTJCakhPYzRqd2cyNmtaQg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
161362
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
smwt256.gif
us.ck-ie.com/ Frame ADA3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Wed, 09 Aug 2023 07:28:06 GMT
Server
nginx
view
securepubads.g.doubleclick.net/pcs/ Frame 7A32 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqg9s_q7iJ1X4ukDLe4AnTPUoEN2-7RlAZ9IOrJBeU6s0LFNcbV4J1knQGAEPwxgZnKQnsD7j_mqkVvRbIu12XgX4Z35fr5ZA3rzH09dB3G7bQCxG9aaSufb9SlMwvt0qbZ35BzHa7eNIkARBb2B7lZKAJxXnUYRtKnVnE29d6RvjgG-cSm__0oQA1HJXcEQO0a4Q1QoXGAeiDK4zyhmWwUnU6j6BLXhRHtXQuvnNtjBzX-fpz5fiti_NyRodlrz_AeIl9tY1jvOSQndtPaasulwJOg1NbaeV9i-RWoRwqjnOxgblG7lSQkVWI87wg09Ik3suEWmEUPMvyxpyT9QuROJWBo-DTlz3cM_a-ZWxX&sai=AMfl-YRCtaOHeNKyYNPBJFc1x7epKvGUfsQEHTj2sES69Uu-fuGTnPb_KADInCbA5zCxABY1nZ1bSHJsfDVRW79qJMRDNjbNIeVcNv7a2WvA0MyvTmwxsXeMzEsxdK64HQ&sig=Cg0ArKJSzHoOOUeMa7alEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 09 Aug 2023 07:28:06 GMT
rum
dsum-sec.casalemedia.com/ Frame 0C5D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIK0iZcJpFSxS1AudLFQMwU&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIK0iZcJpFSxS1AudLFQMwU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNXr8AKTu0z63-i4uo8n1g8xJDLjUiAHKczdH4Aw79GMvjQa6lQ0xutgvhrUI0QGS7lBZiqfpdE5U3393oFKr6T-f-x96IdDdMoQVB2GI3LFJctZ7HHXseX5WAlg30VeFmR_Xpu50Liqwkwjp-TLDIWNlbqh-xgohEoEYEEKkHJmeVvUcUM
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 07:28:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIK0iZcJpFSxS1AudLFQMwU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0C5D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNNABvwbBrOvRaj2tMD0sAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIK0iZcJpFSxS1AudLFQMwU&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIK0iZcJpFSxS1AudLFQMwU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNXr8AKTu0z63-i4uo8n1g8xJDLjUiAHKczdH4Aw79GMvjQa6lQ0xutgvhrUI0QGS7lBZiqfpdE5U3393oFKr6T-f-x96IdDdMoQVB2GI3LFJctZ7HHXseX5WAlg30VeFmR_Xpu50Liqwkwjp-TLDIWNlbqh-xgohEoEYEEKkHJmeVvUcUM
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 07:28:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIK0iZcJpFSxS1AudLFQMwU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0C5D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPYdog5eiqyUBDRyrCUBGfg&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPYdog5eiqyUBDRyrCUBGfg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNXr8AKTu0z63-i4uo8n1g8xJDLjUiAHKczdH4Aw79GMvjQa6lQ0xutgvhrUI0QGS7lBZiqfpdE5U3393oFKr6T-f-x96IdDdMoQVB2GI3LFJctZ7HHXseX5WAlg30VeFmR_Xpu50Liqwkwjp-TLDIWNlbqh-xgohEoEYEEKkHJmeVvUcUM
Protocol
H2
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
an-x-request-uuid
551bc3b9-2dae-4f71-a484-86695be0ee68
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.134; 138.199.38.134; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPYdog5eiqyUBDRyrCUBGfg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0C5D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg3NTU1MzI1MjkxNjc0Mzc5MQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg3NTU1MzI1MjkxNjc0Mzc5MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYvd7jwAEwAQ&v=APEucNXr8AKTu0z63-i4uo8n1g8xJDLjUiAHKczdH4Aw79GMvjQa6lQ0xutgvhrUI0QGS7lBZiqfpdE5U3393oFKr6T-f-x96IdDdMoQVB2GI3LFJctZ7HHXseX5WAlg30VeFmR_Xpu50Liqwkwjp-TLDIWNlbqh-xgohEoEYEEKkHJmeVvUcUM
Protocol
H2
Server
142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
an-x-request-uuid
2fe83c71-71d9-41b0-b586-09a6a758d46d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg3NTU1MzI1MjkxNjc0Mzc5MQ%3D%3D
x-proxy-origin
138.199.38.134; 138.199.38.134; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie
cm.adform.net/ Frame 6F64 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Wed, 09 Aug 2023 07:28:06 GMT
server
nginx
rum
dsum-sec.casalemedia.com/ Frame 169E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIK0iZcJpFSxS1AudLFQMwU&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIK0iZcJpFSxS1AudLFQMwU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY1535xgEwAQ&v=APEucNVW0LDxYeBKXmMA4Hhmz2mhlOF7VuuR2I9rRmALRRxCFCIqqwJnhOnEcE0JUZ3Zr5ufiZMF-fzXW1rMnXqkOyoaBT3a8CIKGeADg_4tgJqmBPJCws0mcrnIacIWlr-o1LZE6WJh2CrZu1IH5cygbtMSv5IW0O6Oq7aB-Q5ONNDTt1IQJDs
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 07:28:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIK0iZcJpFSxS1AudLFQMwU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 169E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNNABvwbBrOvRaj2tMD0sAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIK0iZcJpFSxS1AudLFQMwU&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIK0iZcJpFSxS1AudLFQMwU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY1535xgEwAQ&v=APEucNVW0LDxYeBKXmMA4Hhmz2mhlOF7VuuR2I9rRmALRRxCFCIqqwJnhOnEcE0JUZ3Zr5ufiZMF-fzXW1rMnXqkOyoaBT3a8CIKGeADg_4tgJqmBPJCws0mcrnIacIWlr-o1LZE6WJh2CrZu1IH5cygbtMSv5IW0O6Oq7aB-Q5ONNDTt1IQJDs
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 07:28:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIK0iZcJpFSxS1AudLFQMwU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 169E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPYdog5eiqyUBDRyrCUBGfg&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPYdog5eiqyUBDRyrCUBGfg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY1535xgEwAQ&v=APEucNVW0LDxYeBKXmMA4Hhmz2mhlOF7VuuR2I9rRmALRRxCFCIqqwJnhOnEcE0JUZ3Zr5ufiZMF-fzXW1rMnXqkOyoaBT3a8CIKGeADg_4tgJqmBPJCws0mcrnIacIWlr-o1LZE6WJh2CrZu1IH5cygbtMSv5IW0O6Oq7aB-Q5ONNDTt1IQJDs
Protocol
H2
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
an-x-request-uuid
e8900328-fba0-4c64-b703-0cf574cccb08
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.134; 138.199.38.134; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPYdog5eiqyUBDRyrCUBGfg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 169E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg3NTU1MzI1MjkxNjc0Mzc5MQ%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg3NTU1MzI1MjkxNjc0Mzc5MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY1535xgEwAQ&v=APEucNVW0LDxYeBKXmMA4Hhmz2mhlOF7VuuR2I9rRmALRRxCFCIqqwJnhOnEcE0JUZ3Zr5ufiZMF-fzXW1rMnXqkOyoaBT3a8CIKGeADg_4tgJqmBPJCws0mcrnIacIWlr-o1LZE6WJh2CrZu1IH5cygbtMSv5IW0O6Oq7aB-Q5ONNDTt1IQJDs
Protocol
H2
Server
142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
an-x-request-uuid
5eb8d8fb-7e65-47a2-ac49-f8aaf2f1cebb
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTg3NTU1MzI1MjkxNjc0Mzc5MQ%3D%3D
x-proxy-origin
138.199.38.134; 138.199.38.134; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 103B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIljk2HCmQ2GmjzXrG86z2Q&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIljk2HCmQ2GmjzXrG86z2Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY1535xgEwAQ&v=APEucNX-zFCtQj0E-xXya47pex3UWebg9L09TnNLQUzw56MxECxFSk5TNs116H5LReCFzGsDLnzXG8fUxQW4EWfK3XUS_27rc426UO8cpjkF2VMj9t5XYaJWWY-t3mWJlKLCzw2VBmfgyR77XUVXb1524QOqA0Ow81jICBGY0iBdw5vlZgyZvtg
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIljk2HCmQ2GmjzXrG86z2Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 103B 		43 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY1535xgEwAQ&v=APEucNX-zFCtQj0E-xXya47pex3UWebg9L09TnNLQUzw56MxECxFSk5TNs116H5LReCFzGsDLnzXG8fUxQW4EWfK3XUS_27rc426UO8cpjkF2VMj9t5XYaJWWY-t3mWJlKLCzw2VBmfgyR77XUVXb1524QOqA0Ow81jICBGY0iBdw5vlZgyZvtg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 103B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEPUPjasS_ui8JJhmKPfqiIY&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEPUPjasS_ui8JJhmKPfqiIY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY1535xgEwAQ&v=APEucNX-zFCtQj0E-xXya47pex3UWebg9L09TnNLQUzw56MxECxFSk5TNs116H5LReCFzGsDLnzXG8fUxQW4EWfK3XUS_27rc426UO8cpjkF2VMj9t5XYaJWWY-t3mWJlKLCzw2VBmfgyR77XUVXb1524QOqA0Ow81jICBGY0iBdw5vlZgyZvtg
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Wed, 09 Aug 2023 07:28:06 GMT
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEPUPjasS_ui8JJhmKPfqiIY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 103B 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY1535xgEwAQ&v=APEucNX-zFCtQj0E-xXya47pex3UWebg9L09TnNLQUzw56MxECxFSk5TNs116H5LReCFzGsDLnzXG8fUxQW4EWfK3XUS_27rc426UO8cpjkF2VMj9t5XYaJWWY-t3mWJlKLCzw2VBmfgyR77XUVXb1524QOqA0Ow81jICBGY0iBdw5vlZgyZvtg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Wed, 09 Aug 2023 07:28:06 GMT
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
a0654d8a11f89ccd35e6553e424e1f3
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 9E87
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/a0654d8a11f89ccd35e6553e424e1f3?gdpr_consent=&gdpr=0
0
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/a0654d8a11f89ccd35e6553e424e1f3?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f3e47caa8142c76-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 09 Aug 2023 07:28:06 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Wed, 09 Aug 2023 07:28:06 GMT
Expires
Wed, 09 Aug 2023 07:28:06 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/a0654d8a11f89ccd35e6553e424e1f3?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1691566086761031-342
gen_204
pagead2.googlesyndication.com/pagead/ Frame 44B0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2551515155275&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 44B0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2551515155275&version=m202307240101&ct=76&x=1&cor=1583146144171357000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 44B0 		102 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BeHQi3g4g6ezeq9kbglmqwQAlDNMsFFWjmURIFMM_Vyn2bPu1TJ_Pv2LYNZIhg1voXpAVGbw7n8D2FLoXc47-PsT80dFvqgvVX5uCpOUlnOUIBGvenKIj_37YwHiXkJx-26eYpjBzcVWWdHUaKSNO6hN7BfHm5i8CpE5qTbsPw1y-yXcw&dbm_d=AKAmf-D28k5FZaQ8em4Eu-R6NZpjI54KIBKyM8uNgDWCMw8At_ah2912VFiVKAAQ2Ti3BxYfJHyiXCkhcHLqFTcSy4P6KHj6z2A2PkvdTSIaVMZ02CijecxsTy_eMBpeseztT6XNi6vkdUWyb2CgxDmZ5hDIza2-bWSbyt4epyNSqshTC3ZLMbzibpiB_5tLbKidVFSD3Go1P0Xtn1yPc8EvpSMRoEpmTZgKd8c930XI8I-qV7mcJw4m0F4jeUaPTBJNp4PlPywwpufHDegqKD-rvbRIjqtN0NrB5FuwBvNcLMtGRmoy_WiZ-gBbddYgRKrmndE5g5f_IWeqpQYUZaZlVftFtJdTPJKlkuOrogj_bGq3pqiNjJrDC1ZDbacgdbP1H39Br-R-giMxzFx6YMQ4QLHKuM_lLdTEfW0-9GM4uZHEU8in0y0o_KY7cMyOt0wI_Xa1AkwKDlZ0yXR7XhslE54ft35nAxttqho7ZN-k6qraTwYCJvnaLnoyCSHMjNdZQpm__WrrkWJnM-hltaCbRm_eKZ7g6OxgDEMXZbw1YKlpvGxvQG5gW30IsG1LTfDkzJ4tPTDFTPZhna0ohWbbgiZNxFr4q4x3hyjee1yEZKbOpnRPWa-7Ir68WBnq1I5sw09RgDxAAJi9LZwP380TlK0rs7tjdt2Oj9396GCluifokKBVKRlGH-RxgrsNEstET83bR8Fm1Gb6_KKGaBPqhfyULTdxSQf0fNinp3EOAawKKo8DsSnqeLnz2nNnnyPsT3Pb3LCohu9B9m1gbj8luTVTXxdkNHR6FgCAc_HYOVbVnCxFcUjIAHzmeFm4YkyQB6mqM_TNX3nHQxV-T-Yymt1CvuTMHobycVhV-ji0wufU_nBY5jGs_3zlD2u_mhv_4huEYkGKgo9YxIO8XpkLOEIyJCFeqZvBaZo1bzN_QD97E0FwuQT0Ef41xvcf0B0C7bci_8lt3g_5rI1xBs9uLTy3IHktHy_N3g3bdbnbY2pn8zczu5Qhzgm_2ffZzrOV9dZJhREgEVEvQt9T_PXuQxMxAdyOg-nNnFu9EXkvUkMK2YiEtmvtu6GH9U6bt7xuzn7Q2ngtEbzfx2OwSSAg6QZnxq9u3-M-vKWJORcnSFAMf_hf4Rr2x_ntKINbcAN_CMOqYpm38j4HLvUJSQOal0yz6iueblmcojum2_1ZdzMCkBb6Esu2IpHszyplrVhOOmXceCcnJyjKRenXck5nl-jjfaHVo5MEdGVavXojE4wkFAbda7hl9BFPi5ZuYSnQGpDl1LbdO5Ca6PnRIbzYUM0QcYyikzO9S88c-UfWBQL0e3SNfdgV6fACwXIIEBlITdza4rQ9G-52aQ03yo9PbONhXKZiCn2Ca-xqvGsm1xaZNj6hXWlWnuQ7D2aTSkAV7pZ6vqXNo97H6T47kv8_Bf8qXh66WKlhUQKnOPxLAc8MPtAJEmtyFYYzbi4G0pJmg8l-r_3AQWQ2yJbKhuB3cjikuOocjfpLuKrkDfaVV4W2UnhmMH8dds6NRAjfzpBMAmXGRritrgrQiTLYVbQhRmpDCBs0nTC7mbXuf_UhcW5j9Pyrj7c2WamwqmrLafd2wFnJcwEukNPzShXkzsonMN0kK3VEoIoM5AtHca2iE5-Yqih9FjKWMBfg0hQh1Rq0LQIhw8KUXtugswQqFlkAliPPYZMsbxHI8PPWVM8hIiSU5ntA1lkQQ9nuPRTTdmRwbfGml7QmtIUgmZhTwVdd5Onnm0bjGardS5nrUgOQapyJZNQ_6Whc6vMYVbF-bT83LW31wZ6gjCwgAE9ZOeuvt7E1_E7k92Wr4k3RvYfGUe1XIUlJgchWWESDK5WzTBdLhtbczhNM7enrYfYmap3YS_LWi_meohgvsuLn4hJnhTxJ4WbUPvmE6REpg1SFILTBOA4q3jcTbQDGN3phlIXUrpx39UDJJZoOSNNPPzARX1hKsP-LmBR062UZZ1e8mgtKvNt1xoSbwDOLBuYaagXrF8j8ERzLXiRk62I8r59YUBGXTuEx-oaFb4PxFSCcNsf95QcpyVmLR_fODMD1oVKubaCYcMqjBdRXNlk--JGFNHuT7278YoPccKWrOTPJnZ3nBDuBDnJMlXFnwEN1ertc5QYxbWGQN2KwlM4bKC-8mNGwALa5QbKDFGbCTd-EFvmhdy43my0i9rOhp4A-nkCtNjq1hLGOR40QCTS4Mo3UJhXxOUhnKWcUO5ch83nmp3JJqr2uhqW9oRh5cmm4oSS3VuW5YQyFruj3zloMerT2ODusYOpOuvdVwG0CsFSq7nYRtavqTPaK1fHJalWaBR-R-WfDh1BQGNvrS-CnCXHXAr3jGuqdWb7fZuxU0_TMBqO02zsVLqyTTpTZ6uH5pOFquGRaBVgWfjU1sbBdR2RkrW_ow0WNBgwly6_5B83rTzxmf5tuY5qydkC7oNDFf-zRDAmmRf_K4vAW5rPiVSvbj_4ig-sN0DG5AmjiXbsMbdX3PUcKJjrOpni_Y11IwFxYdKflDqdzqj6Lq4L8IR-Ya35RuHQ1t0afxuDilU4JcTeIaWE-grF4SjZs_zxv6ig1_HuENxG3stKt1Gvs659E6WC0Pqkgq-Rls-keuENVnHUegLEkboWdvG561giA-2mHVMJ4cjy-HfV-cDutxJcNI0qWkJOGrRgQnPr98L3oYov58EkUn2719Ix4AeX5zaM5QLXsuaQBxK-DeNP7A0_4KlCvhnrWZbNS6sgeLdAHfQTmDsSuMEZVix0r38O_rXR0e49KjYjgA5aUkPgL1v78M9gvBssgp4lZ-ZgZDzrcQL48slbz7_IUj6tIqNifpB2RQa5ju5rsGy8Vpv11JIkXPRZD2uwXusPM1vW6g2_ZTSCexZTmkHvIZTUBVn5Wf7lkhCPIr080NEL4ox4-8PJgNm3jqWAw6VFk2I6ac7QCg2bUzQ5Go8rGP3klA9oHCFXI_JB3g-haI2WhqTc9jlqFAe3il-9IDg_7PA6B_OkQhVkt42BXiuOoI39fNl0sA-UUv4joHNZXGVR-HzmQbRjgEM3lSdaZmXRcr0CYrT3Q9usY9ZoJsmfiThfIumzBkns9DTyvBM8x0JmNNJW3iXXwcE2PQa1JES-er3m0jhj-txhaijKpZkRMxkTcES3FduHpTdbMBR92UYcnqUJ5WkLaC_b-5t3qDOgZNyJmB55AM4hajv4grBw-wcuWxQsXGZQboAfzG3R2i1IfRk1JqHHV4SoFRtU2O_9wbk2Dn20IdLLpU7NvAex3bUVsaV6glXLTQgTraEfW50N33FZSvqJxrK0QOB1_BegC1h_whGIkgx254aNngYwE7bKEKexbxUKp1-4xiFAPsvY7eeeh5lDtVrh5FpL21OfysePWjQYODWGGZoQ5bumQKFa57kdtQFtWmfptY_xhNVXBr_wWZMH_-exHfLGOB2QZGvE-uKjBeKjhG5nhQQyKVVl5SSHwu3FCq3r5yUUzrOLp4yzLtOWE1Vw2tluTACZsnh3HpfFqMIQ9nir1BqZfYxS-MZphYfJmRYq9YLTaHh8jO8oMsscWDRSSL4OQbY5TGvicXEladLYvu5so-RAvziPizoVDmOo_xtWX4VufJ6GjfWuqowj7mwC6z4D9RsY-DCAvnBABFNSMifq8wjh3gZkScoCdU_2ezNAjVLYRnw&cid=CAQSOwBpAlJW4wv-dUkyNT8YymQtvhoxIB78cHBUs7QVA72eZShb3nxUVWDQV4o0bLKUUqUy3sfThfaRggrcGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=1583146144171357000&adk=1033480531&idt=71&cac=0&dtd=85
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f4068c3c06c9515efee62e1a07bfe700aedd718ca19dd919841954bbb33cbbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38887
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame CED8 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ll3erthn&c=492509556749&slotId=246254778374.5&eee=missing-element&bi=missing-id&vast_v=3.0&wta=1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::78 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2010905537&t=event&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=IMAPluginLoaded&el=&_u=aHDAAEABEAAAACAUI~&jid=&gjid=&cid=696463884.1691566084&tid=UA-4780630-1&_gid=1062162117.1691566084&gtm=45He3870n71T728TH&cd1=696463884.1691566084&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=0&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&cd122=GTM%20video%20event%20To%20GA&cd123=https%3A%2F%2Fwww.walla.co.il%2F&cd124=&cd35=editorial&cd38=Live&cd39=Live&cd44=true&cd47=Live&cd49=&cd50=Live&cd72=true&z=1100130363
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 05:23:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7477
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/universal/ Frame F437 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.163.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-163-163.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.1.9/ 		124 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.1.9/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230808-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17be538733e499b897cc710d9da0a71f0acf098c61b1fed59bbd59b09350e33f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
via
1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA56-P4
age
166936
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
35556
x-served-by
cache-fra-eddf8230031-FRA
last-modified
Mon, 07 Aug 2023 09:05:39 GMT
server
AmazonS3
x-timer
S1691566087.897598,VS0,VE0
etag
"cbba6d5a2d6a5dd105d3719d07a62a21"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
E9feCRzUUF1_nnRiUgvO5Ei7_pkv56XA-ClPypeMI_kmnB-ebf1JcA==
x-cache-hits
16125
feed-card-placeholder.20230808-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230808-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e088268b26ef8169957ae2f36b619b395c79bf93d7ae84677d09c18b6ddc2e7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
.hEn_PcmkFV7V8ZL0aIpwIfRNwNewnEi
content-encoding
gzip
via
1.1 varnish
date
Wed, 09 Aug 2023 07:28:06 GMT
x-amz-request-id
FS657BGEDZ17ZXQ2
age
44431
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1261
x-amz-id-2
3pzO4F2PczQHqk/G4DM7yFTOvqGTERIkIjmi8IdcJarYZTofCTW3xv9BjlZaD9MaX4xOyn8HKwY=
x-served-by
cache-fra-eddf8230031-FRA
last-modified
Tue, 08 Aug 2023 19:07:36 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1691566087.896884,VS0,VE0
etag
"6cd9bd607d76908cc0e7467ea8bd8db1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
99
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
24398
userx.20230808-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230808-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b1c2f8a8c3714bc82f6d3eeddf6d7f1cd8a40e8ab2107fcce7ea3b6922fabaa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
rl5N_awR0QjGemmNJfyD1pkWHSApYhEu
content-encoding
gzip
via
1.1 varnish
date
Wed, 09 Aug 2023 07:28:06 GMT
x-amz-request-id
6N0YTNQZQD8E4WQH
age
44404
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
LcqruL2+8NChFwpU16Ome6jOph1wgP2b+1KIu1BEgrTTIQFVMCdyV07jq0nrXWp7MqXx0tYp+CQ=
x-served-by
cache-fra-eddf8230031-FRA
last-modified
Tue, 08 Aug 2023 19:08:03 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1691566087.909283,VS0,VE0
etag
"f0a8f53e91b64bafe81ea43855b48296"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
87
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
6498
distance-from-article.20230808-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230808-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92130d375c02a3f9f8107374cc09c17e0b01efbe893a7c9641e59f286b174197

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
a6f16.yJ1w4baXRJlQbq7svxyCRBzDDu
content-encoding
gzip
via
1.1 varnish
date
Wed, 09 Aug 2023 07:28:06 GMT
x-amz-request-id
THSRN4C60G8CTG0C
age
44436
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1133
x-amz-id-2
0wwpuvDlKxZIkIrZ7Ent2+8+SWGvhkBD7LIy39LrVXXc8jhvebn2fnWD6c2et+N99iJzQ0tvOvc=
x-served-by
cache-fra-eddf8230031-FRA
last-modified
Tue, 08 Aug 2023 19:07:31 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1691566087.909418,VS0,VE0
etag
"7129414aa6687baa1ac6250611891aa9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
39
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
28353
article-detection.20230808-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230808-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f658e70968e2c2a08a9a630aed03c76ee28dcd60d219b71a10231c0913c68ffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
ukTSxoDQDNjuG4VMhIgHdeJhVya5dV6Y
content-encoding
gzip
via
1.1 varnish
date
Wed, 09 Aug 2023 07:28:06 GMT
x-amz-request-id
H5NXDRKAFADS5Q72
age
44443
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1271
x-amz-id-2
YFbLtb1LznjkysiNQrGTrNaFyE694ArgFGzYhDlej2bpJikqAhu8EAy6GfgtoldoAt3Mf5U53nQ=
x-served-by
cache-fra-eddf8230031-FRA
last-modified
Tue, 08 Aug 2023 19:07:24 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1691566087.909509,VS0,VE0
etag
"dfd8d461431f25354ee838b0f39a4d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
95
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
28284
article-and-feed-area-scanner.20230808-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-and-feed-area-scanner.20230808-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfa7485c2377c58826a3bc93840a1999be04ffc022c613e65e6919b420c28e4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
2XusF_sEHRbQdVR4XQgT.8bt0QOt60hd
content-encoding
gzip
via
1.1 varnish
date
Wed, 09 Aug 2023 07:28:06 GMT
x-amz-request-id
PEAYF03T7WMNK7M9
age
44445
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1154
x-amz-id-2
FH42ervNRTS0gs4Wb4kEComoSW0cPvIIZNQo9P9L6BrMVtzzUNiFbh8pbBgLNPcBJ2Ej52uEm/k=
x-served-by
cache-fra-eddf8230031-FRA
last-modified
Tue, 08 Aug 2023 19:07:22 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1691566087.909840,VS0,VE0
etag
"4c6723b6ce7c0506050661647a80cf88"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
65
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
6137
abtests
am-trc-events.taboola.com/wallail-walla/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/3/abtests?route=AM:AM:V&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1691566086930%7D&tim=07%3A28%3A06.930&id=8476&llvl=2&ri=2844eac26e0cdb704f1ae2f1281bfb23&sd=v2_a2f7ac6b742be734c3fdcad6bda8cb3f_7cde3096-5b35-49d9-93c2-328d7116223e-tuctbccc585_1691566085_1691566085_CIi3jgYQk-FcGPatyMmdMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABog4mFjq2K96socAA&ui=7cde3096-5b35-49d9-93c2-328d7116223e-tuctbccc585&pi=/&wi=2990753527669053458&pt=home&vi=1691566085878&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230808-7-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/wallail-walla/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/3/abtests?route=AM:AM:V&lti=deflated&ri=2844eac26e0cdb704f1ae2f1281bfb23&sd=v2_a2f7ac6b742be734c3fdcad6bda8cb3f_7cde3096-5b35-49d9-93c2-328d7116223e-tuctbccc585_1691566085_1691566085_CIi3jgYQk-FcGPatyMmdMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABog4mFjq2K96socAA&ui=7cde3096-5b35-49d9-93c2-328d7116223e-tuctbccc585&pi=/&wi=2990753527669053458&pt=home&vi=1691566085878&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1691566086896%7D&tim=07%3A28%3A06.896&id=2774&llvl=2&cv=20230808-7-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Wed, 09 Aug 2023 07:28:06 GMT
x-amz-request-id
C6CF731DDEGSVRH7
age
69
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
T0ch7+qIOg5VMmZfvyutnCbXphVwzKJOGRHZ90gzVPquc7icyYerWrgorS7hrj5FRaeJ+3DLZvI=
x-served-by
cache-fra-eddf8230031-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1691566087.962091,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
19
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
124
privacy_small.svg
static.criteo.net/flash/icon/ Frame EEFB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 03 Aug 2024 07:28:06 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame EEFB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 03 Aug 2024 07:28:06 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame EEFB 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 03 Aug 2024 07:28:07 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame EEFB 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 03 Aug 2024 07:28:07 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame EEFB 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=veGqP2FM1TBmQFSD7RyEJU787Wkihi92QryvzNLU3K4Yka-tkXMHcQCq1eAGfIagFA1RJFC_1Vu9OzZi1VNlaJAXDhTqKrIXiSo8E29nkB__6dBkyNP2P1yTV0sRSfpmxydlQkVda70ZzGMVCunWkI94_f0CBNFb_MkOv3S96JdhMW5wir7QP8KtkM5TWobqmKAs01KdDNwcVWeSDMtJkdSxXshlvlGC2KMMg_jwR64M9KB__ZlRH7zpuRzj5iHlDdBnefDtQeHPUKRJDT-U3y4HAFToHzZ9UfWShHfpurXZ5APDXr0_L-i9ocf8tjxpyVCTEXqquddyq-ajAvJ_Jc50wXnlsGdATmdE1XDTARM53bGbiOaxMXqKomyQzz7T4T0-fS2hd-G0o1G_b0NmhFg5OPuMfTezaEnEmCHch5kPuQKzlFOby7eqhLtX0OqWXtAGdeKqw56KYYrJ8nj_T7FdcCawSTIqB7LOaAvvk41fXJoN
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:06 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2146173
expires
Mon, 26 Jul 1997 05:00:00 GMT
smw888.gif
us.ck-ie.com/ Frame E5EC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Wed, 09 Aug 2023 07:28:07 GMT
Server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame E67B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=839529185367&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E67B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=839529185367&version=m202307240101&ct=76&x=1&cor=5254536827591250000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E67B 		100 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AumTS8Jc6brKdJekGk_8O3SoxmfwcJxqSxIg1F2PbZQ8YAEi6uNFvEFEw5wYAI3MGaMG6c5p5Np1JE8wTfSPPr3obRsgtqw46dtUJb7iVEQ4h1S5do9rN3BBj7BXy9QxL2xjG7j2LcOU9Fck6Cf_ojtlbTtnDXzh16NOJbSfOcJJPDTIM&dbm_d=AKAmf-BbHXXel-t7M3AG-pxmPKvvBoJLU0jDBNriw2ooYErKeshWBC1JPwpjmPNKy9VrdQjN4TBI2ORjRZoPvl7R5VDlDuBf60qhJkK3ztEF83pbDtHH7wQlW1G3IxluxdkSgNaNKelxiX4DAvTx8nHVTvoZn9S03BOedR7UXhyM8jHcerEJYwH8pe8HiB0C4JwMKTTgDy-WSprna7KdeIP_L6OzhifQ_KEa_fgR1wIcMYt3H4CpmTdF1-YOXfPOZli-ySj06rJ-Lp6TpehquySBWna2teOhBBgJDJO6hODX66ILLLMhe3HI0xP7mCVIRBMhCXGs3SlC81L4H4XpGd5ikdPMCelTKbVfRJWxsdfD2hFm1330xuVomXKzzkXsccy4M6AYc8q9-w1VWu69pHj4HElvITL3fnWN84Y9NBK0m5xdBAuL61NAmjZdztQpH3higTYn7gmdSANIvdEmoavARzesYdk3yzJZEjM0nL5cdEBOBY5KR4PIvwBRiiDp0zjPPAd39Kj6oEbPmfWMV3J4C5T8_hsKlmHd1SWtXU4HEuUtHRT0i2W4LCKjPvL1EJlWI7RYGEx478ywhBXE02HPcpWgJkjRGPIcj8cFBvxiuZdx6VGLxUAoBIcLjM4tlGn9vpIizAKV7CEclGxG3vFNobnvYTOa6c12CmBGMaKqyKgMbToPLcJeeIoYwBqFVOwBrZephBoc3m4fgzqaD-ntY-5BOl51g-2v0vz-QfWFacutPGjqV9fPTriYeGdratYGRcSnFaVQpaL1RuX-FmOLEAQZhMVX3Sk94QY01acKLOg9lpoql-GXQba3iH0E6hp5E95C3fXNGHOPVT75y3HGm7S33TuBu9jODDCbnCJLYoDnuWEIx_PzUqODTOnXqh-A8slLLcPRu34Tsb2fsxeGVQKkcaTrEj39yC-vsckWC8Dq21fflUphKH4ew740b0YEXppg3tzZP5Dq9yf1H1mnzJ9cBpCzrUzMiZfjahBXffyq473YfC_Bsn0DyVUSEoR6O-rUi_IGgwa4v_XQcJovLkU1RLn1xF8LfKPGRyyNvXaKFT52IlWqpIcL3wRnWfkGcGYyMUZg4kL5FYU9KF8hx0oB8vkuH5kCf8vitNdDIPzdjmZ2kHHInTR7qtUTRzH0aw-OYo8PVKJ5HCIOy7pomOBSJVRm55GqfRMxb-wpHB1otJStJ61K0W7dFT5IQiwv59uP5GXz9e4Ao5A1KDqEL1JXP7A3-U1I6kMXhotrZ_FczvdbJyvKaXY9GlkCgz-tRH5HVjKSMIqmgxAQyQr5j5Pkp--0X7DGhjgTeFPu5SsI-ay49kalmx_0tDV6KA6DuhAybkSusq9fLdvn56QRSlDW5r4h6xh17bZgeJbXJjwuZJ-lDB394BnYqWWNHE03WD1DJ9GQsCMCGRV9ep4kd6cK5b6c9eWpWdxMgSekEbc2ayfrfrte15aYkEmvsRqpD9rUvvlIMC5EyMAGkPeEoazlxCTm9CFBP4TC2D5BNZHFK9v71xJDOH5SsP-is2MUS5uDkqYAfQeFI5FmwT2qKDuXybYJaKO-d72c2byiWdBBPOHKeFcAU_PZMOiCE7g4ThqBjg9QwylPnjMv8xftj4zLtziGWXD7lIJthCuUMYBRmUIzToR-lzgI6o3BMROJ2HWslTVS1krnA0riUJIjJZnxFjpbZFPa7LAE-cSXKRl8gZLh3VucpXqIPXNOeMw5NPMScPR-jtu7FiGOTzszVikaIc6UaWFeKqy1ISS-plamUIqFav52cxgCc_x1vo-nqN50i11GrEge096yEBgiMFPZeKoNaN2hu01NtNhUBWvwHXXhfjIzfGloBLXNNRn7XDESm5i5LyBM_KVHKZrMvVxU7E0cLVvvxltaFF7gvg7m7WpPs978tvlHAJRPbYduekESJ9gpk9tk9sUckYxV7cSVUfM9M2wZ0ecMvOAN7iyc7E6vWUJkznbmDIhbumCvBErb2UVpRedQoT-bold2iGLiFHex3OsvIW2tQBEiSVfNCEo6GBUIjfritWOMYTuEYKOOH8YCvIlZ3brhs8AdkkIMHZ1q0ShAVK4Kt31u7c_CtyPbRa6JjMci6O5nirOkzb2OCdfYGlGU4JMVLXC6oNC6lwv5xckgNOT5RIXOvIpliAoJcG0YpJyKbCE1QEOaaE--0OuiTA0gP6hKkaD-ubGcMXoOFBkitPVmsDJoHk48yZ-iNC9xYI-H8MfAcWEDfu2Tvo9VQX0lLJ6czI2S-NYQ5qjSLXykZEfhmi6WEWOvfpelcddMy340gq9UEMC_yyQIs7B69VYUReyUcxK6XKUBT43OeLTuOz0TxXXIahpSHane-syiFSwhbhcL0Jgvta38wDRIrNXioHrz7E5KkmGpCyFl3WSIaDVHszcgGWBmD_mLbYB9aMiBK9ivlmBA-RP5fyVFBs40FJwZW3ldaJW2nAhX7nJVTvQ0umsj81lfz0PGLUJJaiIxWNC-PUkBGeCBWvjPGAvsmoj6CGIw2xSDF3wF_DW9cntZYnz77CByajsj89Dyk44WtZULEb0gNRnd9rqmvQPfH9ToAco-F7GXvS8sx0tnpZBCAimQLK-8Tz5puPDJweALOsyURCf2LNDymAoIAeFg5shF86vAbZrc1dWmUUCoZmn2_q35ffUCDeqGOSANEtPD3yrCmqbfeo_MupTxLaFCZIxuhGEl7HRo0bJT_8Ezm4JAHtZTakT44YT3boe3e-4wRw2H2LSfCoPXHtRy6GQ2rxLVPzIMvZE0vT7E-t6okBiEqyy8MrB3A6IGCcQODwvusGco-91Dp7R8ozUaV-A-vBLReNVHe7WOHYARiSd138U43KmlGRW3gly-kfxQOcKriZ9oAK-zQjTv9aaLyvoL0_N7mXF876SkyHB8Che5qZ90WwlJpXooCdRj-F1BJqWB2lHarrx1GYebwqoPZLItzpLLA5N9V2kU5WUPgd0o_Ume12o4VlPRX2rvBZxrI7TQ2Rs0at0URCxfoOCNByhlpVAO83RYXo6TOfjXvrSGbX6REbHVlQzY-QUWPLAsdi8IUGZfWehNusCvDdqSMfuLrW1vX8oXxJNvs3O9Bh57EjLkXDTT-ncRHXwZBYeGUPyAU5d2RbYQtMNvEQoEuKK1z1Z6A2iKCaZwhbnPiFTywQQbiUXSR8F7Q62i_2A_tth4FeWBu0NxRwP9JkRoVexxokru8m3dp7zSWT0FCfpJJsorglZt2k4Z36TVbnb-c0jPSXLSgyTcBMP5a8BJPKdS0oi-37Z2-P5dGXdNKWXLxUPCzjGBbLZFfnvbdnPrQkDm5yCETM51kAQOIDW92rbpzvSRvpTAE4CQ9wSJQsEe65enUgY1Idyb7ZB-C5AfW9HmnE7JnjbMJB0URrUiXzD1kd6dF4Pcm79ZYHAPLk4xZ7D7WruMnWhDE10FN9r6FJ2r3OiEDWHTsWHRQ1Ckdj0MHIIYYxxFIatAMuVV0pksMV30sRL3RSQupB0dGwdOzEOiXTA_1n9b7uUOVyuwzccsmgaoSXgKS_xTXaPZnmNxwJcqiKMJvsVfo4ZZ8qO_QP8w8EwuShMv0yXLyw8GV4VtUqUP9nrG54LYaaoDQqJW2r90Gds4LJv27VB6GTiBqoib3IEyb_-Zes4Zqe7W0mhk1WEO6hTXXS0T95YFvt4cBfCC22cuj3JlMT-bhcOmaE4vEO8aZVvoY5N5AlRXVid2q-TWiQcru1pWS-Y-kI61GtQ99bmM60AF5WTFXz0&cid=CAQSOwBpAlJW4wv-dUkyNT8YymQtvhoxIB78cHBUs7QVA72eZShb3nxUVWDQV4o0bLKUUqUy3sfThfaRggrcGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=5254536827591250000&adk=4188270525&idt=139&cac=0&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef04e77d73b36545e95ce7e621ceb868e1dfcd000bc61c3b990d428b25bd6e73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38713
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F78 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3681371959367&version=m202307240101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F78 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3681371959367&version=m202307240101&ct=76&x=1&cor=11443601781309094000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9F78 		100 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXw4Yvd-iMzIFoF5FrMxc0Oph3JwzX-AkzuPQS0YDUdpO-uRweMXM5ZiQiZbPg0c95tKeyFmQG_6_GARQtp1zP7U5vShu8BDLO8UBHXi7yf9PlhqvQErfk5AiFaAsZ4mpVmeXWJowDkdWEDOMbKcbcbo_jUUpV7hSb5HuDAdjh3YZ1hVo&dbm_d=AKAmf-B-x1WmRilM2aA9wocOvJv-nGAVC9Huvy2f2e1k6-m2E0jJIrSVWuOMb6XAlN0Reh1ayg7b5RHaTw1lt9wrtCOOZU8O638LSbZebQDfXIwtj8MJRiuLaN1kX8Vg0OMOb2Rz4tbEDL5UVc9yabXQOpF2edpB0IB8Xg_VCsOrqISpXa3zgMFB-wjYSJgpWwWYa8otSaWQUOubJWeCEWMKkL0oD_jIG6POK5sq-5EG9e7g-Bc3kQHcykg-2NWF0hCPwzvHPvXEju1ZeCDSVtTJmuIHgKPJRl49J5hGVN_CFu20ecx64U6ImvncUz5fhJp9vk-Uy2rLdvHaU6Y8k3pmNRciPXXkBTZ5ohCkzgj8vKSVsNdveCc2qPseW-Y0Ogtm2lXMTxu0kcVsWSHSb9jKaB29tfuigbs7mtdB7otzKiMSBSPH8hzjpG5olrv_BqavKrvvkFScDtgaQJYbi2E6Xz0U_XaPh5s8ZJALumvFXwbKQUyCYsjLOFSicetjtycR2n9U2lPsThSRxaP48DR6wsOpIw_jdq-gIglSyBfSM7ga9L0SsZ9KO_ETympYShR6C0DXZFBUplURUqf1DcNjREjh7vLlDqY-mL9nDoWJbh_LSHNf-5bnRSzyU-iSIauIDTwPJnO4_yjW5BExs-F719BbrKpGHxuipG2R-r5Ns6prsfLMYJt376paRNIj0lWaXk0IXZNmMphFq8i548ySg87wtiiVV2QQgwqTf-393I6HlwlrUslYC5NwlMrtMvAVHNvJ5L8JrBVO3uLEQoDYPljvy5zzWAFSM5S3IOWMTqI3jeBN_jlJXeFoLovxspYA_Oe9BF9mbDMVpRhJRHixi_Gilz9xD6b9rEFySF56h0gsP12W7AiDw8MqGTVkt_Zcm6PxFfhj6LU2VvDu2bObR6u19ZROsPCFb37ff22DNC3AjxbMkc6RUsDsUV9sLT2XDvELBgW6wivdOaTiVGALurmwaXzqKlL_PLDjmn9ZFwTFOdBlJqS6gDyLE4m9wuxNY-LbcfXGqNC-GFpbzHr0h7TT9NwmmjYRWUWIlbX_jtM8zUU_4zQOPTaK6UB9iAOsbR0XWhhD4qiKTL2uj44-_V5F7-wCNRzH25nGzVdJi52WJCDG789Ex95SkYHBIqzpU25H5zrtO41eYqgLa2_mChuaQykMBPb_b9Hb950G0Z0Qna0HUjjyWUcX39nVAsHQQuM7eIEfSD7GO_-A6kkGHoRSE9GKzWTVlqkk3ZBIJEj5bGS_jcr2Jocu8XxTVp_AtKMyO3kdW7toyrtXnCWLQK48EoATxtTuUEN40bpm5hiCbQyZ48VhoVEq-fwJI9wrdTei_ZZaHTbBIxUYb1Us9FOL74eR6Kf-kQleeh-i1XDH4JWMWD3X9WxHdwvKK8ent_I45BBx_GXrN5wRJMEKxpBHh52oq5ffggfSqBvpl_kYIJQ1Jx-4Y4q8lSjgRvBG_Nc16RYk_LfCmePoJbgYn5ibdpYilU8x-xnK2Alrv97gmR4IqI-RUm-XAvzK6VQyqXKoJcFqlHQviQCjnjvVewby-eeqg6CbBZw-igR-bU1eg-kS3tSWDaNm1VoLEBIz4H20k8aYIBGwKPyF7j6iPgrQd6UMe9dP5O0iBozakbhx_st1tIg8e6xMDaDe9TQwdTZnIf8J-KVqellFZP3648B9auWZpBEnHpCNonSsfJfZV2gc423I3INtJNF19nXdEQlXcNaI2-9aFD_aT3wioJ0lk4nBllsFjEGD5t5kae1Q5ILq7EXar4IqCMzt8Hn6pahXHu0tqjSZuVU-zI_g9wA5jfB-jfBuPt4cvCbPcvRsq_2RKzruJRfv66aKQEYqwy4ofFYCB7kPIMXBZUUpQkoDOkV9lD3ldOVNvZoU9VSqZdp9DqFPXoKVGuWeJyKEbzxX0rXG8DtyYCqj2mWUNWdVFs9Ge8cFtB9pcJRV-DYA9YBA48SgWB3_4LMjRaffKq0V7rvEYaXzNORRhjdqYjjTg2voQ3ZI2ddEqobAOY2WuOUgfrO8Pu3XvTLk7Wpw7I1js6BMSGs1EfV9b_gSuyqJYZtXaZmP_-zQ1Opiz7dQ0Z8fABEASarcjDizl7ENKyEWenrpIbu3ftcoo6f28p7UpywVoHLcJsE7fejj7S9TF1HQExqn8sJ8PKoidsX2_wGB4nIy4Y2iwBg-mff3tNuPW6YslQp0xflN085RWZqjxnBImkudftj9ZXz4fzDjZKbQqbEUkml83EACx3mYrn9Oi1BJ0dWdVtpSfuMh5m_4BygPz9d-8u85E0DqSnBmTBhsEeJqyzCLsunIgrWw61CQ_SVHO4tazaIpG7vLXgPXN6NAM9vlJRLjsbakfCHnYb8hAQKcjWY1WR74zCZ0EOTJLAnoCr-W9DsXNHeDnaquadsjYCDsuPjTnvldBM0N2rP9QQCykY5FTvQBP6DeG55XbwBKdTCQv9LDYgy6lxGVv4QOBZRavHmjDPD5cgwgxx6qhJ6w3cHhFOHUAxutnoM1AZI05lL6ZPYkTJIMd5IV28or5TvnCz27KfS6HPLhbbiwcuCYWUT0Aw3Y1gpq-1CrKyPQx1LtidSbVb5bKugRl9RcyL4Pi7fRUvpt8gIMDv7wsn17Oo4G0ZdbpKjOK9DW7jzPKEKSV8x6TfdwN5Ud_KRjS_CXpSMZFEDNP07rJ3K8BQR7cX0boYdueRmA0nJPL1NoWt99l3mnGOJdz99xbgHigteMql2yYxOWNXZ2vnJn9O3OQ3pBBtJVuZ9dgGYnmJunyqvAnPyI8W3H7LxKahuvYGFf68fWV3pnOfPQh2V6j5HS9F1X11dQd5sG8PI8cB8jKxsQzxgHFBDQerP3SJcW_2tgZ40Nn1RZkok4WagCC7cL0CaphGmeo7vV4nmwcZ1YGAMeg1IOi3O2c2vV2fxSX5kg1d0-qCE62YxnIUXrX0Vd3GGoyhC5hmgPLr-f8NHNU6JP82HOFPeamJjFOeyiz1zQErFrk1PRWeAW96sHj413mCxpHkubgnhm50w192Gx2hPdVoRdjPv7aYPyJ7yjheFIzHr1M0noihX2dck-pPxMoYKZyT7SQylA3IM8Ro3uJrGPg0BIvzv8rNH2FgnWTMje8WpoXDHJniZcjrLCvm6y9AgiTXWMOY1aWmIxq2Ww8GBudViHV_pxSKazPxYruePxxlNI7nI7fXs6PBsY_UcRI-3f_xui3qALboPXqVnLXYchez_ILgxLPE5LiKahEPhcsH-PaPcQbTVioGQUfGHXw4KkovXteunaREJ-osBiEDkiCw3yugPK8bsVaSjb1zIMarlwswC0p9qvZ6YAkei5JMUT3cQYyuP_cMQ_MuQPnlcvyQecu54YkMYYry0S8GWCC3aub8k4Om7qx0I7UCYjiPmtDG4upv_zd4SHg-whbrriOwVXfOiZg02YkJnjfc2SlyS6lXgDS9VLaS9uW_fTaes-T-mAggrfJgVCoNkLftRpuDN-xRpKXe4xDVM1kmCmkXvueEn0Mju-09b1x1kYfRq0Amg6T-whxNoTWpfagAV3435EAaOwiUu5aDWs21_bySjTpx4uiBtO6l4TluOMi5_l3YZ4h8G9B4l3nnznKFtv2MkTsLgtq2Wku6NZMnW1uuZSrCsIF_-gu96WnGon3yDJ1yPfxmaJcTn7XJzF9E8eu5H364vJ1bTAxXZ00o3uIRZiqGepOJ-2QL6t0wbphx8M-hVrS5Ov0usz7NCjKvNsPcUz-dv4TQnmNt2aOCU&cid=CAQSOwBpAlJW4wv-dUkyNT8YymQtvhoxIB78cHBUs7QVA72eZShb3nxUVWDQV4o0bLKUUqUy3sfThfaRggrcGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=11443601781309094000&adk=3037181500&idt=132&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87fb6b47fcd3f946424b100e6873d79168f571983592b3def3054efdcb7afaa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38875
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
social
am-trc-events.taboola.com/wallail-walla/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/3/social?route=AM:AM:V&lti=deflated&ri=2844eac26e0cdb704f1ae2f1281bfb23&sd=v2_a2f7ac6b742be734c3fdcad6bda8cb3f_7cde3096-5b35-49d9-93c2-328d7116223e-tuctbccc585_1691566085_1691566085_CIi3jgYQk-FcGPatyMmdMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABog4mFjq2K96socAA&ui=7cde3096-5b35-49d9-93c2-328d7116223e-tuctbccc585&pi=/&wi=2990753527669053458&pt=home&vi=1691566085878&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.walla.co.il%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%22%2C%22sec%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fimages.wcdn.co.il%2Ff_auto%2Cq_auto%2Cw_1200%2Ct_54%2F3%2F1%2F3%2F6%2F3136860-46.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=07%3A28%3A07.037&id=3434&llvl=2&cv=20230808-7-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
b00145e37111036359b3243ac977066d.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b00145e37111036359b3243ac977066d.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
71c4d9ef909347271ace65e106b6720cae96b1fd9f87295aecd0b2f95c71ee52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b00145e37111036359b3243ac977066d.jpeg
age
2759155
edge-cache-tag
375739205156899421965348759258796010587,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
375739205156899421965348759258796010587,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
27
expiration
expiry-date="Sun, 16 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.express.de/
content-length
5152
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kiad7000126-IAD, cache-iad-kcgs7200100-IAD, cache-sna10732-LGB, cache-iad-kjyo7100052-IAD, cache-fra-eddf8230031-FRA
last-modified
Thu, 15 Jun 2023 14:47:46 GMT
server
nginx
x-timer
S1691566087.077504,VS0,VE1
etag
"a9c732b24b683c1ee716e2149b2f4499"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 8, 1
8a9a45d40e90e5b00dc11bbf457baaad.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8a9a45d40e90e5b00dc11bbf457baaad.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d2e9b079455d3cc77e87ff547c3cc44e669cf119fcfa592fbbdcc9f66755647

