e.walla.co.il Open in urlscan Pro
143.204.98.54 Public Scan

URL: https://weather.walla.co.il/

URL: https://mail.walla.co.il/
Title: וואלה! דוארקרא דואר

URL: https://news.walla.co.il/
Title: חדשות

URL: https://news.walla.co.il/breaking
Title: מבזקים

URL: https://sports.walla.co.il/
Title: ספורט

URL: https://news.walla.co.il/category/5108
Title: ויראלי

URL: https://healthy.walla.co.il/
Title: בריאות

URL: https://food.walla.co.il/
Title: אוכל

URL: https://celebs.walla.co.il/
Title: סלבס

URL: https://travel.walla.co.il/
Title: תיירות

URL: https://tech.walla.co.il/
Title: Tech

URL: https://fashion.walla.co.il/
Title: אופנה

URL: https://www.sheee.co.il/
Title: sheee

URL: https://vod.walla.co.il/
Title: vod

URL: https://judaism.walla.co.il/
Title: יהדות

URL: https://cars.walla.co.il/
Title: רכב

URL: https://fun.walla.co.il/
Title: כיף

URL: https://help.walla.co.il/
Title: עזרה

URL: https://www.walla.co.il/track
Title: מעקב חבילות

URL: https://home.walla.co.il/
Title: בית ועיצוב

URL: https://euro.walla.co.il/
Title: יורו 2020

URL: https://finance.walla.co.il/
Title: כסף

URL: https://www.wallashops.co.il/?utm_source=wallahp1&utm_medium=walla&utm_campaign=hpnemalakniut_1
Title: קניות

URL: https://www.drushim.co.il/
Title: דרושים

URL: https://www.yad2.co.il/?utm_source=Walla&utm_medium=Logo_main&site=Walla

URL: https://horoscope.walla.co.il/
Title: הורוסקופ

URL: https://www.walla.co.il/podcast
Title: פודקאסטים

URL: https://nadlan.walla.co.il/
Title: נדל"ן

URL: https://tld.walla.co.il/
Title: טוב לדעת

URL: https://law.walla.co.il/
Title: משפטי

URL: https://movies.walla.co.il/
Title: סרטים

URL: https://forums.walla.co.il/
Title: פורומים

URL: https://calendar.walla.co.il/
Title: לוח שנה

URL: https://tv-guide.walla.co.il/
Title: לוח שידורים

URL: https://walla.co.il/shabbat-times
Title: כניסת שבת

URL: https://www.b144.co.il/?sitecode=10&subsitecode=1406&site=walla&utm_source=walla&utm_medium=header
Title: B144

URL: https://www.migdal.co.il/campaign/car/walla-v1?utm_source=walla&utm_medium=nivut_up&utm_campaign=elementary_car_walla-2021_customer_sales_lead-online_v1
Title: וואלה! ביטוח

URL: https://theselected.walla.co.il/
Title: הנבחרים

URL: https://mumlazim.walla.co.il/
Title: מומלצים

URL: https://b144.walla.co.il/
Title: עסקים קטנים

URL: https://yoram.walla.co.il/
Title: לימודים

URL: https://career.walla.co.il/
Title: חיפוש עבודה

URL: https://paisculture.walla.co.il/
Title: פיס בתרבות

URL: https://turkish.walla.co.il/
Title: טורקי מוציא ממך יותר

URL: https://gemara.walla.co.il/
Title: הדף היומי

URL: https://bemazal.walla.co.il/
Title: שיהיה במזל

URL: https://malti.walla.co.il/
Title: בא בטוב עם מאלטי

URL: https://starkist.walla.co.il/
Title: כל מה שטוב בטונה

URL: https://www.democratv.org/
Title: דמוקרטTV

URL: https://www.wallashops.co.il/%D7%93%D7%99%D7%9C-%D7%99%D7%95%D7%9E%D7%99?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=dilyomi
Title: דיל יומי

URL: https://www.wallashops.co.il/?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=wallashops
Title: וואלה!שופס

URL: https://www.wallashops.co.il/?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=mivtzeim
Title: מבצעים

URL: https://www.wallatours.co.il/zimmer/
Title: צימרים

URL: https://www.wallaprint.co.il/?utm_source=WALLA&utm_medium=HP&utm_campaign=PRINTtext
Title: אלבומים