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8a9a45d40e90e5b00dc11bbf457baaad.jpg
age
82235
edge-cache-tag
607810227536928652576830777486410801415,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
607810227536928652576830777486410801415,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
151
expiration
expiry-date="Sat, 26 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.kicker.de/
content-length
17376
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200025-IAD, cache-iad-kcgs7200044-IAD, cache-sna10725-LGB, cache-iad-kcgs7200045-IAD, cache-fra-eddf8230031-FRA
last-modified
Wed, 26 Jul 2023 09:32:32 GMT
server
nginx
x-timer
S1691566087.077483,VS0,VE1
etag
"183ecbd68c5772bdfb5019c5ca6688c9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
2470473fac3e011d3ce134d8489a1b40.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2470473fac3e011d3ce134d8489a1b40.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
980fb247e3df9d66d0e89256968fc4bb10493ab76e1fdefa5dbc17b4a8ac8d8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2470473fac3e011d3ce134d8489a1b40.jpg
age
1842405
edge-cache-tag
383892453604268754969055555466744032087,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
383892453604268754969055555466744032087,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
162
expiration
expiry-date="Fri, 28 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.prisma.de/
content-length
16042
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200160-IAD, cache-iad-kiad7000162-IAD, cache-sna10750-LGB, cache-iad-kiad7000082-IAD, cache-fra-eddf8230031-FRA
last-modified
Tue, 27 Jun 2023 17:49:25 GMT
server
nginx
x-timer
S1691566087.077419,VS0,VE1
etag
"620663598dd3ee9900a3a974b5cc04aa"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 95, 1
b2d8afd866dfe68927c57f5396263447.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b2d8afd866dfe68927c57f5396263447.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
95b2b72057838839e1aa6076b0148fd3d5f5d6ae2a1674d86f20add73d42b473

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b2d8afd866dfe68927c57f5396263447.jpg
age
2062128
edge-cache-tag
620570126640732156417701910443845224029,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
620570126640732156417701910443845224029,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
273
expiration
expiry-date="Fri, 04 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.t-online.de/
content-length
23694
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200090-IAD, cache-iad-kcgs7200131-IAD, cache-sna10732-LGB, cache-iad-kiad7000101-IAD, cache-fra-eddf8230031-FRA
last-modified
Tue, 04 Jul 2023 18:03:10 GMT
server
nginx
x-timer
S1691566087.077023,VS0,VE0
etag
"8322858627ae6393dbe89bbe09c44bd7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 52, 13
19d63e23e4ebb74d2891284564dde65b.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1199%2Cx_1%2Cy_1/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1199%2Cx_1%2Cy_1/http%3A//cdn.taboola.com/libtrc/static/thumbnails/19d63e23e4ebb74d2891284564dde65b.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fc46eeb8b55aba05649dcc7a20796c0328779574a79d9a8b76109e2da731a6e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1199%2Cx_1%2Cy_1/http%3A//cdn.taboola.com/libtrc/static/thumbnails/19d63e23e4ebb74d2891284564dde65b.jpg
age
1635124
edge-cache-tag
403122511503905884678083460168168797456,371733057242284756278634090837918359735,29ecf9b93bbf306179626feeda1fab70
cache-tag
403122511503905884678083460168168797456,371733057242284756278634090837918359735,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
186
req-referer
https://www.abendblatt.de/
content-length
23994
x-request-id
9d27c7a11a410933b849e812d316f395
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200075-IAD, cache-iad-kiad7000173-IAD, cache-lga21972-LGA, cache-iad-kjyo7100086-IAD, cache-fra-eddf8230031-FRA
last-modified
Fri, 21 Jul 2023 09:14:23 GMT
server
nginx
x-timer
S1691566087.077434,VS0,VE0
etag
"954f1def6cac9aee00e307ff2eea9800"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 544, 32
35d0099ff8e5a1193b6c344f2007b9b0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/35d0099ff8e5a1193b6c344f2007b9b0.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d3552de02fad4be8ece1d4c2f100d4c8687f1157300b4047b7928be6adfd128c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/35d0099ff8e5a1193b6c344f2007b9b0.jpg
age
467010
edge-cache-tag
449058003792268883803640419821967409574,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
449058003792268883803640419821967409574,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
313
expiration
expiry-date="Fri, 04 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.rundschau-online.de/
content-length
13180
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100138-IAD, cache-iad-kcgs7200132-IAD, cache-chi-klot8100093-CHI, cache-iad-kjyo7100138-IAD, cache-fra-eddf8230031-FRA
last-modified
Tue, 04 Jul 2023 14:16:52 GMT
server
nginx
x-timer
S1691566087.077734,VS0,VE1
etag
"b1d5a5e711721c5354dfb4064486e261"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
3d3f3e4cff6e1843b92ca22dea3b7d0e.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3d3f3e4cff6e1843b92ca22dea3b7d0e.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8dd14b3f60621618e18709f8d47532ac4c83311097d88561ef5b242cf78de558

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3d3f3e4cff6e1843b92ca22dea3b7d0e.jpeg
age
677337
edge-cache-tag
522928341999507559559524046100286788551,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
522928341999507559559524046100286788551,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
116
req-referer
https://www.express.de/
content-length
7344
x-request-id
ea07b3c37dba2861deb35aa93923e588
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000108-IAD, cache-iad-kjyo7100054-IAD, cache-lga21939-LGA, cache-iad-kjyo7100068-IAD, cache-fra-eddf8230031-FRA
last-modified
Mon, 17 Jul 2023 20:43:31 GMT
server
nginx
x-timer
S1691566087.093048,VS0,VE1
etag
"51299fb08dd574d4b782493d3a706861"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 8, 1
0559d9ac6a1396b4ef845473fa6a5440.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0559d9ac6a1396b4ef845473fa6a5440.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e69daead9d04dff3a117980abf7d01a648b0aa8dd2037a665b423378b825cf4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0559d9ac6a1396b4ef845473fa6a5440.jpg
age
3532218
edge-cache-tag
363510102843348109360291068114654080016,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
363510102843348109360291068114654080016,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
71
expiration
expiry-date="Tue, 18 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.fanpage.it/
content-length
18826
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kjyo7100102-IAD, cache-iad-kiad7000073-IAD, cache-sna10735-LGB, cache-iad-kiad7000175-IAD, cache-fra-eddf8230031-FRA
last-modified
Sat, 17 Jun 2023 03:44:43 GMT
server
nginx
x-timer
S1691566087.093754,VS0,VE0
etag
"2f3e425244e7249185a7f6529bc0f202"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 63, 2
3574842-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/7/4/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/7/4/3574842-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7584dc326b41d82e6405ac586d876eceecdc03b2104f8d6da86b6934a032bff2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/7/4/3574842-46.jpg
age
676359
edge-cache-tag
474679008167567155527258763686682601756,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
474679008167567155527258763686682601756,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
601
expiration
expiry-date="Wed, 23 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.walla.co.il/
content-length
8260
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100046-IAD, cache-iad-kcgs7200127-IAD, cache-sna10750-LGB, cache-iad-kiad7000149-IAD, cache-fra-eddf8230031-FRA
last-modified
Sun, 23 Jul 2023 08:14:06 GMT
server
nginx
x-timer
S1691566087.093868,VS0,VE2
etag
"3df9d2581972795383baac4a5af1e70d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 3, 1
3575479-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/7/5/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/7/5/3575479-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cd29d027ae5ba8fc1c71cade9bcd02ed1725b0f239e138caf8d178bd026dd617

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/7/5/3575479-46.jpg
age
242322
edge-cache-tag
295497770845036907906711360258504941534,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
295497770845036907906711360258504941534,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
300
expiration
expiry-date="Thu, 24 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.walla.co.il/
content-length
11298
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200154-IAD, cache-iad-kcgs7200084-IAD, cache-lax10623-LGB, cache-iad-kiad7000112-IAD, cache-fra-eddf8230031-FRA
last-modified
Mon, 24 Jul 2023 07:30:20 GMT
server
nginx
x-timer
S1691566087.094430,VS0,VE1
etag
"242288325cd20864da88ad8808fd46e0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 3, 1
6f53a38d25f0ea772db614fb941519e4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f53a38d25f0ea772db614fb941519e4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0e8aa811daa28726aae1d0b53e7a0dcf2741ceb82b27aa9da66a946c38771a9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f53a38d25f0ea772db614fb941519e4.jpg
age
1986708
edge-cache-tag
379226829563982640636830187610323967922,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
379226829563982640636830187610323967922,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
241
expiration
expiry-date="Thu, 03 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://dziendobry.tvn.pl/gwiazdy/daniel-tracz-z-tytulem-mistera-polski-2023-finalista-top-model-bardzo-sie-zmienil-st7224115
content-length
25774
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200103-IAD, cache-iad-kiad7000096-IAD, cache-sna10735-LGB, cache-iad-kcgs7200173-IAD, cache-fra-eddf8230031-FRA
last-modified
Mon, 03 Jul 2023 06:45:07 GMT
server
nginx
x-timer
S1691566087.094648,VS0,VE0
etag
"7621b36bc86cdd3466469c5a540df4c5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 549, 16
4c5b675e7da832b242e4c586edf6b477
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4c5b675e7da832b242e4c586edf6b477
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9451117a26e3db7297a740e287d3b0c20edddb8c55209679f4e6430f9debee3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4c5b675e7da832b242e4c586edf6b477
age
1825109
edge-cache-tag
561223591569588968466142658564453976844,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
561223591569588968466142658564453976844,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
74
expiration
expiry-date="Thu, 10 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.perthnow.com.au/
content-length
3322
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200027-IAD, cache-iad-kcgs7200145-IAD, cache-chi-klot8100166-CHI, cache-iad-kcgs7200114-IAD, cache-fra-eddf8230031-FRA
last-modified
Mon, 10 Jul 2023 22:10:50 GMT
server
nginx
x-timer
S1691566087.094681,VS0,VE1
etag
"da28cfd2186a69c9ccb02118aa61dffb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 2, 1
d413b28d1b55ac28210b5485ca5b29c4.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d413b28d1b55ac28210b5485ca5b29c4.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
6ce98cf5c2cbba575d03fa210dba92cb8ccb9339ef8b2e9928ddd62502528f91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
200
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d413b28d1b55ac28210b5485ca5b29c4.png
age
0
edge-cache-tag
584155635204123451296091649676256530960,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
584155635204123451296091649676256530960,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS
expiration
expiry-date="Tue, 29 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length
8100
x-backend-name
CLOUDINARY-FALLBACK:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by
cache-iad-kjyo7100098-IAD, cache-iad-kcgs7200092-IAD, cache-fra-eddf8230031-FRA
last-modified
Sat, 29 Jul 2023 05:53:10 GMT
server
cloudinary
x-timer
S1691566087.111705,VS0,VE200
etag
"e5669e5c7f81df1b98434c7f176fec5a"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0
dis.aspx
widget.fr3.eu.criteo.com/dis/ Frame CA42 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.fr3.eu.criteo.com/dis/dis.aspx?pu=199639&cb=64d340067ef62a9549b22b6bd833308c&r=https%3a%2f%2fwww.walla.co.il%2f&crossorigin=false
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
43d61cc56856effaa7f0f83607860cc01520ff870ef34952f4026cf94baf646e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 09 Aug 2023 07:28:06 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
2278121
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
vary
Accept-Encoding
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame EEFB 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
136947
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4418
last-modified
Thu, 22 Jun 2023 11:22:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942f04-1142"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VPNL4idpng5dlBV3tO3b9LHusZ7sMx72DCMQxoBQLaAcOyhF%2B1K9m83k3XN6xYZ6GEeZo182tNzdv0PWyfMkSdQlITgZMT4wZZMY9FqXrb33mlFbmy9qjGkcIexpMByhQx%2FvcpmPuwmyIPaZxrHDekkR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f3e47cc8cb53639-FRA
expires
Mon, 29 Jul 2024 07:28:07 GMT
animejs.js
static.criteo.net/animejs/ Frame EEFB 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 03 Aug 2024 07:28:07 GMT
vast
bid.g.doubleclick.net/dbm/ Frame CED8 		32 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DKoeN_1kVsvNEhqG0ZdFzYgc362sVogcRUR9ymNMFM2i1N8AZUbLcCZQg52Xyy5WYtK1zYBQVcUEwaU03Cg6n4pV-oXQ&cry=1&dbm_d=AKAmf-CBSRD26EPXyL50BCBKqXoJeXMiBTFsZbsZqEKQXDMINmjGraqsFDjkaHoALVLXA8f38ZBcYB0ZwcOvGxPm4CoaWtN7De-1i2oMmav6O4y8EkgWcZq4ZZnNA4Bw-1vgkw2sM0sFE2wN4gcPBBQx1gHHX5ee7w09cNT0EVbTIzeepgn8C68PbgP90t48v7HCVtGwt0ekZwzIPwyJ72rNdO9g20zaCBxmFvH3DOhzu9OecJA_CdVPBJ8boipJH_gDBwtKSJ50v9YBeqLEFlg1Sc3yMF7P2FQRYq-IVYDDLf5I-gqj6_SSoYdNVfY8K7Rplf96DgOKWww_TbT6Pf3KMSeJka87NjYLwTO7xaLMu2D84tJH6skvSYjLziBBGIV3G5MP682fUxwPhxQjd-5SiwA4xqXpX1TavvORyp8BU36m-pWMSS0qL1i_zgahkah4esurKNZWbrv8FASqcgCAlaErW-sP1L4KnLRZITt_VrcVaLBKq7tTDuDXD7AMZZ6iKFsNAUxJ8GDjP5ZrP0m6RsTHrzk1FB_gql4K03HJk9cf_EYGn2ePHCtSjZ5Y-pXQvTpjaueHed_w9fh7gFktsRVpK4AsqpEJqGIGwzI8CCwuUSTTbqnekPaW4-wZNg3JZUtbteIKSnnCP0O95hv_AOQRkQVPdscEy28dh_UjmcGtfT0xqWhh-2uE-bNeQB7FoWtDBLhJo33tO12GOLmE7Ikm-TC8mo29zbafKVZWIrciq-PJt-1r8pwPqIYhZ2WQCwc_Rj79bWMp2SmxhlUyNu3oMXfhca_hkHM9-mfO9jdjU8rbkaVw4xQ8-_0iPauJeqoX_WXH5S4cRkD-wa8I_G5bKQQW05tO1Gys4jvFmO9gz9AKm-MuGxvQyYE1Xkvv6fzwDbWQRGDJZOKo7so7kSwOFElH4HlWWlCI3XpEo-s8orM0_NPFfi1-wOoovYemlqsk_TCpcKtGlvoEb0BnuT2rkRXxCr3JL9HdAjZR_PrfBKcwxJkVZQ5w69eRss6nV6HzJUKvvFHftA6eI1eLzt1ILPZj8iMHtC9Wm5Ii5LnDKH_vWpGgztqhOffsCsVunDFbnBFKRgmDbEExgLXHsLuUovyRySeKW0Fw9VmnTHEb7mJxysPcgLCg4Ixt0VR0676vx7kfLz6XQZhqRJ23VTam0M28eVwiNJ1csXtYVOFG6Uw2S1-PpXc_7Nv3IlgbC9sxb0EO_APHfhv8LSQalwjDDqMG-bc6r7AWMSxAzey63PBfmfvYOJNN02nAUtmBCO-qDPnndG2eFV5HF5qRZuV_cG3tMdj9EQISrKgdXtYFOiSkdhIAgyBIvf_U9ebFHOcTtgnK5ALBfTDQ7614E5RldTkppC99qmnfApH_i3PnedUHLn522NyJ6-9eVP2BqFGR45PE3aUcgNPeuXQ-mKNtwHuhzAGvtSeMQiZqoR4KhV4uqgaUHEgJc94Qi3N2YelMiRTVQox-YnsrUBdkJshfnQiU0oQmVpwWNIN7cXPBWRlF0PuBx9ycshwgz8onw53RomkQpFtI8-kJFM9xARSCAkmMy1Yms-exSPN1H7QQg4h_Lz2GKU9lONJ2Lf9qOyrpZcUPb57GuqPYotnGEXXMU0GpSj5bzfa-511cmfwBy8vhJAIM82vMYz-3B2pLr_EtsWqHNVz-ixO_85AHCfLSmfIUlRXrGKdEq0MBoBskdRA-xF4pRZ9OBPR1aDI5cmd2sb6E-anu2mKBrM-UWKJT8c9Yq4IqTHopKwUfeCns_AsWizbUxNKX6n7QDq1eDl-f0EHFcTC5sG7KdcL5zGKw_7NquG08hGBpmQYQ1TOI95uL5SP_c0Q5ghiqItFFpq6zBmGR8tXsxVQjnVEDFoBDsCXiO_fwzoWkuSR-Sy0He8zNJmDBuRXq0kLJMFZbRI3C1VJLcPvv2Q11yE-jTRp9S9aKpKBnJo3Wa6e1PbMmP4_3R63LacolJrVhjBUrBiYQnQY7o0ACv59PjOxXAxx4VTNQ7M_EVokiSOybWTCWSimTyk5BHpCz4OkpolkOrUqA0ac9kOFJGjZ9U-hQA1cL2YgY4FE6pEFTz4ZTgJviUKsw5UUWM1J2KHqdPotkojOPtDKR-WXyAhYtDBWHB4yHyRpMj110iTtlaiNMe8f131Hz8NgNjyNHZEocgbLYlmXaC7G1Qjhz8xddXtzSJyHK0FTSYYk9VPwl3vNuJszsZHvirv_bZV8O7Gcy1idh_XaTR-xxwjQlhe_7z_4W4fruG_cOBYASEEG-lCXnB0Ge8wYXEj8aG4KPpF08wdXyPNZalyfotpaZy-GKb-8BMsGoku00t2wNhSk-gLp-Qxa6G6rSdlKMC5Iulw5GMXChP8U0KKNEc8VPBO898pRtkjxc75jjv9u_SjOiNxRilrfRsBJ_nwzhs9dW-ApDcLZKz7l31qYU3oPfH7gM1rx0IyhYb-qh4pM8FqULhVDILXPjUNfFVa9lVuVMemZAEbut_2BfeMPnPx8jUNJigz0aAO7GJjOq_R5EzYbxydGjPtXOXglrOzP0-QFVJjCkghSwaZPfW7smxCHFAxN_A2QwUqtREojn4z452G1pmsHECgOKbZUrA_lMF32dopROUWCStjbgN-3tNkLJWdINMka_JyzvzGm-1FER8_o75J18-z5to3TJxorqDmdIPxBxfexuzyPWQTiv1LdeGP6Wfm6G51cFr29VfHSwaqgAiGv6Pae0esrA3qLNvblzLvALGE974egE0UyfKhPurngJyQSclv5BU739fVv5QNae4UM00Py6Dit5MnDnngG-kl4-EHMuIdDOojohobgsq_EDuRU-rDJhIKnt2vgGFhu9nwnT9MCyttuX-GFOowAaOlGnwhsKu2GEtdPYg77Z-RKLgFTKzjO_FuWOVYPWrb-BmPoXiGgifsJyoceP2DqArUfwj_xXTAIVSzw_45kfr0djZkPUeK8395vXCs3LtUZU3ORaFIzrYPUcpzfMgFvH-32POI6nzZSK3vI-TwGKywxgiXtkel_tAhn-u8E2_PMlNQFAlPs6ziLkULSEpQor6Jm5qrfR3Ye4drqoYFqRWgTE9J112eie1wRx0Uuz-qDckH1C20oxvLvZrQ6xzTC7lUsKQro6z8r0wtqe4F4amauBUoV_m8lrURXnIzfc7SDJmsvqUQqcPLegi5k8QDr6fBt3TQE1F9Xbp099kinFKxfr-OwMcofjdb970ORucHbhqn3q2jo-NE97lsFnQR3XOZabY916beNO99JHtGVu0Sb9epT9zSoZRsNmRs5IrmJF7G8a2KJDpdwJP6dfT5oT_h2daoHTFd_MV_1ziMkuJkc5jtjzs63TiRh7mx5WIee41-zIy986cYcAMdlJ4huLSR8NmfeY6D4PSbS4Bgb2bVBgj1h1Ij9OYiPWuVs8IBXVaKm9x_qqpqIW5KUmmoHHgyHfyUSzRNgqbDWsbmk3qjsQOqLWUqJ_L6kU_o_xcu4eJdiHH8SZtCvAfd_IKtH7xO0CSyqBQr5h7926WpEZng3KGRefzg5-XNYcPkpGNUDpxP8mPZSvFu2g1mo&cid=CAQSPABpAlJWA8RYSB-E9H8GP8x_OJ-9HfNkehlzGbY8ialJYCmmJnAB9CJL6hSQATAjU0P5m-AV75FN-LpbWRgB&vpa=click&vpmute=1&sdkv=h.3.584.2&osd=2&frm=1&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=2054437229&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.584.2&media_url=blob%3Ahttps%253a%2F%2Fwww.walla.co.il%2F506f3371-f390-4528-8fa9-521d64bec594&sid=80DE81BA-2371-4162-9BDF-A4550CE4B9D8&a3p=EhsKDDMzYWNyb3NzLmNvbRi8p8jJnTFIAFICCGQSGQoKdWlkYXBpLmNvbRi8p8jJnTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGOWsyMmdMUgAUgIIahIcCg1jcndkY250cmwubmV0GLynyMmdMUgAUgIIZBIZCgpwdWJjaWQub3JnGIOsyMmdMUgAUgIIahIXCghydGJob3VzZRiBrMjJnTFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YvKfIyZ0xSABSAghkEj4KBW9wZW54EixleUpwSWpvaVFUQjNlR0ZMTjFoVGJVTkJOVzluTmpZdk5FZHdaejA5SW4wPRi3r8jJnTFIAA..&nel=0&eid=44752711%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&ref=https%3A%2F%2Fwww.walla.co.il%2F&url=https%3A%2F%2Fwww.walla.co.il%2F&dlt=1691566085066&idt=1117&dt=1691566087149&ged=ve4_td2_tt1_pd2_la2000_er1861.200.2208.816_vi0.0.1200.1600_vp0_ts1_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f154.1e100.net
Software
cafe /
Resource Hash
70cd5572e967590d2f082f4c43e320648b73f17fd019b27b694a09e1b8ea480f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17558
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 44B0 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
Origin
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 20:24:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 20:24:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230807/r20110914/elements/html/ Frame 44B0 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230807/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BeHQi3g4g6ezeq9kbglmqwQAlDNMsFFWjmURIFMM_Vyn2bPu1TJ_Pv2LYNZIhg1voXpAVGbw7n8D2FLoXc47-PsT80dFvqgvVX5uCpOUlnOUIBGvenKIj_37YwHiXkJx-26eYpjBzcVWWdHUaKSNO6hN7BfHm5i8CpE5qTbsPw1y-yXcw&dbm_d=AKAmf-D28k5FZaQ8em4Eu-R6NZpjI54KIBKyM8uNgDWCMw8At_ah2912VFiVKAAQ2Ti3BxYfJHyiXCkhcHLqFTcSy4P6KHj6z2A2PkvdTSIaVMZ02CijecxsTy_eMBpeseztT6XNi6vkdUWyb2CgxDmZ5hDIza2-bWSbyt4epyNSqshTC3ZLMbzibpiB_5tLbKidVFSD3Go1P0Xtn1yPc8EvpSMRoEpmTZgKd8c930XI8I-qV7mcJw4m0F4jeUaPTBJNp4PlPywwpufHDegqKD-rvbRIjqtN0NrB5FuwBvNcLMtGRmoy_WiZ-gBbddYgRKrmndE5g5f_IWeqpQYUZaZlVftFtJdTPJKlkuOrogj_bGq3pqiNjJrDC1ZDbacgdbP1H39Br-R-giMxzFx6YMQ4QLHKuM_lLdTEfW0-9GM4uZHEU8in0y0o_KY7cMyOt0wI_Xa1AkwKDlZ0yXR7XhslE54ft35nAxttqho7ZN-k6qraTwYCJvnaLnoyCSHMjNdZQpm__WrrkWJnM-hltaCbRm_eKZ7g6OxgDEMXZbw1YKlpvGxvQG5gW30IsG1LTfDkzJ4tPTDFTPZhna0ohWbbgiZNxFr4q4x3hyjee1yEZKbOpnRPWa-7Ir68WBnq1I5sw09RgDxAAJi9LZwP380TlK0rs7tjdt2Oj9396GCluifokKBVKRlGH-RxgrsNEstET83bR8Fm1Gb6_KKGaBPqhfyULTdxSQf0fNinp3EOAawKKo8DsSnqeLnz2nNnnyPsT3Pb3LCohu9B9m1gbj8luTVTXxdkNHR6FgCAc_HYOVbVnCxFcUjIAHzmeFm4YkyQB6mqM_TNX3nHQxV-T-Yymt1CvuTMHobycVhV-ji0wufU_nBY5jGs_3zlD2u_mhv_4huEYkGKgo9YxIO8XpkLOEIyJCFeqZvBaZo1bzN_QD97E0FwuQT0Ef41xvcf0B0C7bci_8lt3g_5rI1xBs9uLTy3IHktHy_N3g3bdbnbY2pn8zczu5Qhzgm_2ffZzrOV9dZJhREgEVEvQt9T_PXuQxMxAdyOg-nNnFu9EXkvUkMK2YiEtmvtu6GH9U6bt7xuzn7Q2ngtEbzfx2OwSSAg6QZnxq9u3-M-vKWJORcnSFAMf_hf4Rr2x_ntKINbcAN_CMOqYpm38j4HLvUJSQOal0yz6iueblmcojum2_1ZdzMCkBb6Esu2IpHszyplrVhOOmXceCcnJyjKRenXck5nl-jjfaHVo5MEdGVavXojE4wkFAbda7hl9BFPi5ZuYSnQGpDl1LbdO5Ca6PnRIbzYUM0QcYyikzO9S88c-UfWBQL0e3SNfdgV6fACwXIIEBlITdza4rQ9G-52aQ03yo9PbONhXKZiCn2Ca-xqvGsm1xaZNj6hXWlWnuQ7D2aTSkAV7pZ6vqXNo97H6T47kv8_Bf8qXh66WKlhUQKnOPxLAc8MPtAJEmtyFYYzbi4G0pJmg8l-r_3AQWQ2yJbKhuB3cjikuOocjfpLuKrkDfaVV4W2UnhmMH8dds6NRAjfzpBMAmXGRritrgrQiTLYVbQhRmpDCBs0nTC7mbXuf_UhcW5j9Pyrj7c2WamwqmrLafd2wFnJcwEukNPzShXkzsonMN0kK3VEoIoM5AtHca2iE5-Yqih9FjKWMBfg0hQh1Rq0LQIhw8KUXtugswQqFlkAliPPYZMsbxHI8PPWVM8hIiSU5ntA1lkQQ9nuPRTTdmRwbfGml7QmtIUgmZhTwVdd5Onnm0bjGardS5nrUgOQapyJZNQ_6Whc6vMYVbF-bT83LW31wZ6gjCwgAE9ZOeuvt7E1_E7k92Wr4k3RvYfGUe1XIUlJgchWWESDK5WzTBdLhtbczhNM7enrYfYmap3YS_LWi_meohgvsuLn4hJnhTxJ4WbUPvmE6REpg1SFILTBOA4q3jcTbQDGN3phlIXUrpx39UDJJZoOSNNPPzARX1hKsP-LmBR062UZZ1e8mgtKvNt1xoSbwDOLBuYaagXrF8j8ERzLXiRk62I8r59YUBGXTuEx-oaFb4PxFSCcNsf95QcpyVmLR_fODMD1oVKubaCYcMqjBdRXNlk--JGFNHuT7278YoPccKWrOTPJnZ3nBDuBDnJMlXFnwEN1ertc5QYxbWGQN2KwlM4bKC-8mNGwALa5QbKDFGbCTd-EFvmhdy43my0i9rOhp4A-nkCtNjq1hLGOR40QCTS4Mo3UJhXxOUhnKWcUO5ch83nmp3JJqr2uhqW9oRh5cmm4oSS3VuW5YQyFruj3zloMerT2ODusYOpOuvdVwG0CsFSq7nYRtavqTPaK1fHJalWaBR-R-WfDh1BQGNvrS-CnCXHXAr3jGuqdWb7fZuxU0_TMBqO02zsVLqyTTpTZ6uH5pOFquGRaBVgWfjU1sbBdR2RkrW_ow0WNBgwly6_5B83rTzxmf5tuY5qydkC7oNDFf-zRDAmmRf_K4vAW5rPiVSvbj_4ig-sN0DG5AmjiXbsMbdX3PUcKJjrOpni_Y11IwFxYdKflDqdzqj6Lq4L8IR-Ya35RuHQ1t0afxuDilU4JcTeIaWE-grF4SjZs_zxv6ig1_HuENxG3stKt1Gvs659E6WC0Pqkgq-Rls-keuENVnHUegLEkboWdvG561giA-2mHVMJ4cjy-HfV-cDutxJcNI0qWkJOGrRgQnPr98L3oYov58EkUn2719Ix4AeX5zaM5QLXsuaQBxK-DeNP7A0_4KlCvhnrWZbNS6sgeLdAHfQTmDsSuMEZVix0r38O_rXR0e49KjYjgA5aUkPgL1v78M9gvBssgp4lZ-ZgZDzrcQL48slbz7_IUj6tIqNifpB2RQa5ju5rsGy8Vpv11JIkXPRZD2uwXusPM1vW6g2_ZTSCexZTmkHvIZTUBVn5Wf7lkhCPIr080NEL4ox4-8PJgNm3jqWAw6VFk2I6ac7QCg2bUzQ5Go8rGP3klA9oHCFXI_JB3g-haI2WhqTc9jlqFAe3il-9IDg_7PA6B_OkQhVkt42BXiuOoI39fNl0sA-UUv4joHNZXGVR-HzmQbRjgEM3lSdaZmXRcr0CYrT3Q9usY9ZoJsmfiThfIumzBkns9DTyvBM8x0JmNNJW3iXXwcE2PQa1JES-er3m0jhj-txhaijKpZkRMxkTcES3FduHpTdbMBR92UYcnqUJ5WkLaC_b-5t3qDOgZNyJmB55AM4hajv4grBw-wcuWxQsXGZQboAfzG3R2i1IfRk1JqHHV4SoFRtU2O_9wbk2Dn20IdLLpU7NvAex3bUVsaV6glXLTQgTraEfW50N33FZSvqJxrK0QOB1_BegC1h_whGIkgx254aNngYwE7bKEKexbxUKp1-4xiFAPsvY7eeeh5lDtVrh5FpL21OfysePWjQYODWGGZoQ5bumQKFa57kdtQFtWmfptY_xhNVXBr_wWZMH_-exHfLGOB2QZGvE-uKjBeKjhG5nhQQyKVVl5SSHwu3FCq3r5yUUzrOLp4yzLtOWE1Vw2tluTACZsnh3HpfFqMIQ9nir1BqZfYxS-MZphYfJmRYq9YLTaHh8jO8oMsscWDRSSL4OQbY5TGvicXEladLYvu5so-RAvziPizoVDmOo_xtWX4VufJ6GjfWuqowj7mwC6z4D9RsY-DCAvnBABFNSMifq8wjh3gZkScoCdU_2ezNAjVLYRnw&cid=CAQSOwBpAlJW4wv-dUkyNT8YymQtvhoxIB78cHBUs7QVA72eZShb3nxUVWDQV4o0bLKUUqUy3sfThfaRggrcGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=1583146144171357000&adk=1033480531&idt=71&cac=0&dtd=85
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:22:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
329
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Aug 2023 07:22:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230807/r20110914/ Frame 44B0 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230807/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BeHQi3g4g6ezeq9kbglmqwQAlDNMsFFWjmURIFMM_Vyn2bPu1TJ_Pv2LYNZIhg1voXpAVGbw7n8D2FLoXc47-PsT80dFvqgvVX5uCpOUlnOUIBGvenKIj_37YwHiXkJx-26eYpjBzcVWWdHUaKSNO6hN7BfHm5i8CpE5qTbsPw1y-yXcw&dbm_d=AKAmf-D28k5FZaQ8em4Eu-R6NZpjI54KIBKyM8uNgDWCMw8At_ah2912VFiVKAAQ2Ti3BxYfJHyiXCkhcHLqFTcSy4P6KHj6z2A2PkvdTSIaVMZ02CijecxsTy_eMBpeseztT6XNi6vkdUWyb2CgxDmZ5hDIza2-bWSbyt4epyNSqshTC3ZLMbzibpiB_5tLbKidVFSD3Go1P0Xtn1yPc8EvpSMRoEpmTZgKd8c930XI8I-qV7mcJw4m0F4jeUaPTBJNp4PlPywwpufHDegqKD-rvbRIjqtN0NrB5FuwBvNcLMtGRmoy_WiZ-gBbddYgRKrmndE5g5f_IWeqpQYUZaZlVftFtJdTPJKlkuOrogj_bGq3pqiNjJrDC1ZDbacgdbP1H39Br-R-giMxzFx6YMQ4QLHKuM_lLdTEfW0-9GM4uZHEU8in0y0o_KY7cMyOt0wI_Xa1AkwKDlZ0yXR7XhslE54ft35nAxttqho7ZN-k6qraTwYCJvnaLnoyCSHMjNdZQpm__WrrkWJnM-hltaCbRm_eKZ7g6OxgDEMXZbw1YKlpvGxvQG5gW30IsG1LTfDkzJ4tPTDFTPZhna0ohWbbgiZNxFr4q4x3hyjee1yEZKbOpnRPWa-7Ir68WBnq1I5sw09RgDxAAJi9LZwP380TlK0rs7tjdt2Oj9396GCluifokKBVKRlGH-RxgrsNEstET83bR8Fm1Gb6_KKGaBPqhfyULTdxSQf0fNinp3EOAawKKo8DsSnqeLnz2nNnnyPsT3Pb3LCohu9B9m1gbj8luTVTXxdkNHR6FgCAc_HYOVbVnCxFcUjIAHzmeFm4YkyQB6mqM_TNX3nHQxV-T-Yymt1CvuTMHobycVhV-ji0wufU_nBY5jGs_3zlD2u_mhv_4huEYkGKgo9YxIO8XpkLOEIyJCFeqZvBaZo1bzN_QD97E0FwuQT0Ef41xvcf0B0C7bci_8lt3g_5rI1xBs9uLTy3IHktHy_N3g3bdbnbY2pn8zczu5Qhzgm_2ffZzrOV9dZJhREgEVEvQt9T_PXuQxMxAdyOg-nNnFu9EXkvUkMK2YiEtmvtu6GH9U6bt7xuzn7Q2ngtEbzfx2OwSSAg6QZnxq9u3-M-vKWJORcnSFAMf_hf4Rr2x_ntKINbcAN_CMOqYpm38j4HLvUJSQOal0yz6iueblmcojum2_1ZdzMCkBb6Esu2IpHszyplrVhOOmXceCcnJyjKRenXck5nl-jjfaHVo5MEdGVavXojE4wkFAbda7hl9BFPi5ZuYSnQGpDl1LbdO5Ca6PnRIbzYUM0QcYyikzO9S88c-UfWBQL0e3SNfdgV6fACwXIIEBlITdza4rQ9G-52aQ03yo9PbONhXKZiCn2Ca-xqvGsm1xaZNj6hXWlWnuQ7D2aTSkAV7pZ6vqXNo97H6T47kv8_Bf8qXh66WKlhUQKnOPxLAc8MPtAJEmtyFYYzbi4G0pJmg8l-r_3AQWQ2yJbKhuB3cjikuOocjfpLuKrkDfaVV4W2UnhmMH8dds6NRAjfzpBMAmXGRritrgrQiTLYVbQhRmpDCBs0nTC7mbXuf_UhcW5j9Pyrj7c2WamwqmrLafd2wFnJcwEukNPzShXkzsonMN0kK3VEoIoM5AtHca2iE5-Yqih9FjKWMBfg0hQh1Rq0LQIhw8KUXtugswQqFlkAliPPYZMsbxHI8PPWVM8hIiSU5ntA1lkQQ9nuPRTTdmRwbfGml7QmtIUgmZhTwVdd5Onnm0bjGardS5nrUgOQapyJZNQ_6Whc6vMYVbF-bT83LW31wZ6gjCwgAE9ZOeuvt7E1_E7k92Wr4k3RvYfGUe1XIUlJgchWWESDK5WzTBdLhtbczhNM7enrYfYmap3YS_LWi_meohgvsuLn4hJnhTxJ4WbUPvmE6REpg1SFILTBOA4q3jcTbQDGN3phlIXUrpx39UDJJZoOSNNPPzARX1hKsP-LmBR062UZZ1e8mgtKvNt1xoSbwDOLBuYaagXrF8j8ERzLXiRk62I8r59YUBGXTuEx-oaFb4PxFSCcNsf95QcpyVmLR_fODMD1oVKubaCYcMqjBdRXNlk--JGFNHuT7278YoPccKWrOTPJnZ3nBDuBDnJMlXFnwEN1ertc5QYxbWGQN2KwlM4bKC-8mNGwALa5QbKDFGbCTd-EFvmhdy43my0i9rOhp4A-nkCtNjq1hLGOR40QCTS4Mo3UJhXxOUhnKWcUO5ch83nmp3JJqr2uhqW9oRh5cmm4oSS3VuW5YQyFruj3zloMerT2ODusYOpOuvdVwG0CsFSq7nYRtavqTPaK1fHJalWaBR-R-WfDh1BQGNvrS-CnCXHXAr3jGuqdWb7fZuxU0_TMBqO02zsVLqyTTpTZ6uH5pOFquGRaBVgWfjU1sbBdR2RkrW_ow0WNBgwly6_5B83rTzxmf5tuY5qydkC7oNDFf-zRDAmmRf_K4vAW5rPiVSvbj_4ig-sN0DG5AmjiXbsMbdX3PUcKJjrOpni_Y11IwFxYdKflDqdzqj6Lq4L8IR-Ya35RuHQ1t0afxuDilU4JcTeIaWE-grF4SjZs_zxv6ig1_HuENxG3stKt1Gvs659E6WC0Pqkgq-Rls-keuENVnHUegLEkboWdvG561giA-2mHVMJ4cjy-HfV-cDutxJcNI0qWkJOGrRgQnPr98L3oYov58EkUn2719Ix4AeX5zaM5QLXsuaQBxK-DeNP7A0_4KlCvhnrWZbNS6sgeLdAHfQTmDsSuMEZVix0r38O_rXR0e49KjYjgA5aUkPgL1v78M9gvBssgp4lZ-ZgZDzrcQL48slbz7_IUj6tIqNifpB2RQa5ju5rsGy8Vpv11JIkXPRZD2uwXusPM1vW6g2_ZTSCexZTmkHvIZTUBVn5Wf7lkhCPIr080NEL4ox4-8PJgNm3jqWAw6VFk2I6ac7QCg2bUzQ5Go8rGP3klA9oHCFXI_JB3g-haI2WhqTc9jlqFAe3il-9IDg_7PA6B_OkQhVkt42BXiuOoI39fNl0sA-UUv4joHNZXGVR-HzmQbRjgEM3lSdaZmXRcr0CYrT3Q9usY9ZoJsmfiThfIumzBkns9DTyvBM8x0JmNNJW3iXXwcE2PQa1JES-er3m0jhj-txhaijKpZkRMxkTcES3FduHpTdbMBR92UYcnqUJ5WkLaC_b-5t3qDOgZNyJmB55AM4hajv4grBw-wcuWxQsXGZQboAfzG3R2i1IfRk1JqHHV4SoFRtU2O_9wbk2Dn20IdLLpU7NvAex3bUVsaV6glXLTQgTraEfW50N33FZSvqJxrK0QOB1_BegC1h_whGIkgx254aNngYwE7bKEKexbxUKp1-4xiFAPsvY7eeeh5lDtVrh5FpL21OfysePWjQYODWGGZoQ5bumQKFa57kdtQFtWmfptY_xhNVXBr_wWZMH_-exHfLGOB2QZGvE-uKjBeKjhG5nhQQyKVVl5SSHwu3FCq3r5yUUzrOLp4yzLtOWE1Vw2tluTACZsnh3HpfFqMIQ9nir1BqZfYxS-MZphYfJmRYq9YLTaHh8jO8oMsscWDRSSL4OQbY5TGvicXEladLYvu5so-RAvziPizoVDmOo_xtWX4VufJ6GjfWuqowj7mwC6z4D9RsY-DCAvnBABFNSMifq8wjh3gZkScoCdU_2ezNAjVLYRnw&cid=CAQSOwBpAlJW4wv-dUkyNT8YymQtvhoxIB78cHBUs7QVA72eZShb3nxUVWDQV4o0bLKUUqUy3sfThfaRggrcGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=1583146144171357000&adk=1033480531&idt=71&cac=0&dtd=85
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2166f0d302a1be49c618dbd4a9a7cfa47b7967f4bf9c4947d88419b89c98314d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:22:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
329
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11541
x-xss-protection
0
server
cafe
etag
12315695366903653922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Aug 2023 07:22:38 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 44B0 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 19:58:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
41351
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Aug 2024 19:58:56 GMT
11214a786566d11f10c543b3b198e43a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11214a786566d11f10c543b3b198e43a.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
7130e37a873c8234a49f75f3f2074e07c102821f62f1c980520edb1e69106d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11214a786566d11f10c543b3b198e43a.png
age
1010399
edge-cache-tag
574247125522840752726235563194904744788,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
cache-tag
574247125522840752726235563194904744788,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
fastly-restarts
1
content-length
28541
x-request-id
1035c05e678b32adb10cbebbcadda0f8
x-backend-name
CLOUDINARY-FALLBACK:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by
cache-iad-kiad7000097-IAD, cache-iad-kiad7000097-IAD, cache-fra-eddf8230031-FRA
last-modified
Tue, 25 Jul 2023 10:38:48 GMT
server
cloudinary
x-timer
S1691566087.170253,VS0,VE1
etag
"51d759e62a7372c83c5177ab192a079a"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1
all
csm.eu.criteo.net/ Frame EEFB 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=zjK1Z6oo7hQZ5HEVxWa_i9qJxJJfZ10vV1bUJjYpNbifkIAenjw1BO1BqR4HDIXbaPuUu2T9M4lRVhv8pqD9yAQhMBDu-6-edYDGKvXw9DuRpvIs3wTbU-0MlFncjhwvOIP2UQ0ycaGQ3Omcs5K5IIe21vreqSoxAtRjElYzXsCDCToz_haRc9_lqX4jxh1FmMSgSDSlDsP94zFrAi9GwND39SN5jFHa9OmSgU059e-XpnMJIscbsSzhTuQ&sds=2&rev=87880&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 09 Aug 2023 07:28:07 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame EEFB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 03 Aug 2024 07:28:07 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame EEFB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 03 Aug 2024 07:28:07 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3854 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
14577
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 03:25:10 GMT
etag
48472445140208031
expires
Thu, 10 Aug 2023 03:25:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 44B0 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5fc21e5811a957597c0425ada387b0b1bed39b58a6fac3b3bdac2ef8a555132

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame E67B 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
Origin
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 20:24:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 20:24:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230807/r20110914/elements/html/ Frame E67B 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230807/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AumTS8Jc6brKdJekGk_8O3SoxmfwcJxqSxIg1F2PbZQ8YAEi6uNFvEFEw5wYAI3MGaMG6c5p5Np1JE8wTfSPPr3obRsgtqw46dtUJb7iVEQ4h1S5do9rN3BBj7BXy9QxL2xjG7j2LcOU9Fck6Cf_ojtlbTtnDXzh16NOJbSfOcJJPDTIM&dbm_d=AKAmf-BbHXXel-t7M3AG-pxmPKvvBoJLU0jDBNriw2ooYErKeshWBC1JPwpjmPNKy9VrdQjN4TBI2ORjRZoPvl7R5VDlDuBf60qhJkK3ztEF83pbDtHH7wQlW1G3IxluxdkSgNaNKelxiX4DAvTx8nHVTvoZn9S03BOedR7UXhyM8jHcerEJYwH8pe8HiB0C4JwMKTTgDy-WSprna7KdeIP_L6OzhifQ_KEa_fgR1wIcMYt3H4CpmTdF1-YOXfPOZli-ySj06rJ-Lp6TpehquySBWna2teOhBBgJDJO6hODX66ILLLMhe3HI0xP7mCVIRBMhCXGs3SlC81L4H4XpGd5ikdPMCelTKbVfRJWxsdfD2hFm1330xuVomXKzzkXsccy4M6AYc8q9-w1VWu69pHj4HElvITL3fnWN84Y9NBK0m5xdBAuL61NAmjZdztQpH3higTYn7gmdSANIvdEmoavARzesYdk3yzJZEjM0nL5cdEBOBY5KR4PIvwBRiiDp0zjPPAd39Kj6oEbPmfWMV3J4C5T8_hsKlmHd1SWtXU4HEuUtHRT0i2W4LCKjPvL1EJlWI7RYGEx478ywhBXE02HPcpWgJkjRGPIcj8cFBvxiuZdx6VGLxUAoBIcLjM4tlGn9vpIizAKV7CEclGxG3vFNobnvYTOa6c12CmBGMaKqyKgMbToPLcJeeIoYwBqFVOwBrZephBoc3m4fgzqaD-ntY-5BOl51g-2v0vz-QfWFacutPGjqV9fPTriYeGdratYGRcSnFaVQpaL1RuX-FmOLEAQZhMVX3Sk94QY01acKLOg9lpoql-GXQba3iH0E6hp5E95C3fXNGHOPVT75y3HGm7S33TuBu9jODDCbnCJLYoDnuWEIx_PzUqODTOnXqh-A8slLLcPRu34Tsb2fsxeGVQKkcaTrEj39yC-vsckWC8Dq21fflUphKH4ew740b0YEXppg3tzZP5Dq9yf1H1mnzJ9cBpCzrUzMiZfjahBXffyq473YfC_Bsn0DyVUSEoR6O-rUi_IGgwa4v_XQcJovLkU1RLn1xF8LfKPGRyyNvXaKFT52IlWqpIcL3wRnWfkGcGYyMUZg4kL5FYU9KF8hx0oB8vkuH5kCf8vitNdDIPzdjmZ2kHHInTR7qtUTRzH0aw-OYo8PVKJ5HCIOy7pomOBSJVRm55GqfRMxb-wpHB1otJStJ61K0W7dFT5IQiwv59uP5GXz9e4Ao5A1KDqEL1JXP7A3-U1I6kMXhotrZ_FczvdbJyvKaXY9GlkCgz-tRH5HVjKSMIqmgxAQyQr5j5Pkp--0X7DGhjgTeFPu5SsI-ay49kalmx_0tDV6KA6DuhAybkSusq9fLdvn56QRSlDW5r4h6xh17bZgeJbXJjwuZJ-lDB394BnYqWWNHE03WD1DJ9GQsCMCGRV9ep4kd6cK5b6c9eWpWdxMgSekEbc2ayfrfrte15aYkEmvsRqpD9rUvvlIMC5EyMAGkPeEoazlxCTm9CFBP4TC2D5BNZHFK9v71xJDOH5SsP-is2MUS5uDkqYAfQeFI5FmwT2qKDuXybYJaKO-d72c2byiWdBBPOHKeFcAU_PZMOiCE7g4ThqBjg9QwylPnjMv8xftj4zLtziGWXD7lIJthCuUMYBRmUIzToR-lzgI6o3BMROJ2HWslTVS1krnA0riUJIjJZnxFjpbZFPa7LAE-cSXKRl8gZLh3VucpXqIPXNOeMw5NPMScPR-jtu7FiGOTzszVikaIc6UaWFeKqy1ISS-plamUIqFav52cxgCc_x1vo-nqN50i11GrEge096yEBgiMFPZeKoNaN2hu01NtNhUBWvwHXXhfjIzfGloBLXNNRn7XDESm5i5LyBM_KVHKZrMvVxU7E0cLVvvxltaFF7gvg7m7WpPs978tvlHAJRPbYduekESJ9gpk9tk9sUckYxV7cSVUfM9M2wZ0ecMvOAN7iyc7E6vWUJkznbmDIhbumCvBErb2UVpRedQoT-bold2iGLiFHex3OsvIW2tQBEiSVfNCEo6GBUIjfritWOMYTuEYKOOH8YCvIlZ3brhs8AdkkIMHZ1q0ShAVK4Kt31u7c_CtyPbRa6JjMci6O5nirOkzb2OCdfYGlGU4JMVLXC6oNC6lwv5xckgNOT5RIXOvIpliAoJcG0YpJyKbCE1QEOaaE--0OuiTA0gP6hKkaD-ubGcMXoOFBkitPVmsDJoHk48yZ-iNC9xYI-H8MfAcWEDfu2Tvo9VQX0lLJ6czI2S-NYQ5qjSLXykZEfhmi6WEWOvfpelcddMy340gq9UEMC_yyQIs7B69VYUReyUcxK6XKUBT43OeLTuOz0TxXXIahpSHane-syiFSwhbhcL0Jgvta38wDRIrNXioHrz7E5KkmGpCyFl3WSIaDVHszcgGWBmD_mLbYB9aMiBK9ivlmBA-RP5fyVFBs40FJwZW3ldaJW2nAhX7nJVTvQ0umsj81lfz0PGLUJJaiIxWNC-PUkBGeCBWvjPGAvsmoj6CGIw2xSDF3wF_DW9cntZYnz77CByajsj89Dyk44WtZULEb0gNRnd9rqmvQPfH9ToAco-F7GXvS8sx0tnpZBCAimQLK-8Tz5puPDJweALOsyURCf2LNDymAoIAeFg5shF86vAbZrc1dWmUUCoZmn2_q35ffUCDeqGOSANEtPD3yrCmqbfeo_MupTxLaFCZIxuhGEl7HRo0bJT_8Ezm4JAHtZTakT44YT3boe3e-4wRw2H2LSfCoPXHtRy6GQ2rxLVPzIMvZE0vT7E-t6okBiEqyy8MrB3A6IGCcQODwvusGco-91Dp7R8ozUaV-A-vBLReNVHe7WOHYARiSd138U43KmlGRW3gly-kfxQOcKriZ9oAK-zQjTv9aaLyvoL0_N7mXF876SkyHB8Che5qZ90WwlJpXooCdRj-F1BJqWB2lHarrx1GYebwqoPZLItzpLLA5N9V2kU5WUPgd0o_Ume12o4VlPRX2rvBZxrI7TQ2Rs0at0URCxfoOCNByhlpVAO83RYXo6TOfjXvrSGbX6REbHVlQzY-QUWPLAsdi8IUGZfWehNusCvDdqSMfuLrW1vX8oXxJNvs3O9Bh57EjLkXDTT-ncRHXwZBYeGUPyAU5d2RbYQtMNvEQoEuKK1z1Z6A2iKCaZwhbnPiFTywQQbiUXSR8F7Q62i_2A_tth4FeWBu0NxRwP9JkRoVexxokru8m3dp7zSWT0FCfpJJsorglZt2k4Z36TVbnb-c0jPSXLSgyTcBMP5a8BJPKdS0oi-37Z2-P5dGXdNKWXLxUPCzjGBbLZFfnvbdnPrQkDm5yCETM51kAQOIDW92rbpzvSRvpTAE4CQ9wSJQsEe65enUgY1Idyb7ZB-C5AfW9HmnE7JnjbMJB0URrUiXzD1kd6dF4Pcm79ZYHAPLk4xZ7D7WruMnWhDE10FN9r6FJ2r3OiEDWHTsWHRQ1Ckdj0MHIIYYxxFIatAMuVV0pksMV30sRL3RSQupB0dGwdOzEOiXTA_1n9b7uUOVyuwzccsmgaoSXgKS_xTXaPZnmNxwJcqiKMJvsVfo4ZZ8qO_QP8w8EwuShMv0yXLyw8GV4VtUqUP9nrG54LYaaoDQqJW2r90Gds4LJv27VB6GTiBqoib3IEyb_-Zes4Zqe7W0mhk1WEO6hTXXS0T95YFvt4cBfCC22cuj3JlMT-bhcOmaE4vEO8aZVvoY5N5AlRXVid2q-TWiQcru1pWS-Y-kI61GtQ99bmM60AF5WTFXz0&cid=CAQSOwBpAlJW4wv-dUkyNT8YymQtvhoxIB78cHBUs7QVA72eZShb3nxUVWDQV4o0bLKUUqUy3sfThfaRggrcGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=5254536827591250000&adk=4188270525&idt=139&cac=0&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:22:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
329
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Aug 2023 07:22:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230807/r20110914/ Frame E67B 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230807/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AumTS8Jc6brKdJekGk_8O3SoxmfwcJxqSxIg1F2PbZQ8YAEi6uNFvEFEw5wYAI3MGaMG6c5p5Np1JE8wTfSPPr3obRsgtqw46dtUJb7iVEQ4h1S5do9rN3BBj7BXy9QxL2xjG7j2LcOU9Fck6Cf_ojtlbTtnDXzh16NOJbSfOcJJPDTIM&dbm_d=AKAmf-BbHXXel-t7M3AG-pxmPKvvBoJLU0jDBNriw2ooYErKeshWBC1JPwpjmPNKy9VrdQjN4TBI2ORjRZoPvl7R5VDlDuBf60qhJkK3ztEF83pbDtHH7wQlW1G3IxluxdkSgNaNKelxiX4DAvTx8nHVTvoZn9S03BOedR7UXhyM8jHcerEJYwH8pe8HiB0C4JwMKTTgDy-WSprna7KdeIP_L6OzhifQ_KEa_fgR1wIcMYt3H4CpmTdF1-YOXfPOZli-ySj06rJ-Lp6TpehquySBWna2teOhBBgJDJO6hODX66ILLLMhe3HI0xP7mCVIRBMhCXGs3SlC81L4H4XpGd5ikdPMCelTKbVfRJWxsdfD2hFm1330xuVomXKzzkXsccy4M6AYc8q9-w1VWu69pHj4HElvITL3fnWN84Y9NBK0m5xdBAuL61NAmjZdztQpH3higTYn7gmdSANIvdEmoavARzesYdk3yzJZEjM0nL5cdEBOBY5KR4PIvwBRiiDp0zjPPAd39Kj6oEbPmfWMV3J4C5T8_hsKlmHd1SWtXU4HEuUtHRT0i2W4LCKjPvL1EJlWI7RYGEx478ywhBXE02HPcpWgJkjRGPIcj8cFBvxiuZdx6VGLxUAoBIcLjM4tlGn9vpIizAKV7CEclGxG3vFNobnvYTOa6c12CmBGMaKqyKgMbToPLcJeeIoYwBqFVOwBrZephBoc3m4fgzqaD-ntY-5BOl51g-2v0vz-QfWFacutPGjqV9fPTriYeGdratYGRcSnFaVQpaL1RuX-FmOLEAQZhMVX3Sk94QY01acKLOg9lpoql-GXQba3iH0E6hp5E95C3fXNGHOPVT75y3HGm7S33TuBu9jODDCbnCJLYoDnuWEIx_PzUqODTOnXqh-A8slLLcPRu34Tsb2fsxeGVQKkcaTrEj39yC-vsckWC8Dq21fflUphKH4ew740b0YEXppg3tzZP5Dq9yf1H1mnzJ9cBpCzrUzMiZfjahBXffyq473YfC_Bsn0DyVUSEoR6O-rUi_IGgwa4v_XQcJovLkU1RLn1xF8LfKPGRyyNvXaKFT52IlWqpIcL3wRnWfkGcGYyMUZg4kL5FYU9KF8hx0oB8vkuH5kCf8vitNdDIPzdjmZ2kHHInTR7qtUTRzH0aw-OYo8PVKJ5HCIOy7pomOBSJVRm55GqfRMxb-wpHB1otJStJ61K0W7dFT5IQiwv59uP5GXz9e4Ao5A1KDqEL1JXP7A3-U1I6kMXhotrZ_FczvdbJyvKaXY9GlkCgz-tRH5HVjKSMIqmgxAQyQr5j5Pkp--0X7DGhjgTeFPu5SsI-ay49kalmx_0tDV6KA6DuhAybkSusq9fLdvn56QRSlDW5r4h6xh17bZgeJbXJjwuZJ-lDB394BnYqWWNHE03WD1DJ9GQsCMCGRV9ep4kd6cK5b6c9eWpWdxMgSekEbc2ayfrfrte15aYkEmvsRqpD9rUvvlIMC5EyMAGkPeEoazlxCTm9CFBP4TC2D5BNZHFK9v71xJDOH5SsP-is2MUS5uDkqYAfQeFI5FmwT2qKDuXybYJaKO-d72c2byiWdBBPOHKeFcAU_PZMOiCE7g4ThqBjg9QwylPnjMv8xftj4zLtziGWXD7lIJthCuUMYBRmUIzToR-lzgI6o3BMROJ2HWslTVS1krnA0riUJIjJZnxFjpbZFPa7LAE-cSXKRl8gZLh3VucpXqIPXNOeMw5NPMScPR-jtu7FiGOTzszVikaIc6UaWFeKqy1ISS-plamUIqFav52cxgCc_x1vo-nqN50i11GrEge096yEBgiMFPZeKoNaN2hu01NtNhUBWvwHXXhfjIzfGloBLXNNRn7XDESm5i5LyBM_KVHKZrMvVxU7E0cLVvvxltaFF7gvg7m7WpPs978tvlHAJRPbYduekESJ9gpk9tk9sUckYxV7cSVUfM9M2wZ0ecMvOAN7iyc7E6vWUJkznbmDIhbumCvBErb2UVpRedQoT-bold2iGLiFHex3OsvIW2tQBEiSVfNCEo6GBUIjfritWOMYTuEYKOOH8YCvIlZ3brhs8AdkkIMHZ1q0ShAVK4Kt31u7c_CtyPbRa6JjMci6O5nirOkzb2OCdfYGlGU4JMVLXC6oNC6lwv5xckgNOT5RIXOvIpliAoJcG0YpJyKbCE1QEOaaE--0OuiTA0gP6hKkaD-ubGcMXoOFBkitPVmsDJoHk48yZ-iNC9xYI-H8MfAcWEDfu2Tvo9VQX0lLJ6czI2S-NYQ5qjSLXykZEfhmi6WEWOvfpelcddMy340gq9UEMC_yyQIs7B69VYUReyUcxK6XKUBT43OeLTuOz0TxXXIahpSHane-syiFSwhbhcL0Jgvta38wDRIrNXioHrz7E5KkmGpCyFl3WSIaDVHszcgGWBmD_mLbYB9aMiBK9ivlmBA-RP5fyVFBs40FJwZW3ldaJW2nAhX7nJVTvQ0umsj81lfz0PGLUJJaiIxWNC-PUkBGeCBWvjPGAvsmoj6CGIw2xSDF3wF_DW9cntZYnz77CByajsj89Dyk44WtZULEb0gNRnd9rqmvQPfH9ToAco-F7GXvS8sx0tnpZBCAimQLK-8Tz5puPDJweALOsyURCf2LNDymAoIAeFg5shF86vAbZrc1dWmUUCoZmn2_q35ffUCDeqGOSANEtPD3yrCmqbfeo_MupTxLaFCZIxuhGEl7HRo0bJT_8Ezm4JAHtZTakT44YT3boe3e-4wRw2H2LSfCoPXHtRy6GQ2rxLVPzIMvZE0vT7E-t6okBiEqyy8MrB3A6IGCcQODwvusGco-91Dp7R8ozUaV-A-vBLReNVHe7WOHYARiSd138U43KmlGRW3gly-kfxQOcKriZ9oAK-zQjTv9aaLyvoL0_N7mXF876SkyHB8Che5qZ90WwlJpXooCdRj-F1BJqWB2lHarrx1GYebwqoPZLItzpLLA5N9V2kU5WUPgd0o_Ume12o4VlPRX2rvBZxrI7TQ2Rs0at0URCxfoOCNByhlpVAO83RYXo6TOfjXvrSGbX6REbHVlQzY-QUWPLAsdi8IUGZfWehNusCvDdqSMfuLrW1vX8oXxJNvs3O9Bh57EjLkXDTT-ncRHXwZBYeGUPyAU5d2RbYQtMNvEQoEuKK1z1Z6A2iKCaZwhbnPiFTywQQbiUXSR8F7Q62i_2A_tth4FeWBu0NxRwP9JkRoVexxokru8m3dp7zSWT0FCfpJJsorglZt2k4Z36TVbnb-c0jPSXLSgyTcBMP5a8BJPKdS0oi-37Z2-P5dGXdNKWXLxUPCzjGBbLZFfnvbdnPrQkDm5yCETM51kAQOIDW92rbpzvSRvpTAE4CQ9wSJQsEe65enUgY1Idyb7ZB-C5AfW9HmnE7JnjbMJB0URrUiXzD1kd6dF4Pcm79ZYHAPLk4xZ7D7WruMnWhDE10FN9r6FJ2r3OiEDWHTsWHRQ1Ckdj0MHIIYYxxFIatAMuVV0pksMV30sRL3RSQupB0dGwdOzEOiXTA_1n9b7uUOVyuwzccsmgaoSXgKS_xTXaPZnmNxwJcqiKMJvsVfo4ZZ8qO_QP8w8EwuShMv0yXLyw8GV4VtUqUP9nrG54LYaaoDQqJW2r90Gds4LJv27VB6GTiBqoib3IEyb_-Zes4Zqe7W0mhk1WEO6hTXXS0T95YFvt4cBfCC22cuj3JlMT-bhcOmaE4vEO8aZVvoY5N5AlRXVid2q-TWiQcru1pWS-Y-kI61GtQ99bmM60AF5WTFXz0&cid=CAQSOwBpAlJW4wv-dUkyNT8YymQtvhoxIB78cHBUs7QVA72eZShb3nxUVWDQV4o0bLKUUqUy3sfThfaRggrcGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=5254536827591250000&adk=4188270525&idt=139&cac=0&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2166f0d302a1be49c618dbd4a9a7cfa47b7967f4bf9c4947d88419b89c98314d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:22:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
329
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11541
x-xss-protection
0
server
cafe
etag
12315695366903653922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Aug 2023 07:22:38 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E67B 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 19:58:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
41351
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Aug 2024 19:58:56 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 9F78 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
Origin
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 20:24:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 20:24:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230807/r20110914/elements/html/ Frame 9F78 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230807/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXw4Yvd-iMzIFoF5FrMxc0Oph3JwzX-AkzuPQS0YDUdpO-uRweMXM5ZiQiZbPg0c95tKeyFmQG_6_GARQtp1zP7U5vShu8BDLO8UBHXi7yf9PlhqvQErfk5AiFaAsZ4mpVmeXWJowDkdWEDOMbKcbcbo_jUUpV7hSb5HuDAdjh3YZ1hVo&dbm_d=AKAmf-B-x1WmRilM2aA9wocOvJv-nGAVC9Huvy2f2e1k6-m2E0jJIrSVWuOMb6XAlN0Reh1ayg7b5RHaTw1lt9wrtCOOZU8O638LSbZebQDfXIwtj8MJRiuLaN1kX8Vg0OMOb2Rz4tbEDL5UVc9yabXQOpF2edpB0IB8Xg_VCsOrqISpXa3zgMFB-wjYSJgpWwWYa8otSaWQUOubJWeCEWMKkL0oD_jIG6POK5sq-5EG9e7g-Bc3kQHcykg-2NWF0hCPwzvHPvXEju1ZeCDSVtTJmuIHgKPJRl49J5hGVN_CFu20ecx64U6ImvncUz5fhJp9vk-Uy2rLdvHaU6Y8k3pmNRciPXXkBTZ5ohCkzgj8vKSVsNdveCc2qPseW-Y0Ogtm2lXMTxu0kcVsWSHSb9jKaB29tfuigbs7mtdB7otzKiMSBSPH8hzjpG5olrv_BqavKrvvkFScDtgaQJYbi2E6Xz0U_XaPh5s8ZJALumvFXwbKQUyCYsjLOFSicetjtycR2n9U2lPsThSRxaP48DR6wsOpIw_jdq-gIglSyBfSM7ga9L0SsZ9KO_ETympYShR6C0DXZFBUplURUqf1DcNjREjh7vLlDqY-mL9nDoWJbh_LSHNf-5bnRSzyU-iSIauIDTwPJnO4_yjW5BExs-F719BbrKpGHxuipG2R-r5Ns6prsfLMYJt376paRNIj0lWaXk0IXZNmMphFq8i548ySg87wtiiVV2QQgwqTf-393I6HlwlrUslYC5NwlMrtMvAVHNvJ5L8JrBVO3uLEQoDYPljvy5zzWAFSM5S3IOWMTqI3jeBN_jlJXeFoLovxspYA_Oe9BF9mbDMVpRhJRHixi_Gilz9xD6b9rEFySF56h0gsP12W7AiDw8MqGTVkt_Zcm6PxFfhj6LU2VvDu2bObR6u19ZROsPCFb37ff22DNC3AjxbMkc6RUsDsUV9sLT2XDvELBgW6wivdOaTiVGALurmwaXzqKlL_PLDjmn9ZFwTFOdBlJqS6gDyLE4m9wuxNY-LbcfXGqNC-GFpbzHr0h7TT9NwmmjYRWUWIlbX_jtM8zUU_4zQOPTaK6UB9iAOsbR0XWhhD4qiKTL2uj44-_V5F7-wCNRzH25nGzVdJi52WJCDG789Ex95SkYHBIqzpU25H5zrtO41eYqgLa2_mChuaQykMBPb_b9Hb950G0Z0Qna0HUjjyWUcX39nVAsHQQuM7eIEfSD7GO_-A6kkGHoRSE9GKzWTVlqkk3ZBIJEj5bGS_jcr2Jocu8XxTVp_AtKMyO3kdW7toyrtXnCWLQK48EoATxtTuUEN40bpm5hiCbQyZ48VhoVEq-fwJI9wrdTei_ZZaHTbBIxUYb1Us9FOL74eR6Kf-kQleeh-i1XDH4JWMWD3X9WxHdwvKK8ent_I45BBx_GXrN5wRJMEKxpBHh52oq5ffggfSqBvpl_kYIJQ1Jx-4Y4q8lSjgRvBG_Nc16RYk_LfCmePoJbgYn5ibdpYilU8x-xnK2Alrv97gmR4IqI-RUm-XAvzK6VQyqXKoJcFqlHQviQCjnjvVewby-eeqg6CbBZw-igR-bU1eg-kS3tSWDaNm1VoLEBIz4H20k8aYIBGwKPyF7j6iPgrQd6UMe9dP5O0iBozakbhx_st1tIg8e6xMDaDe9TQwdTZnIf8J-KVqellFZP3648B9auWZpBEnHpCNonSsfJfZV2gc423I3INtJNF19nXdEQlXcNaI2-9aFD_aT3wioJ0lk4nBllsFjEGD5t5kae1Q5ILq7EXar4IqCMzt8Hn6pahXHu0tqjSZuVU-zI_g9wA5jfB-jfBuPt4cvCbPcvRsq_2RKzruJRfv66aKQEYqwy4ofFYCB7kPIMXBZUUpQkoDOkV9lD3ldOVNvZoU9VSqZdp9DqFPXoKVGuWeJyKEbzxX0rXG8DtyYCqj2mWUNWdVFs9Ge8cFtB9pcJRV-DYA9YBA48SgWB3_4LMjRaffKq0V7rvEYaXzNORRhjdqYjjTg2voQ3ZI2ddEqobAOY2WuOUgfrO8Pu3XvTLk7Wpw7I1js6BMSGs1EfV9b_gSuyqJYZtXaZmP_-zQ1Opiz7dQ0Z8fABEASarcjDizl7ENKyEWenrpIbu3ftcoo6f28p7UpywVoHLcJsE7fejj7S9TF1HQExqn8sJ8PKoidsX2_wGB4nIy4Y2iwBg-mff3tNuPW6YslQp0xflN085RWZqjxnBImkudftj9ZXz4fzDjZKbQqbEUkml83EACx3mYrn9Oi1BJ0dWdVtpSfuMh5m_4BygPz9d-8u85E0DqSnBmTBhsEeJqyzCLsunIgrWw61CQ_SVHO4tazaIpG7vLXgPXN6NAM9vlJRLjsbakfCHnYb8hAQKcjWY1WR74zCZ0EOTJLAnoCr-W9DsXNHeDnaquadsjYCDsuPjTnvldBM0N2rP9QQCykY5FTvQBP6DeG55XbwBKdTCQv9LDYgy6lxGVv4QOBZRavHmjDPD5cgwgxx6qhJ6w3cHhFOHUAxutnoM1AZI05lL6ZPYkTJIMd5IV28or5TvnCz27KfS6HPLhbbiwcuCYWUT0Aw3Y1gpq-1CrKyPQx1LtidSbVb5bKugRl9RcyL4Pi7fRUvpt8gIMDv7wsn17Oo4G0ZdbpKjOK9DW7jzPKEKSV8x6TfdwN5Ud_KRjS_CXpSMZFEDNP07rJ3K8BQR7cX0boYdueRmA0nJPL1NoWt99l3mnGOJdz99xbgHigteMql2yYxOWNXZ2vnJn9O3OQ3pBBtJVuZ9dgGYnmJunyqvAnPyI8W3H7LxKahuvYGFf68fWV3pnOfPQh2V6j5HS9F1X11dQd5sG8PI8cB8jKxsQzxgHFBDQerP3SJcW_2tgZ40Nn1RZkok4WagCC7cL0CaphGmeo7vV4nmwcZ1YGAMeg1IOi3O2c2vV2fxSX5kg1d0-qCE62YxnIUXrX0Vd3GGoyhC5hmgPLr-f8NHNU6JP82HOFPeamJjFOeyiz1zQErFrk1PRWeAW96sHj413mCxpHkubgnhm50w192Gx2hPdVoRdjPv7aYPyJ7yjheFIzHr1M0noihX2dck-pPxMoYKZyT7SQylA3IM8Ro3uJrGPg0BIvzv8rNH2FgnWTMje8WpoXDHJniZcjrLCvm6y9AgiTXWMOY1aWmIxq2Ww8GBudViHV_pxSKazPxYruePxxlNI7nI7fXs6PBsY_UcRI-3f_xui3qALboPXqVnLXYchez_ILgxLPE5LiKahEPhcsH-PaPcQbTVioGQUfGHXw4KkovXteunaREJ-osBiEDkiCw3yugPK8bsVaSjb1zIMarlwswC0p9qvZ6YAkei5JMUT3cQYyuP_cMQ_MuQPnlcvyQecu54YkMYYry0S8GWCC3aub8k4Om7qx0I7UCYjiPmtDG4upv_zd4SHg-whbrriOwVXfOiZg02YkJnjfc2SlyS6lXgDS9VLaS9uW_fTaes-T-mAggrfJgVCoNkLftRpuDN-xRpKXe4xDVM1kmCmkXvueEn0Mju-09b1x1kYfRq0Amg6T-whxNoTWpfagAV3435EAaOwiUu5aDWs21_bySjTpx4uiBtO6l4TluOMi5_l3YZ4h8G9B4l3nnznKFtv2MkTsLgtq2Wku6NZMnW1uuZSrCsIF_-gu96WnGon3yDJ1yPfxmaJcTn7XJzF9E8eu5H364vJ1bTAxXZ00o3uIRZiqGepOJ-2QL6t0wbphx8M-hVrS5Ov0usz7NCjKvNsPcUz-dv4TQnmNt2aOCU&cid=CAQSOwBpAlJW4wv-dUkyNT8YymQtvhoxIB78cHBUs7QVA72eZShb3nxUVWDQV4o0bLKUUqUy3sfThfaRggrcGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=11443601781309094000&adk=3037181500&idt=132&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:22:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
329
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4172
x-xss-protection
0
server
cafe
etag
16731591232229431525
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Aug 2023 07:22:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230807/r20110914/ Frame 9F78 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230807/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXw4Yvd-iMzIFoF5FrMxc0Oph3JwzX-AkzuPQS0YDUdpO-uRweMXM5ZiQiZbPg0c95tKeyFmQG_6_GARQtp1zP7U5vShu8BDLO8UBHXi7yf9PlhqvQErfk5AiFaAsZ4mpVmeXWJowDkdWEDOMbKcbcbo_jUUpV7hSb5HuDAdjh3YZ1hVo&dbm_d=AKAmf-B-x1WmRilM2aA9wocOvJv-nGAVC9Huvy2f2e1k6-m2E0jJIrSVWuOMb6XAlN0Reh1ayg7b5RHaTw1lt9wrtCOOZU8O638LSbZebQDfXIwtj8MJRiuLaN1kX8Vg0OMOb2Rz4tbEDL5UVc9yabXQOpF2edpB0IB8Xg_VCsOrqISpXa3zgMFB-wjYSJgpWwWYa8otSaWQUOubJWeCEWMKkL0oD_jIG6POK5sq-5EG9e7g-Bc3kQHcykg-2NWF0hCPwzvHPvXEju1ZeCDSVtTJmuIHgKPJRl49J5hGVN_CFu20ecx64U6ImvncUz5fhJp9vk-Uy2rLdvHaU6Y8k3pmNRciPXXkBTZ5ohCkzgj8vKSVsNdveCc2qPseW-Y0Ogtm2lXMTxu0kcVsWSHSb9jKaB29tfuigbs7mtdB7otzKiMSBSPH8hzjpG5olrv_BqavKrvvkFScDtgaQJYbi2E6Xz0U_XaPh5s8ZJALumvFXwbKQUyCYsjLOFSicetjtycR2n9U2lPsThSRxaP48DR6wsOpIw_jdq-gIglSyBfSM7ga9L0SsZ9KO_ETympYShR6C0DXZFBUplURUqf1DcNjREjh7vLlDqY-mL9nDoWJbh_LSHNf-5bnRSzyU-iSIauIDTwPJnO4_yjW5BExs-F719BbrKpGHxuipG2R-r5Ns6prsfLMYJt376paRNIj0lWaXk0IXZNmMphFq8i548ySg87wtiiVV2QQgwqTf-393I6HlwlrUslYC5NwlMrtMvAVHNvJ5L8JrBVO3uLEQoDYPljvy5zzWAFSM5S3IOWMTqI3jeBN_jlJXeFoLovxspYA_Oe9BF9mbDMVpRhJRHixi_Gilz9xD6b9rEFySF56h0gsP12W7AiDw8MqGTVkt_Zcm6PxFfhj6LU2VvDu2bObR6u19ZROsPCFb37ff22DNC3AjxbMkc6RUsDsUV9sLT2XDvELBgW6wivdOaTiVGALurmwaXzqKlL_PLDjmn9ZFwTFOdBlJqS6gDyLE4m9wuxNY-LbcfXGqNC-GFpbzHr0h7TT9NwmmjYRWUWIlbX_jtM8zUU_4zQOPTaK6UB9iAOsbR0XWhhD4qiKTL2uj44-_V5F7-wCNRzH25nGzVdJi52WJCDG789Ex95SkYHBIqzpU25H5zrtO41eYqgLa2_mChuaQykMBPb_b9Hb950G0Z0Qna0HUjjyWUcX39nVAsHQQuM7eIEfSD7GO_-A6kkGHoRSE9GKzWTVlqkk3ZBIJEj5bGS_jcr2Jocu8XxTVp_AtKMyO3kdW7toyrtXnCWLQK48EoATxtTuUEN40bpm5hiCbQyZ48VhoVEq-fwJI9wrdTei_ZZaHTbBIxUYb1Us9FOL74eR6Kf-kQleeh-i1XDH4JWMWD3X9WxHdwvKK8ent_I45BBx_GXrN5wRJMEKxpBHh52oq5ffggfSqBvpl_kYIJQ1Jx-4Y4q8lSjgRvBG_Nc16RYk_LfCmePoJbgYn5ibdpYilU8x-xnK2Alrv97gmR4IqI-RUm-XAvzK6VQyqXKoJcFqlHQviQCjnjvVewby-eeqg6CbBZw-igR-bU1eg-kS3tSWDaNm1VoLEBIz4H20k8aYIBGwKPyF7j6iPgrQd6UMe9dP5O0iBozakbhx_st1tIg8e6xMDaDe9TQwdTZnIf8J-KVqellFZP3648B9auWZpBEnHpCNonSsfJfZV2gc423I3INtJNF19nXdEQlXcNaI2-9aFD_aT3wioJ0lk4nBllsFjEGD5t5kae1Q5ILq7EXar4IqCMzt8Hn6pahXHu0tqjSZuVU-zI_g9wA5jfB-jfBuPt4cvCbPcvRsq_2RKzruJRfv66aKQEYqwy4ofFYCB7kPIMXBZUUpQkoDOkV9lD3ldOVNvZoU9VSqZdp9DqFPXoKVGuWeJyKEbzxX0rXG8DtyYCqj2mWUNWdVFs9Ge8cFtB9pcJRV-DYA9YBA48SgWB3_4LMjRaffKq0V7rvEYaXzNORRhjdqYjjTg2voQ3ZI2ddEqobAOY2WuOUgfrO8Pu3XvTLk7Wpw7I1js6BMSGs1EfV9b_gSuyqJYZtXaZmP_-zQ1Opiz7dQ0Z8fABEASarcjDizl7ENKyEWenrpIbu3ftcoo6f28p7UpywVoHLcJsE7fejj7S9TF1HQExqn8sJ8PKoidsX2_wGB4nIy4Y2iwBg-mff3tNuPW6YslQp0xflN085RWZqjxnBImkudftj9ZXz4fzDjZKbQqbEUkml83EACx3mYrn9Oi1BJ0dWdVtpSfuMh5m_4BygPz9d-8u85E0DqSnBmTBhsEeJqyzCLsunIgrWw61CQ_SVHO4tazaIpG7vLXgPXN6NAM9vlJRLjsbakfCHnYb8hAQKcjWY1WR74zCZ0EOTJLAnoCr-W9DsXNHeDnaquadsjYCDsuPjTnvldBM0N2rP9QQCykY5FTvQBP6DeG55XbwBKdTCQv9LDYgy6lxGVv4QOBZRavHmjDPD5cgwgxx6qhJ6w3cHhFOHUAxutnoM1AZI05lL6ZPYkTJIMd5IV28or5TvnCz27KfS6HPLhbbiwcuCYWUT0Aw3Y1gpq-1CrKyPQx1LtidSbVb5bKugRl9RcyL4Pi7fRUvpt8gIMDv7wsn17Oo4G0ZdbpKjOK9DW7jzPKEKSV8x6TfdwN5Ud_KRjS_CXpSMZFEDNP07rJ3K8BQR7cX0boYdueRmA0nJPL1NoWt99l3mnGOJdz99xbgHigteMql2yYxOWNXZ2vnJn9O3OQ3pBBtJVuZ9dgGYnmJunyqvAnPyI8W3H7LxKahuvYGFf68fWV3pnOfPQh2V6j5HS9F1X11dQd5sG8PI8cB8jKxsQzxgHFBDQerP3SJcW_2tgZ40Nn1RZkok4WagCC7cL0CaphGmeo7vV4nmwcZ1YGAMeg1IOi3O2c2vV2fxSX5kg1d0-qCE62YxnIUXrX0Vd3GGoyhC5hmgPLr-f8NHNU6JP82HOFPeamJjFOeyiz1zQErFrk1PRWeAW96sHj413mCxpHkubgnhm50w192Gx2hPdVoRdjPv7aYPyJ7yjheFIzHr1M0noihX2dck-pPxMoYKZyT7SQylA3IM8Ro3uJrGPg0BIvzv8rNH2FgnWTMje8WpoXDHJniZcjrLCvm6y9AgiTXWMOY1aWmIxq2Ww8GBudViHV_pxSKazPxYruePxxlNI7nI7fXs6PBsY_UcRI-3f_xui3qALboPXqVnLXYchez_ILgxLPE5LiKahEPhcsH-PaPcQbTVioGQUfGHXw4KkovXteunaREJ-osBiEDkiCw3yugPK8bsVaSjb1zIMarlwswC0p9qvZ6YAkei5JMUT3cQYyuP_cMQ_MuQPnlcvyQecu54YkMYYry0S8GWCC3aub8k4Om7qx0I7UCYjiPmtDG4upv_zd4SHg-whbrriOwVXfOiZg02YkJnjfc2SlyS6lXgDS9VLaS9uW_fTaes-T-mAggrfJgVCoNkLftRpuDN-xRpKXe4xDVM1kmCmkXvueEn0Mju-09b1x1kYfRq0Amg6T-whxNoTWpfagAV3435EAaOwiUu5aDWs21_bySjTpx4uiBtO6l4TluOMi5_l3YZ4h8G9B4l3nnznKFtv2MkTsLgtq2Wku6NZMnW1uuZSrCsIF_-gu96WnGon3yDJ1yPfxmaJcTn7XJzF9E8eu5H364vJ1bTAxXZ00o3uIRZiqGepOJ-2QL6t0wbphx8M-hVrS5Ov0usz7NCjKvNsPcUz-dv4TQnmNt2aOCU&cid=CAQSOwBpAlJW4wv-dUkyNT8YymQtvhoxIB78cHBUs7QVA72eZShb3nxUVWDQV4o0bLKUUqUy3sfThfaRggrcGAE&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=11443601781309094000&adk=3037181500&idt=132&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2166f0d302a1be49c618dbd4a9a7cfa47b7967f4bf9c4947d88419b89c98314d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:22:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
329
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11541
x-xss-protection
0
server
cafe
etag
12315695366903653922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Aug 2023 07:22:38 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9F78 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 19:58:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
41351
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Aug 2024 19:58:56 GMT
b00145e37111036359b3243ac977066d.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b00145e37111036359b3243ac977066d.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
71c4d9ef909347271ace65e106b6720cae96b1fd9f87295aecd0b2f95c71ee52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b00145e37111036359b3243ac977066d.jpeg
age
2759155
edge-cache-tag
375739205156899421965348759258796010587,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
375739205156899421965348759258796010587,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
27
expiration
expiry-date="Sun, 16 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.express.de/
content-length
5152
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kiad7000126-IAD, cache-iad-kcgs7200100-IAD, cache-sna10732-LGB, cache-iad-kjyo7100052-IAD, cache-fra-eddf8230031-FRA
last-modified
Thu, 15 Jun 2023 14:47:46 GMT
server
nginx
x-timer
S1691566087.322392,VS0,VE0
etag
"a9c732b24b683c1ee716e2149b2f4499"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 8, 2
8a9a45d40e90e5b00dc11bbf457baaad.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8a9a45d40e90e5b00dc11bbf457baaad.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d2e9b079455d3cc77e87ff547c3cc44e669cf119fcfa592fbbdcc9f66755647

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8a9a45d40e90e5b00dc11bbf457baaad.jpg
age
82235
edge-cache-tag
607810227536928652576830777486410801415,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
607810227536928652576830777486410801415,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
151
expiration
expiry-date="Sat, 26 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.kicker.de/
content-length
17376
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200025-IAD, cache-iad-kcgs7200044-IAD, cache-sna10725-LGB, cache-iad-kcgs7200045-IAD, cache-fra-eddf8230031-FRA
last-modified
Wed, 26 Jul 2023 09:32:32 GMT
server
nginx
x-timer
S1691566087.322382,VS0,VE0
etag
"183ecbd68c5772bdfb5019c5ca6688c9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 2
2470473fac3e011d3ce134d8489a1b40.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2470473fac3e011d3ce134d8489a1b40.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
980fb247e3df9d66d0e89256968fc4bb10493ab76e1fdefa5dbc17b4a8ac8d8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2470473fac3e011d3ce134d8489a1b40.jpg
age
1842405
edge-cache-tag
383892453604268754969055555466744032087,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
383892453604268754969055555466744032087,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
162
expiration
expiry-date="Fri, 28 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.prisma.de/
content-length
16042
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200160-IAD, cache-iad-kiad7000162-IAD, cache-sna10750-LGB, cache-iad-kiad7000082-IAD, cache-fra-eddf8230031-FRA
last-modified
Tue, 27 Jun 2023 17:49:25 GMT
server
nginx
x-timer
S1691566087.322360,VS0,VE0
etag
"620663598dd3ee9900a3a974b5cc04aa"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 95, 2
b2d8afd866dfe68927c57f5396263447.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b2d8afd866dfe68927c57f5396263447.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
95b2b72057838839e1aa6076b0148fd3d5f5d6ae2a1674d86f20add73d42b473

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b2d8afd866dfe68927c57f5396263447.jpg
age
2062128
edge-cache-tag
620570126640732156417701910443845224029,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
620570126640732156417701910443845224029,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
273
expiration
expiry-date="Fri, 04 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.t-online.de/
content-length
23694
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200090-IAD, cache-iad-kcgs7200131-IAD, cache-sna10732-LGB, cache-iad-kiad7000101-IAD, cache-fra-eddf8230031-FRA
last-modified
Tue, 04 Jul 2023 18:03:10 GMT
server
nginx
x-timer
S1691566087.322654,VS0,VE0
etag
"8322858627ae6393dbe89bbe09c44bd7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 52, 14
19d63e23e4ebb74d2891284564dde65b.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1199%2Cx_1%2Cy_1/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1199%2Cx_1%2Cy_1/http%3A//cdn.taboola.com/libtrc/static/thumbnails/19d63e23e4ebb74d2891284564dde65b.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fc46eeb8b55aba05649dcc7a20796c0328779574a79d9a8b76109e2da731a6e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1199%2Cx_1%2Cy_1/http%3A//cdn.taboola.com/libtrc/static/thumbnails/19d63e23e4ebb74d2891284564dde65b.jpg
age
1635124
edge-cache-tag
403122511503905884678083460168168797456,371733057242284756278634090837918359735,29ecf9b93bbf306179626feeda1fab70
cache-tag
403122511503905884678083460168168797456,371733057242284756278634090837918359735,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
186
req-referer
https://www.abendblatt.de/
content-length
23994
x-request-id
9d27c7a11a410933b849e812d316f395
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200075-IAD, cache-iad-kiad7000173-IAD, cache-lga21972-LGA, cache-iad-kjyo7100086-IAD, cache-fra-eddf8230031-FRA
last-modified
Fri, 21 Jul 2023 09:14:23 GMT
server
nginx
x-timer
S1691566087.322668,VS0,VE0
etag
"954f1def6cac9aee00e307ff2eea9800"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 544, 33
35d0099ff8e5a1193b6c344f2007b9b0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/35d0099ff8e5a1193b6c344f2007b9b0.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d3552de02fad4be8ece1d4c2f100d4c8687f1157300b4047b7928be6adfd128c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/35d0099ff8e5a1193b6c344f2007b9b0.jpg
age
467010
edge-cache-tag
449058003792268883803640419821967409574,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
449058003792268883803640419821967409574,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
313
expiration
expiry-date="Fri, 04 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.rundschau-online.de/
content-length
13180
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100138-IAD, cache-iad-kcgs7200132-IAD, cache-chi-klot8100093-CHI, cache-iad-kjyo7100138-IAD, cache-fra-eddf8230031-FRA
last-modified
Tue, 04 Jul 2023 14:16:52 GMT
server
nginx
x-timer
S1691566087.323490,VS0,VE0
etag
"b1d5a5e711721c5354dfb4064486e261"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 2
3d3f3e4cff6e1843b92ca22dea3b7d0e.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3d3f3e4cff6e1843b92ca22dea3b7d0e.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8dd14b3f60621618e18709f8d47532ac4c83311097d88561ef5b242cf78de558

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3d3f3e4cff6e1843b92ca22dea3b7d0e.jpeg
age
677337
edge-cache-tag
522928341999507559559524046100286788551,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
522928341999507559559524046100286788551,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
116
req-referer
https://www.express.de/
content-length
7344
x-request-id
ea07b3c37dba2861deb35aa93923e588
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000108-IAD, cache-iad-kjyo7100054-IAD, cache-lga21939-LGA, cache-iad-kjyo7100068-IAD, cache-fra-eddf8230031-FRA
last-modified
Mon, 17 Jul 2023 20:43:31 GMT
server
nginx
x-timer
S1691566087.335563,VS0,VE0
etag
"51299fb08dd574d4b782493d3a706861"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 8, 2
0559d9ac6a1396b4ef845473fa6a5440.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0559d9ac6a1396b4ef845473fa6a5440.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e69daead9d04dff3a117980abf7d01a648b0aa8dd2037a665b423378b825cf4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0559d9ac6a1396b4ef845473fa6a5440.jpg
age
3532218
edge-cache-tag
363510102843348109360291068114654080016,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
363510102843348109360291068114654080016,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
71
expiration
expiry-date="Tue, 18 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.fanpage.it/
content-length
18826
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kjyo7100102-IAD, cache-iad-kiad7000073-IAD, cache-sna10735-LGB, cache-iad-kiad7000175-IAD, cache-fra-eddf8230031-FRA
last-modified
Sat, 17 Jun 2023 03:44:43 GMT
server
nginx
x-timer
S1691566087.335696,VS0,VE0
etag
"2f3e425244e7249185a7f6529bc0f202"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 63, 3
6f53a38d25f0ea772db614fb941519e4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f53a38d25f0ea772db614fb941519e4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0e8aa811daa28726aae1d0b53e7a0dcf2741ceb82b27aa9da66a946c38771a9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6f53a38d25f0ea772db614fb941519e4.jpg
age
1986708
edge-cache-tag
379226829563982640636830187610323967922,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
379226829563982640636830187610323967922,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
241
expiration
expiry-date="Thu, 03 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://dziendobry.tvn.pl/gwiazdy/daniel-tracz-z-tytulem-mistera-polski-2023-finalista-top-model-bardzo-sie-zmienil-st7224115
content-length
25774
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200103-IAD, cache-iad-kiad7000096-IAD, cache-sna10735-LGB, cache-iad-kcgs7200173-IAD, cache-fra-eddf8230031-FRA
last-modified
Mon, 03 Jul 2023 06:45:07 GMT
server
nginx
x-timer
S1691566087.335732,VS0,VE0
etag
"7621b36bc86cdd3466469c5a540df4c5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 549, 17
csi
csi.gstatic.com/ Frame CED8 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ll3eru0u&c=492509556749&slotId=246254778374.5&ghmsh_eids=44752711%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&vmfc=11&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::78 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CED8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=852790917&message=vl&sdkv=h.3.584.2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame CED8 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~ll3erueh&c=492509556749&slotId=246254778374.5&qqid=CKmYw92Gz4ADFfad_QcdllgOkA&fb=ima_html5-lima&sdkv=h.3.584.2&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=1&itv=1&faa=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::78 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CED8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=852790917&message=omo&sdkv=h.3.584.2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame CED8 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cp7wmBkDTZKn9FPa79u8PlrG5gAnNpMWSb7-p1aSbEP_1kOPXAhABIJmjzypglaKggrAHoAHIx7XyAsgBBagDAcgDE5gEAKoEhAJP0BPAxUR7Elu-UVfChGteuJiTQXElalsWoGm4e3TDt45IBGTGRrE9WHEMLS7LSEa9ytmNi2kFjgfVtWLFaK2tdERD4VIpgsavs4IxJUXyWe0OOvDp-nxreqZITknX07NUYZHDqBvHSz_jalIky3E0QSoOU8PBDLWLFjdnQNaArUhi5QQbnIGZ3qzozXmv00O0P7Qyy72ie1lHHXlfgqpcwy6HPAENe1--DT0cAFb1aULpZDH6jKXCLJNAx_f0dd07ubEX0dNqagRK9qALOrpxmEDjCpXyYcWc9P6e9-XvGsScUx3699780GFag44_1YR8o-6iJKq7v0RzcRrunzgKpXEOzcAEvsHTyI0E4AQDkAYBoAZOgAeguMqNAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwIKgYKBMOwsQKwE6Ks2RHQEwDYEw2IFAfYFAHQFQH4FgGAFwE&sigh=KMYZ_nYXN2s&label=vmap_ad_break_start&sdkv=h.3.584.2&vci=[CREATIVE_PLAYBACK]
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3574842-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/7/4/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/7/4/3574842-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7584dc326b41d82e6405ac586d876eceecdc03b2104f8d6da86b6934a032bff2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/7/4/3574842-46.jpg
age
676359
edge-cache-tag
474679008167567155527258763686682601756,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
474679008167567155527258763686682601756,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
601
expiration
expiry-date="Wed, 23 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.walla.co.il/
content-length
8260
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100046-IAD, cache-iad-kcgs7200127-IAD, cache-sna10750-LGB, cache-iad-kiad7000149-IAD, cache-fra-eddf8230031-FRA
last-modified
Sun, 23 Jul 2023 08:14:06 GMT
server
nginx
x-timer
S1691566087.351133,VS0,VE0
etag
"3df9d2581972795383baac4a5af1e70d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 3, 2
3575479-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/7/5/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/7/5/3575479-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cd29d027ae5ba8fc1c71cade9bcd02ed1725b0f239e138caf8d178bd026dd617

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/7/5/3575479-46.jpg
age
242322
edge-cache-tag
295497770845036907906711360258504941534,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
295497770845036907906711360258504941534,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
300
expiration
expiry-date="Thu, 24 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.walla.co.il/
content-length
11298
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200154-IAD, cache-iad-kcgs7200084-IAD, cache-lax10623-LGB, cache-iad-kiad7000112-IAD, cache-fra-eddf8230031-FRA
last-modified
Mon, 24 Jul 2023 07:30:20 GMT
server
nginx
x-timer
S1691566087.351273,VS0,VE0
etag
"242288325cd20864da88ad8808fd46e0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 3, 2
4c5b675e7da832b242e4c586edf6b477
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4c5b675e7da832b242e4c586edf6b477
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9451117a26e3db7297a740e287d3b0c20edddb8c55209679f4e6430f9debee3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4c5b675e7da832b242e4c586edf6b477
age
1825109
edge-cache-tag
561223591569588968466142658564453976844,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
561223591569588968466142658564453976844,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
74
expiration
expiry-date="Thu, 10 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.perthnow.com.au/
content-length
3322
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200027-IAD, cache-iad-kcgs7200145-IAD, cache-chi-klot8100166-CHI, cache-iad-kcgs7200114-IAD, cache-fra-eddf8230031-FRA
last-modified
Mon, 10 Jul 2023 22:10:50 GMT
server
nginx
x-timer
S1691566087.351276,VS0,VE0
etag
"da28cfd2186a69c9ccb02118aa61dffb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 2, 2
gen_204
pagead2.googlesyndication.com/pagead/ Frame CED8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=852790917&message=oms&sdkv=h.3.584.2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame CED8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cp7wmBkDTZKn9FPa79u8PlrG5gAnNpMWSb7-p1aSbEP_1kOPXAhABIJmjzypglaKggrAHoAHIx7XyAsgBBagDAcgDE5gEAKoEhAJP0BPAxUR7Elu-UVfChGteuJiTQXElalsWoGm4e3TDt45IBGTGRrE9WHEMLS7LSEa9ytmNi2kFjgfVtWLFaK2tdERD4VIpgsavs4IxJUXyWe0OOvDp-nxreqZITknX07NUYZHDqBvHSz_jalIky3E0QSoOU8PBDLWLFjdnQNaArUhi5QQbnIGZ3qzozXmv00O0P7Qyy72ie1lHHXlfgqpcwy6HPAENe1--DT0cAFb1aULpZDH6jKXCLJNAx_f0dd07ubEX0dNqagRK9qALOrpxmEDjCpXyYcWc9P6e9-XvGsScUx3699780GFag44_1YR8o-6iJKq7v0RzcRrunzgKpXEOzcAEvsHTyI0E4AQDkAYBoAZOgAeguMqNAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwIKgYKBMOwsQKwE6Ks2RHQEwDYEw2IFAfYFAHQFQH4FgGAFwE&sigh=KMYZ_nYXN2s&label=show_ad&sdkv=h.3.584.2&vci=CiEIAhoLQWRTZW5zZS9BZFggAyoMNjE1OTE5ODM5MDIyQAAKbQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSADKgk1MzQ5NzU1NjMyCTE3NTk0Mjg2N0C4AVIyCOAGEA8lAADwQSgBOgd1bmtub3duQgd1bmtub3duUABaEFY1ejM3TExQanRnT0w3NTAYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame CED8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CSQsrBkDTZKn9FPa79u8PlrG5gAnNpMWSb7-p1aSbEP_1kOPXAhABIJmjzypglaKggrAHoAHIx7XyAsgBBagDAZgEAKoEgQJP0BPAxUR7Elu-UVfChGteuJiTQXElalsWoGm4e3TDt45IBGTGRrE9WHEMLS7LSEa9ytmNi2kFjgfVtWLFaK2tdERD4VIpgsavs4IxJUXyWe0OOvDp-nxreqZITknX07NUYZHDqBvHSz_jalIky3E0QSoOU8PBDLWLFjdnQNaArUhi5QQbnIGZ3qzozXmv00O0P7Qyy72ie1lHHXlfgqpcwy6HPAENe1--DT0cAFb1aULpZDH6jKXCLJNAx_f0dd1juAN92fmKWJb5akJih1gBG8KMuhfBg2jJFXuD1-9TEO2E-49gmG5cF0h0m3r4YNGdLE-ICLIKFr4azA0pY26TCMAEvsHTyI0E4AQDiAWKuaihQ5IFBggDEAIYAZIFBggbEAEYAZIFCggiEAMYA0iTlnaSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB6C4yo0BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQsMcrGNCyidEB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAaIMCCoGCgTDsLECsBOirNkRyBOSyKoJ0BMA2BMNiBQH2BQB0BUBgBcBshceChwIABIUcHViLTc2Mjc2NTAwODY4OTU1OTAY8eYT&sigh=0AtDV-l0xh4&cmd=Ch1jYS12aWRlby1wdWItNDQ5MTY1OTQ5NjM3MjE3MhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&ase=2&cid=CAQSPABpAlJWA8RYSB-E9H8GP8x_OJ-9HfNkehlzGbY8ialJYCmmJnAB9CJL6hSQATAjU0P5m-AV75FN-LpbWRgB&vt=10&sdkv=h.3.584.2&vci=CiEIAhoLQWRTZW5zZS9BZFggAyoMNjE1OTE5ODM5MDIyQAAKbQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSADKgk1MzQ5NzU1NjMyCTE3NTk0Mjg2N0C4AVIyCOAGEA8lAADwQSgBOgd1bmtub3duQgd1bmtub3duUABaEFY1ejM3TExQanRnT0w3NTAYAQ..
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
11214a786566d11f10c543b3b198e43a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11214a786566d11f10c543b3b198e43a.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
7130e37a873c8234a49f75f3f2074e07c102821f62f1c980520edb1e69106d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11214a786566d11f10c543b3b198e43a.png
age
1010399
edge-cache-tag
574247125522840752726235563194904744788,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
cache-tag
574247125522840752726235563194904744788,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
fastly-restarts
1
content-length
28541
x-request-id
1035c05e678b32adb10cbebbcadda0f8
x-backend-name
CLOUDINARY-FALLBACK:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by
cache-iad-kiad7000097-IAD, cache-iad-kiad7000097-IAD, cache-fra-eddf8230031-FRA
last-modified
Tue, 25 Jul 2023 10:38:48 GMT
server
cloudinary
x-timer
S1691566087.375390,VS0,VE0
etag
"51d759e62a7372c83c5177ab192a079a"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 2
csi
csi.gstatic.com/ Frame CED8 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~ll3eruen&c=492509556749&slotId=246254778374.5&qqid=CKmYw92Gz4ADFfad_QcdllgOkA&fb=ima_html5-lima&sdkv=h.3.584.2&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=1&itv=1&gpm_i=11&gpm_c=11&gpm_a=10&smb=1000&br=864&mt=video%2Fmp4&vs=640x360&ua_e=1&webm=0&vp9=0&vamt=application%2Fx-mpegurl%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::78 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0699 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
14577
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 03:25:10 GMT
etag
48472445140208031
expires
Thu, 10 Aug 2023 03:25:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E67B 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2ec00450bd38cf132e5dabbb8866bdb0246ab2ced18a8f04ad9a5243a56ab20

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4087 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
14577
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 03:25:10 GMT
etag
48472445140208031
expires
Thu, 10 Aug 2023 03:25:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9F78 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3155ddcb0f5d51f25ed9f8900664a71e016ab370b98dd0af38c15086f0178b47

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame EEFB 		2 KB
899 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 03 Aug 2024 07:28:07 GMT
debug
am-trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/2/debug?tim=07%3A28%3A07.457&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=2313&cv=20230808-7-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13393
supply-feature
am-trc-events.taboola.com/wallail-walla/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=2844eac26e0cdb704f1ae2f1281bfb23&sd=v2_a2f7ac6b742be734c3fdcad6bda8cb3f_7cde3096-5b35-49d9-93c2-328d7116223e-tuctbccc585_1691566085_1691566085_CIi3jgYQk-FcGPatyMmdMSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABog4mFjq2K96socAA&ui=7cde3096-5b35-49d9-93c2-328d7116223e-tuctbccc585&pi=/&wi=2990753527669053458&pt=home&vi=1691566085878&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22114.078125%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=07%3A28%3A07.495&id=5121&llvl=2&cv=20230808-7-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
csi
csi.gstatic.com/ Frame B42A 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ll3ertc3&c=492509556749&slotId=246254778374.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::78 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame C239
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-zsOwwNkV1tCCiEZ7uK5zfD_wv9EzZt7bAmLM1w&google_cm&google_hm=ay16c093d05rVjF0Q0NpRVo3dUs1emZEX3d2OUV6WnQ3Y...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-zsOwwNkV1tCCiEZ7uK5zfD_wv9EzZt7bAmLM1w&google_gid=CAESELjfwB8RcZh5O9krBsKvtuA&google_cver=1&google_ula=913071,0
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-zsOwwNkV1tCCiEZ7uK5zfD_wv9EzZt7bAmLM1w&google_gid=CAESELjfwB8RcZh5O9krBsKvtuA&google_cver=1&google_ula=913071,0
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
774067
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-zsOwwNkV1tCCiEZ7uK5zfD_wv9EzZt7bAmLM1w&google_gid=CAESELjfwB8RcZh5O9krBsKvtuA&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame C239 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-rPkHz9kV1tCCiEZ7uK5zfD_wv9EBZ0_3m45gGg&expires=30
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.76.178.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-76-178-166.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame C239
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5875553252916743791
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5875553252916743791
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1229399
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
an-x-request-uuid
5ef8bcbe-70cd-4b95-8cf2-8eb99385e6b8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5875553252916743791
x-proxy-origin
138.199.38.134; 138.199.38.134; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
secure.adnxs.com/ Frame C239 		43 B
899 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=52&code=k-dFNwmdkV1tCCiEZ7uK5zfD_wv9GWxfa-Dah8Mw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
an-x-request-uuid
a374a956-681f-49a1-99d7-ca224ad552c8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.134; 138.199.38.134; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame C239 		61 B
794 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-Ca67kdkV1tCCiEZ7uK5zfD_wv9FjP4fQ424W7g
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 09 Aug 2023 07:28:08 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Wed, 09 Aug 2023 07:28:08 GMT
tap.php
pixel.rubiconproject.com/ Frame C239 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-xh_vgtkV1tCCiEZ7uK5zfD_wv9HHRZRw_P2o2A&expires=30
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame C239 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-ipFShdkV1tCCiEZ7uK5zfD_wv9HaumLG16Xeow
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.163.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-163-163.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
/
rtb-csync.smartadserver.com/redir/ Frame C239 		43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-k-YhjtkV1tCCiEZ7uK5zfD_wv9E9mZeXbKhK6A
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:06 GMT
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame C239 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-qVm9bdkV1tCCiEZ7uK5zfD_wv9FH86slIXBx5g
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18287
um
criteo-sync.teads.tv/ Frame C239 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-U65yRNkV1tCCiEZ7uK5zfD_wv9Fjoli1cJ6row
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Wed, 09 Aug 2023 07:28:07 GMT
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame C239 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-W_efptkV1tCCiEZ7uK5zfD_wv9GhRjfI4G7aAg&dongle=013b
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame C239 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-DegXlNkV1tCCiEZ7uK5zfD_wv9EXL0q_7QJQug
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame C239 		43 B
162 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-jyEwH9kV1tCCiEZ7uK5zfD_wv9E8kmtD63T2OQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.254 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
last-modified
Fri, 18 Nov 2022 14:39:11 GMT
server
nginx
accept-ranges
bytes
etag
"6377990f-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame C239 		49 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-DMWlxtkV1tCCiEZ7uK5zfD_wv9HTsHCcPgtsQw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
12
content-length
49
expires
0
rum
r.casalemedia.com/ Frame C239 		43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-K2OQyNkV1tCCiEZ7uK5zfD_wv9FupcsEehFTOg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 07:28:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
demconf.jpg
dpm.demdex.net/ Frame C239
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=MhGxaN1UvH59fRAtZCW1bxa3vCwDhA91
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=MhGxaN1UvH59fRAtZCW1bxa3vCwDhA91
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=MhGxaN1UvH59fRAtZCW1bxa3vCwDhA91
Protocol
HTTP/1.1
Server
34.249.203.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-203-210.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-077f06c9c.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
4NBAgpVUQKo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v050-055a0ad1b.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
rRy/H8ExQQ8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=MhGxaN1UvH59fRAtZCW1bxa3vCwDhA91
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame C239 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-FdpyldkV1tCCiEZ7uK5zfD_wv9G4rqS_L_65eQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 09 Aug 2023 07:28:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ul_cb/ Frame C239
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-2sfVrdkV1tCCiEZ7uK5zfD_wv9HEwpcJ-kQq4w
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-2sfVrdkV1tCCiEZ7uK5zfD_wv9HEwpcJ-kQq4w
43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-2sfVrdkV1tCCiEZ7uK5zfD_wv9HEwpcJ-kQq4w
Protocol
H2
Server
52.48.194.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-194-69.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 09 Aug 2023 07:28:07 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-2sfVrdkV1tCCiEZ7uK5zfD_wv9HEwpcJ-kQq4w
access-control-allow-origin
*
date
Wed, 09 Aug 2023 07:28:07 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame C239 		42 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-n4ulzNkV1tCCiEZ7uK5zfD_wv9Hvi9BbS5r0LA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame C239 		0
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k--lJzQ9kV1tCCiEZ7uK5zfD_wv9FUEUW3xe1uwA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.16.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-16-150.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
cookie-sync
sync.outbrain.com/ Frame C239 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-IBjdYdkV1tCCiEZ7uK5zfD_wv9H1vP38Ia3AJQ&initiator=partner
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 07:28:08 GMT
Cache-Control
no-cache
X-TraceId
0cd8477bfb260556e8f0755b8f9a4508
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame C239 		42 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-bNK8ZNkV1tCCiEZ7uK5zfD_wv9EbyyKGNaOu4w
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 07:28:07 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
criteo-partners.tremorhub.com/ Frame C239 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-bZDdUNkV1tCCiEZ7uK5zfD_wv9EtwkQcgGd19Q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:b9f1:6dc9:7c36:1111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Wed, 09 Aug 2023 07:28:07 GMT
server
nginx
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame C239 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-H8-mz9kV1tCCiEZ7uK5zfD_wv9GMQ8IVvzH6SA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 09 Aug 2023 07:28:07 GMT
server
Apache
x-powered-by
PHP/7.3.29
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame C239 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-0p4P_dkV1tCCiEZ7uK5zfD_wv9E_Auen85dZfQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 07:28:07 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Tue, 08 Aug 2023 07:28:07 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame C239 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-Pt_OWtkV1tCCiEZ7uK5zfD_wv9HuArEnCNzZ1g&pn_id=criteo&ext=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.193.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-193-170.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
content-length
0
put
e1.emxdgt.com/ Frame C239 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-ghGNRtkV1tCCiEZ7uK5zfD_wv9Gex5pUSRbp5A
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7Ci4FVoXd2Gr5zlACcSZn1Z8Au5Y7fYpHVzKmibO764ec%3D%7C&c1=TEbw32HdmhlzT0ixYgRR6k2LSfLhF6voHB7mbWL4y1-KQrRXkeP_SaMFD-c9Tlk3HyNqlzYTU0dSGgXf6VauuDCy3UnHzsUeduW5hGWk3r2J3QYT_mgHs2B-nD_gu_iiNoGM0khqmfOCivDtwsRLU5S9BdEjuiKOBVKR7xjyspqVnydhRDK0z3u3hzy-Do_OSg7V-z9cH-ESwnYyMQsusPHGvUG39PnFFjkW6isvufDicCS2P7mL8RCFsPDjXUjYlAchgUFvKL3XYmuLTp4DZuVgPKrt0yyznn8k_heni2l4Wd5vWkUEzfoWByhYy1Xp3nS-JFyXgGKvFuzEwPOcly3OFXB65VMzJ0wnVwLHAXvc02BN0q8JHixRySENc7RRx23IWGgd_WP3Nht9RNWH-_DT9_c5lbNIYPgo13McA2s_MHfiTOFFf-meN1h6HMAK33OMfyRr0H6pyvfMURdbXK-SERjQYxIDdqNNJaHfnO_g4WAknTSdfQYaUA663chrTe5xq1JqLvMDD6HCOvgiWHfFhsOapNK1NAATGrO4SpwJVkIn-QV9ljorX8EbthiRgtpOL6IYpyUU6cLR3Dd6nHQ0Sjv3QCwsMhARTLUWg8DOwZEpqJYp3X1LVSzoaldm7cl-25RHr5NaZcm6-ep1v4Gp55eaRQSfEqXVSfT3HTE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.249.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-249-168.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
server
awselb/2.0
index.html
s0.2mdn.net/sadbundle/6578138867263583433/ Frame 763A 		673 B
588 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=HmhRnyr5hz&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab994d90fb6b4e3841442d2a52de882b13b872c9f09c7765a55319aca262a71c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
410
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 07:28:07 GMT
expires
Thu, 08 Aug 2024 07:28:07 GMT
last-modified
Mon, 10 Jul 2023 11:56:20 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 44B0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssuWMxYgNdx93qXKIa1VhBXnX63VJ6qgYlvdPBvrT1PS7z_PL0OsJkrYpcAPr9ADr3pIAFFy6tz67rHlx2MTT71meyK9MOMlwmn38DDQLU4Qrwe2wo4iHa5edKLHBVXHPd93FvprCyWaWOOLPXKrXO7N5G1EE1S8sq6Z9By3vMeUOoVSVLi0yNCqlfL2iWOi7JaoKspcWgU2P1rHLTDyxZ-o0jw7nhjQhn9JwCx_Pr9lnp7u-eqw9PyiXJEKPy8aw0HdZlWyVazVawV3cPo8Jx-NgexNsnU5MNCXzrIC4_L33IIXJIlevaZR5QhFrUlgHMGs0V8Suv2RSUT2tJ_Mu9rB3lWyMCasXy_O8hJKsQ5Z1nVzNDemGGSSY4rOAueZdx4xiEMQjrQosqnrvFgUygAEeGndvVM_ED-6sosRowWse5FzooeXESE-OynIvgaun999Kx0sC7swWO1BgT6Pg58ER22N5-IHd367Tx2LlRGJdK9qr0UCpjHL8_w4yBEk7zUi4qtM3fw_aLqjNdL3AIC1m8Gk44VqmrvHD4xPUzOu377Ns5320TEkZNcN8fTxTIBJVw83wR93geICZSrfG6nv31aaYZBLkI3JKlgrWpn5A--QqVRfMjsagOBiYL0XaGv8iJ-cWL-z9zYjJLSyrSHcuQg6YrTcPYQvt6EpyEwsKq2zDpP8FWxSGEjMpvsEV-GVwQ8GZX_pLOkFh-iuSPaM97RwYqNqhBsFJ2nEvb5hFFoCi7dojpTXg0w6okgZYSy4nPzSTHMHBI9E9bEUR9FWF_DcBShT8izvZkjBeKWgBBsUwJ8SMa_f52p4Wcl6XeSkfTYeL7PsyKTcdXMGjr8DiQ32RXEZdm4vRYquw9YWk3Olg7Y41QViQ_20XPz6n8GWMyp_DGb9gpx2lTra9J39NJiK9pG80JY1qHqN4RLqZ6bsqKob2ZJ-WOYLlZuapnxqD7XjTOc4KgRzpVdnhNgXZFuPWu4KmNAUP21uyb5LpcJnNxTAar0BqVo6fuy4AermSpXDjKHD0g7P06X33VoM5gxmhnJoRXDpvkYHAWaT4N_xp-YvsUKpOg66C9L-DfZtXOtBkeE5Aa7eI11V5OwAQR38fhNic8Fy-B1-zZF9GBIQ1gTPwY3XWP8qQaq3kx5xkqKt5eTKteLwaem1mKq5utfua_ifkqSpN7kdqFQuvuMq5Xd08Ckg-qeE2Ok7t5ppb8tCyOC2ZMfVmrxsB9n0s0M6otppjieZ4tFGu-mo-r0OgUovViTW1DAW4qPbeSm0G2B4i6VS9O62oo3XNBlOj8UGrq6WuLdFmepuw&sai=AMfl-YQvMdge7R9kFHd7wNlF-mRtvxRs9gUJHaYcfoC4je-AI6snEupmFZ-owjYbWjOWisk91SUi9VmDRyYYhnaTLoGkjfL61jH-mtimBug9neHirgM0f8qIzE98qKy110xphZN_WZxxIrC8d5F3NxuvnvL3cmxnXm8OBEVosomBhgNjIlpUaqBqZ0nQnPeF_NzDoPQKWHqlvpLyAv654vhVur5Uf06lMEUVanFyvZhdpj__5wb4KczZoRtH0mDJc8Yen6N0&sig=Cg0ArKJSzIyPjlCoZv5gEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=399&cbvp=1&cstd=389&cisv=r20230807.35835&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 09 Aug 2023 07:28:07 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 09 Aug 2023 07:28:07 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308030101&jk=2455748603182811&bg=!JiWlJXHNAAaeEKnZvhA7ADkAdvg8WvDm941P6IN5x6aYoJM7T3EBV0b0odRlyeG4-27xzvRJL7pQ5KEhr8qZJV58wDUDxWYgIooCAAAA21IAAAB7aAEHCgAoy6ojOJrqG1kjpMnfhLp-dseSWmpPUXJ1p1c8ag8fnw3aVoVLve7IKZkCsiKrq5zHawoXUybffjOI6_xTd16kXMpMBcgK2oiS5aaox5anatvUzfrmmuQCphuDg69omFVde7UYrJ1oNa5bJ9QOGUfLXxWoIEJX9bkP7kWCSKT1zB3e4MIkXAYrkkbm9ltrQK3Uk2gwbwZI1UlCSnYtUrbjazJ3A5wIlYRgDX8N9uieH1lSv42VXaqRXlqDSfsIphFI0_3pnr2zMWblkxgaY180_3NdHayEDyjLiIV8B-cseIbeetJzlqCkeSDWXCHGcMtc07pwo4g2GYIt84YkDmcwLchell34yiBht9AiZgIwCgEOeYDoeuflif_3s9Iw_LoPsL9ZKBpTGyOu1OZsrn-b-GWEGQtp3uMC5r9P4i4ezjP1QI0aBI7Xp66uaRqxUOtm7yh2VhiZq_-HGTR10W6GzKBNCnZex_M3ammx11lH430sVAAmpXdDbJiM6LUWPbXcCx1vHIMr18BUEnRel-rju7TdS6NMsdb0D0Q5TfBhemjYGfUy9QChNKjQH38jNkFVsAr6XHl78f5KH51CMg-_mvA5fCjxFXO8wN3vO3t1qR6naSj_eTI22rfrRNFMfnzvqY3pL3EqXesVZN5_S9JerHatIuP-n6jAWO4vtOkdvMulOFalgmPm9XgZaFNBxJcPYKC7eaPAX3PmC_VUbRyVmJpVaiXHtWFQ1HrTLko8L8bprPkrq8smWJViLR4X_Yg5tq3_n9jt9aHESfaOp71wth0U6P4BJvjCUNvZBKVVceBYQHk42B3h06UrzkXVi1TXw6ubO6xoptm83phgiZa-kSTUxZmcxzNys4gEOAR-SIaLL18SpW5mhMHsyskcUvatdgiB9FMAxVf7LpRJInY-6qVvOFLUhPP5J-9K-dbPTypO91VDzst_yMW_S6nP-f0ZkwiQJ_uyz1MS_r7pEQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
d413b28d1b55ac28210b5485ca5b29c4.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d413b28d1b55ac28210b5485ca5b29c4.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
6ce98cf5c2cbba575d03fa210dba92cb8ccb9339ef8b2e9928ddd62502528f91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Aug 2023 07:28:07 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d413b28d1b55ac28210b5485ca5b29c4.png
age
0
edge-cache-tag
584155635204123451296091649676256530960,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
584155635204123451296091649676256530960,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT
expiration
expiry-date="Tue, 29 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length
8100
x-backend-name
CLOUDINARY-FALLBACK:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by
cache-iad-kjyo7100098-IAD, cache-iad-kcgs7200092-IAD, cache-fra-eddf8230031-FRA
last-modified
Sat, 29 Jul 2023 05:53:10 GMT
server
cloudinary
x-timer
S1691566088.578526,VS0,VE0
etag
"e5669e5c7f81df1b98434c7f176fec5a"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
48
r3---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame B42A
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r3---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,ita...
4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/65CEA4F7D70766F852FBFD62D14C22A5CBAB8188.6EF0567C780B2BCC9FD639B98F2446E56E08A147/key/cms1/cms_redirect/yes/mh/FW/mip/2a02:6ea0:c71b:0:1011:ad12:274e:57bd/mm/42/mn/sn-4g5e6nzl/ms/onc/mt/1691565906/mv/m/mvi/3/pl/48?cpn=V5z37LLPjtgOL750&file=file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4001:3c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 07:28:07 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 10 Aug 2022 08:21:41 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-3976059/3976060
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
3976060
Expires
Wed, 09 Aug 2023 07:28:07 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r3---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/65CEA4F7D70766F852FBFD62D14C22A5CBAB8188.6EF0567C780B2BCC9FD639B98F2446E56E08A147/key/cms1/cms_redirect/yes/mh/FW/mip/2a02:6ea0:c71b:0:1011:ad12:274e:57bd/mm/42/mn/sn-4g5e6nzl/ms/onc/mt/1691565906/mv/m/mvi/3/pl/48?cpn=V5z37LLPjtgOL750&file=file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
691
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CED8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=852790917&message=ss&sdkv=h.3.584.2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CED8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=852790917&message=oml&sdkv=h.3.584.2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3854
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP5EsvBODQak9yvIepZG3I8&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP5EsvBODQak9yvIepZG3I8&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bUcxenREMVYxUXREQlo1&google_gid=CAESEP5EsvBODQak9yvIepZG3I8&google_cver=1&google_push=AXcoOmSUzFMUd9r1xjIPb5hXt4o6ChKXG26by46QTba7srv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bUcxenREMVYxUXREQlo1&google_gid=CAESEP5EsvBODQak9yvIepZG3I8&google_cver=1&google_push=AXcoOmSUzFMUd9r1xjIPb5hXt4o6ChKXG26by46QTba7srv5vZwvUFf6z13HY_8GtH8YhDuWJCkveaZZgkQEGX2TR_yV0TtZJ5fHdw
Protocol
H3
Server
142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 07:28:07 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-785-gcf3d607#rel-ec2-master i-0ec636c0031116ef8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bUcxenREMVYxUXREQlo1&google_gid=CAESEP5EsvBODQak9yvIepZG3I8&google_cver=1&google_push=AXcoOmSUzFMUd9r1xjIPb5hXt4o6ChKXG26by46QTba7srv5vZwvUFf6z13HY_8GtH8YhDuWJCkveaZZgkQEGX2TR_yV0TtZJ5fHdw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3854
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEERXaKjozI_IGBKCEH59-Xc&google_cver=1&google_push=AXcoOmSCfC2vfqvNzNEwXJTRbkJmgbL_D_s-69YwWV_SjY5pBXS1WA9-u__u8CP4NVyfnCftG8Gjk4nCQw8Bb6...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2NTIyMTAyMjcwNzY3NzMzNQ%3D%3D&google_push=AXcoOmSCfC2vfqvNzNEwXJTRbkJmgbL_D_s-69YwWV_SjY5pBXS1WA9-u__u8CP4NVyfnCftG8Gjk4nCQw8Bb6D6_w...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2NTIyMTAyMjcwNzY3NzMzNQ%3D%3D&google_push=AXcoOmSCfC2vfqvNzNEwXJTRbkJmgbL_D_s-69YwWV_SjY5pBXS1WA9-u__u8CP4NVyfnCftG8Gjk4nCQw8Bb6D6_w55O7dnxicucw
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2NTIyMTAyMjcwNzY3NzMzNQ%3D%3D&google_push=AXcoOmSCfC2vfqvNzNEwXJTRbkJmgbL_D_s-69YwWV_SjY5pBXS1WA9-u__u8CP4NVyfnCftG8Gjk4nCQw8Bb6D6_w55O7dnxicucw
Date
Wed, 09 Aug 2023 07:28:07 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
x.bidswitch.net/ Frame 3854 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEA-mdYUy6s2OD752Mp75r30&google_cver=1&google_push=AXcoOmRI3pWW3T4tlcKHz2ApBRnhPCUEt6mAZuv0QML7iAR4v81rBVT1kUtfzpARLRHBcYqK78rjUOuLI9h33ty-dpLegQ5y4lGy
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.76.178.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-76-178-166.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 3854
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIqWHMHrz8NPQ8TmFHcrt_g&google_cver=1&google_push=AXcoOmT3cKnaT9NkindjYxIj-w--me_q5P4ajXoj-yGtMdSi6OMTTsWomrxz8sCWu7n6de5Co4nkgPdw...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIqWHMHrz8NPQ8TmFHcrt_g&google_cver=1&google_push=AXcoOmT3cKnaT9NkindjYxIj-w--me_q5P4ajXoj-yGtMdSi6OMTTsWomrxz8sCWu7n6de5Co4n...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM0MzM2Mzc3NTU1MzYyODYwOA&google_push=AXcoOmT3cKnaT9NkindjYxIj-w--me_q5P4ajXoj-yGtMdSi6OMTTsWomrxz8sCWu7n6de5Co4nkgP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM0MzM2Mzc3NTU1MzYyODYwOA&google_push=AXcoOmT3cKnaT9NkindjYxIj-w--me_q5P4ajXoj-yGtMdSi6OMTTsWomrxz8sCWu7n6de5Co4nkgPdwns6SaQwwc3Wd52aGqsTa
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjM0MzM2Mzc3NTU1MzYyODYwOA&google_push=AXcoOmT3cKnaT9NkindjYxIj-w--me_q5P4ajXoj-yGtMdSi6OMTTsWomrxz8sCWu7n6de5Co4nkgPdwns6SaQwwc3Wd52aGqsTa
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 3854 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ILtu_MkF899EWPiZXzhzBF_6-WkpCpCpgM9Q45iJixIAW2FUre
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
st
imprammp.taboola.com/ Frame 0665 		577 B
491 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8eV4CLAascvWsn7g_wxBY5epZP3F_hikAAABgYID-AIkNN6ORZTVZi2aT3Vo02gzXwt1gtNZtVrPharEbDUa2ISCx4WY0sqwma9FssluLRpvhWrgbjNa6zWo2XC12o8HINgUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDhFkedq_NdTkdFG6D2uG0-wMAAAAACAAAAAASAAjivyUAYnAnT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ4RAzC5LlaADiBTkFmEEAAAAQPHYxPDIJJ2gYlHl__-_3wrAFQCAgMRsmQu-LLqDEm9hAAAAAMQIwZcQjdzxoI9ZoIfF7zc77Bq_22X-_________838n_lHI4RU-JEmSAFXSs0vIADAml9AAAA24wYA4E0AnJCDgabT4XPd63W_3133MJsddo3frjT7RScAVkchdsPZYjdbLCazAwAAAHDn____H48QfAnRyB0Puh6QsMx8C49t4htNJi7fZrTxzEweh8k2MTmMG4tn5j1sy9Rb6wd5LX0ykO92GR4-l0FFN5ldns9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVisBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHcxuTyDJaztWriWa1Fy5FzrdxsLGvNZDjyLRazyWSzcoteH9PF4_G4hqstEgwI2YvkaZFOJMPRaOXwWGYrw8Zk8Q1GM8fCZZk5JsPFxGaxbCZiieZkkU5kl33DMvMtPLaJbzSZuHyb0cYzM3kcJtvE5DBuLJ6Zv7cxuTyD5WytmnhWa9Fy5FwrNxvLWjMZjnyLxWwy2azcotfHdPF4PK7hat-YLRer2WwwXO0bs-ViNZsNhqt9h8n0TH3ORtct4_gIDdPzzTa5OQ0Kl8Hi_UlMi2l3dhCdfEenzOFRFnRGv9_v9_v9fr_f7zdoPQezQeH7TGsb1XHZMmebv8fBoIglgot0onuYzQ6n2a17mM0Oi1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j9yiM1wrlgu55rhXLEZrRIAAAAAAAAAgCWYZroJAAAAgJNBDSebzWqdDmayGq4Wq-UCuICZ1PWDC3K9GhttsyslUIlvuw5bolhjjzXcw2x2OM1u3cNsdlgZwIXLN7PNPiOItVotawAAAALYAAAAArjpxpsAsiju____fxwAAAAZOfQAAADo9wFVaYcfuVLs8SuIxXIw2D8AFWKtVqvbjbVarYAEsVtMJhCAwGYE!&cmcv=&pix=undefined&cb=1691566087602&uv=3314&tms=1691566087602&abt=aniview_inc_vA!expl_vE!nonrv_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=6834d252-4627-4438-8704-7356851740d6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
027f4268bd53d8acd3cf3f814fea8ee1312458a3945a5023670b98c396612802

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Wed, 09 Aug 2023 07:28:07 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230031-FRA
x-timer
S1691566088.650876,VS0,VE9
sync
am-match.taboola.com/ Frame 589A 		439 B
524 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8eV4CLAascvWsn7g_wxBY5epZP3F_hikAAABgYID-AIkNN6ORZTVZi2aT3Vo02gzXwt1gtNZtVrPharEbDUa2ISCx4WY0sqwma9FssluLRpvhWrgbjNa6zWo2XC12o8HINgUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDhFkedq_NdTkdFG6D2uG0-wMAAAAACAAAAAASAAjivyUAYnAnT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ4RAzC5LlaADiBTkFmEEAAAAQPHYxPDIJJ2gYlHl__-_3wrAFQCAgMRsmQu-LLqDEm9hAAAAAMQIwZcQjdzxoI9ZoIfF7zc77Bq_22X-_________838n_lHI4RU-JEmSAFXSs0vIADAml9AAAA24wYA4E0AnJCDgabT4XPd63W_3133MJsddo3frjT7RScAVkchdsPZYjdbLCazAwAAAHDn____H48QfAnRyB0Puh6QsMx8C49t4htNJi7fZrTxzEweh8k2MTmMG4tn5j1sy9Rb6wd5LX0ykO92GR4-l0FFN5ldns9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVisBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHcxuTyDJaztWriWa1Fy5FzrdxsLGvNZDjyLRazyWSzcoteH9PF4_G4hqstEgwI2YvkaZFOJMPRaOXwWGYrw8Zk8Q1GM8fCZZk5JsPFxGaxbCZiieZkkU5kl33DMvMtPLaJbzSZuHyb0cYzM3kcJtvE5DBuLJ6Zv7cxuTyD5WytmnhWa9Fy5FwrNxvLWjMZjnyLxWwy2azcotfHdPF4PK7hat-YLRer2WwwXO0bs-ViNZsNhqt9h8n0TH3ORtct4_gIDdPzzTa5OQ0Kl8Hi_UlMi2l3dhCdfEenzOFRFnRGv9_v9_v9fr_f7zdoPQezQeH7TGsb1XHZMmebv8fBoIglgot0onuYzQ6n2a17mM0Oi1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j9yiM1wrlgu55rhXLEZrRIAAAAAAAAAgCWYZroJAAAAgJNBDSebzWqdDmayGq4Wq-UCuICZ1PWDC3K9GhttsyslUIlvuw5bolhjjzXcw2x2OM1u3cNsdlgZwIXLN7PNPiOItVotawAAAALYAAAAArjpxpsAsiju____fxwAAAAZOfQAAADo9wFVaYcfuVLs8SuIxXIw2D8AFWKtVqvbjbVarYAEsVtMJhCAwGYE!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
08e95d42303b0fed6d2b711e9ba865415d4408e3a7bccf96d27f07b90338822f

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 09 Aug 2023 07:28:07 GMT
machineid
3407
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8eV4CLAascvWsn7g_wxBY5epZP3F_hikAAABgYID-AIkNN6ORZTVZi2aT3Vo02gzXwt1gtNZtVrPharEbDUa2ISCx4WY0sqwma9FssluLRpvhWrgbjNa6zWo2XC12o8HINgUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDhFkedq_NdTkdFG6D2uG0-wMAAAAACAAAAAASAAjivyUAYnAnT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ4RAzC5LlaADiBTkFmEEAAAAQPHYxPDIJJ2gYlHl__-_3wrAFQCAgMRsmQu-LLqDEm9hAAAAAMQIwZcQjdzxoI9ZoIfF7zc77Bq_22X-_________838n_lHI4RU-JEmSAFXSs0vIADAml9AAAA24wYA4E0AnJCDgabT4XPd63W_3133MJsddo3frjT7RScAVkchdsPZYjdbLCazAwAAAHDn____H48QfAnRyB0Puh6QsMx8C49t4htNJi7fZrTxzEweh8k2MTmMG4tn5j1sy9Rb6wd5LX0ykO92GR4-l0FFN5ldns9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVisBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHcxuTyDJaztWriWa1Fy5FzrdxsLGvNZDjyLRazyWSzcoteH9PF4_G4hqstEgwI2YvkaZFOJMPRaOXwWGYrw8Zk8Q1GM8fCZZk5JsPFxGaxbCZiieZkkU5kl33DMvMtPLaJbzSZuHyb0cYzM3kcJtvE5DBuLJ6Zv7cxuTyD5WytmnhWa9Fy5FwrNxvLWjMZjnyLxWwy2azcotfHdPF4PK7hat-YLRer2WwwXO0bs-ViNZsNhqt9h8n0TH3ORtct4_gIDdPzzTa5OQ0Kl8Hi_UlMi2l3dhCdfEenzOFRFnRGv9_v9_v9fr_f7zdoPQezQeH7TGsb1XHZMmebv8fBoIglgot0onuYzQ6n2a17mM0Oi1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j9yiM1wrlgu55rhXLEZrRIAAAAAAAAAgCWYZroJAAAAgJNBDSebzWqdDmayGq4Wq-UCuICZ1PWDC3K9GhttsyslUIlvuw5bolhjjzXcw2x2OM1u3cNsdlgZwIXLN7PNPiOItVotawAAAALYAAAAArjpxpsAsiju____fxwAAAAZOfQAAADo9wFVaYcfuVLs8SuIxXIw2D8AFWKtVqvbjbVarYAEsVtMJhCAwGYE!&cmcv=&pix=31589837&cb=1691566087602&uv=3314&tms=1691566087602&abt=aniview_inc_vA!expl_vE!nonrv_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1691566083473!ts:1691566087602&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
content-length
0
server
nginx
index.html
s0.2mdn.net/sadbundle/14607691819158405450/ Frame 0CF8 		673 B
495 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=VgWnuyLDF0&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e06feceb4253e394d01cf81cab43f3ca01b57fa953e9fc36f9e3b27e33e761f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
410
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 07:28:07 GMT
expires
Thu, 08 Aug 2024 07:28:07 GMT
last-modified
Mon, 10 Jul 2023 11:54:10 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E67B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJsbaQJwn49nM0jVrazAMOXdzNAyi4j7V1jomw_Jl5lL-yrt_3RODQv0-yJs9smo_A6RteHsYo_5m01ZjwlgaZi1AHPLJEFXsvyc2nD-TFvzjkRFIbSc3reOfzgGyLToskq_t6JZLsyk4MBEyxALPUJkrNi_a2TEcKJv1XcHgncEDeFVnZgMt6wCWgH9pfpG_K2xmmYEe9I_Ldg646LLfNBzBFLZ0tZD-3e7JcqLAIPYRNw2lrUD3ENWzbFltL813Ll_ezJEYdTa7_-dJZz9d_F7t_wNWx34K4iWMPJDcYjVNutcVwcizksyFQe8LhrcYK-EKiKUI0dXOrDKlrTp7y9FP32FYiuFBYQc71HCVe3tYgB9aEGZDiD8ZgXP-0uXsextEg1CnQkMqG3KMe9SfZBhkPBnYmaMpWoCIrZxA91nhRzmQKEfnhyCBiaIEuiW-Es6YVk5T9fIgRC5h6oTcorzavg6ByTUlhfF21LmIUHcpwzkFEs2bylQttljGsKvq9ePku__msCNaPrmMyFDAZytqYivJ6OmPH2JB99k-IZllmPR04DRnG0gvE7PdsAEqP0Odw3B2tf4A9ijqu2J55acEyCavtAxcW10YVfY4UxguNCovL3T2U9KgIhVpHJPcQKRpcoD0ge9AGu-HyT9FwUUPUbVt_dUkm8zk0pgXG3rqh7AcJ8pQDYQmvK9zJQRF8qJSTo-q68N54LyBS4Uxf83zM9wx_smxbOuvdtQGMw907gYEyeWRaLBB5ndi41oDMFmobUv9fe1ubxXRlYAxPpfyN40168F8Zeto1I2zRmYILAYey1zrT-mxjQIPQwOElTTfQm7QY6bbCbhm0pL4O67IkGuecQ9TqumuvhwEQp68yhG1RF8ZnN2YbcKpt4ckB3RlwiVEnMl9I11FPmoL05NFxqe2b0VpFsT6LQfLUsJtlkTbYv1U3AMtWuNyn4-fAkIJk9lACeQKW-82-ZnxYAZnsP_mtB3wsj2JNqUQ4TMqVuKpdxGFVqr5IbpFvs5f7ogzoB2E6qmRU0kZuSgn-dz-84hsdihA2EJJA-B8Dn9KRTZzn3sFGDLkyBWOkniavpEJAtsS58Amqpw1LLjiCj0JTngfTdG_yv0gJ7WhNfuiPfd2s845kR9PJsX-X7f0S2rqWTYZU2XxHPE-NIT1fWBAdbOZKxCkcSTH7DPZ6r5gYTEAmOweB3GUn5D1NfZwA9OlgytqTI_QOa4FUt-crV7zuD9m9_J5RxpC7GCIZxuRXdMxkaHz88Eslcdt2OoQTStHJjcidBOO-oHgo3zwlFl5Qdjo5isVNxrEvAzz6vtC15dVVk87DoqLZ&sai=AMfl-YT6FeSt8TD0hc0v9Zoa6OBqk36pWnEul6U9Hh66PGq4o_tpxXLb8nngdTb9vDUkdPyG93uQNsbpN6CDrSnFSRizEJFEuiIZfVDHINSrTtDhv4VyyOk1PA6kpOiQkkgiCjXIFveq_uaq_b1xQxG9cVMq5EsyQNpbVOG9JzVOofLvFbjwTvumrvilCds9cDMUI1Lo23OpuwG9iAFjO-DYDsuracoBL1i2WUOyY_r9j550SeIvntrAOWiONibZBxcwCOHa&sig=Cg0ArKJSzLIla4_kaNAnEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=323&cbvp=1&cstd=316&cisv=r20230807.15446&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 09 Aug 2023 07:28:07 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 09 Aug 2023 07:28:07 GMT
index.html
s0.2mdn.net/sadbundle/14607691819158405450/ Frame E662 		673 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=NmYvsLjIs8&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e06feceb4253e394d01cf81cab43f3ca01b57fa953e9fc36f9e3b27e33e761f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
410
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 07:28:07 GMT
expires
Thu, 08 Aug 2024 07:28:07 GMT
last-modified
Mon, 10 Jul 2023 11:54:10 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9F78 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvBNjeMqXUEZ56r9KIfnwnF8hNSPKPU57Vn6X4Q0JbD2rbAh3wb2R8IbcsviV-zXHmBwrL-2AK4oSUa1cIMHJ-T6XLLp3gX1iQL11FbDkM5xk13q18AmqrQqslUWWvjXJopFaFWOjorBTKBDOYBKdJE3VMyhq9QpcMXSvej3vMItCY23GCk-XlkHDJMLQLp9ZlAvpbZDUEk64d8j2AfhrJ-Y9M45kewGhFdw7-1wCPmgx33pUAbqrd1_npoerEn6HPHnk8ueurVwe9itauVGH6gJg7UpTF9lTzFibnpd29O_qKT3GKYWI3GX_R9l8gS95GUM5y7SW7a_CcNn2o8kFo4DqDOJO932F9DuN_BuffGd32KmPrXE-BAUWNE4d38IFuSM0RaAPrIbomzZW_dOxDqppr-3eO0oaMHDJlS5-ZqzC_O2QjcrZVKogjkVxa2kCXoFlWikWXsWbuNlosP0LLL1ykDPsmt8UrVQkJjMnXCRtSV8KBPxknKte11HF4foIXfIPd9D-iUZehpiBEOCnHM88UmFvmbAAnVDBbmuM0GDB_43h1GsKqGMd3TGtRct_qn3Yf-z21gu26I6TeyaJNYLvzuSjM_dSLDxiGFyB3hkb5u_xjYNrzJHWMlrPlWzP_rzq9AfAGMLGBv5cx0LGjEB0GSm-Ghl4PNHq-mxagt2IKWE5lydpHu73-FH5JfhUmMZL8fqAm_xCKD6RX3X0vazSDNbjYZY-zTbS08by07y-xTv_U2DPk591pGrm2OhqqljaaNaznpuHNi0HqbDOh6Qu13RmoXnJvzwi8VYfpvF1WYW8psc6jELY1pxo8CW2vwszyXEkFl5FAHsXIUbWJj7vlrcIwdtpOQcFU9n9ZJYR2vYf3-bmKPNmZWS4Y33UxToR4hOKXMMfm0d0vMDUeePhecf9xKWzpdiB8dXd-ELIagxjLBtTLQScP8zmRDeNMBHSl3jvpwCDnNAuVkKNnZumRQnrQmZrP83mKdpKgUHyT8ND7N3a1L5IieJ55LLzldAxGQ7vVXR9gz7C6kRVNmc1fqszBXf1Rvi5VH3cxcS0tuNedz8ywhnVyERjysYsKdV3jOupk0onfv2q2MHtMlhHZTqMWfXdDzLnNUB4OgmDxCEhX8dTHHGAhFgchF6DLfWTS4_y3XHYmIfeWDqgEPo6GVHyUGO6_2-WSlSXTVlgOiV-30C29oSYkN7QPqygqWSRmRGXw_wWKsuu3eovMvV2LRxHW_UzgDYLLu2qQfSXaY0ggK4E2S727JqADfpNhYiC7UC5YH4FUqT_y1ZZAX3OpOIqMQpL6jFf85URO5DweZncn1tB-Sockj&sai=AMfl-YSb4QcVS1bV-S1jdH3N3C4ytgRyGwEDGlHZ96arWAjBytHZBtavn0H2js9bcNov3LUXeM4-CH-zejQz-w3ny_2nUyuaK2139YEpZJ3oktKDlu6UZBkFmlfckkn9xnTzV2N7j-eo4PQ2nzqM_reJdejOUdVDxXiLH8gA6xjs3YpQ5IFECWqk2Qt_491dNdAIs7ejfkMurJoo7GtSDa3oCpevcFMPpXQCv4ySNJO_cmkOgPE2Y1Xoiocfy_OajWgQ4wY7&sig=Cg0ArKJSzB6GnR_tgESdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=346&cbvp=1&cstd=337&cisv=r20230807.99637&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 09 Aug 2023 07:28:07 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 09 Aug 2023 07:28:07 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 51B9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
55812
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 08 Aug 2023 15:57:55 GMT
expires
Wed, 07 Aug 2024 15:57:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 0699
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP5EsvBODQak9yvIepZG3I8&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP5EsvBODQak9yvIepZG3I8&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bUcxenREMVYxUXREQlo1&google_gid=CAESEP5EsvBODQak9yvIepZG3I8&google_cver=1&google_push=AXcoOmStdJCQp4BqVdKBVtA89W_rB0UmvPqfYdoby95bkq_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bUcxenREMVYxUXREQlo1&google_gid=CAESEP5EsvBODQak9yvIepZG3I8&google_cver=1&google_push=AXcoOmStdJCQp4BqVdKBVtA89W_rB0UmvPqfYdoby95bkq_5f_Toj0ihjjCVpeJyUfRfGM_0PgkHfQFgKxypFFzNvdwiIA_Heg
Protocol
H3
Server
142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 07:28:07 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-785-gcf3d607#rel-ec2-master i-0ec636c0031116ef8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bUcxenREMVYxUXREQlo1&google_gid=CAESEP5EsvBODQak9yvIepZG3I8&google_cver=1&google_push=AXcoOmStdJCQp4BqVdKBVtA89W_rB0UmvPqfYdoby95bkq_5f_Toj0ihjjCVpeJyUfRfGM_0PgkHfQFgKxypFFzNvdwiIA_Heg
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0699
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEERXaKjozI_IGBKCEH59-Xc&google_cver=1&google_push=AXcoOmREJ6w1RbbJe09hIrjtjKcn-beZpgqdd34jPSK40-PdzKAzOpYojCE7tmmC-JBQaRoN4Eojpr-nODIIqu...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2NTIyMTAyMjcwODM5ODIzMQ%3D%3D&google_push=AXcoOmREJ6w1RbbJe09hIrjtjKcn-beZpgqdd34jPSK40-PdzKAzOpYojCE7tmmC-JBQaRoN4Eojpr-nODIIquP0ZV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2NTIyMTAyMjcwODM5ODIzMQ%3D%3D&google_push=AXcoOmREJ6w1RbbJe09hIrjtjKcn-beZpgqdd34jPSK40-PdzKAzOpYojCE7tmmC-JBQaRoN4Eojpr-nODIIquP0ZV7x7qxf-Q
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2NTIyMTAyMjcwODM5ODIzMQ%3D%3D&google_push=AXcoOmREJ6w1RbbJe09hIrjtjKcn-beZpgqdd34jPSK40-PdzKAzOpYojCE7tmmC-JBQaRoN4Eojpr-nODIIquP0ZV7x7qxf-Q
Date
Wed, 09 Aug 2023 07:28:07 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
x.bidswitch.net/ Frame 0699 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEA-mdYUy6s2OD752Mp75r30&google_cver=1&google_push=AXcoOmRdr4mt0MYGqjoNlWQQJHY1bjwV-mowG5GnV6vuSc9Qw1aAaz68NdTc53VlqirAGUAE_prYRQSr9pvTEpji0IQTQM1kUw
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.76.178.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-76-178-166.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 0699
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIqWHMHrz8NPQ8TmFHcrt_g&google_cver=1&google_push=AXcoOmSP3ebCfpd24Pry9cPyYzoDuqPovPSTtq_ZViHNOvq4iNC-PeouteT5_06mxG9lvLnwvpRr0AiD...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIqWHMHrz8NPQ8TmFHcrt_g&google_cver=1&google_push=AXcoOmSP3ebCfpd24Pry9cPyYzoDuqPovPSTtq_ZViHNOvq4iNC-PeouteT5_06mxG9lvLnwvpR...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY0OTM5NjY0NjQ5MjM1MjIxMA&google_push=AXcoOmSP3ebCfpd24Pry9cPyYzoDuqPovPSTtq_ZViHNOvq4iNC-PeouteT5_06mxG9lvLnwvpRr0A...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY0OTM5NjY0NjQ5MjM1MjIxMA&google_push=AXcoOmSP3ebCfpd24Pry9cPyYzoDuqPovPSTtq_ZViHNOvq4iNC-PeouteT5_06mxG9lvLnwvpRr0AiD2JvmIXr9InF_V-q1
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTY0OTM5NjY0NjQ5MjM1MjIxMA&google_push=AXcoOmSP3ebCfpd24Pry9cPyYzoDuqPovPSTtq_ZViHNOvq4iNC-PeouteT5_06mxG9lvLnwvpRr0AiD2JvmIXr9InF_V-q1
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 0699 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LMaQ1c1RNfZ6bkcLGUYVUPMZ0SUj0lK-IchiOH3Bbb_fgG4RSq
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 4087
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP5EsvBODQak9yvIepZG3I8&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP5EsvBODQak9yvIepZG3I8&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bUcxenREMVYxUXREQlo1&google_gid=CAESEP5EsvBODQak9yvIepZG3I8&google_cver=1&google_push=AXcoOmTKgZi3BsUS2r5bGPk2mVlFI0Gj957W6aQIntLPNtq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bUcxenREMVYxUXREQlo1&google_gid=CAESEP5EsvBODQak9yvIepZG3I8&google_cver=1&google_push=AXcoOmTKgZi3BsUS2r5bGPk2mVlFI0Gj957W6aQIntLPNtq1oP98oZmnSAMWrmO_eyu6ilXH5LWXbqi8yfF4JHvsU7wvQm0KF0k
Protocol
H3
Server
142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 07:28:07 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-785-gcf3d607#rel-ec2-master i-0b0237ae7bbf6c9f9@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bUcxenREMVYxUXREQlo1&google_gid=CAESEP5EsvBODQak9yvIepZG3I8&google_cver=1&google_push=AXcoOmTKgZi3BsUS2r5bGPk2mVlFI0Gj957W6aQIntLPNtq1oP98oZmnSAMWrmO_eyu6ilXH5LWXbqi8yfF4JHvsU7wvQm0KF0k
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4087
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEERXaKjozI_IGBKCEH59-Xc&google_cver=1&google_push=AXcoOmR0RtlXQ1I4_K8P9SsW1m0CyyFcq8ICj5rm8GpONeSyhLd4GBbXqHrpPCGr_8ONHCTSd8dCPswkWk9hwY...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2NTIyMTAyMjcwOTkwNTU1OQ%3D%3D&google_push=AXcoOmR0RtlXQ1I4_K8P9SsW1m0CyyFcq8ICj5rm8GpONeSyhLd4GBbXqHrpPCGr_8ONHCTSd8dCPswkWk9hwYZ6hg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2NTIyMTAyMjcwOTkwNTU1OQ%3D%3D&google_push=AXcoOmR0RtlXQ1I4_K8P9SsW1m0CyyFcq8ICj5rm8GpONeSyhLd4GBbXqHrpPCGr_8ONHCTSd8dCPswkWk9hwYZ6hgjr8FmcViV2
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2NTIyMTAyMjcwOTkwNTU1OQ%3D%3D&google_push=AXcoOmR0RtlXQ1I4_K8P9SsW1m0CyyFcq8ICj5rm8GpONeSyhLd4GBbXqHrpPCGr_8ONHCTSd8dCPswkWk9hwYZ6hgjr8FmcViV2
Date
Wed, 09 Aug 2023 07:28:07 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
x.bidswitch.net/ Frame 4087 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEA-mdYUy6s2OD752Mp75r30&google_cver=1&google_push=AXcoOmSVFgTdByqlI3D7wcGhtA_a5wRpFxQkk8Cj4QvSlHUOOQ1i6rqZ875Gc1Ee4f-LtMdzicpgSKgmpkGNff-05gteg1IQgj8
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.76.178.166 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-76-178-166.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 4087
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIqWHMHrz8NPQ8TmFHcrt_g&google_cver=1&google_push=AXcoOmT3AXOVqZLIDjQquiJDMHIJgeabvjSCjH54klGwrThURYFj-1hTKcjjM9eKZWEA65CNgUZJq82Z...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIqWHMHrz8NPQ8TmFHcrt_g&google_cver=1&google_push=AXcoOmT3AXOVqZLIDjQquiJDMHIJgeabvjSCjH54klGwrThURYFj-1hTKcjjM9eKZWEA65CNgUZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTcyNTYzNzc5NzMyMzYwMzQ3NA&google_push=AXcoOmT3AXOVqZLIDjQquiJDMHIJgeabvjSCjH54klGwrThURYFj-1hTKcjjM9eKZWEA65CNgUZJq8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTcyNTYzNzc5NzMyMzYwMzQ3NA&google_push=AXcoOmT3AXOVqZLIDjQquiJDMHIJgeabvjSCjH54klGwrThURYFj-1hTKcjjM9eKZWEA65CNgUZJq82Z1Ece_W4wejPYUWXL0POa
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTcyNTYzNzc5NzMyMzYwMzQ3NA&google_push=AXcoOmT3AXOVqZLIDjQquiJDMHIJgeabvjSCjH54klGwrThURYFj-1hTKcjjM9eKZWEA65CNgUZJq82Z1Ece_W4wejPYUWXL0POa
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 4087 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Je_5XbpgWmZmBZTvBHrtOO3BmVUBaUwgomkm5jGmPTIiJEe9-O
Requested by
Host: 936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
URL: https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame EEFB 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-4164"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 03 Aug 2024 07:28:07 GMT
generic
match.adsrvr.org/track/cmf/ Frame 0665 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8eV4CLAascvWsn7g_wxBY5epZP3F_hikAAABgYID-AIkNN6ORZTVZi2aT3Vo02gzXwt1gtNZtVrPharEbDUa2ISCx4WY0sqwma9FssluLRpvhWrgbjNa6zWo2XC12o8HINgUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDhFkedq_NdTkdFG6D2uG0-wMAAAAACAAAAAASAAjivyUAYnAnT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ4RAzC5LlaADiBTkFmEEAAAAQPHYxPDIJJ2gYlHl__-_3wrAFQCAgMRsmQu-LLqDEm9hAAAAAMQIwZcQjdzxoI9ZoIfF7zc77Bq_22X-_________838n_lHI4RU-JEmSAFXSs0vIADAml9AAAA24wYA4E0AnJCDgabT4XPd63W_3133MJsddo3frjT7RScAVkchdsPZYjdbLCazAwAAAHDn____H48QfAnRyB0Puh6QsMx8C49t4htNJi7fZrTxzEweh8k2MTmMG4tn5j1sy9Rb6wd5LX0ykO92GR4-l0FFN5ldns9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVisBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHcxuTyDJaztWriWa1Fy5FzrdxsLGvNZDjyLRazyWSzcoteH9PF4_G4hqstEgwI2YvkaZFOJMPRaOXwWGYrw8Zk8Q1GM8fCZZk5JsPFxGaxbCZiieZkkU5kl33DMvMtPLaJbzSZuHyb0cYzM3kcJtvE5DBuLJ6Zv7cxuTyD5WytmnhWa9Fy5FwrNxvLWjMZjnyLxWwy2azcotfHdPF4PK7hat-YLRer2WwwXO0bs-ViNZsNhqt9h8n0TH3ORtct4_gIDdPzzTa5OQ0Kl8Hi_UlMi2l3dhCdfEenzOFRFnRGv9_v9_v9fr_f7zdoPQezQeH7TGsb1XHZMmebv8fBoIglgot0onuYzQ6n2a17mM0Oi1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j9yiM1wrlgu55rhXLEZrRIAAAAAAAAAgCWYZroJAAAAgJNBDSebzWqdDmayGq4Wq-UCuICZ1PWDC3K9GhttsyslUIlvuw5bolhjjzXcw2x2OM1u3cNsdlgZwIXLN7PNPiOItVotawAAAALYAAAAArjpxpsAsiju____fxwAAAAZOfQAAADo9wFVaYcfuVLs8SuIxXIw2D8AFWKtVqvbjbVarYAEsVtMJhCAwGYE!&cmcv=&pix=undefined&cb=1691566087602&uv=3314&tms=1691566087602&abt=aniview_inc_vA!expl_vE!nonrv_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=6834d252-4627-4438-8704-7356851740d6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
7cde3096-5b35-49d9-93c2-328d7116223e-tuctbccc585
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 0665 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/7cde3096-5b35-49d9-93c2-328d7116223e-tuctbccc585?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8eV4CLAascvWsn7g_wxBY5epZP3F_hikAAABgYID-AIkNN6ORZTVZi2aT3Vo02gzXwt1gtNZtVrPharEbDUa2ISCx4WY0sqwma9FssluLRpvhWrgbjNa6zWo2XC12o8HINgUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDhFkedq_NdTkdFG6D2uG0-wMAAAAACAAAAAASAAjivyUAYnAnT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ4RAzC5LlaADiBTkFmEEAAAAQPHYxPDIJJ2gYlHl__-_3wrAFQCAgMRsmQu-LLqDEm9hAAAAAMQIwZcQjdzxoI9ZoIfF7zc77Bq_22X-_________838n_lHI4RU-JEmSAFXSs0vIADAml9AAAA24wYA4E0AnJCDgabT4XPd63W_3133MJsddo3frjT7RScAVkchdsPZYjdbLCazAwAAAHDn____H48QfAnRyB0Puh6QsMx8C49t4htNJi7fZrTxzEweh8k2MTmMG4tn5j1sy9Rb6wd5LX0ykO92GR4-l0FFN5ldns9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVisBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHcxuTyDJaztWriWa1Fy5FzrdxsLGvNZDjyLRazyWSzcoteH9PF4_G4hqstEgwI2YvkaZFOJMPRaOXwWGYrw8Zk8Q1GM8fCZZk5JsPFxGaxbCZiieZkkU5kl33DMvMtPLaJbzSZuHyb0cYzM3kcJtvE5DBuLJ6Zv7cxuTyD5WytmnhWa9Fy5FwrNxvLWjMZjnyLxWwy2azcotfHdPF4PK7hat-YLRer2WwwXO0bs-ViNZsNhqt9h8n0TH3ORtct4_gIDdPzzTa5OQ0Kl8Hi_UlMi2l3dhCdfEenzOFRFnRGv9_v9_v9fr_f7zdoPQezQeH7TGsb1XHZMmebv8fBoIglgot0onuYzQ6n2a17mM0Oi1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j9yiM1wrlgu55rhXLEZrRIAAAAAAAAAgCWYZroJAAAAgJNBDSebzWqdDmayGq4Wq-UCuICZ1PWDC3K9GhttsyslUIlvuw5bolhjjzXcw2x2OM1u3cNsdlgZwIXLN7PNPiOItVotawAAAALYAAAAArjpxpsAsiju____fxwAAAAZOfQAAADo9wFVaYcfuVLs8SuIxXIw2D8AFWKtVqvbjbVarYAEsVtMJhCAwGYE!&cmcv=&pix=undefined&cb=1691566087602&uv=3314&tms=1691566087602&abt=aniview_inc_vA!expl_vE!nonrv_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=6834d252-4627-4438-8704-7356851740d6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:116:34f8:6532:c6d0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 763A 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=HmhRnyr5hz&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=HmhRnyr5hz&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 06:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4553
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 06:12:14 GMT
template-43bf74fd.js
s0.2mdn.net/sadbundle/6578138867263583433/ Frame 763A 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6578138867263583433/template-43bf74fd.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=HmhRnyr5hz&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1083d32b6bd31c5bb8b662eb0bd3840484d66a62b699da6acd56b83f7ba05a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=HmhRnyr5hz&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 07:58:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
343803
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13999
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 11:56:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 04 Aug 2024 07:58:04 GMT
index-09647504.css
s0.2mdn.net/sadbundle/6578138867263583433/ Frame 763A 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6578138867263583433/index-09647504.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=HmhRnyr5hz&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09647504671a7ef9bb925c74c26e6be969edc1ded8ef8a94aa4b1ab1cdfc60af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=HmhRnyr5hz&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 08:00:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
343637
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1375
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 11:56:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 04 Aug 2024 08:00:50 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 43EF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
55812
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 08 Aug 2023 15:57:55 GMT
expires
Wed, 07 Aug 2024 15:57:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 0CF8 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=VgWnuyLDF0&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=VgWnuyLDF0&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 06:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4553
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 06:12:14 GMT
template-43bf74fd.js
s0.2mdn.net/sadbundle/14607691819158405450/ Frame 0CF8 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14607691819158405450/template-43bf74fd.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=VgWnuyLDF0&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1083d32b6bd31c5bb8b662eb0bd3840484d66a62b699da6acd56b83f7ba05a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=VgWnuyLDF0&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 14:29:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
406710
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13999
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 11:54:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 03 Aug 2024 14:29:37 GMT
index-09647504.css
s0.2mdn.net/sadbundle/14607691819158405450/ Frame 0CF8 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14607691819158405450/index-09647504.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=VgWnuyLDF0&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09647504671a7ef9bb925c74c26e6be969edc1ded8ef8a94aa4b1ab1cdfc60af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=VgWnuyLDF0&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 19:06:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
390089
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1375
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 11:54:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 03 Aug 2024 19:06:38 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame E662 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=NmYvsLjIs8&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=NmYvsLjIs8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 06:12:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4553
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 06:12:14 GMT
template-43bf74fd.js
s0.2mdn.net/sadbundle/14607691819158405450/ Frame E662 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14607691819158405450/template-43bf74fd.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=NmYvsLjIs8&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1083d32b6bd31c5bb8b662eb0bd3840484d66a62b699da6acd56b83f7ba05a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=NmYvsLjIs8&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 14:29:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
406710
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13999
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 11:54:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 03 Aug 2024 14:29:37 GMT
index-09647504.css
s0.2mdn.net/sadbundle/14607691819158405450/ Frame E662 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14607691819158405450/index-09647504.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=NmYvsLjIs8&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09647504671a7ef9bb925c74c26e6be969edc1ded8ef8a94aa4b1ab1cdfc60af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=NmYvsLjIs8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 19:06:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
390089
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1375
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 11:54:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 03 Aug 2024 19:06:38 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1EEA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
55812
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 08 Aug 2023 15:57:55 GMT
expires
Wed, 07 Aug 2024 15:57:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/ Frame 589A 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8eV4CLAascvWsn7g_wxBY5epZP3F_hikAAABgYID-AIkNN6ORZTVZi2aT3Vo02gzXwt1gtNZtVrPharEbDUa2ISCx4WY0sqwma9FssluLRpvhWrgbjNa6zWo2XC12o8HINgUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDhFkedq_NdTkdFG6D2uG0-wMAAAAACAAAAAASAAjivyUAYnAnT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ4RAzC5LlaADiBTkFmEEAAAAQPHYxPDIJJ2gYlHl__-_3wrAFQCAgMRsmQu-LLqDEm9hAAAAAMQIwZcQjdzxoI9ZoIfF7zc77Bq_22X-_________838n_lHI4RU-JEmSAFXSs0vIADAml9AAAA24wYA4E0AnJCDgabT4XPd63W_3133MJsddo3frjT7RScAVkchdsPZYjdbLCazAwAAAHDn____H48QfAnRyB0Puh6QsMx8C49t4htNJi7fZrTxzEweh8k2MTmMG4tn5j1sy9Rb6wd5LX0ykO92GR4-l0FFN5ldns9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVisBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHcxuTyDJaztWriWa1Fy5FzrdxsLGvNZDjyLRazyWSzcoteH9PF4_G4hqstEgwI2YvkaZFOJMPRaOXwWGYrw8Zk8Q1GM8fCZZk5JsPFxGaxbCZiieZkkU5kl33DMvMtPLaJbzSZuHyb0cYzM3kcJtvE5DBuLJ6Zv7cxuTyD5WytmnhWa9Fy5FwrNxvLWjMZjnyLxWwy2azcotfHdPF4PK7hat-YLRer2WwwXO0bs-ViNZsNhqt9h8n0TH3ORtct4_gIDdPzzTa5OQ0Kl8Hi_UlMi2l3dhCdfEenzOFRFnRGv9_v9_v9fr_f7zdoPQezQeH7TGsb1XHZMmebv8fBoIglgot0onuYzQ6n2a17mM0Oi1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j9yiM1wrlgu55rhXLEZrRIAAAAAAAAAgCWYZroJAAAAgJNBDSebzWqdDmayGq4Wq-UCuICZ1PWDC3K9GhttsyslUIlvuw5bolhjjzXcw2x2OM1u3cNsdlgZwIXLN7PNPiOItVotawAAAALYAAAAArjpxpsAsiju____fxwAAAAZOfQAAADo9wFVaYcfuVLs8SuIxXIw2D8AFWKtVqvbjbVarYAEsVtMJhCAwGYE!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
7cde3096-5b35-49d9-93c2-328d7116223e-tuctbccc585
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 589A 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/7cde3096-5b35-49d9-93c2-328d7116223e-tuctbccc585?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8eV4CLAascvWsn7g_wxBY5epZP3F_hikAAABgYID-AIkNN6ORZTVZi2aT3Vo02gzXwt1gtNZtVrPharEbDUa2ISCx4WY0sqwma9FssluLRpvhWrgbjNa6zWo2XC12o8HINgUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDhFkedq_NdTkdFG6D2uG0-wMAAAAACAAAAAASAAjivyUAYnAnT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ4RAzC5LlaADiBTkFmEEAAAAQPHYxPDIJJ2gYlHl__-_3wrAFQCAgMRsmQu-LLqDEm9hAAAAAMQIwZcQjdzxoI9ZoIfF7zc77Bq_22X-_________838n_lHI4RU-JEmSAFXSs0vIADAml9AAAA24wYA4E0AnJCDgabT4XPd63W_3133MJsddo3frjT7RScAVkchdsPZYjdbLCazAwAAAHDn____H48QfAnRyB0Puh6QsMx8C49t4htNJi7fZrTxzEweh8k2MTmMG4tn5j1sy9Rb6wd5LX0ykO92GR4-l0FFN5ldns9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVisBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHcxuTyDJaztWriWa1Fy5FzrdxsLGvNZDjyLRazyWSzcoteH9PF4_G4hqstEgwI2YvkaZFOJMPRaOXwWGYrw8Zk8Q1GM8fCZZk5JsPFxGaxbCZiieZkkU5kl33DMvMtPLaJbzSZuHyb0cYzM3kcJtvE5DBuLJ6Zv7cxuTyD5WytmnhWa9Fy5FwrNxvLWjMZjnyLxWwy2azcotfHdPF4PK7hat-YLRer2WwwXO0bs-ViNZsNhqt9h8n0TH3ORtct4_gIDdPzzTa5OQ0Kl8Hi_UlMi2l3dhCdfEenzOFRFnRGv9_v9_v9fr_f7zdoPQezQeH7TGsb1XHZMmebv8fBoIglgot0onuYzQ6n2a17mM0Oi1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j9yiM1wrlgu55rhXLEZrRIAAAAAAAAAgCWYZroJAAAAgJNBDSebzWqdDmayGq4Wq-UCuICZ1PWDC3K9GhttsyslUIlvuw5bolhjjzXcw2x2OM1u3cNsdlgZwIXLN7PNPiOItVotawAAAALYAAAAArjpxpsAsiju____fxwAAAAZOfQAAADo9wFVaYcfuVLs8SuIxXIw2D8AFWKtVqvbjbVarYAEsVtMJhCAwGYE!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:116:34f8:6532:c6d0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame 589A 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8eV4CLAascvWsn7g_wxBY5epZP3F_hikAAABgYID-AIkNN6ORZTVZi2aT3Vo02gzXwt1gtNZtVrPharEbDUa2ISCx4WY0sqwma9FssluLRpvhWrgbjNa6zWo2XC12o8HINgUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDhFkedq_NdTkdFG6D2uG0-wMAAAAACAAAAAASAAjivyUAYnAnT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ4RAzC5LlaADiBTkFmEEAAAAQPHYxPDIJJ2gYlHl__-_3wrAFQCAgMRsmQu-LLqDEm9hAAAAAMQIwZcQjdzxoI9ZoIfF7zc77Bq_22X-_________838n_lHI4RU-JEmSAFXSs0vIADAml9AAAA24wYA4E0AnJCDgabT4XPd63W_3133MJsddo3frjT7RScAVkchdsPZYjdbLCazAwAAAHDn____H48QfAnRyB0Puh6QsMx8C49t4htNJi7fZrTxzEweh8k2MTmMG4tn5j1sy9Rb6wd5LX0ykO92GR4-l0FFN5ldns9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVisBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHcxuTyDJaztWriWa1Fy5FzrdxsLGvNZDjyLRazyWSzcoteH9PF4_G4hqstEgwI2YvkaZFOJMPRaOXwWGYrw8Zk8Q1GM8fCZZk5JsPFxGaxbCZiieZkkU5kl33DMvMtPLaJbzSZuHyb0cYzM3kcJtvE5DBuLJ6Zv7cxuTyD5WytmnhWa9Fy5FwrNxvLWjMZjnyLxWwy2azcotfHdPF4PK7hat-YLRer2WwwXO0bs-ViNZsNhqt9h8n0TH3ORtct4_gIDdPzzTa5OQ0Kl8Hi_UlMi2l3dhCdfEenzOFRFnRGv9_v9_v9fr_f7zdoPQezQeH7TGsb1XHZMmebv8fBoIglgot0onuYzQ6n2a17mM0Oi1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j9yiM1wrlgu55rhXLEZrRIAAAAAAAAAgCWYZroJAAAAgJNBDSebzWqdDmayGq4Wq-UCuICZ1PWDC3K9GhttsyslUIlvuw5bolhjjzXcw2x2OM1u3cNsdlgZwIXLN7PNPiOItVotawAAAALYAAAAArjpxpsAsiju____fxwAAAAZOfQAAADo9wFVaYcfuVLs8SuIxXIw2D8AFWKtVqvbjbVarYAEsVtMJhCAwGYE!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.html
eus.rubiconproject.com/ Frame 3BC7 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8eV4CLAascvWsn7g_wxBY5epZP3F_hikAAABgYID-AIkNN6ORZTVZi2aT3Vo02gzXwt1gtNZtVrPharEbDUa2ISCx4WY0sqwma9FssluLRpvhWrgbjNa6zWo2XC12o8HINgUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIpDhFkedq_NdTkdFG6D2uG0-wMAAAAACAAAAAASAAjivyUAYnAnT_z_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ4RAzC5LlaADiBTkFmEEAAAAQPHYxPDIJJ2gYlHl__-_3wrAFQCAgMRsmQu-LLqDEm9hAAAAAMQIwZcQjdzxoI9ZoIfF7zc77Bq_22X-_________838n_lHI4RU-JEmSAFXSs0vIADAml9AAAA24wYA4E0AnJCDgabT4XPd63W_3133MJsddo3frjT7RScAVkchdsPZYjdbLCazAwAAAHDn____H48QfAnRyB0Puh6QsMx8C49t4htNJi7fZrTxzEweh8k2MTmMG4tn5j1sy9Rb6wd5LX0ykO92GR4-l0FFN5ldns9BfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgVisBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHcxuTyDJaztWriWa1Fy5FzrdxsLGvNZDjyLRazyWSzcoteH9PF4_G4hqstEgwI2YvkaZFOJMPRaOXwWGYrw8Zk8Q1GM8fCZZk5JsPFxGaxbCZiieZkkU5kl33DMvMtPLaJbzSZuHyb0cYzM3kcJtvE5DBuLJ6Zv7cxuTyD5WytmnhWa9Fy5FwrNxvLWjMZjnyLxWwy2azcotfHdPF4PK7hat-YLRer2WwwXO0bs-ViNZsNhqt9h8n0TH3ORtct4_gIDdPzzTa5OQ0Kl8Hi_UlMi2l3dhCdfEenzOFRFnRGv9_v9_v9fr_f7zdoPQezQeH7TGsb1XHZMmebv8fBoIglgot0onuYzQ6n2a17mM0Oi1iiNF2kE33R73YZHj6XvyKWCE4X6UTod7ss6j9yiM1wrlgu55rhXLEZrRIAAAAAAAAAgCWYZroJAAAAgJNBDSebzWqdDmayGq4Wq-UCuICZ1PWDC3K9GhttsyslUIlvuw5bolhjjzXcw2x2OM1u3cNsdlgZwIXLN7PNPiOItVotawAAAALYAAAAArjpxpsAsiju____fxwAAAAZOfQAAADo9wFVaYcfuVLs8SuIxXIw2D8AFWKtVqvbjbVarYAEsVtMJhCAwGYE!&cmcv=&pix=undefined&cb=1691566087602&uv=3314&tms=1691566087602&abt=aniview_inc_vA!expl_vE!nonrv_vA!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=6834d252-4627-4438-8704-7356851740d6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprammp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 09 Aug 2023 07:28:08 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
Vloq3LDagqi2kuRGSt5vD8DbQH2ZGv6B4pAAPal6pxA.js
pagead2.googlesyndication.com/bg/ Frame 51B9 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Vloq3LDagqi2kuRGSt5vD8DbQH2ZGv6B4pAAPal6pxA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
565a2adcb0da82a8b692e4464ade6f0fc0db407d991afe81e290003da97aa710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 07:44:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
85401
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14582
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 07:44:46 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 44B0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssuWMxYgNdx93qXKIa1VhBXnX63VJ6qgYlvdPBvrT1PS7z_PL0OsJkrYpcAPr9ADr3pIAFFy6tz67rHlx2MTT71meyK9MOMlwmn38DDQLU4Qrwe2wo4iHa5edKLHBVXHPd93FvprCyWaWOOLPXKrXO7N5G1EE1S8sq6Z9By3vMeUOoVSVLi0yNCqlfL2iWOi7JaoKspcWgU2P1rHLTDyxZ-o0jw7nhjQhn9JwCx_Pr9lnp7u-eqw9PyiXJEKPy8aw0HdZlWyVazVawV3cPo8Jx-NgexNsnU5MNCXzrIC4_L33IIXJIlevaZR5QhFrUlgHMGs0V8Suv2RSUT2tJ_Mu9rB3lWyMCasXy_O8hJKsQ5Z1nVzNDemGGSSY4rOAueZdx4xiEMQjrQosqnrvFgUygAEeGndvVM_ED-6sosRowWse5FzooeXESE-OynIvgaun999Kx0sC7swWO1BgT6Pg58ER22N5-IHd367Tx2LlRGJdK9qr0UCpjHL8_w4yBEk7zUi4qtM3fw_aLqjNdL3AIC1m8Gk44VqmrvHD4xPUzOu377Ns5320TEkZNcN8fTxTIBJVw83wR93geICZSrfG6nv31aaYZBLkI3JKlgrWpn5A--QqVRfMjsagOBiYL0XaGv8iJ-cWL-z9zYjJLSyrSHcuQg6YrTcPYQvt6EpyEwsKq2zDpP8FWxSGEjMpvsEV-GVwQ8GZX_pLOkFh-iuSPaM97RwYqNqhBsFJ2nEvb5hFFoCi7dojpTXg0w6okgZYSy4nPzSTHMHBI9E9bEUR9FWF_DcBShT8izvZkjBeKWgBBsUwJ8SMa_f52p4Wcl6XeSkfTYeL7PsyKTcdXMGjr8DiQ32RXEZdm4vRYquw9YWk3Olg7Y41QViQ_20XPz6n8GWMyp_DGb9gpx2lTra9J39NJiK9pG80JY1qHqN4RLqZ6bsqKob2ZJ-WOYLlZuapnxqD7XjTOc4KgRzpVdnhNgXZFuPWu4KmNAUP21uyb5LpcJnNxTAar0BqVo6fuy4AermSpXDjKHD0g7P06X33VoM5gxmhnJoRXDpvkYHAWaT4N_xp-YvsUKpOg66C9L-DfZtXOtBkeE5Aa7eI11V5OwAQR38fhNic8Fy-B1-zZF9GBIQ1gTPwY3XWP8qQaq3kx5xkqKt5eTKteLwaem1mKq5utfua_ifkqSpN7kdqFQuvuMq5Xd08Ckg-qeE2Ok7t5ppb8tCyOC2ZMfVmrxsB9n0s0M6otppjieZ4tFGu-mo-r0OgUovViTW1DAW4qPbeSm0G2B4i6VS9O62oo3XNBlOj8UGrq6WuLdFmepuw&sai=AMfl-YQvMdge7R9kFHd7wNlF-mRtvxRs9gUJHaYcfoC4je-AI6snEupmFZ-owjYbWjOWisk91SUi9VmDRyYYhnaTLoGkjfL61jH-mtimBug9neHirgM0f8qIzE98qKy110xphZN_WZxxIrC8d5F3NxuvnvL3cmxnXm8OBEVosomBhgNjIlpUaqBqZ0nQnPeF_NzDoPQKWHqlvpLyAv654vhVur5Uf06lMEUVanFyvZhdpj__5wb4KczZoRtH0mDJc8Yen6N0&sig=Cg0ArKJSzIyPjlCoZv5gEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=660&vt=11&dtpt=261&dett=3&cstd=389&cisv=r20230807.35835&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 09 Aug 2023 07:28:07 GMT
Vloq3LDagqi2kuRGSt5vD8DbQH2ZGv6B4pAAPal6pxA.js
pagead2.googlesyndication.com/bg/ Frame 43EF 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Vloq3LDagqi2kuRGSt5vD8DbQH2ZGv6B4pAAPal6pxA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
565a2adcb0da82a8b692e4464ade6f0fc0db407d991afe81e290003da97aa710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 07:44:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
85401
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14582
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 07:44:46 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9F78 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvBNjeMqXUEZ56r9KIfnwnF8hNSPKPU57Vn6X4Q0JbD2rbAh3wb2R8IbcsviV-zXHmBwrL-2AK4oSUa1cIMHJ-T6XLLp3gX1iQL11FbDkM5xk13q18AmqrQqslUWWvjXJopFaFWOjorBTKBDOYBKdJE3VMyhq9QpcMXSvej3vMItCY23GCk-XlkHDJMLQLp9ZlAvpbZDUEk64d8j2AfhrJ-Y9M45kewGhFdw7-1wCPmgx33pUAbqrd1_npoerEn6HPHnk8ueurVwe9itauVGH6gJg7UpTF9lTzFibnpd29O_qKT3GKYWI3GX_R9l8gS95GUM5y7SW7a_CcNn2o8kFo4DqDOJO932F9DuN_BuffGd32KmPrXE-BAUWNE4d38IFuSM0RaAPrIbomzZW_dOxDqppr-3eO0oaMHDJlS5-ZqzC_O2QjcrZVKogjkVxa2kCXoFlWikWXsWbuNlosP0LLL1ykDPsmt8UrVQkJjMnXCRtSV8KBPxknKte11HF4foIXfIPd9D-iUZehpiBEOCnHM88UmFvmbAAnVDBbmuM0GDB_43h1GsKqGMd3TGtRct_qn3Yf-z21gu26I6TeyaJNYLvzuSjM_dSLDxiGFyB3hkb5u_xjYNrzJHWMlrPlWzP_rzq9AfAGMLGBv5cx0LGjEB0GSm-Ghl4PNHq-mxagt2IKWE5lydpHu73-FH5JfhUmMZL8fqAm_xCKD6RX3X0vazSDNbjYZY-zTbS08by07y-xTv_U2DPk591pGrm2OhqqljaaNaznpuHNi0HqbDOh6Qu13RmoXnJvzwi8VYfpvF1WYW8psc6jELY1pxo8CW2vwszyXEkFl5FAHsXIUbWJj7vlrcIwdtpOQcFU9n9ZJYR2vYf3-bmKPNmZWS4Y33UxToR4hOKXMMfm0d0vMDUeePhecf9xKWzpdiB8dXd-ELIagxjLBtTLQScP8zmRDeNMBHSl3jvpwCDnNAuVkKNnZumRQnrQmZrP83mKdpKgUHyT8ND7N3a1L5IieJ55LLzldAxGQ7vVXR9gz7C6kRVNmc1fqszBXf1Rvi5VH3cxcS0tuNedz8ywhnVyERjysYsKdV3jOupk0onfv2q2MHtMlhHZTqMWfXdDzLnNUB4OgmDxCEhX8dTHHGAhFgchF6DLfWTS4_y3XHYmIfeWDqgEPo6GVHyUGO6_2-WSlSXTVlgOiV-30C29oSYkN7QPqygqWSRmRGXw_wWKsuu3eovMvV2LRxHW_UzgDYLLu2qQfSXaY0ggK4E2S727JqADfpNhYiC7UC5YH4FUqT_y1ZZAX3OpOIqMQpL6jFf85URO5DweZncn1tB-Sockj&sai=AMfl-YSb4QcVS1bV-S1jdH3N3C4ytgRyGwEDGlHZ96arWAjBytHZBtavn0H2js9bcNov3LUXeM4-CH-zejQz-w3ny_2nUyuaK2139YEpZJ3oktKDlu6UZBkFmlfckkn9xnTzV2N7j-eo4PQ2nzqM_reJdejOUdVDxXiLH8gA6xjs3YpQ5IFECWqk2Qt_491dNdAIs7ejfkMurJoo7GtSDa3oCpevcFMPpXQCv4ySNJO_cmkOgPE2Y1Xoiocfy_OajWgQ4wY7&sig=Cg0ArKJSzB6GnR_tgESdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=520&vt=11&dtpt=174&dett=3&cstd=337&cisv=r20230807.99637&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 09 Aug 2023 07:28:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E67B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJsbaQJwn49nM0jVrazAMOXdzNAyi4j7V1jomw_Jl5lL-yrt_3RODQv0-yJs9smo_A6RteHsYo_5m01ZjwlgaZi1AHPLJEFXsvyc2nD-TFvzjkRFIbSc3reOfzgGyLToskq_t6JZLsyk4MBEyxALPUJkrNi_a2TEcKJv1XcHgncEDeFVnZgMt6wCWgH9pfpG_K2xmmYEe9I_Ldg646LLfNBzBFLZ0tZD-3e7JcqLAIPYRNw2lrUD3ENWzbFltL813Ll_ezJEYdTa7_-dJZz9d_F7t_wNWx34K4iWMPJDcYjVNutcVwcizksyFQe8LhrcYK-EKiKUI0dXOrDKlrTp7y9FP32FYiuFBYQc71HCVe3tYgB9aEGZDiD8ZgXP-0uXsextEg1CnQkMqG3KMe9SfZBhkPBnYmaMpWoCIrZxA91nhRzmQKEfnhyCBiaIEuiW-Es6YVk5T9fIgRC5h6oTcorzavg6ByTUlhfF21LmIUHcpwzkFEs2bylQttljGsKvq9ePku__msCNaPrmMyFDAZytqYivJ6OmPH2JB99k-IZllmPR04DRnG0gvE7PdsAEqP0Odw3B2tf4A9ijqu2J55acEyCavtAxcW10YVfY4UxguNCovL3T2U9KgIhVpHJPcQKRpcoD0ge9AGu-HyT9FwUUPUbVt_dUkm8zk0pgXG3rqh7AcJ8pQDYQmvK9zJQRF8qJSTo-q68N54LyBS4Uxf83zM9wx_smxbOuvdtQGMw907gYEyeWRaLBB5ndi41oDMFmobUv9fe1ubxXRlYAxPpfyN40168F8Zeto1I2zRmYILAYey1zrT-mxjQIPQwOElTTfQm7QY6bbCbhm0pL4O67IkGuecQ9TqumuvhwEQp68yhG1RF8ZnN2YbcKpt4ckB3RlwiVEnMl9I11FPmoL05NFxqe2b0VpFsT6LQfLUsJtlkTbYv1U3AMtWuNyn4-fAkIJk9lACeQKW-82-ZnxYAZnsP_mtB3wsj2JNqUQ4TMqVuKpdxGFVqr5IbpFvs5f7ogzoB2E6qmRU0kZuSgn-dz-84hsdihA2EJJA-B8Dn9KRTZzn3sFGDLkyBWOkniavpEJAtsS58Amqpw1LLjiCj0JTngfTdG_yv0gJ7WhNfuiPfd2s845kR9PJsX-X7f0S2rqWTYZU2XxHPE-NIT1fWBAdbOZKxCkcSTH7DPZ6r5gYTEAmOweB3GUn5D1NfZwA9OlgytqTI_QOa4FUt-crV7zuD9m9_J5RxpC7GCIZxuRXdMxkaHz88Eslcdt2OoQTStHJjcidBOO-oHgo3zwlFl5Qdjo5isVNxrEvAzz6vtC15dVVk87DoqLZ&sai=AMfl-YT6FeSt8TD0hc0v9Zoa6OBqk36pWnEul6U9Hh66PGq4o_tpxXLb8nngdTb9vDUkdPyG93uQNsbpN6CDrSnFSRizEJFEuiIZfVDHINSrTtDhv4VyyOk1PA6kpOiQkkgiCjXIFveq_uaq_b1xQxG9cVMq5EsyQNpbVOG9JzVOofLvFbjwTvumrvilCds9cDMUI1Lo23OpuwG9iAFjO-DYDsuracoBL1i2WUOyY_r9j550SeIvntrAOWiONibZBxcwCOHa&sig=Cg0ArKJSzLIla4_kaNAnEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=533&vt=11&dtpt=210&dett=3&cstd=316&cisv=r20230807.15446&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 09 Aug 2023 07:28:07 GMT
Vloq3LDagqi2kuRGSt5vD8DbQH2ZGv6B4pAAPal6pxA.js
pagead2.googlesyndication.com/bg/ Frame 1EEA 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Vloq3LDagqi2kuRGSt5vD8DbQH2ZGv6B4pAAPal6pxA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
565a2adcb0da82a8b692e4464ade6f0fc0db407d991afe81e290003da97aa710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 07:44:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
85401
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14582
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 07:44:46 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 763A 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76e3cc5c558e9b347fc5337bf2c84843d6e6e803897d8a55f9b4b31afb33a281
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5841
x-xss-protection
0
06232023-053002206-background_quadratisch.png
s0.2mdn.net/4528404/ Frame 763A 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/06232023-053002206-background_quadratisch.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4338b399e437bda69b997b7de46a7869b9244a1f7cebc91ddaf57329c41e7ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=HmhRnyr5hz&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 17:24:56 GMT
x-content-type-options
nosniff
age
50591
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28774
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:30:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 17:24:56 GMT
annick_sitzend.png
s0.2mdn.net/4528404/ Frame 763A 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/annick_sitzend.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7327225cdf3eb28cd7f8ed4ab98de9d079fe2f007c3d73fd58dc4c757cf6b4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=HmhRnyr5hz&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 14:21:27 GMT
x-content-type-options
nosniff
age
61600
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2539328
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:30:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 14:21:27 GMT
congstar-stoerer_gb-plus_full.svg
s0.2mdn.net/4528404/1687525202405/ Frame 763A 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687525202405/congstar-stoerer_gb-plus_full.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd5e51e4be28957472ed34851536685ff162bb43dec37c9a7be46de1c1b72ee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=HmhRnyr5hz&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 04:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10830
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1929
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 13:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 04:27:37 GMT
logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame 763A 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687521602712/logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=HmhRnyr5hz&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:22:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54337
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:22:30 GMT
cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame 763A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=HmhRnyr5hz&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:22:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54337
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1134
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 07:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:22:30 GMT
congstar-stoerer_gb-plus_small.svg
s0.2mdn.net/4528404/1687525202075/ Frame 763A 		2 KB
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687525202075/congstar-stoerer_gb-plus_small.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
644aace6e359180bf6b29b4a7b172f7b6cb8c937fa531eed22a6447fab6a2c8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=HmhRnyr5hz&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 04:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10830
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
974
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 13:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 04:27:37 GMT
logo-d0d80991.svg
s0.2mdn.net/sadbundle/6578138867263583433/ Frame 763A 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6578138867263583433/logo-d0d80991.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=HmhRnyr5hz&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 00:33:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
543260
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 11:56:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 02 Aug 2024 00:33:47 GMT
logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame E662 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687521602712/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14607691819158405450/template-43bf74fd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=NmYvsLjIs8&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:22:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54337
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:22:30 GMT
cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame E662 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14607691819158405450/template-43bf74fd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=NmYvsLjIs8&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:22:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54337
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1134
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 07:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:22:30 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E662 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f1a01c332dcf650d5a7045e89e889fb145c41147571628e7560e40bb56eb063
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5641
x-xss-protection
0
07272023-153004121-congstar-x-bg-kacheln-2.png
s0.2mdn.net/4528404/ Frame E662 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/07272023-153004121-congstar-x-bg-kacheln-2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcbd2a1d6a777a9fdc83f799fed047541c355fb4896d4004e8b5cbb2f3ab1098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=NmYvsLjIs8&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 12:33:59 GMT
x-content-type-options
nosniff
age
68048
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35612
x-xss-protection
0
last-modified
Thu, 27 Jul 2023 22:30:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 12:33:59 GMT
Graciella_Motiv_5_Selfie_RGB.png
s0.2mdn.net/4528404/ Frame E662 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/Graciella_Motiv_5_Selfie_RGB.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6515d3e68e41466a41932054062221d8454fbdf96257863798e12f0f05f50a27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=NmYvsLjIs8&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 06:05:25 GMT
x-content-type-options
nosniff
age
4962
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1396163
x-xss-protection
0
last-modified
Thu, 27 Jul 2023 22:30:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 06:05:25 GMT
logo-d0d80991.svg
s0.2mdn.net/sadbundle/14607691819158405450/ Frame E662 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14607691819158405450/logo-d0d80991.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=NmYvsLjIs8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 13:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63286
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 11:54:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 07 Aug 2024 13:53:21 GMT
usermatch.gif
beacon.krxd.net/ Frame C239
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=dGC5NEXMZbQqaT_0EIB_de0CG1fe9VnN
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=dGC5NEXMZbQqaT_0EIB_de0CG1fe9VnN
Protocol
H2
Server
52.31.154.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-154-19.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by
beacon-n021-dub-prod.krxd.net
date
Wed, 09 Aug 2023 07:28:08 GMT
cache-control
private, no-cache, no-store
x-request-time
D=38 t=1691566088
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=dGC5NEXMZbQqaT_0EIB_de0CG1fe9VnN
date
Wed, 09 Aug 2023 07:28:07 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
614860
content-length
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame CED8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cp7wmBkDTZKn9FPa79u8PlrG5gAnNpMWSb7-p1aSbEP_1kOPXAhABIJmjzypglaKggrAHoAHIx7XyAsgBBagDAcgDE5gEAKoEhAJP0BPAxUR7Elu-UVfChGteuJiTQXElalsWoGm4e3TDt45IBGTGRrE9WHEMLS7LSEa9ytmNi2kFjgfVtWLFaK2tdERD4VIpgsavs4IxJUXyWe0OOvDp-nxreqZITknX07NUYZHDqBvHSz_jalIky3E0QSoOU8PBDLWLFjdnQNaArUhi5QQbnIGZ3qzozXmv00O0P7Qyy72ie1lHHXlfgqpcwy6HPAENe1--DT0cAFb1aULpZDH6jKXCLJNAx_f0dd07ubEX0dNqagRK9qALOrpxmEDjCpXyYcWc9P6e9-XvGsScUx3699780GFag44_1YR8o-6iJKq7v0RzcRrunzgKpXEOzcAEvsHTyI0E4AQDkAYBoAZOgAeguMqNAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwIKgYKBMOwsQKwE6Ks2RHQEwDYEw2IFAfYFAHQFQH4FgGAFwE&sigh=KMYZ_nYXN2s&label=video_ad_loaded&sdkv=h.3.584.2&vci=CkUIAhoLQWRTZW5zZS9BZFggAyoMNjE1OTE5ODM5MDIyQABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KkQEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gAyoJNTM0OTc1NTYzMgkxNzU5NDI4NjdAuAFSMgjgBhAPJQAA8EEoAToHdW5rbm93bkIHdW5rbm93blAAWhBWNXozN0xMUGp0Z09MNzUwWiJkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1vbWlkLXZpZGVvGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 763A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:28:08 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E662 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:28:08 GMT
07272023-153004121-congstar-x-bg-kacheln-2.png
s0.2mdn.net/4528404/ Frame 0CF8 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/07272023-153004121-congstar-x-bg-kacheln-2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14607691819158405450/template-43bf74fd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcbd2a1d6a777a9fdc83f799fed047541c355fb4896d4004e8b5cbb2f3ab1098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=VgWnuyLDF0&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 12:33:59 GMT
x-content-type-options
nosniff
age
68049
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35612
x-xss-protection
0
last-modified
Thu, 27 Jul 2023 22:30:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 12:33:59 GMT
Graciella_Motiv_5_Selfie_RGB.png
s0.2mdn.net/4528404/ Frame 0CF8 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/Graciella_Motiv_5_Selfie_RGB.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14607691819158405450/template-43bf74fd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6515d3e68e41466a41932054062221d8454fbdf96257863798e12f0f05f50a27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=VgWnuyLDF0&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 06:05:25 GMT
x-content-type-options
nosniff
age
4963
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1396163
x-xss-protection
0
last-modified
Thu, 27 Jul 2023 22:30:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 06:05:25 GMT
logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame 0CF8 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687521602712/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14607691819158405450/template-43bf74fd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=VgWnuyLDF0&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:22:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54338
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:22:30 GMT
cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame 0CF8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14607691819158405450/template-43bf74fd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=VgWnuyLDF0&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:22:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54338
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1134
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 07:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:22:30 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0CF8 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7e1c55f87587de4797fdd01ade59c8511fcc9949c662db29468b4e8dc2361e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5711
x-xss-protection
0
logo-d0d80991.svg
s0.2mdn.net/sadbundle/14607691819158405450/ Frame 0CF8 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14607691819158405450/logo-d0d80991.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14607691819158405450/template-43bf74fd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=VgWnuyLDF0&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 13:53:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63287
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 11:54:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 07 Aug 2024 13:53:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CED8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=852790917&message=i&sdkv=h.3.584.2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame CED8 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 06:25:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
349354
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 06:25:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CED8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=852790917&message=ps&sdkv=h.3.584.2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CED8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame CED8 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstvLsbcY2K1pBU1-iXC-6ErZ9gtH-6dTWOOypBnTdNKrN96wLuScDUTzDupXfhH6kPm_oyzNZmIJxSndjTpixRyXM0Vbnt5Y5dcG9Ku1DNAvr-L3JY_9QXTBwJOgOdvgVftM1jUCZ9z3DyRNK5pXQK_H17gx9xvTO6ra1FKxKc2lYk12q5RcZ00e3ByZrX3EsmIcj15JS45epI4rHvwf1hBQtK31ixGFoZU1IjwjMN4PHHp2nbQWGoYG7tudPC9OgnVlHzCI3N2AFc1n46-Pa68g1gkle11rtTEt0QAbaDtGiOrvURwg2wXoxz18q1GxruI1Wyc4S1Fq0cmQ1z0lBJKiX33SSAqryL-GsfYdIcCBgnqcRKzXB2TlHLWMUDxRVo5n7865sl7D26YB-UCjg7YXu9_tBLmDmuWOO67_LMVlRGMUrKgfz9yp9U3ZZdbMOMm1NamCRKMX_NgG7WHtgBniVSK6tZnxoGWfBPNcJdXfpyGtypGeBypiI-7D86VOQO3fAs3T0ZGa3KFgSS9kU7oLzkuO64n2W0p8QuzS0aAvQwBUSlDyEyeLwDZDgFGGGSF9eyXpV_wKztRZ6t4EN9KshEoMdoellr_bN5FnM6wVH5_XuKGrdzgtuDWGKEaMCJaZO85mvILYKPJXmFjwewXEiireI13RdbF8lrarap07wxCE6etT2nR6ulWMQH2jSd4tB-QlnqsQKoFRnM3tJu-Jt0MY0xiohJt1Ik9FsR6qCPwBDT47pYoDU-X2gP1jP3FByc8G_mURKgQ3HDOthSpiTAOggrNPWc89JOr14zTjpCS9K5h5oLkYeThsIdeT5lxTsA41cZtpQcjKqji7dGrBBhw-V6Qwh3Hd6EDv-Oai_uiobNhqM2267eCVimSXRnnWNhawEbvK8VFD8A7LYmGGBJN97BySYoq3KRrpBM_Lj3k1qSHX5qbP3TOXXgOUrk1ipwqDUMMRRms0rb819-dslLcAfkUF5Fc8pMRlnTjBSjYsY5NiADqgfGqjym11ecW_HafI3EfjBnKF0-MPwr4V8dBo60HortXweqvm3JCVaAqrzQjzphOYCgpGQS7uJtobs9oQ8dd5Wdz_8SO09n5HRcmx_DEXj8gs1ErBf17iKopHYkbLEM8DOcH7JxADcLl-MB3xulh294X_LBODphomDAzLBxR-R_h-XBAu_eNcL1QQ6FzwMCn0JNO2rf0vR1yLXc5guIcxPohq8Jlvu44lOmoZwIWBu-rngQmHFxo6DyFsHsWp43dBBb-uCDjyl2FIdhLYlswxQ&sai=AMfl-YRpnD1NYYBN6EDOtY7dHFRCKscyqC3lLo6P713T470DVBvG2TyRgZ3wcH6GMTuINermnoN-6SmG5kMcfG00XngObFnS57QI7YMneLS-DA3KH3Q86c0DlMty8P2IaP1X8KcziltCTD6R_x6HOF9R-vrRUlHwrO70_3ZOBS5JVYN0-2kkSFmPyi1IJk1yuKwN5MvM12vfvFa-AlkjIb4uw9hvj8mvJ8VPxzEQjXhWXPgLJTjqRCXdLHkB1MjUfVMHC0l-P5A&sig=Cg0ArKJSzFb_AUqH-fnuEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.584.2&adurl=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 09 Aug 2023 07:28:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame CED8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjQsonRASABMAE&v=APEucNXlLaa70C9nAqw7RYIEd5aF1RFeB0qA8laebni5NGyzZjyTVI-VeEbogW1rY-WUl9QAUyt9_4sZ-vPevW2LzsPZTtv_-Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame CED8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cp7wmBkDTZKn9FPa79u8PlrG5gAnNpMWSb7-p1aSbEP_1kOPXAhABIJmjzypglaKggrAHoAHIx7XyAsgBBagDAcgDE5gEAKoEhAJP0BPAxUR7Elu-UVfChGteuJiTQXElalsWoGm4e3TDt45IBGTGRrE9WHEMLS7LSEa9ytmNi2kFjgfVtWLFaK2tdERD4VIpgsavs4IxJUXyWe0OOvDp-nxreqZITknX07NUYZHDqBvHSz_jalIky3E0QSoOU8PBDLWLFjdnQNaArUhi5QQbnIGZ3qzozXmv00O0P7Qyy72ie1lHHXlfgqpcwy6HPAENe1--DT0cAFb1aULpZDH6jKXCLJNAx_f0dd07ubEX0dNqagRK9qALOrpxmEDjCpXyYcWc9P6e9-XvGsScUx3699780GFag44_1YR8o-6iJKq7v0RzcRrunzgKpXEOzcAEvsHTyI0E4AQDkAYBoAZOgAeguMqNAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwIKgYKBMOwsQKwE6Ks2RHQEwDYEw2IFAfYFAHQFQH4FgGAFwE&sigh=KMYZ_nYXN2s&label=vast_creativeview&ad_mt=0&sdkv=h.3.584.2&vci=CkUIAhoLQWRTZW5zZS9BZFggAyoMNjE1OTE5ODM5MDIyQABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KlAEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gAyoJNTM0OTc1NTYzMgkxNzU5NDI4NjdAuAFSNQjgBhAPJQAA8EEoAToHdW5rbm93bkIHdW5rbm93bkjlBFAAWhBWNXozN0xMUGp0Z09MNzUwWiJkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1vbWlkLXZpZGVvGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI39D43YbPgAMVV09BAh2kCQwyEAAYACDT2fJTQhMIqZjD3YbPgAMV9p39Bx2WWA6Q;met=1;ecn1=1;etm1=0;eid1=11;
ade.googlesyndication.com/ddm/activity/ Frame CED8 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI39D43YbPgAMVV09BAh2kCQwyEAAYACDT2fJTQhMIqZjD3YbPgAMV9p39Bx2WWA6Q;met=1;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame CED8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cp7wmBkDTZKn9FPa79u8PlrG5gAnNpMWSb7-p1aSbEP_1kOPXAhABIJmjzypglaKggrAHoAHIx7XyAsgBBagDAcgDE5gEAKoEhAJP0BPAxUR7Elu-UVfChGteuJiTQXElalsWoGm4e3TDt45IBGTGRrE9WHEMLS7LSEa9ytmNi2kFjgfVtWLFaK2tdERD4VIpgsavs4IxJUXyWe0OOvDp-nxreqZITknX07NUYZHDqBvHSz_jalIky3E0QSoOU8PBDLWLFjdnQNaArUhi5QQbnIGZ3qzozXmv00O0P7Qyy72ie1lHHXlfgqpcwy6HPAENe1--DT0cAFb1aULpZDH6jKXCLJNAx_f0dd07ubEX0dNqagRK9qALOrpxmEDjCpXyYcWc9P6e9-XvGsScUx3699780GFag44_1YR8o-6iJKq7v0RzcRrunzgKpXEOzcAEvsHTyI0E4AQDkAYBoAZOgAeguMqNAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwIKgYKBMOwsQKwE6Ks2RHQEwDYEw2IFAfYFAHQFQH4FgGAFwE&sigh=KMYZ_nYXN2s&label=part2viewed&ad_mt=0&sdkv=h.3.584.2&vci=CkUIAhoLQWRTZW5zZS9BZFggAyoMNjE1OTE5ODM5MDIyQABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KlAEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gAyoJNTM0OTc1NTYzMgkxNzU5NDI4NjdAuAFSNQjgBhAPJQAA8EEoAToHdW5rbm93bkIHdW5rbm93bkjlBFAAWhBWNXozN0xMUGp0Z09MNzUwWiJkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1vbWlkLXZpZGVvGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI39D43YbPgAMVV09BAh2kCQwyEAAYACDT2fJTQhMIqZjD3YbPgAMV9p39Bx2WWA6Q;met=1;ecn1=1;etm1=0;eid1=16;
ade.googlesyndication.com/ddm/activity/ Frame CED8 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI39D43YbPgAMVV09BAh2kCQwyEAAYACDT2fJTQhMIqZjD3YbPgAMV9p39Bx2WWA6Q;met=1;ecn1=1;etm1=0;eid1=16;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame CED8 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cp7wmBkDTZKn9FPa79u8PlrG5gAnNpMWSb7-p1aSbEP_1kOPXAhABIJmjzypglaKggrAHoAHIx7XyAsgBBagDAcgDE5gEAKoEhAJP0BPAxUR7Elu-UVfChGteuJiTQXElalsWoGm4e3TDt45IBGTGRrE9WHEMLS7LSEa9ytmNi2kFjgfVtWLFaK2tdERD4VIpgsavs4IxJUXyWe0OOvDp-nxreqZITknX07NUYZHDqBvHSz_jalIky3E0QSoOU8PBDLWLFjdnQNaArUhi5QQbnIGZ3qzozXmv00O0P7Qyy72ie1lHHXlfgqpcwy6HPAENe1--DT0cAFb1aULpZDH6jKXCLJNAx_f0dd07ubEX0dNqagRK9qALOrpxmEDjCpXyYcWc9P6e9-XvGsScUx3699780GFag44_1YR8o-6iJKq7v0RzcRrunzgKpXEOzcAEvsHTyI0E4AQDkAYBoAZOgAeguMqNAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwIKgYKBMOwsQKwE6Ks2RHQEwDYEw2IFAfYFAHQFQH4FgGAFwE&sigh=KMYZ_nYXN2s&label=admute&ad_mt=0&sdkv=h.3.584.2&vci=CkUIAhoLQWRTZW5zZS9BZFggAyoMNjE1OTE5ODM5MDIyQABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8KlAEIARIVYmlkLmcuZG91YmxlY2xpY2submV0GgNEQk0gAyoJNTM0OTc1NTYzMgkxNzU5NDI4NjdAuAFSNQjgBhAPJQAA8EEoAToHdW5rbm93bkIHdW5rbm93bkjlBFAAWhBWNXozN0xMUGp0Z09MNzUwWiJkb3VibGVjbGlja2J5Z29vZ2xlLmNvbS1vbWlkLXZpZGVvGAE.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
InterstateRegular-Bold.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame E662 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateRegular-Bold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14607691819158405450/index-09647504.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d52c7c5050b088109075328a9e830e4bfdf6446c763b9e69c637d5c0e11d599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index-09647504.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:24:21 GMT
x-content-type-options
nosniff
age
227
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29232
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 07:39:21 GMT
InterstateCondensedBlack.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame E662 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensedBlack.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14607691819158405450/index-09647504.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index-09647504.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:17:36 GMT
x-content-type-options
nosniff
age
632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14644
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 07:32:36 GMT
InterstateCondensed.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame E662 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensed.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14607691819158405450/index-09647504.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index-09647504.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:23:44 GMT
x-content-type-options
nosniff
age
264
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28596
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 07:38:44 GMT
07272023-153004121-congstar-x-bg-kacheln-2.png
s0.2mdn.net/4528404/ Frame E662 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/07272023-153004121-congstar-x-bg-kacheln-2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcbd2a1d6a777a9fdc83f799fed047541c355fb4896d4004e8b5cbb2f3ab1098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=NmYvsLjIs8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 12:33:59 GMT
x-content-type-options
nosniff
age
68049
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35612
x-xss-protection
0
last-modified
Thu, 27 Jul 2023 22:30:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 12:33:59 GMT
Graciella_Motiv_5_Selfie_RGB.png
s0.2mdn.net/4528404/ Frame E662 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/Graciella_Motiv_5_Selfie_RGB.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6515d3e68e41466a41932054062221d8454fbdf96257863798e12f0f05f50a27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=NmYvsLjIs8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 06:05:25 GMT
x-content-type-options
nosniff
age
4963
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1396163
x-xss-protection
0
last-modified
Thu, 27 Jul 2023 22:30:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 06:05:25 GMT
dc_oe=ChMInaHu3YbPgAMVCd0RCB10qggGEAAYACD2we5cQhMImpqf3YbPgAMVozwGAB36BwXW;stragg=1;&timestamp=1691566088088;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 9F78 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMInaHu3YbPgAMVCd0RCB10qggGEAAYACD2we5cQhMImpqf3YbPgAMVozwGAB36BwXW;stragg=1;&timestamp=1691566088088;str=nextSlide;strtype=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bulk
trc.taboola.com/wallail-walla/log/3/ 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/wallail-walla/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=6
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230808-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
date
Wed, 09 Aug 2023 07:28:08 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
12788
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230031-FRA
pragma
no-cache
server
nginx
x-timer
S1691566088.100084,VS0,VE10
content-type
image/gif
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
cs
s.thebrighttag.com/ Frame C239
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=UJs6x9ABsGikmdKP3jTO48WFMUEEwK86
35 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=UJs6x9ABsGikmdKP3jTO48WFMUEEwK86
Protocol
H2
Server
3.23.201.151 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-201-151.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
x-bt-requestid
49b04370-3686-11ee-b442-0000ac1700e6
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=UJs6x9ABsGikmdKP3jTO48WFMUEEwK86
date
Wed, 09 Aug 2023 07:28:07 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
574780
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0CF8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 07:28:08 GMT
InterstateCondensedBlack.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 763A 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensedBlack.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6578138867263583433/index-09647504.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index-09647504.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:17:36 GMT
x-content-type-options
nosniff
age
632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14644
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 07:32:36 GMT
06232023-053002206-background_quadratisch.png
s0.2mdn.net/4528404/ Frame 763A 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/06232023-053002206-background_quadratisch.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4338b399e437bda69b997b7de46a7869b9244a1f7cebc91ddaf57329c41e7ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=HmhRnyr5hz&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 17:24:56 GMT
x-content-type-options
nosniff
age
50592
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28774
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:30:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 17:24:56 GMT
annick_sitzend.png
s0.2mdn.net/4528404/ Frame 763A 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/annick_sitzend.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7327225cdf3eb28cd7f8ed4ab98de9d079fe2f007c3d73fd58dc4c757cf6b4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=HmhRnyr5hz&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 14:21:27 GMT
x-content-type-options
nosniff
age
61601
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2539328
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:30:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 14:21:27 GMT
congstar-stoerer_gb-plus_full.svg
s0.2mdn.net/4528404/1687525202405/ Frame 763A 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687525202405/congstar-stoerer_gb-plus_full.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd5e51e4be28957472ed34851536685ff162bb43dec37c9a7be46de1c1b72ee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=HmhRnyr5hz&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 04:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10831
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1929
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 13:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 04:27:37 GMT
Vloq3LDagqi2kuRGSt5vD8DbQH2ZGv6B4pAAPal6pxA.js
pagead2.googlesyndication.com/bg/ Frame D32A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Vloq3LDagqi2kuRGSt5vD8DbQH2ZGv6B4pAAPal6pxA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
565a2adcb0da82a8b692e4464ade6f0fc0db407d991afe81e290003da97aa710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 07:44:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
85402
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14582
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 07:44:46 GMT
usync.js
eus.rubiconproject.com/ Frame 3BC7 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
08d2b0b3ed3035436a6ddbb401a3311fa4582f0702e80af32567e966285f4696

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 07:28:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Aug 2023 15:47:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29934
Connection
keep-alive
Content-Length
10114
Expires
Wed, 09 Aug 2023 15:47:02 GMT
07272023-153004121-congstar-x-bg-kacheln-2.png
s0.2mdn.net/4528404/ Frame 0CF8 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/07272023-153004121-congstar-x-bg-kacheln-2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14607691819158405450/template-43bf74fd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcbd2a1d6a777a9fdc83f799fed047541c355fb4896d4004e8b5cbb2f3ab1098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=VgWnuyLDF0&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 12:33:59 GMT
x-content-type-options
nosniff
age
68049
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35612
x-xss-protection
0
last-modified
Thu, 27 Jul 2023 22:30:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 12:33:59 GMT
Graciella_Motiv_5_Selfie_RGB.png
s0.2mdn.net/4528404/ Frame 0CF8 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/Graciella_Motiv_5_Selfie_RGB.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14607691819158405450/template-43bf74fd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6515d3e68e41466a41932054062221d8454fbdf96257863798e12f0f05f50a27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=VgWnuyLDF0&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 06:05:25 GMT
x-content-type-options
nosniff
age
4963
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1396163
x-xss-protection
0
last-modified
Thu, 27 Jul 2023 22:30:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 06:05:25 GMT
InterstateRegular-Bold.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 0CF8 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateRegular-Bold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14607691819158405450/index-09647504.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d52c7c5050b088109075328a9e830e4bfdf6446c763b9e69c637d5c0e11d599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index-09647504.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:24:21 GMT
x-content-type-options
nosniff
age
227
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29232
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 07:39:21 GMT
InterstateCondensedBlack.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 0CF8 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensedBlack.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14607691819158405450/index-09647504.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index-09647504.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:17:36 GMT
x-content-type-options
nosniff
age
632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14644
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 07:32:36 GMT
InterstateCondensed.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 0CF8 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensed.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14607691819158405450/index-09647504.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index-09647504.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:23:44 GMT
x-content-type-options
nosniff
age
264
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28596
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 07:38:44 GMT
dc_oe=ChMIj-3h3YbPgAMVoNwRCB0sYgmqEAAYACCPzO5cQhMImJqf3YbPgAMVozwGAB36BwXW;stragg=1;&timestamp=1691566088192;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 44B0 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj-3h3YbPgAMVoNwRCB0sYgmqEAAYACCPzO5cQhMImJqf3YbPgAMVozwGAB36BwXW;stragg=1;&timestamp=1691566088192;str=nextSlide;strtype=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIj-3h3YbPgAMVoNwRCB0sYgmqEAAYACCPzO5cQhMImJqf3YbPgAMVozwGAB36BwXW;stragg=1;&timestamp=1691566088193;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 44B0 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj-3h3YbPgAMVoNwRCB0sYgmqEAAYACCPzO5cQhMImJqf3YbPgAMVozwGAB36BwXW;stragg=1;&timestamp=1691566088193;str=nextSlide;strtype=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Vloq3LDagqi2kuRGSt5vD8DbQH2ZGv6B4pAAPal6pxA.js
pagead2.googlesyndication.com/bg/ Frame BB96 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Vloq3LDagqi2kuRGSt5vD8DbQH2ZGv6B4pAAPal6pxA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
565a2adcb0da82a8b692e4464ade6f0fc0db407d991afe81e290003da97aa710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 07:44:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
85402
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14582
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 07:44:46 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Aug 2023 07:28:08 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 13FF 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
171941
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 07 Aug 2023 07:42:27 GMT
expires
Tue, 06 Aug 2024 07:42:27 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dc_oe=ChMI-_3s3YbPgAMVQtgRCB1UPwc2EAAYACD2we5cQhMImZqf3YbPgAMVozwGAB36BwXW;stragg=1;&timestamp=1691566088237;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame E67B 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-_3s3YbPgAMVQtgRCB1UPwc2EAAYACD2we5cQhMImZqf3YbPgAMVozwGAB36BwXW;stragg=1;&timestamp=1691566088237;str=nextSlide;strtype=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Vloq3LDagqi2kuRGSt5vD8DbQH2ZGv6B4pAAPal6pxA.js
pagead2.googlesyndication.com/bg/ Frame 6470 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Vloq3LDagqi2kuRGSt5vD8DbQH2ZGv6B4pAAPal6pxA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
565a2adcb0da82a8b692e4464ade6f0fc0db407d991afe81e290003da97aa710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 07:44:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
85402
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14582
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 07:44:46 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 44B0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6iLdWdV9G21u_5jmEM-N42xhe5GU4dgdq3hgX18SedQQk3OD8Ol5Hyd4zSMpXaCB3nsavMSDZTqplsjk1Bd_yCcCAC53tkgru1FFuuGUeh-0-9yv0O1UcWX6H2bwDu8PW641hN5leeD5g&sai=AMfl-YT6dJ3s21HbdQQJcuJ9GvIj8Yz351jHI5Dqk2n0_BO7W8PMndeaESIsoGDngrZEchByCg1m2H_oXcG9e6OtAf3hrR5dzQJqDb0Ie3l1lwldctDbtWhLM3HGmec&sig=Cg0ArKJSzC8u-nTeHuw4EAE&cid=CAQSOwBpAlJW4wv-dUkyNT8YymQtvhoxIB78cHBUs7QVA72eZShb3nxUVWDQV4o0bLKUUqUy3sfThfaRggrcGAE&id=lidar2&mcvt=1038&p=173,315,423,1285&mtos=1038,1038,1038,1038,1038&tos=1038,0,0,0,0&v=20230807&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=885339186&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691566086446&rpt=809&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2010905537&t=event&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=ForcedPlay&el=Google&_u=aHDAAEABEAAAACAUI~&jid=&gjid=&cid=696463884.1691566084&tid=UA-4780630-1&_gid=1062162117.1691566084&gtm=45He3870n71T728TH&cd1=696463884.1691566084&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=0&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&cd122=GTM%20video%20event%20To%20GA&cd123=https%3A%2F%2Fwww.walla.co.il%2F&cd124=&cd35=editorial&cd38=Live&cd39=Live&cd44=true&cd45=Google&cd47=Live&cd49=&cd50=Live&cd72=true&cm9=1&z=500007051
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 05:23:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7479
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Wed, 09 Aug 2023 07:28:08 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
3662
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230031-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1691566089.556972,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
43
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
2498
syncframe
gum.criteo.com/ Frame D716 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 07:28:08 GMT
server
Kestrel
server-processing-duration-in-ticks
861017
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 10 Aug 2023 07:28:08 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 51B9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxaAdBkDTZI_SM6C5x_APrMSl0AoAAAAAOAHgBAI&bg=!QUKlQhbNAAaeEKnZvhA7ADkAdvg8WtXhWivaR4GfP16jqGmXm3iFN55XcRs9oiZ_YETVKvGXyLcziQPbFYS_Pr5qFXXOWEiWoSMCAAACHFIAAAAFaAEHCgBjWUC_RUEYT9AFv0P0qMZuzt6MdwF7aP4ZfjD2Tchd1hEbEjACAq8odoka8YYecpihkf18wryX-eAkBLNm8927cys5qScYhpqqKJmUSQY5nlswg6ZVVK9017y3QoR06JgHoFJcmQL5YXMPwkzVuuL8KyTVeNcphxWoafjCOqah3BnQmk61FL2EYnbaRaHQ4B28z0JrolYh-vOfhxsGu-L_ic-sjht7P9zh-L9YCGuiWZyAhoIvZeuze73ub6quScT0uHkIkyMgZLNxTwnggNDXdwr2vjp3PCJDbanF9_UjzAO4rWOZ9BND8TBOZtPtS46XEMjlGPrT4mH6--q122gUkfBPqInlqdhbEOuWMTTwyqO0O80uOBwZMXnZpRK-tyYthKgKr3MaJpjus_yvs9f1lLrDkEmfOsSaWArzzlVT6mO1kcIpKGGGzYEwE4rFkgRqAJIowrP18GYdBMzVyxcNiwKqfsS9EP0McG0Lg6tfyN7Y_VYvmdLUe6tXHH8ELgQhoODKkgdKjqhEWBDCQSV_MSMerc_ryc-XzZQxVsYulWzX5zljKdGWjSbCjFhx9YCE-MidhvnOcCd5Rcf_MKEZOaL0LhK6d8kvOLxVSdlLyPEGR24boNxhTtrcsKDrnmgsXwc1bcuwJOPWj4qyWHV_LxalmjUjRWbu_SnHmDRTFXocYMwNbKluMNpYQ09NLHMraIcqAv7t3cwOzmj15-lJmS3er0H8muz0bs-XNRgli9e4eD4DEwRCbnHR-Q48kvVJVqyENneeOctLWEynMJMBSmPf-9929DoeL2cvH5VduaSVc7d9okux1Ft88RIPTGWZd94tuu5OW0qHx3918hJ7-eT-kj1EkqUr6PGKpp3k0Dr_b19HJa_-Jozv3zXKy9pht2x5CufCl_8iAsxO3vGMirMksZ2zFvko70BJu4CsNj-9uu7jeUBT8MzOdeY2yIdhBgMywAVZcWu437jlxNXDyxerkCRTyIfufGmhCPVbm8qylHzByv1gG3BvGkRIZm0RH9Z2YILUQSxso1zu0aQVoDNV0QUI51c7w4F31NNGuTnQ_MhO9GEcEuB6scqFMIa4Y3O2f_fl1hoeSbCk3gWsbUDSpH9OH6O5yRv20ozWQ6h_6qOfuopMS6Giz0Gl_kw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E67B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUTOk2xT05-6BMxV7k2n6dHWzRnC_C6oIk8eeQsvX7RaE5fF2fB0ZFn7-pmGAfLBd4-Th6C-Of_KYGUh3-a3iLJvMe-OHSJ4xhjgMAfP9iPTu1vJ3ykpbz_f-MRjg5Xm5Y4Iki3tiSsFeU&sai=AMfl-YT1V-z-YHD2RxVvGsKrybxQQsLuVl2KhDHtdAcddHSxtLTvAVozuSL8DDPMb0ZQTXIg503GcwAT18CDgauxtPC5ciUz7VqPxdT7CQSpQX2CYtxk9vPNx8b625M&sig=Cg0ArKJSzGlIFGamZ_JVEAE&cid=CAQSOwBpAlJW4wv-dUkyNT8YymQtvhoxIB78cHBUs7QVA72eZShb3nxUVWDQV4o0bLKUUqUy3sfThfaRggrcGAE&id=lidar2&mcvt=1133&p=1000,515,1250,815&mtos=0,1133,1133,1133,1133&tos=0,1133,0,0,0&v=20230807&bin=7&avms=nio&bs=0,0&mc=0.79&if=1&vu=1&app=0&itpl=20&adk=1717219177&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691566086453&rpt=952&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9F78 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMcuZgChs1YAfOPzv1eZUFZB3JZ79pyFVpKLSO2Mb-R7nKTuDYXRghSFLXRf_o8QOw_dzDuJDEyMwkA3jTSghoyAsPBwh7mF87jsL0sA2oH8F-ox918zcsxUQ5W53PoyCsvIlMj6BdugKG&sai=AMfl-YTD8W1soioJ5pwtOIEiw2WP3fI8FN4XxXkffcn_aNuFDYsPSBCRlZEbKmFzDy4TuIwmzIoqYqFnprxVIRDFBjCeiscL_157AX_2NQjaMTPynk9xO_vV9PLchFo&sig=Cg0ArKJSzP1c3CTppLZCEAE&cid=CAQSOwBpAlJW4wv-dUkyNT8YymQtvhoxIB78cHBUs7QVA72eZShb3nxUVWDQV4o0bLKUUqUy3sfThfaRggrcGAE&id=lidar2&mcvt=1136&p=1000,199,1250,499&mtos=0,1136,1136,1136,1136&tos=0,1136,0,0,0&v=20230807&bin=7&avms=nio&bs=0,0&mc=0.79&if=1&vu=1&app=0&itpl=20&adk=1472875564&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691566086460&rpt=976&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Vloq3LDagqi2kuRGSt5vD8DbQH2ZGv6B4pAAPal6pxA.js
pagead2.googlesyndication.com/bg/ Frame 13FF 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Vloq3LDagqi2kuRGSt5vD8DbQH2ZGv6B4pAAPal6pxA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
565a2adcb0da82a8b692e4464ade6f0fc0db407d991afe81e290003da97aa710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 07:44:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
85402
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14582
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 07:44:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 43EF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNHkmB0DTZLveAcKwx_AP1P6csAMAAAAAOAHgBAI&bg=!6eql6r7NAAaeEKnZvhA7ADkAdvg8Wo-LJxP8Sg8jJ63YQKdABYJxK6Rf9m65JcN_AdywITP0UXqx0-fXU2l_NttlK9_a1CSU79gCAAACA1IAAAAHaAEHCgBH06AO6PpBMYpr_Dj-1qPzzKgyUoA-NdzzMo71S9E3-SAT2PfjmHZ1OVDANfY0N5CNwAvwoZMb-ySx10gX-1DsMrV4WbSfYQCZAvsNXJveimKGoNwScODy1F5DSiesMNwjO7F7R2k_X75obgSiE4eaqrgQhENTge_PXMdVPloy5F7sGLjnhq8AbqaMJ9kekwZLl0pFjg0UkXCaUi5cX0pK5P3oQQgxO92AgL6N6FiyNXthnnlKXru1qj4n5e6GKplgV45xpOUsKGc0rFx0cnHj_-U-41zetUdvDCKVjIp0Upzoss0GinfJ79gYggtGOZTlAIKnjUPme67txC4AeQMFwfBfNrL5Eel4z-hPqE00h-pphuP7K3v8DJ2MCEYSgPCNvUGGJNAj7IbfWV01Xf5AAG6WHr2YYWg2MvX4DVq9-hq5Qhr6McuSJr3WvG_ZTCS1TO8o9a-FmRd1F7QMgj3JTc2lX3KsxvCD3Kdr2ae5JM8CwRV6kXBt1AEXGjBhXLzuY9NfdqjAEHXcQ_mPagRDJVbO0w-TFpfHgfD-xr5nWVfvnA4paVLNbAIo4M7FcwUlgNmLJ8p_EqsXZoUgZ09Cr0a8WJ9gwTXErYP7oK0iSCXm0wShiFq9tIJdSuBibX322KtE24k_1LGwWpENhI-oH29sNk0Pf-EO_TxJusSUe6hCE14B747eJzzpg21BAw96UYPY30OD6H4nGcCagpleusquI59iDxmWaqIRWADSY6VGpylFG-OMvFMGoRxXtAU9z59JRfWhOwcP_1KPv9mTtl_tbfunRSRWfTILtlIrQNQQtOkNbp1lrc3vAptLIqwlRS5trDiolhARz-xGXcSKWQijOYlQoi8-tTYi4t6PW-WLXtCERSDTGfMbDoXSswfsos4efaPemSF2itqv-ueVNkmQ1AQzFrcsm-C9KNLp13TMCfYdnqMPYyyMq5ua_zPSIN05noHVrqdxV_pTl9Y85r3oTOmRNXBJjgg3McNzqEi_hT78xl1BEArJPyJiGd-jlU1kQbSjONQMDq3hA3N2f8ChWRh0DYWB1XoDSa836MOJF6xIWWSaT6IVVUIXyiFAIhjTMQ4GC5Rdndk42Qssft23GD_j
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 3BC7 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---&khaos=LL3ERSSV-1F-L594
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
574abe46412f7df61ec8713ff1a5b646
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1EEA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxmS8B0DTZN2BA4m6x_AP9NSiMAAAAAA4AeAEAg&bg=!-fql-q7NAAaeEKnZvhA7ADkAdvg8WvpjECjwTBezCeLoKTAJc1sUX8hWe5oFZhKBIQiXEKm9g8LXhV0P2VVU5Dhf_HYHRth2wwwCAAACYVIAAAAHaAEHCgBYegyMJJfcbbxYQjpTD-_icDwWyVo45kZw5kNAjsPh3aVufSz-QGNSrWLv0-sVfB9A43FOfwV7Ckpfx3UnI20HMPCHXmeFiORcooyOjPe0qdqRs6kTkIPizJkDAbnSjlLa1h90jxZ5fZGCrYguu5FGPqFYxJMtC8NQRd-kcekamGsoyQowhyfeZDD99X7tJ_Qdr_N6oEhOJ1ee-psQAXiIRUPTKXlbgTCk6JcAFzP0TqxynkW9_qKiWzzaD_RXwRo-aHkCohdaPGaH70oOccCKr4WeYmc9gQ6qzwL4MhidYkJhT19tCNV4SD20dleSZqfx3yMtEB0FqisypJ5Yxhc4IpkJN0yvjbqHxO--7Srgd7fkPwKDRngwMvFBuqhveIjl3mz0dSMlI1nr-0nrjxS2f8iQ8c0B2YCeWBu-W5KClv1oxRFlmKNK1vbO3OYXmgTybiwiPYaDdf7X-qU7iKgV9v6ZSeKb4eKRW_rr9EFFwVAQuDHU6R5dU1Jyh-Gw3muCQ-LvLAXTvXR2-4f1NvGdM8Kk784Igjm_JjsoB8fosY4sBpFBC8QOd1hB6O-8jQ_AoTY2XeDGcJTP6q1wuf9f2ec8HWIP-vVNJeCyz03CcOH2PMv4W59SQI6M0FeIxY65a55caZ2BD2Bv5QJODPdI47CdF-BknhcH9zvotbRj9y3zGMn-UQKWNIBbiqRh4DWknB7rtyHFnBmiouF9tcpHTOmRxKzciNteghgJmkIeiLA8N8q7CuIaNBPIv7DKFqi1RCG143ORkcN_FKefv919t5r7WQMmrbFV7aStW8IuFuoRLQteA0hfq_uuY1nV29UcAlGvEmJI7-uvQfQaEeye8YkhNt5jTvlmDTIriQyF-LgOjj-E44BtbM2lUU7YUtNqfSMv2O9OqbMKghLpmYpxsdSqmhcrrYzCPQ7082RAj95rVxvkC9OxrFLmMuj1a2ykNtzFNPghOnt3tZ3iqmZLUkeebLBzd-Pt9Y4sd0-cEfMRR3r_8hemmSUZWcsr29m18ynzsIRuQQrae64ZcPfeGU_mv0Czz9r3LsIcG28iEcoiTskAcdfnzI40CNPc9C1ZeE5TKL5wBRL3-lQXvmm0mqjknkdswmQNmCX_grlgL8qtZKv09m0C8qej_Go
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 09 Aug 2023 07:28:08 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
198333
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
176852
expires
0
/
csync.smilewanted.com/ Frame D5E3 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d72004c8e5024d94c6fef48c8b8e20882c0a4b608b16a958e049b2e901a7de8

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f3e47d67dca2c76-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 09 Aug 2023 07:28:08 GMT
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4E5C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=163905
content-encoding
gzip
content-length
5606
content-type
text/html
date
Wed, 09 Aug 2023 07:28:08 GMT
expires
Fri, 11 Aug 2023 04:59:53 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 09DC 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 09 Aug 2023 07:28:08 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 825E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
3220
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 09 Aug 2023 07:28:08 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 27 Jul 2023 06:34:02 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
4481, 27770
X-Served-By
cache-lga13626-LGA, cache-fra-etou8220074-FRA
X-Timer
S1691566089.750731,VS0,VE0
sync
eb2.3lift.com/ Frame 697D 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Wed, 09 Aug 2023 07:28:08 GMT
/
onetag-sys.com/usync/ Frame B0E9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1691566085403
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
ssc-cms.33across.com/ps/ Frame 8AF1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cR0USG9OKr6ykwaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP013 /
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 09 Aug 2023 07:28:08 GMT
server
33XP013
x-33x-status
2000208
pd
pixelgroup-d.openx.net/w/1.0/ Frame 4304 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixelgroup-d.openx.net/w/1.0/pd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 09 Aug 2023 07:28:08 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 609E 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
505
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7f3e47d6cedebbc8-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 09 Aug 2023 07:28:08 GMT
expires
Wed, 09 Aug 2023 11:28:08 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sid
mug.criteo.com/ Frame D716
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=3&topUrl=www.walla.co.il&bundle=EHV1C196aFdHN1pCM0JLZVA4RmpSWkZPTyUyRmt1OUNQSXYzY2poQzVKNTBpMXhMWm9xaVJ6...
  • https://mug.criteo.com/sid?cpp=a43JoXw4VGIrc1IxNFZJV01iL3NOcHorU01wQWFndTg2M2JHRWxXd0FBVEx3VnhaT2tKdjNsaFQxc2JCNnFOT3drQjY1ZFlQR1ZWUkpmcE5ndHRacWxXM0VnMWZoUURXaG1EdzVPZVREUEllb3RUZEhSTWJGODRiWEdmRz...
444 B
661 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=a43JoXw4VGIrc1IxNFZJV01iL3NOcHorU01wQWFndTg2M2JHRWxXd0FBVEx3VnhaT2tKdjNsaFQxc2JCNnFOT3drQjY1ZFlQR1ZWUkpmcE5ndHRacWxXM0VnMWZoUURXaG1EdzVPZVREUEllb3RUZEhSTWJGODRiWEdmRzc4M3ZOQXp4endXNGcwTWh0THFuaW5penV2S2hVamlFYzBIQmdFTkxURjg5bVpzUmZLbE1SR3M0MWJrZklVb1ZsOEh4RUNZaWRWY1U5UlpWUjlXbmQ3amdJWXV0Wld4UFdJbVJtL3lMazhDMkxPVkVYM1dKQ3krb2FLU3JuYXZoVGRNdk1qUzhscTYvRE55Rjh4OUVIWDNFMzFUeldYNGtCL0VsUXRrajVjZjZxK3pUNVZJMD18&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
07d4b62c45593bea2fb7749deaac69b5d0d7155a093bc1762989aea8b7ef9dec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1335890
expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=a43JoXw4VGIrc1IxNFZJV01iL3NOcHorU01wQWFndTg2M2JHRWxXd0FBVEx3VnhaT2tKdjNsaFQxc2JCNnFOT3drQjY1ZFlQR1ZWUkpmcE5ndHRacWxXM0VnMWZoUURXaG1EdzVPZVREUEllb3RUZEhSTWJGODRiWEdmRzc4M3ZOQXp4endXNGcwTWh0THFuaW5penV2S2hVamlFYzBIQmdFTkxURjg5bVpzUmZLbE1SR3M0MWJrZklVb1ZsOEh4RUNZaWRWY1U5UlpWUjlXbmQ3amdJWXV0Wld4UFdJbVJtL3lMazhDMkxPVkVYM1dKQ3krb2FLU3JuYXZoVGRNdk1qUzhscTYvRE55Rjh4OUVIWDNFMzFUeldYNGtCL0VsUXRrajVjZjZxK3pUNVZJMD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
339161
content-length
0
expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 4E5C 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=16637857&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1d5f3ccbd6310b8fc4680ba8d04f45fe4adae9acadc91456db68582fe38bb2e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 09 Aug 2023 07:28:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
tap.php
pixel.rubiconproject.com/ Frame 3BC7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEMdX-Zri5d7a1TdawItOe5E&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEMdX-Zri5d7a1TdawItOe5E&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEMdX-Zri5d7a1TdawItOe5E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 3BC7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/dUNf1lWSe_0322YF5X1iAsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-L0.IvhVE2oIefWQgCHURJDgYdz5LGuZXK1of4g--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-L0.IvhVE2oIefWQgCHURJDgYdz5LGuZXK1of4g--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 09 Aug 2023 07:28:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
2
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-L0.IvhVE2oIefWQgCHURJDgYdz5LGuZXK1of4g--~A
content-length
0
dcm
s.amazon-adsystem.com/ Frame 3BC7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 07:28:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
02B3HJBPA9VP92CB0PCT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 07:28:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M5VYY4WKYH8D91AHYVVJ
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 3BC7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL3ERSSV-1F-L594&gdpr=1&us_privacy=1---
0
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL3ERSSV-1F-L594&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:08 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 1B3F7EC1A3EB42B397B4390F2152AE06 Ref B: DUS30EDGE0407 Ref C: 2023-08-09T07:28:08Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYCeGvZ1ROFoDnzIpmjgQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL3ERSSV-1F-L594&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 3BC7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 3BC7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEwzRVJTU1YtMUYtTDU5NA==&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=1&google_gid=CAESEIRoyAZnjFYykFeg92ZLgvo&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEwzRVJTU1YtMUYtTDU5NA==&google_push=&gdpr=1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEwzRVJTU1YtMUYtTDU5NA==&google_push=&gdpr=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H3
Server
142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEwzRVJTU1YtMUYtTDU5NA==&google_push=&gdpr=1
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 3BC7
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 07:28:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G7Q0ED7SRBD18GBJZHXC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 07:28:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
33H72WX8VFK21W4ZGCPQ
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3BC7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTZjNmZhMGFkYjIwNmY3Y2ZlOWY4NzQwZDljYTY2N2FhMjQ1ZGUxMQ&gdpr=1&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTZjNmZhMGFkYjIwNmY3Y2ZlOWY4NzQwZDljYTY2N2FhMjQ1ZGUxMQ&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H3
Server
142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTZjNmZhMGFkYjIwNmY3Y2ZlOWY4NzQwZDljYTY2N2FhMjQ1ZGUxMQ&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame D5E3 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
164
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7f3e47d75eae2c76-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
async_usersync
ib.adnxs.com/ Frame 825E 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
an-x-request-uuid
957d1d51-b3b5-44c4-b225-03adcbaad460
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.134; 138.199.38.134; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame BC37 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
271f4cbab285002b9fd8b613a8afbe3881e016c69efea2ea46cfa153d0e58892

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1775
Content-Type
text/html
Date
Wed, 09 Aug 2023 07:28:08 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
gen_204
pagead2.googlesyndication.com/pagead/ Frame 44B0 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2551515155275&version=m202307240101&ct=76&x=1&cor=1583146144171357000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F78 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3681371959367&version=m202307240101&ct=76&x=1&cor=11443601781309094000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E67B 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=839529185367&version=m202307240101&ct=76&x=1&cor=5254536827591250000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230808-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Wed, 09 Aug 2023 07:28:08 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
2609
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230031-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1691566089.941379,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
2
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
12269
Pug
image2.pubmatic.com/AdServer/ Frame 0A3C
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5792769539606674633
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5792769539606674633
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 07:28:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5792769539606674633
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 7EAE
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 07:28:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 09 Aug 2023 07:28:08 GMT
expires
Wed, 09 Aug 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
773324
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame E312
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084926585163841
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084926585163841
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 07:28:09 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Wed, 09 Aug 2023 07:28:09 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5140084926585163841
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
dcm
aax-eu.amazon-adsystem.com/s/ Frame E5A3
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 09 Aug 2023 07:28:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
XEC2AXTK9R0KZWVDVKV5

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 09 Aug 2023 07:28:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
APWW1G3QSDCW2K0BFHH9
Pug
image2.pubmatic.com/AdServer/ Frame C254
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vZW8D7-R6AWmkewFvcL1Wr3AvASmkesNvMMd4MvG
42 B
419 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vZW8D7-R6AWmkewFvcL1Wr3AvASmkesNvMMd4MvG
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 07:28:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Wed, 09 Aug 2023 07:28:09 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vZW8D7-R6AWmkewFvcL1Wr3AvASmkesNvMMd4MvG
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4E5C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yuDYw_R6QqKlhaovi1Rsvg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:09 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=163904
accept-ranges
bytes
content-length
5606
expires
Fri, 11 Aug 2023 04:59:53 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 4E5C 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.58.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-58-171.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:09 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.3.51
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 4E5C
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2946679493
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
via
1.1 google
last-modified
Wed, 09 Aug 2023 07:28:09 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE
date
Wed, 09 Aug 2023 07:28:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 4E5C
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NjIwNEkwRnFQczBUckdxMDd6eEVodE8wQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=1649396646492352210&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Server
34.235.212.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-212-6.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 07:28:09 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 09 Aug 2023 07:28:09 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 4E5C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0FFMEQ4QzMtRjQ3QS00MkEyLUE1ODUtQUEyRjhCNTQ2Q0JF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 07:28:08 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 4E5C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA2bjIsMgamOnC36pgDBYMs&google_cver=1
42 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA2bjIsMgamOnC36pgDBYMs&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 07:28:09 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEA2bjIsMgamOnC36pgDBYMs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 4E5C 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:09 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 08 Aug 2023 07:28:09 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4E5C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1649396646492352210
42 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1649396646492352210
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 07:28:08 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1649396646492352210
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 4E5C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame BC37
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZNNABvwbBrOvRaj2tMD0sAAADT8AAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZNNABvwbBrOvRaj2tMD0sAAADT8AAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZNNABvwbBrOvRaj2tMD0sAAADT8AAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 07:28:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GN47A428JVHDB3H1JJ4T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 07:28:09 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8S8JM5HD6X36ZVEPW5WY
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZNNABvwbBrOvRaj2tMD0sAAADT8AAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame BC37
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZNNABvwbBrOvRaj2tMD0sAAADT8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELGmo2eXoo3xKGOqhBOZqNY&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELGmo2eXoo3xKGOqhBOZqNY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 07:28:09 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELGmo2eXoo3xKGOqhBOZqNY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame BC37 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame BC37
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5875553252916743791
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5875553252916743791
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 07:28:09 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:09 GMT
an-x-request-uuid
fc174b62-a873-49be-99d6-84687b838d39
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5875553252916743791
x-proxy-origin
138.199.38.134; 138.199.38.134; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BC37
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 07:28:09 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Wed, 09 Aug 2023 07:28:09 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
crum
dsum-sec.casalemedia.com/ Frame BC37
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1707463689&external_user_id=7c7a06e4-f58f-43fe-9fa8-29a1ccccc241
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1707463689&external_user_id=7c7a06e4-f58f-43fe-9fa8-29a1ccccc241
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 07:28:09 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Wed, 09 Aug 2023 07:28:09 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1707463689&external_user_id=7c7a06e4-f58f-43fe-9fa8-29a1ccccc241
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum.casalemedia.com/ Frame BC37
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5875553252916743791
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5875553252916743791
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 07:28:09 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:09 GMT
an-x-request-uuid
b7fa2721-4cee-4312-951c-a22d2ddb7011
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5875553252916743791
x-proxy-origin
138.199.38.134; 138.199.38.134; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BC37
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2802653728290887916
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2802653728290887916
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Aug 2023 07:28:09 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2802653728290887916
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:08 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
htw-pixel.gif
cdn.indexww.com/ht/ Frame BC37 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZNNABvwbBrOvRaj2tMD0sAAA%263391
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:09 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
52616
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7f3e47d8ab31363b-FRA
content-length
43
expires
Thu, 10 Aug 2023 07:28:09 GMT
usync.js
eus.rubiconproject.com/ Frame 09DC 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
08d2b0b3ed3035436a6ddbb401a3311fa4582f0702e80af32567e966285f4696

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Wed, 09 Aug 2023 07:28:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Aug 2023 15:47:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29933
Connection
keep-alive
Content-Length
10114
Expires
Wed, 09 Aug 2023 15:47:02 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 8DB4 		0
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f3e47d86fce2c76-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 09 Aug 2023 07:28:09 GMT
server
cloudflare
vary
Accept-Encoding
/
pips.taboola.com/ 		64 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ea61b49db7848aff946a94dda940fe53c5c8fac1807630c232e1b252b2b95cea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230120-FRA
date
Wed, 09 Aug 2023 07:28:09 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.walla.co.il
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
onetag-sys.com/usync/ Frame 363B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=7cde3096-5b35-49d9-93c2-328d7116223e-tuctbccc585&uad=bfb705b96cb91a52e89213a02747b323664aaca7ab20c88dd52a258f040a0625&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 09 Aug 2023 07:28:09 GMT
cache-control
no-store
server
nginx
pixel
ap.lijit.com/ Frame D66D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Wed, 09 Aug 2023 07:28:09 GMT
X-Sovrn-Pod
ad_ap2ams1
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame A448
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Wed, 09 Aug 2023 07:28:02 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Wed, 09 Aug 2023 07:28:02 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
gen_204
pagead2.googlesyndication.com/pagead/ Frame 13FF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.584.2&bgai=BYHofB0DTZJ-xDdeehcIPpJOwkAMAAAAAOAHgBAI&bg=!IiGlIXXNAAaeEKnZvhA7ADkAdvg8Wuxaf7QPNOvHdg1O9q4mMYo2HaeYq3BAFbt6bNl_pHpMQUU7cgZ1yvFRkKGpaY8z2oa3fbACAAABdVIAAAAGaAEHmQLl4jrF1QONN3TnkOCdwX8qTk6EXmibNgZveycMxOzSI1eG25lQVtAg5u5xldqbEJ9Z4TRyRwHGLL-VAvzeF1sXAjxUjmq9ah8nQxWXuwWSXSPGeC5aQIFM7qlgMfdeKDxoc1Vpkde4mlEPIxHEQZiMpPDzZzTXqADmjixrlnXGoNAgAzHD8Kdiy9P9yXjyWe_79dDDut-QvtMJhF9Ev_4oE281OiZSX1vAuOLgXy4OSO3Bh99o6qfliwEMIQbFMYJhbL77ytIpoC2CjNK7k1LneSP-BH1m7mVvFUTTfs7jKqdZchTbwrcQcoXmcMukD_FQp4YmxN5s3_6SdVXCv206xfROB0qZrX-_e_OeqqXmuuhFTVI6vApCEDm73pbeFAJj5N3uT_4pUe0SlH0ZvV2Mz-K2ieEhP-CJkeH7VkWHoLZdN9wotbKWm90lhsYRRkTxP4rYN10bbeZHH92m4osv7T75SfL8P920j4Rg5p_CTmWijEyeugsGtKqv85bl-NfBc0z8VBGUzgmpo3uxW_YJ2ZXm7PW02EzBa7Qy3mihkFRB79cht6ZtikLtlVqdXyoqAy0htZwPVRD9KlnxzNMNQND7NXSWKPWJJ4Rc_XzSVYJTULDpfxDJ0ueFdqh6z4qu4xAIV0hm_3zks7IyyhPnUbmUszNID9r_euFPMvf4wE61ZjUJzzraIfNFqGCyVcQH0spZB65flizopvORLVqBjy2twLCUIoCrVcvDrjeebxyRR-EfgPyF4Rp-a5mO1ztoavu1Omety5IBBN2iIT4Z6U-nPejk2_SvL9DSMreLDou0vbSpaSH6neHE3jQGq7Iw-8V3KBccbkf2xwFkLa7SOunIKWDm1xjHdl2bpYLamS_siYIwtpOa696tK3l4hyRT67mlT1o6cMr6AWpFIFotfrWIxEd6v2NZiAuL6gyZz2LMdhMV-WDtO2ydLsmLA3n0fj97zH5WwOl_PqM8AZ-dYb0pPm0D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
smwt256.gif
us.ck-ie.com/ Frame D0D3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Wed, 09 Aug 2023 07:28:09 GMT
Server
nginx
1649396646492352210
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 68EA
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/1649396646492352210
0
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/1649396646492352210
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f3e47d9c9332c76-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 09 Aug 2023 07:28:09 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Wed, 09 Aug 2023 07:28:09 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/1649396646492352210
server
nginx
v1
match.sharethrough.com/universal/ Frame D66A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.163.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-163-163.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 09 Aug 2023 07:28:09 GMT
smw888.gif
us.ck-ie.com/ Frame EB79 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Wed, 09 Aug 2023 07:28:09 GMT
Server
nginx
Q7lx6qAiMw6j4qBx2Xih
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 54EA
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Q7lx6qAiMw6j4qBx2Xih?pi=smilewanted&tc=1
0
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Q7lx6qAiMw6j4qBx2Xih?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f3e47dada742c76-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 09 Aug 2023 07:28:09 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 09 Aug 2023 07:28:09 GMT Wed, 09 Aug 2023 07:28:09 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/Q7lx6qAiMw6j4qBx2Xih?pi=smilewanted&tc=1
pragma
no-cache
setuid
ib.adnxs.com/prebid/ Frame 6C58
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=b4785f0a318a2f87fdcd33386918e497
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=b4785f0a318a2f87fdcd33386918e497
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
an-x-request-uuid
18e5175b-0aed-4885-98dc-2d824c02c4ff
cache-control
no-store, no-cache, private
content-length
43
content-type
image/gif
date
Wed, 09 Aug 2023 07:28:09 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
138.199.38.134; 138.199.38.134; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f3e47daea882c76-FRA
content-type
text/html; charset=UTF-8
date
Wed, 09 Aug 2023 07:28:09 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=b4785f0a318a2f87fdcd33386918e497
server
cloudflare
getuid
sync.smartadserver.com/ Frame 3D3A
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Wed, 09 Aug 2023 07:28:08 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Wed, 09 Aug 2023 07:28:09 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
async_usersync
ib.adnxs.com/ Frame 825E 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:09 GMT
an-x-request-uuid
63fad02c-e5f1-4e76-9abd-3d81f0e7e4aa
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.134; 138.199.38.134; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 4E5C 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160447&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:09 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 4E5C 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=93987710&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
45a23b7399dc01d6571672b6e78d6373ce4b6ba8eea36bb245ef6152e7084602

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 09 Aug 2023 07:28:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 4118 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 09 Aug 2023 07:28:11 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 6985
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5875553252916743791&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5875553252916743791&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 07:28:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
664f94f3-6377-4958-9c1c-80a818dacb4d
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 09 Aug 2023 07:28:11 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5875553252916743791&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
138.199.38.134; 138.199.38.134; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame F20C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7265221022709905559&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7265221022709905559&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 07:28:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Wed, 09 Aug 2023 07:28:11 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7265221022709905559&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame D6F8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jS6Ntnd-WchyfuQom6dWgorHJoY&gdpr=0&gdpr_consent=
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jS6Ntnd-WchyfuQom6dWgorHJoY&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 07:28:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Wed, 09 Aug 2023 07:28:12 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=jS6Ntnd-WchyfuQom6dWgorHJoY&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 58F4
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZNNADAAD91w4kwBV
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Wed, 09 Aug 2023 07:28:12 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230089-FRA
x-timer
S1691566092.126162,VS0,VE92

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Wed, 09 Aug 2023 07:28:12 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZNNADAAD91w4kwBV
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230089-FRA
x-timer
S1691566092.029740,VS0,VE89
mw
mwzeom.zeotap.com/ Frame 4E5C 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:12 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7f3e47eb1a8c2c27-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 4E5C
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:24 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:24 GMT
frontend-id
13
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 4E5C
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 4E5C 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:116:34f8:6532:c6d0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame 4E5C 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE&redir=true&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:11 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 4E5C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CO...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ea9383fb-877e-43ac-b21a-1f1b4b4534b1&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ea9383fb-877e-43ac-b21a-1f1b4b4534b1&gdpr=0&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 09 Aug 2023 07:28:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ea9383fb-877e-43ac-b21a-1f1b4b4534b1&gdpr=0&gdpr_consent=&gdpr_pd=
date
Wed, 09 Aug 2023 07:28:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4E5C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2802653728290887916&gdpr=0&gdpr_consent=&us_privacy=
1 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2802653728290887916&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 09 Aug 2023 07:28:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2802653728290887916&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 09 Aug 2023 07:28:11 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 4E5C 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:12 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4E5C
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:83be4911-5267-49dd-879b-68628f7c74a5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:83be4911-5267-49dd-879b-68628f7c74a5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 09 Aug 2023 07:28:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:83be4911-5267-49dd-879b-68628f7c74a5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 09 Aug 2023 07:28:12 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
index.m3u8
amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb543d1d736c648793d43c6ecef043a4f9421fde1d6988693eb5518975d1073edce2a59caa08ff16388f1ede7f0a66413a3e951fda77118fd87... Frame B42A 		13 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb543d1d736c648793d43c6ecef043a4f9421fde1d6988693eb5518975d1073edce2a59caa08ff16388f1ede7f0a66413a3e951fda77118fd87eb141453c5728cfffe729a2c05616b7db083429b56a062a866a68ac39437ed0e21f48a238b6720a5aa82a66443d80b846ac7757db80148e78208bb3dc66396d390ec90c1fbcbf5ba0f8ff5e43ca78a5b91b4cc12a46e59f41cfdc1aa681d50ecb5ed770f7118094f2da811783d5c264af04b206ed394809f134bd41a82dd7a0f84d1cde160f430c58e7ad8a8c3f56e462762c347b56dd1f9936db9b2a91654dc36825e85651f81a8c1ba6ef45a6b8a9cb024034e4e95a6829e295c81832e452cf04d38793b85b798ae5113220a3088e727869c3af8f7c2ca26413b7e233e0063418b9cd6b2a6c8ebdae90c727b930d8c8e49d72604b71080b886770fb07cf04d262a1c21f2013180afdda1df38fd75a3f755cc6ae6a94424bf78bd0c3e807359c34401af0368d12454ddc246079d228fbb13578c67359d27b6ead187dab6ac89500b9e7d7ec0d3ef5f9c241f460a6f529dae40da468730853e6bc7c11101b2480a0375a6039f044e2d2d8e8385c53bbb99ea8b226526d0e1e5c0884f5f430cadeb24e33228102762e246a54fc62f166d007450554b93ddbbe067980466c6dd1ae3159557b858ad6a582c5c150ba6fd9acac607b7838783e05bf945b05356002c7c3e8c6/194/640x360_642400/index.m3u8
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/9330_f4446c29729bfb4db823_f4446c29729bfb4db823_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-49.fra6.r.cloudfront.net
Software
/
Resource Hash
7d3bb7053dfc6db6c440055af968857d61a3f5dc5da9ca284349b61395719a2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:12 GMT
via
1.1 google, 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
content-encoding
br
last-modified
Wed, 09 Aug 2023 07:28:12 GMT
x-amz-cf-pop
FRA6-C1
x-cache-status
FRA-fa985ced, miss
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
https://www.walla.co.il
x-cache
Miss from cloudfront
cache-control
max-age=1
access-control-allow-credentials
true
accept-ranges
none
x-amz-cf-id
ulAN6e3TQJhjPHfmr48F_tAmy-sUaZI1jfR2JbPOtKnrkc1VPVMyEg==
logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame E662 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687521602712/logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=NmYvsLjIs8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:22:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:22:30 GMT
cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame E662 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=NmYvsLjIs8&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:22:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1134
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 07:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:22:30 GMT
dc_oe=ChMInaHu3YbPgAMVCd0RCB10qggGEAAYACD2we5cQhMImpqf3YbPgAMVozwGAB36BwXW;stragg=1;&timestamp=1691566093084;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 9F78 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMInaHu3YbPgAMVCd0RCB10qggGEAAYACD2we5cQhMImpqf3YbPgAMVozwGAB36BwXW;stragg=1;&timestamp=1691566093084;str=nextSlide;strtype=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame 763A 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687521602712/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6578138867263583433/template-43bf74fd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=HmhRnyr5hz&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:22:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:22:30 GMT
cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame 763A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6578138867263583433/template-43bf74fd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=HmhRnyr5hz&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:22:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1134
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 07:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:22:30 GMT
InterstateRegular-Bold.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 763A 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateRegular-Bold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6578138867263583433/index-09647504.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d52c7c5050b088109075328a9e830e4bfdf6446c763b9e69c637d5c0e11d599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index-09647504.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:24:21 GMT
x-content-type-options
nosniff
age
232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29232
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 07:39:21 GMT
InterstateCondensed.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 763A 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensed.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6578138867263583433/index-09647504.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index-09647504.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:23:44 GMT
x-content-type-options
nosniff
age
269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28596
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 07:38:44 GMT
congstar-stoerer_gb-plus_small.svg
s0.2mdn.net/4528404/1687525202075/ Frame 763A 		2 KB
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687525202075/congstar-stoerer_gb-plus_small.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
644aace6e359180bf6b29b4a7b172f7b6cb8c937fa531eed22a6447fab6a2c8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6578138867263583433/index.html?e=69&leftOffset=0&topOffset=0&c=HmhRnyr5hz&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 04:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10836
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
974
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 13:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 04:27:37 GMT
dc_oe=ChMIj-3h3YbPgAMVoNwRCB0sYgmqEAAYACCPzO5cQhMImJqf3YbPgAMVozwGAB36BwXW;stragg=1;&timestamp=1691566093143;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 44B0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj-3h3YbPgAMVoNwRCB0sYgmqEAAYACCPzO5cQhMImJqf3YbPgAMVozwGAB36BwXW;stragg=1;&timestamp=1691566093143;str=nextSlide;strtype=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIj-3h3YbPgAMVoNwRCB0sYgmqEAAYACCPzO5cQhMImJqf3YbPgAMVozwGAB36BwXW;stragg=1;&timestamp=1691566093153;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 44B0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj-3h3YbPgAMVoNwRCB0sYgmqEAAYACCPzO5cQhMImJqf3YbPgAMVozwGAB36BwXW;stragg=1;&timestamp=1691566093153;str=nextSlide;strtype=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame 0CF8 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687521602712/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14607691819158405450/template-43bf74fd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=VgWnuyLDF0&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:22:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:22:30 GMT
cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame 0CF8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14607691819158405450/template-43bf74fd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14607691819158405450/index.html?e=69&leftOffset=0&topOffset=0&c=VgWnuyLDF0&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 16:22:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1134
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 07:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:22:30 GMT
dc_oe=ChMI-_3s3YbPgAMVQtgRCB1UPwc2EAAYACD2we5cQhMImZqf3YbPgAMVozwGAB36BwXW;stragg=1;&timestamp=1691566093184;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame E67B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-_3s3YbPgAMVQtgRCB1UPwc2EAAYACD2we5cQhMImZqf3YbPgAMVozwGAB36BwXW;stragg=1;&timestamp=1691566093184;str=nextSlide;strtype=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Aug 2023 07:28:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 4E5C 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160447&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 07:28:13 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Verdicts & Comments Add Verdict or Comment

385 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 function| addScriptPromise object| _0x1a15 function| _0x14cd object| googletag object| WallaTargeting string| _taboolaOS object| twttr string| isAAB string| pageNumberInSession string| fatherSessionInSession object| dataLayer object| wallaGlobalEventData object| wallaEnv object| slotslist function| gtag function| ga object| _sf_async_config string| loadDataState function| smartlook boolean| isMobile undefined| showInterstitial undefined| interstitialData undefined| timestamp undefined| attempts undefined| served undefined| hourPassed undefined| url undefined| ref undefined| refFits undefined| adunit undefined| getInterstitialData function| _ object| dmp object| permutive object| google_tag_manager object| google_tag_data object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY function| postscribe object| google_tag_manager_external object| gaplugins object| GooglebQhCsO function| fbq function| _fbq string| GoogleAnalyticsObject object| gaGlobal object| gaData object| google_conversion_id object| google_custom_params object| google_remarketing_only object| adoric function| _typeof object| TRC object| _taboola object| _tblConsole object| ggeac object| google_js_reporting_queue object| __twttrll object| __twttr object| _0x26da function| _0x3709 object| _vadHb object| vadprebidChunk object| vadprebid object| _pbjsGlobals object| ADAGIO object| __LOADABLE_LOADED_CHUNKS__ object| _cbm object| regeneratorRuntime string| __strip_step__ boolean| WallaA11 string| pm_pgtp undefined| msg function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| __adoric__ boolean| IS_ADORIC_LOADED function| onYouTubeIframeAPIReady undefined| google_measure_js_timing object| Criteo number| google_unique_id object| webpackChunk_smartlook_recorder boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| PlayerSdk object| WallaPlayerApi function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id string| trc_item_url object| TRCImpl object| __uid2SecureSignalProvider object| __uid2 object| pbjs function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_140 object| Criteo_identitytag_140 function| setImmediate function| clearImmediate object| _33across object| sas object| apntag object| _ADAGIO object| _pmk function| TBWidgetFacebook function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| pi object| _pm_mcg object| image number| taboola_view_id number| google_global_correlator object| GoogleGcLKhOms object| closure_lm_534678 object| owpbjsChunk object| owpbjs object| PWT object| a object| sw_consent object| ONFOCUS string| nam object| placementData object| cmTag object| google_image_requests object| _cm_wfCounters object| tbopt object| criteo_pubtag_prebid_136 object| Criteo_prebid_136

129 Cookies

Domain/Path Name / Value
.walla.co.il/ Name: _cb
Value: CO75uNxEMCiDBHM7D
.walla.co.il/ Name: _chartbeat2
Value: .1691566083939.1691566083939.1.8_g11nlwWlCovUCm-6_pQCOWVQG.1
.walla.co.il/ Name: _cb_svref
Value: null
.walla.co.il/ Name: _gcl_au
Value: 1.1.1800141639.1691566084
.walla.co.il/ Name: _gid
Value: GA1.3.1062162117.1691566084
.walla.co.il/ Name: _gat_UA-4780630-1
Value: 1
.walla.co.il/ Name: _t_tests
Value: eyI1N3dWQ0FENzY3aXlRIjp7ImNob3NlblZhcmlhbnQiOiJCIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJDdHhLOXIiXX0sIkZYY3NBRnljR2tSdjUiOnsiY2hvc2VuVmFyaWFudCI6IkMiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkJYQTI1ayJdfSwiTEFtREk5Z2c0dEE4byI6eyJjaG9zZW5WYXJpYW50IjoiQyIsInNwZWNpZmljTG9jYXRpb24iOlsiRGJpSTN3Il19LCJxOHNmbzFyczBaRnVFIjp7ImNob3NlblZhcmlhbnQiOiJCIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJEbW00USJdfSwieFM5TnBnNzJwUnRSbCI6eyJjaG9zZW5WYXJpYW50IjoiQSIsInNwZWNpZmljTG9jYXRpb24iOlsiQlZuVWN1Il19LCJLN1gzVHg5RzdMRmZEIjp7ImNob3NlblZhcmlhbnQiOiJCIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJDREtTWFUiXX0sInpHZXk1ZzV1aEY0WXAiOnsiY2hvc2VuVmFyaWFudCI6IkEiLCJzcGVjaWZpY0xvY2F0aW9uIjpbImJ1eS1CIl19LCJ2a0ZESDRISXlpV0h4Ijp7ImNob3NlblZhcmlhbnQiOiJCIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJDQVV4NiJdfSwiWFlOSUhSSDd1dXJMayI6eyJjaG9zZW5WYXJpYW50IjoiQiIsInNwZWNpZmljTG9jYXRpb24iOlsiRHFSdDNxIl19LCJPQUZKMHI5SUhYZWhBIjp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJEX1BmMXUiXX0sImw5NXZDM3BzNUNnM3kiOnsiY2hvc2VuVmFyaWFudCI6IkEiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkRhT0ZXZSJdfSwidGdOV0FDclVLM0hXbiI6eyJjaG9zZW5WYXJpYW50IjoiQiIsInNwZWNpZmljTG9jYXRpb24iOlsielg3VW0iXX0sInpBWDFNaXhwakFWWW4iOnsiY2hvc2VuVmFyaWFudCI6IkQiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIm9ITzFzIl19LCJ1SzVRUTIzTHJhUWhJIjp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJPUC1XNCJdfSwiUzZJRHcySFpFbTh2eSI6eyJjaG9zZW5WYXJpYW50IjoiQSIsInNwZWNpZmljTG9jYXRpb24iOlsiT2RNdHUiXX0sIlR5WHlId1VOeW9OUnQiOnsiY2hvc2VuVmFyaWFudCI6IkIiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkJMNkZaUyJdfSwiYTE1cGQ1cDNaUGlYNSI6eyJjaG9zZW5WYXJpYW50IjoiQiIsInNwZWNpZmljTG9jYXRpb24iOlsiRXQ3UzIiXX0sIjU5ZW1mbnVKNWszZlEiOnsiY2hvc2VuVmFyaWFudCI6IkEiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkNkYk9NSCJdfSwiaFFvRHhpeXFUbmRWaiI6eyJjaG9zZW5WYXJpYW50IjoiQiIsInNwZWNpZmljTG9jYXRpb24iOlsiRHVqLUhGIl19LCJ0M3dteW1DdUJPQXVOIjp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJ4dXRiYiJdfSwiTDJXSWV5dEVYTEJKNSI6eyJjaG9zZW5WYXJpYW50IjoiQiIsInNwZWNpZmljTG9jYXRpb24iOlsiQmswNV90Il19LCI3SEJTWEdpTFBxOERrIjp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJEdERTc28iXX0sIkJFSDc4d1BheGdySGoiOnsiY2hvc2VuVmFyaWFudCI6IkEiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkNBNFM4ZyJdfSwibGlmdF9leHAiOiJtIn0=
www.walla.co.il/ Name: strip_step
Value: 2
.walla.co.il/ Name: _wpnis
Value: 2
.walla.co.il/ Name: _wfsis
Value: https://www.walla.co.il
.doubleclick.net/ Name: IDE
Value: AHWqTUlR8akyPKRUtqT1chn1zetazym0BEXdMT4GSFlMr3-6EXYK8XT5f9fRIs7k
.walla.co.il/ Name: _ga_TSQY5YTYZ0
Value: GS1.1.1691566084.1.0.1691566084.0.0.0
.walla.co.il/ Name: _ga_RYD7X7E8VN
Value: GS1.1.1691566084.1.0.1691566084.60.0.0
www.walla.co.il/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.walla.co.il/ Name: vad-loc-code
Value: de
.walla.co.il/ Name: _ga
Value: GA1.3.696463884.1691566084
.rubiconproject.com/ Name: khaos
Value: LL3ERSSV-1F-L594
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoLCyAQ4AMF5njc0/aJelRdbjRFtGIHH0v20dyKxB4PpPRDcqFllxeHfUbtGK/WusRRoXBd6HGcJiYbB5SW5XQ3+pdQae1IgOAijy0RC4Zd8Ri5j99IjSR+
.walla.co.il/ Name: _fbp
Value: fb.2.1691566085526.682578137
.dxmdp.com/ Name: dmpid
Value: ddcff651-03d9-4319-af85-7213c1236652
.walla.co.il/ Name: lotame_domain_check
Value: walla.co.il
.criteo.com/ Name: uid
Value: c7bae15e-0c95-423b-a15c-1f7ebe01b426
.openx.net/ Name: i
Value: 034c3168-aed7-4a60-80e6-883aebfe06a6|1691566085
.dxmdp.com/ Name: audids
Value:
.walla.co.il/ Name: __gads
Value: ID=1f2ae3004f483294:T=1691566085:RT=1691566085:S=ALNI_MZDat1Nzr4yMgqApMnw5wy98DX8Ww
.walla.co.il/ Name: __gpi
Value: UID=00000c7beccbc640:T=1691566085:RT=1691566085:S=ALNI_MZEiSOKgeRnrsteZy8FOu9aUIMJGQ
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: aa603f5a-4def-52dd-9aa0-c7c7fe7387c1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: ZNNABgAKFggeW-m2ZBG4n62l0UyxlYeN5ZTT1A==
.adnxs.com/ Name: uuid2
Value: 5875553252916743791
.casalemedia.com/ Name: CMID
Value: ZNNABvwbBrOvRaj2tMD0sAAA
.casalemedia.com/ Name: CMPS
Value: 3391
.casalemedia.com/ Name: CMPRO
Value: 3391
www.walla.co.il/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D7cde3096-5b35-49d9-93c2-328d7116223e-tuctbccc585
.doubleclick.net/ Name: APC
Value: AfxxVi40gqN91NBBlcs2ELAv602aMCLzSA5wepTYjPOSIajbegZWMA
.turn.com/ Name: uid
Value: 2802653728290887916
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-9672974b-8871-4a5e-8a78-70b8c34afcee-003%22%2C%22nxtrdr%22%3Afalse%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-9672974b-8871-4a5e-8a78-70b8c34afcee-003%22%7D
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.adform.net/ Name: C
Value: 1
.omnitagjs.com/ Name: ayl_visitor
Value: c59704308b845f9b9001a9eaca7ecdc2
.360yield.com/ Name: tuuid
Value: 0d1ed48f-cc22-4d6c-bb89-60817a3dd0b0
.360yield.com/ Name: tuuid_lu
Value: 1691566087
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%22493d0f40-3686-11ee-bfa3-69541417b1a1%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22493d0f40-3686-11ee-bfa3-69541417b1a1%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%22493d0f40-3686-11ee-bfa3-69541417b1a1%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22493d0f40-3686-11ee-bfa3-69541417b1a1%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k--lJzQ9kV1tCCiEZ7uK5zfD_wv9FUEUW3xe1uwA%22%2C%22version%22%3A%22criteo%22%7D
.adfarm1.adition.com/ Name: UserID1
Value: 7265221022709905559
.demdex.net/ Name: demdex
Value: 75687496198774004622518368464012677300
.adform.net/ Name: uid
Value: 1649396646492352210
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-bNK8ZNkV1tCCiEZ7uK5zfD_wv9EbyyKGNaOu4w&KRTB&23144-uid:k-bNK8ZNkV1tCCiEZ7uK5zfD_wv9EbyyKGNaOu4w&KRTB&23286-uid:k-bNK8ZNkV1tCCiEZ7uK5zfD_wv9EbyyKGNaOu4w&KRTB&23287-uid:k-bNK8ZNkV1tCCiEZ7uK5zfD_wv9EbyyKGNaOu4w
.360yield.com/ Name: um
Value: !38,pD3SU5.YPnazU1QexjEhNMZCzEPAgNH5P6WqZ40oscd.zrlrj3RSQwMAAVeDOkT5LL13QTlh,1699342087
.360yield.com/ Name: umeh
Value: !38,0,1753774087,-1
.dpm.demdex.net/ Name: dpm
Value: 75687496198774004622518368464012677300
.w55c.net/ Name: wfivefivec
Value: mG1ztD1V1QtDBZ5
.w55c.net/ Name: matchgoogle
Value: 5
.tremorhub.com/ Name: tvid
Value: 1ed2fa74bd9649de86301fa4e7e3afc3
.tremorhub.com/ Name: tv_UICR
Value: k-bZDdUNkV1tCCiEZ7uK5zfD_wv9EtwkQcgGd19Q
.media.net/ Name: visitor-id
Value: 3345676870733427000V10
.media.net/ Name: data-c-ts
Value: 1691566087
.media.net/ Name: data-c
Value: k-Ca67kdkV1tCCiEZ7uK5zfD_wv9FjP4fQ424W7g~~3
.krxd.net/ Name: _kuid_
Value: PuXHGfgx
.pubmatic.com/ Name: KADUSERCOOKIE
Value: CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE
.walla.co.il/ Name: cto_bundle
Value: ZAIko196aFdHN1pCM0JLZVA4RmpSWkZPTyUyRnI5WGg5RFRGZ0YzajVRZ21uRiUyRjclMkJkNCUyQnJrMWVwaTBoQWYxTVZtVzJOU3dWM2VCSDBJWUFLam5WY2wlMkY2WG9YNnJrRVVPd211MzdQc0R4Rm96OWdUOVVBekdtckZSOWpZJTJCZVEyamN0T0tLSHVXcnBoWlhFelFYNSUyRndRZ1NuTmRRZyUzRCUzRA
.weborama.fr/ Name: AFFICHE_W
Value: znUikRfmpjrO50
.quantserve.com/ Name: d
Value: ELwBCwHVKfijAA
.quantserve.com/ Name: mc
Value: 64d34009-0496c-f6ad8-0317b
.simpli.fi/ Name: suid
Value: 797077AE991C4E40BB5045832576DDD7
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjO1MDU0M7YwMRTiM9R1zs_wLMkzNXHMC44EAHrRmdElAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MjO1MDU0M7YwMRTiM9R1zs_wLMkzNXHMC44EAHrRmdElAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmloamZmYGFpYGwEAK2LetEQAAAA
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1649396646492352210&KRTB&23263-1649396646492352210&KRTB&23481-1649396646492352210
.yahoo.com/ Name: A3
Value: d=AQABBAhA02QCEGmOGddEKaDJsBDA9vSe0x8FEgEBAQGR1GTdZAAAAAAA_eMAAA&S=AQAAApXzxa6cK_oqwdzhAoov8sI
.de17a.com/ Name: guid
Value: 1.5792769539606674633
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEA2bjIsMgamOnC36pgDBYMs&KRTB&23025-CAESEA2bjIsMgamOnC36pgDBYMs&KRTB&23386-CAESEA2bjIsMgamOnC36pgDBYMs
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-vZW8D7-R6AWmkewFvcL1Wr3AvASmkesNvMMd4MvG&KRTB&19420-vZW8D7-R6AWmkewFvcL1Wr3AvASmkesNvMMd4MvG&KRTB&22979-vZW8D7-R6AWmkewFvcL1Wr3AvASmkesNvMMd4MvG&KRTB&23403-vZW8D7-R6AWmkewFvcL1Wr3AvASmkesNvMMd4MvG
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5140084926585163841
.linkedin.com/ Name: bcookie
Value: "v=2&a3921433-3def-48ff-8bd2-75db74da3a48"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTE1NjYwODk7MjswMjHJYff2mGtG/l87fBlAJEXcRwEvA4iN3Zz8bb+nSLKwdA==
.linkedin.com/ Name: lidc
Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2642:u=1:x=1:i=1691566089:t=1691652489:v=2:sig=AQHlC8DjLzZoeKoNtjhxA_pXIiwutJSO"
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5792769539606674633
.company-target.com/ Name: tuuid
Value: 7c7a06e4-f58f-43fe-9fa8-29a1ccccc241
.company-target.com/ Name: tuuid_lu
Value: 1691566089|ix:0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.creativecdn.com/ Name: u
Value: Q7lx6qAiMw6j4qBx2Xih
.creativecdn.com/ Name: ts
Value: 1691566089
.audrte.com/ Name: arcki2
Value: 6204I0FqPs0TrGq07zxEhtO0A!20220908!1691566089340!ip#138.199.38.134
.audrte.com/ Name: arcki2_pubmatic
Value: CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE!20220908!1691566089342
.smilewanted.com/ Name: sw_user_params_infos
Value: nHiB5XC8E0Ii%2BzWeTYpZbcZyeYD6UJVdf4JRH01dtW0%2BXUeiyMnxlI5NdJGbnO8GJCsfTsnnkXFKOPUBgKfIy8aq9akUj3ZaAX3FlAXs4jT7evAQUwP4Y4QJpLeVROFg74ngT8DvLQPexepVbT0aFW%2BSAo6k%2Bki%2F6mZ4I122mWWFqSQVbAq3c48o%2FRONT0q%2BOuxDivxGjc14u%2Bbwm5I2VcYMd0NeDgzthWvN3QxgWrwa0p2333cRK4ZSeErSOKfUyyRe1hrFUkXKHeUugx8r5HB6YlgD0TtdAxC1MIn8gzs4kuONLuh%2F%2BEowawK9B6zBAuBytwV0cRJBWQYECj913kkG%2BGMrk1rlhlFQ86GLBhdSQQuPuby3BZgFLcIvgMUv%2BzGoMGj2Tc%2FjmF0aGZKkTZg6ArP4co49UPCuZXXL3DQJ%2FyAlEpUs4MJupXFMk9ho
.adnxs.com/ Name: anj
Value: dTM7k!M40mg1yl1ghqdmU(5=9DJjV(!A#FT.TOKKnyW<U1`VROYQM+P8a-O=asTspD>hG%=5O5cJ2^>PB1Uy)dvEY?(j'kU-$Z]HBX5?/1?oYwaPL6CP-g0oVFFIPZ?E*PFjNw?E]?hG)pwR=2w>KbcC$Je(>JUk(Md<0-%'cBB%QH.0O_+DFf3J9P+/Z<FgtnJ1IS%^eq<i.UE03W0G6hvWMjPf%q)3RcA7yj
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiJiNDc4NWYwYTMxOGEyZjg3ZmRjZDMzMzg2OTE4ZTQ5NyIsImV4cGlyZXMiOiIyMDIzLTExLTA3VDA3OjI4OjA5WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTA4LTA5VDA3OjI4OjA5WiJ9
.amazon-adsystem.com/ Name: ad-id
Value: A95uc8ruYEBNkwmlatnoSPg
.audrte.com/ Name: arcki2_ddp2
Value: 6204I0FqPs0TrGq07zxEhtO0A!20220908!1691566089473
.audrte.com/ Name: arcki2_adform
Value: 1649396646492352210!20220908!1691566089688
.pubmatic.com/ Name: SPugT
Value: 1691566089
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 160447:4
.pubmatic.com/ Name: DPSync3
Value: 1692748800%3A197_201_245_241_235_227_226_219
.pubmatic.com/ Name: SyncRTB3
Value: 1694131200%3A203%7C1692144000%3A2_15_223%7C1692748800%3A22_56_54_3_13_161_71_233_81_251_220_21_46_8%7C1692403200%3A63%7C1692835200%3A35
.bidswitch.net/ Name: tuuid
Value: ea9383fb-877e-43ac-b21a-1f1b4b4534b1
.bidswitch.net/ Name: c
Value: 1691566091
.bidswitch.net/ Name: tuuid_lu
Value: 1691566091
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7265221022709905559&KRTB&23369-7265221022709905559
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5875553252916743791&KRTB&23339-5875553252916743791
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2802653728290887916&KRTB&23150-2802653728290887916
.pubmatic.com/ Name: PugT
Value: 1691566092
.onaudience.com/ Name: cookie
Value: 84b16791bc3356d4
.onaudience.com/ Name: done_redirects147
Value: 1
.rqtrk.eu/ Name: browser_id
Value: 1:58191c75-4590-4069-8281-c47a0b23fadc
.zeotap.com/ Name: zc
Value: c1a25401-5262-44db-4037-15a8cfcb0881
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-ea9383fb-877e-43ac-b21a-1f1b4b4534b1
.adsby.bidtheatre.com/ Name: __kuid
Value: 83be4911-5267-49dd-879b-68628f7c74a5.460780092
.semasio.net/ Name: SEUNCY
Value: 4AEA3E58FC534E2A
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZNNADAAD91w4kwBV
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8d2e8db6-777e-59c8-727e-e4289ba75682.V12bpqZe%2Bn9i2DyeOOS7QkPNWLeHxtSyk07I%2FTwC0Js
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8d2e8db6-777e-59c8-727e-e4289ba75682.V12bpqZe%2Bn9i2DyeOOS7QkPNWLeHxtSyk07I%2FTwC0Js
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AjS6Ntnd-WchyfuQom6dWgorHJoY.Zk%2B5bpFiM5TAyV1NI%2BSV6d5lUsVa8co20GGMtoey8HA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AjS6Ntnd-WchyfuQom6dWgorHJoY.Zk%2B5bpFiM5TAyV1NI%2BSV6d5lUsVa8co20GGMtoey8HA
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIEjmM5_rCZjxwZWcPAPX9Fme0u5CiZGHQxEPwUs6yEq6EHwYBCCMgM2mBjABOgShleyOQgRMDtP4.k65zkqc5HqEwaJcR9lbs%2FkJl%2FawT2SYLr7EpY0A7KvY
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIEjmM5_rCZjxwZWcPAPX9Fme0u5CiZGHQxEPwUs6yEq6EHwYBCCMgM2mBjABOgShleyOQgRMDtP4.k65zkqc5HqEwaJcR9lbs%2FkJl%2FawT2SYLr7EpY0A7KvY
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-jS6Ntnd-WchyfuQom6dWgorHJoY&KRTB&23334-jS6Ntnd-WchyfuQom6dWgorHJoY&KRTB&23417-jS6Ntnd-WchyfuQom6dWgorHJoY&KRTB&23426-jS6Ntnd-WchyfuQom6dWgorHJoY

3 Console Messages

Source Level URL
Text
network error URL: https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2023-08-09
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1691539200000(Line 5)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=CAE0D8C3-F47A-42A2-A585-AA2F8B546CBE&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12890047.adoric-om.com
936f0ed2124c62cfcac0f995aa39cd48.safeframe.googlesyndication.com
a.audrte.com
a.twiago.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ad.yieldlab.net
ade.googlesyndication.com
ads.betweendigital.com
ads.eu.criteo.com
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
amg01742-walla-wallanews-ono-btlna.amagi.tv
ap.lijit.com
app.adoric-om.com
bcp.crwdcntrl.net
beacon.krxd.net
bid.g.doubleclick.net
bidder.criteo.com
bs.yandex.ru
c1.adform.net
cat.fr3.eu.criteo.com
cdn-ima.33across.com
cdn-uw2-prod.tsv2.amagi.tv
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.permutive.com
cdn.prod.uidapi.com
cdn.taboola.com
cdn.valuad.cloud
cdnjs.cloudflare.com
cds.taboola.com
cf.dxmcdn.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
cr.frontend.weborama.fr
creativecdn.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
csi.gstatic.com
csm.eu.criteo.net
csync.smilewanted.com
d2r08ja41ypc0t.cloudfront.net
d5p.de17a.com
dal.walla.co.il
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eus.rubiconproject.com
event.dxmdp.com
exchange.mediavine.com
fastlane.rubiconproject.com
gcdn.2mdn.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hb-dot-valuad.appspot.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
images.taboola.com
images.wcdn.co.il
imasdk.googleapis.com
imprammp.taboola.com
invstatic101.creativecdn.com
js-sec.indexww.com
mab.chartbeat.com
mabping.chartbeat.net
match.adsby.bidtheatre.com
match.adsrvr.org
match.sharethrough.com
matching.ivitrack.com
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.rubiconproject.com
pixelgroup-d.openx.net
platform.twitter.com
pm-widget.taboola.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.smilewanted.com
prg.smartadserver.com
pro.ip-api.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.casalemedia.com
r3---sn-4g5e6nzl.c.2mdn.net
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.openx.net
s.amazon-adsystem.com
s.company-target.com
s.thebrighttag.com
s0.2mdn.net
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static.adoric.com
static.chartbeat.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.outbrain.com
sync.richaudience.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
syndication.twitter.com
tags.crwdcntrl.net
tags.dxmdp.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
vidstat.taboola.com
visitor.omnitagjs.com
walla.co.il
web-sdk.smartlook.com
web.hb.ad.cpe.dotomi.com
widget.fr3.eu.criteo.com
ws.rqtrk.eu
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.walla.co.il
x.bidswitch.net
104.18.10.47
104.18.11.47
104.18.24.112
104.18.25.185
104.19.149.54
104.22.68.131
104.244.42.72
13.224.189.75
13.248.245.213
13.32.27.118
13.32.27.57
134.122.57.34
141.226.224.32
141.226.228.48
141.94.171.213
141.95.32.69
142.250.181.226
142.250.185.130
142.250.185.194
151.101.1.108
151.101.129.44
151.101.194.49
162.19.138.118
162.55.236.225
172.217.16.194
178.250.1.9
178.250.7.11
178.250.7.13
178.250.7.9
18.66.122.88
18.66.147.94
18.66.97.98
184.30.20.22
184.30.22.30
185.183.112.148
185.184.8.90
185.255.84.151
185.255.84.152
185.64.189.112
185.64.191.210
185.80.39.216
185.86.138.124
185.86.138.151
185.86.139.93
185.89.210.82
188.42.34.64
193.0.160.130
198.47.127.19
198.47.127.20
198.47.127.205
2.16.107.194
2001:4860:4802:34::36
205.185.216.10
213.155.156.181
216.52.2.6
23.35.236.201
23.35.237.56
23.35.237.75
2600:1f18:612b:4200:b9f1:6dc9:7c36:1111
2600:9000:2057:ae00:18:1fcd:353:c61
2600:9000:20eb:4c00:11:da61:a100:93a1
2600:9000:211a:6600:4:1c73:c740:93a1
2600:9000:2250:6e00:a:e047:753:be1
2602:803:c003:200::44
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:1857
2606:4700:10::6816:3556
2606:4700:20::ac43:4bf1
2606:4700::6810:5914
2606:4700::6811:190e
2606:4700::6812:372
2607:f8b0:4004:c08::78
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:21::14
2a00:1450:4001:3c::8
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::200e
2a00:1450:4001:813::2014
2a00:1450:4001:827::2002
2a00:1450:4001:827::2006
2a00:1450:4001:828::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:400c:c0c::9c
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::11
2a02:2638:d::4
2a02:2638:d::a
2a02:6b8::90
2a02:6ea0:c700::11
2a02:fa8:8806:12::1400
2a02:fa8:8806:12::1460
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
2a04:4e42:200::300
2a04:4e42:600::714
2a05:d018:d29:3605:116:34f8:6532:c6d0
2a06:98c1:3120::3
2a06:98c1:3121::3
3.208.221.95
3.23.201.151
3.33.220.150
3.75.62.37
3.76.178.166
34.102.146.192
34.111.129.221
34.111.131.239
34.117.157.22
34.120.135.53
34.120.218.58
34.149.20.76
34.160.198.118
34.235.212.6
34.241.170.80
34.249.203.210
34.96.70.87
34.96.71.22
34.98.64.218
35.157.81.77
35.204.74.118
35.227.252.103
37.157.3.26
37.157.6.254
46.228.164.11
46.228.174.117
51.38.120.206
51.77.64.70
52.29.235.189
52.31.154.19
52.46.143.56
52.48.194.69
52.49.58.171
52.58.16.150
52.58.163.163
52.58.249.168
52.71.47.12
52.95.122.74
54.154.171.254
54.196.81.233
54.72.193.170
64.202.112.255
65.9.66.68
66.102.1.154
67.202.105.24
69.173.144.138
69.173.144.165
69.173.151.100
77.243.51.121
8.2.108.175
85.114.159.118
85.215.5.31
99.86.4.49
027f4268bd53d8acd3cf3f814fea8ee1312458a3945a5023670b98c396612802
02b9a34773ec700d23a92657536ca41b37bdd6012f2604ed935ebc25b5cbccd0
04af9b5f5e7d4140b6b8e4610c0f93714093f9f7bfe6df57766f70a4caf8c80d
0502011de71862f9a147fa4b55e598afa9cce058839d593ae72f45c3aa0382b7
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534
07d4b62c45593bea2fb7749deaac69b5d0d7155a093bc1762989aea8b7ef9dec
08d2b0b3ed3035436a6ddbb401a3311fa4582f0702e80af32567e966285f4696
08e95d42303b0fed6d2b711e9ba865415d4408e3a7bccf96d27f07b90338822f
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09647504671a7ef9bb925c74c26e6be969edc1ded8ef8a94aa4b1ab1cdfc60af
0ad53957ac72c8e4dd7d1786689889bade3f9aff63118fc36118600cc6fd7574
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0d2e9b079455d3cc77e87ff547c3cc44e669cf119fcfa592fbbdcc9f66755647
0d89a6cbc5121b01d9c85d8a2b8616e9be66606aea1c0736d03d8f0ed78d82f1
0e8aa811daa28726aae1d0b53e7a0dcf2741ceb82b27aa9da66a946c38771a9c
1083d32b6bd31c5bb8b662eb0bd3840484d66a62b699da6acd56b83f7ba05a5a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12d694156b5dff2d4f06b3a12b73d89f93876bea9f719e461cfc5a6007b3cf45
130ce0343a43f45256e2d6bf2dffe8392fb2fbb795b2a27513661280456f9924
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
15263253d6161fbb8f7b1f205f6679608cb803efbd20659c4031f7f72c061410
168edf0838d701121364b17edd02bdf7b6fc38b4fc32320ea0239a8c56e31089
17be538733e499b897cc710d9da0a71f0acf098c61b1fed59bbd59b09350e33f
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
1c4dcf3b62662f4aa2a585956c0a77eb845c6bb99dbc5d71263f742286d79c18
1d5f3ccbd6310b8fc4680ba8d04f45fe4adae9acadc91456db68582fe38bb2e0
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e06feceb4253e394d01cf81cab43f3ca01b57fa953e9fc36f9e3b27e33e761f
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20e8905d7ee4f0029ee39488d3aec72976492c8ec2e4fa9407b0dbc64b8c7e9a
21198eb63886595661560f0524036833aa74dccd92ef053037fd4e19dbfeb1d5
2166f0d302a1be49c618dbd4a9a7cfa47b7967f4bf9c4947d88419b89c98314d
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
23e2409494818d5a7bbcf232f0818db8599da2d9c3c1856572f95ffc7b4b1d2e
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
271f4cbab285002b9fd8b613a8afbe3881e016c69efea2ea46cfa153d0e58892
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c8d5499ac9d95e39f5e9919861e73480b909a40caabc5005c7d97bb4d53e868
2f4068c3c06c9515efee62e1a07bfe700aedd718ca19dd919841954bbb33cbbe
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
301bf90c72cd880946376981a30c087ebfdb02bf1a96780e311b7c48a0ed03a2
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3155ddcb0f5d51f25ed9f8900664a71e016ab370b98dd0af38c15086f0178b47
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
31f4c5a62160b5b5551d04087e5b4d28a320414b826e210c82030e179badfcfd
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
371d0217263a461238e913e66a65f25fad046af5cec08ed2e43d0c43ac5a944a
38ab42b3fc46201e8596ed0b1640d0525838ab325b5437a387c2978a359d20b9
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
39ae1b9382a25828a604dd464d0ac83618f92debc938501ffc77a36af2d60a57
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b517952eb850d7ee92664751fff57a14186ccb0b26f9842cff7a1960a81d7c2
3b7e72485d422e16e084c44e6e3117081442f7b4ee80aa4ebd67013ae831a10f
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3ea555c1e979c28e1d20d729c64ff36b267b83dcabdefe96460d9ae860e4082f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
40083197f6c3fad2ef5d99095c72f3a60072e92bdfcd920dd91299f3679027b7
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
43d61cc56856effaa7f0f83607860cc01520ff870ef34952f4026cf94baf646e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443343d25e80e7e80b0ed2f16bb6aeab2fa933b1ec58470234ef3505eb56e73e
450a80c7735ce639b05893350c17b653c8ea0dfbad64f0d66c0147e479cf0f33
45a23b7399dc01d6571672b6e78d6373ce4b6ba8eea36bb245ef6152e7084602
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4730ad80df82b4b80a09d3e6c50d00e23eee1d05c589b91c24789e0119a36325
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4981f065490974105603631a34f5101c85dc3bac08be7057f546e1ebcd682e9e
49fd8c78131d0033c3aa1efa60edf3d51eae345f330d3372aae9f47d4186f2e1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d7c5d19d034af10c6cf56239d9a8c3991144d3da6fac1bbd14dfec193de1120
4de9be729dd6a4db5f4e886c0e04721b69d609428ad382ccf8ddcad86b80b98a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47
51f3359dfda7f7e3bb7ca5440eba096f6b170c38da65853d53fc56bdd65f396a
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549fdf51dffb7775d8c80636a55d83434588fc0b6a3d4fd2c0477748aa652854
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e1bb5ac96493124163d21acdc1a9e620d826d6654f94a9fab30cd8a648c0b3
565a2adcb0da82a8b692e4464ade6f0fc0db407d991afe81e290003da97aa710
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd
56e72c6148e99351b645552587d81d6d06d0b1179a232790549681542240b7de
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5c05b391859d833d27483981561f3863ca1c0106dcc18fd3ea177620bcc0da92
5d2840fc0bf868ec7e60c9e2f14a0f623b865ee0a7f8459fbfb25881709f7838
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086
60050d2afcf72b69704917710ab11566a7bc21d23f05d566554dac8222c1e493
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62db05cbc08f8a152afa78e6c309221aac46be5a9927d700dc5dcd79b694af7d
644aace6e359180bf6b29b4a7b172f7b6cb8c937fa531eed22a6447fab6a2c8c
6515d3e68e41466a41932054062221d8454fbdf96257863798e12f0f05f50a27
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
677e47016f92a93a26d7ec18f62b8a7fc61cc5db11a44f0c123ba11deea241bb
6870c02877e2dca9a557186fdcceed729cf07aa5f3dc93f0965c2836b19f0ca6
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
6ce98cf5c2cbba575d03fa210dba92cb8ccb9339ef8b2e9928ddd62502528f91
6d27cd6533be72e68832a393f3b7cf61a7635496ede26b8a7acbb985565e24a0
6d524b11312b9b706f71ab88b918c07609aad905462c7cdfd707edf7d7f9778c
6d72004c8e5024d94c6fef48c8b8e20882c0a4b608b16a958e049b2e901a7de8
6dba6e329dfb9cefab40d65bd87209b0f98f585e82f455bff4ffb75e99573a23
70cd5572e967590d2f082f4c43e320648b73f17fd019b27b694a09e1b8ea480f
7130e37a873c8234a49f75f3f2074e07c102821f62f1c980520edb1e69106d80
71c4d9ef909347271ace65e106b6720cae96b1fd9f87295aecd0b2f95c71ee52
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7327225cdf3eb28cd7f8ed4ab98de9d079fe2f007c3d73fd58dc4c757cf6b4cf
7584dc326b41d82e6405ac586d876eceecdc03b2104f8d6da86b6934a032bff2
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309
76e3cc5c558e9b347fc5337bf2c84843d6e6e803897d8a55f9b4b31afb33a281
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
77f6652f82b148e61c424fc396fb86932cfd2ce1573c9303922679b61384224c
7884193161b70833585ed5f20291b15614f7fe930379a3830848e235c6b75393
795a830b0b31bbb525291b12e54586cc1a04986b913e6354a10cf03a17189e2d
7d3bb7053dfc6db6c440055af968857d61a3f5dc5da9ca284349b61395719a2b
7dc8c0053a4ed3257bb446cb8ad5e0351f07f4f8a022d70e02111b40a380536d
801d6ff0dd3191cc7e44d8060ed2336706e8301bf4478df935f1ef87a82c11de
80f819a041ff7f6406c6eb6831eeddf78f31708b106e819bcc9618ad0e5251f0
827ff2a22197d89bc8ca247e8f37232b133ab679bcfdd37bd4bb47326270f5ae
8289820b0720a36d099b95932f821e7551b0b91f6395301c31b715e8f51acca9
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8746c2486406c13a1447d2f4c155e42d866b54b8df6c929d54e61370f72dbeb8
87fb6b47fcd3f946424b100e6873d79168f571983592b3def3054efdcb7afaa8
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c71a9da01c985b867a6b5cf8f6ae8dc59247281ce4feb6a3b96920595515f34
8cce178d2af1945d796fb0f59a956e2d51086ed8d5dd8152efc951c05ecf1f6b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd14b3f60621618e18709f8d47532ac4c83311097d88561ef5b242cf78de558
8e8e99a6d11656786a8e692f3cbfcae9bbb6c02a2583360abcfdf2d9b2cc1dd2
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ef6e6dfd4d82f26303e757b5895d9c9aac7424484bc74cf386055d1bb3e940f
8f1a01c332dcf650d5a7045e89e889fb145c41147571628e7560e40bb56eb063
92130d375c02a3f9f8107374cc09c17e0b01efbe893a7c9641e59f286b174197
9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
9440b1359bb2fec7074717565f7e4346cf9d48161d294ff95d1340d7fb7340a4
9451117a26e3db7297a740e287d3b0c20edddb8c55209679f4e6430f9debee3d
9587711047179611217ac50366774405d064bcece0024d060ed88f8023f493c6
95a0a6e3823b20170bbae77c19ce189d6a1b178f6230ed124cc85da8011bdf28
95b2b72057838839e1aa6076b0148fd3d5f5d6ae2a1674d86f20add73d42b473
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8
980fb247e3df9d66d0e89256968fc4bb10493ab76e1fdefa5dbc17b4a8ac8d8f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ae826ea2d2466b35e251306f530ef7c7d62f50745cae8356ec0c29140bb7996
9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8
9c4a66440211036699ae73862b8412aea62628b8c74d64ea0ab5ccbe50c0a6ac
9cc8c89436c57b5812f3d1ad26420a90f2102682d5e262dc289a1214c9010204
9d52c7c5050b088109075328a9e830e4bfdf6446c763b9e69c637d5c0e11d599
9e122ea02c8e7657d8ed18437a5e8e43244b55bbad4022c0192eb6fddc584d42
9e3035b7f5b0074bf8401e498b2160a29e3f13741f03e537ad98e9a1836a701f
9ef0267d5ec7e7ef7a525893a3fe2d6833c3a3810a12d45907c2017e9c45159a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa
a0364e3f82a9d2ef34febfa8ad48e25f0ad46c9bf955705a58e71a38b62728a5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1cb876b8d4ac161aa3960063801ce2a3e1f893863524b9132de74867fe9d16b
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4338b399e437bda69b997b7de46a7869b9244a1f7cebc91ddaf57329c41e7ae
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5fc21e5811a957597c0425ada387b0b1bed39b58a6fac3b3bdac2ef8a555132
a61ad3eed56758f2e8f0d052c402fa74459dc686adf3334bc0bff18d167211e1
a641d3f105feb870d43e0f7b444ac2eb9e7a69416311c7b7ffcbee708e6b2668
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7b7a60edd47c554b4f801a5eea2b919a15bec1dc1717e3263f2b4465fca88d8
a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336
ab994d90fb6b4e3841442d2a52de882b13b872c9f09c7765a55319aca262a71c
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad9dc28caa0fca7a160f2f4c9907725629603a32a137934e5cdcc2652323f637
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af7f28bda6eccb78c08a8e4c34f27e7580c4e29798a570c7819da42767f8df6f
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0e0089a884fddaa32eba32c25a37e4a013ca0627bdae312fa5dc6448ffa4fab
b11c98023d9dd0752e8774b1d7cfde728054b4ab4de9b275271e2222584c96f2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c2f8a8c3714bc82f6d3eeddf6d7f1cd8a40e8ab2107fcce7ea3b6922fabaa2
b2ec00450bd38cf132e5dabbb8866bdb0246ab2ced18a8f04ad9a5243a56ab20
b3eac0550b379114427c1361eccd17319ca02132838d4f93b2d39666c2ba53a4
b62a89701f26ec1da28a7957e9dbdf26c5151089025c31795f9534a0ea878600
b6917b33076ffd259c69c11e93820e07dc58ff4c018311ec3989ea11093777d9
b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bee88049b26e1a4963cf62a86ef6e35311aae31791e179089f782923923b5cb6
bfa7485c2377c58826a3bc93840a1999be04ffc022c613e65e6919b420c28e4c
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
c457171116b22c2c4828083c1f99975c24edb845f88ebf063afa967ac70df0d5
c49df16b0ef2dccd70ef3976c112e9d8ec1303319ead1cf54eb7de63a8260ea5
c552060330a3da38377c93a64bb61791fc2f31548244d3d23f38d101555ab70b
c79acdc1107dbddcc434e8d680a1dfa4df5f7d8a009927de5a38963821e426cb
c7e3e2281e670435dd46492437a30bcf0c59368d824ac1aa591571d35c81d88b
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca372f1d4ced7e2a37e83eb5b880159ba569a4fbf613b9cc2894a6c8726c13f6
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cc9c668d0adc9d6964c36112ce8684317d1948d507d3951bcb3b43810527a5e4
cd29d027ae5ba8fc1c71cade9bcd02ed1725b0f239e138caf8d178bd026dd617
cd5e51e4be28957472ed34851536685ff162bb43dec37c9a7be46de1c1b72ee9
cd61182b65f2a79943ceea15b05057776a50ffb301cbb950a4af792e0b78bece
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d32abc540d04e112ddca7cf97c3838a4cb117107f04cb0a188162b5986e9e16a
d3552de02fad4be8ece1d4c2f100d4c8687f1157300b4047b7928be6adfd128c
d4942b70cf508e133781ee59af4563401e595263ad6e55a68f905531aeb498c4
d5c2f46f6fa1c65285c59762ea527a94eae3baa7e84969e11dcc2b8000bc79dd
d5cd01e2ad16f34488c095f6c25f3c891c6a29419368f96fba0b28cab42789f8
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790
d685d349bc446d06cf68755fd4dbd95bb51f8913ad08cea281e371aa1fc284eb
d7dd6a88dffdede74facabb3e5a6a4824c28e3d4195adbcd16fc4a47dec08d7d
dcbe550169d226bb268697e6fcdb33a4e546a6fd7c75dcf269afb53943a97ac7
ddb1ee78b17d7ca125eb601b5e5ba5a48e58521b2273c2ff78a684cab74c4e10
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deac5353deef8d74e1034e2a8b1c592dd83695a929b2c6a1227a9c506034bbd8
dec38ad798114a73cb2b7759e21dfbf7880d34da66857d3510a3172239bee3bd
e088268b26ef8169957ae2f36b619b395c79bf93d7ae84677d09c18b6ddc2e7a
e0c750b97759124bffe209a81cfb7a3aa05dd20ca1168314348cb865254f1ce2
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e20086d70b0cad1c8fa9d16ad11e0f5c1c142c274b25edb986c31836df86ecf0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51252194955e2dfe332108e4982cc87c3b10ea2bc25017382cdb39fb513cf28
e69daead9d04dff3a117980abf7d01a648b0aa8dd2037a665b423378b825cf4a
e6d6defa67b3b89cb20b719ccc49bf489ab3fc19a0426620b55d513859c5acca
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea61b49db7848aff946a94dda940fe53c5c8fac1807630c232e1b252b2b95cea
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a
ef04e77d73b36545e95ce7e621ceb868e1dfcd000bc61c3b990d428b25bd6e73
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef39d0d27b499b0fe070bd0961dbd9ca1aeb0ada339c62fe14dc65177d4c3f96
ef9f4e5595c87f7bab17859c9e649bc27a66aae8e407d0c72b179a336f6be282
efd4cdbad8f543175a0c4950771947d4f5933afbd1d4f5fe68b8b077cefd7cb2
f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0
f46cd668eeff4772722ba6e57ae87351c1ba6209745cf6a26f1371294e13420c
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f658e70968e2c2a08a9a630aed03c76ee28dcd60d219b71a10231c0913c68ffe
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7e1c55f87587de4797fdd01ade59c8511fcc9949c662db29468b4e8dc2361e3
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
fba5c7d3750000b669c9c3bd2d7fa3bd1eb6a1dc564a9752c4116ad0f7562c1b
fc46eeb8b55aba05649dcc7a20796c0328779574a79d9a8b76109e2da731a6e2
fcbd2a1d6a777a9fdc83f799fed047541c355fb4896d4004e8b5cbb2f3ab1098
fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382
fdb3a5f6e3182c980503f12c3b7d7a6cbbf899db34df26816ac905acb58f7cdb