URL: https://vod.walla.co.il/movies
Title: סרטים

URL: https://vod.walla.co.il/tvshows
Title: סדרות

URL: https://viva.walla.co.il/
Title: ויוה

URL: https://help.walla.co.il/section/12344
Title: כתבו לנו

URL: https://dcx.walla.co.il/walla/terms/terms.pdf
Title: תנאי שימוש

URL: https://dcx.walla.co.il/walla/terms/PrivacyPolicy.pdf
Title: מדיניות פרטיות

URL: https://www.walla.co.il/about
Title: אודות

URL: https://apps.walla.co.il/
Title: אפליקציות

URL: https://www.walla.co.il/writers
Title: כתבים

URL: https://www.walla.co.il/archive
Title: ארכיון

URL: https://www.walla.co.il/rss
Title: RSS

URL: https://play.google.com/store/apps/details?id=com.walla
Title: אפליקציית אנדרויד

URL: https://itunes.apple.com/il/app/walla!-!ww-lh/id336751384?mt=8
Title: אפליקציית אייפון

URL: https://twitter.com/WallaTarbut
Title: טוויטר

URL: https://facebook.com/wallaentertainment
Title: פייסבוק

URL: https://www.shw.co.il/black-november?utm_source=walla&utm_medium=cpm&utm_campaign=black&utm_term=cpm&utm_content=100*80

URL: https://paisculture.walla.co.il/item/3437950
Title: נינט: "בחרתי בדרך ארוכה יותר, אבל אני יודעת שאגיע"בשיתוף מפעל הפיס

URL: https://www.outbrain.com/what-is/default/he
Title: Recommended by

URL: https://www.reali.co.il/?p=43235&utm_source=TikunNewArticle(NEW)-Desktop&utm_medium=Outbrain&utm_content=%D7%9B%D7%9E%D7%95+%D7%9C%D7%96%D7%9B%D7%95%D7%AA+%D7%91%D7%A4%D7%A8%D7%A1+%D7%9B%D7%A1%D7%A4%D7%99%3A+%D7%94%D7%98%D7%91%D7%AA+%D7%9E%D7%A1+%D7%9C%D7%91%D7%A0%D7%99+55%2B+%D7%A9%D7%97%D7%A1%D7%9B%D7%95+%D7%9E%D7%A2%D7%9C+300+%D7%90%D7%9C%D7%A3+%D7%A9%22%D7%97&utm_term=$section_name$&obOrigUrl=true
Title: כמו לזכות בפרס כספי: הטבת מס לבני 55+ שחסכו מעל 300 אלף… ריאלי | ממומן

URL: https://eruletti24.com/click.php?key=3itooaj942xsaxuagc7z&ob_click_id=$ob_click_id$&trafficsource=005a2d583bf1b8b54c959c0a765851c66d&clickcost=$cpc$&trafficsource_name=$section_name$&siteid=$section_id$&campaign_name=Apomeds_Desktop_SE_A/B_Semi&obOrigUrl=true
Title: Wie du Potenzmittel bekommst: legal, rasch und… Apomagazine | ממומן

URL: https://movies.walla.co.il/movie/6398
Title: מלחמת הכוכבים: אחרוניי הג'די

URL: https://movies.walla.co.il/movie/6496
Title: פרדיננד

URL: https://movies.walla.co.il/movie/6498
Title: טיסה 112

URL: https://movies.walla.co.il/movie/6500
Title: משחקי גמדים

URL: https://dbroker.co.il/%D7%9E%D7%A0%D7%99%D7%99%D7%AA-%D7%A2%D7%9C%D7%99%D7%91%D7%90%D7%91%D7%90-%D7%91%D7%94%D7%A0%D7%97%D7%94-%D7%9C%D7%94%D7%AA%D7%A0%D7%A4%D7%9C-%D7%90%D7%95-%D7%9C%D7%94%D7%AA%D7%A7%D7%A4%D7%9C/?utm_source=outbrain&utm_medium=mobile&utm_campaign=dbroker&utm_content=alibaba&obOrigUrl=true
Title: מניית עליבאבא בהנחה. להתנפל או להתקפל? Dbroker | ממומן

URL: https://gush-dan.co.il/%d7%9e%d7%91%d7%95%d7%98%d7%97%d7%99-%d7%9b%d7%9c%d7%9c%d7%99%d7%aa-%d7%90%d7%95-%d7%9e%d7%90%d7%95%d7%97%d7%93%d7%aa-%d7%9e%d7%92%d7%99%d7%a2-%d7%9c%d7%9b%d7%9d-%d7%a1%d7%91%d7%a1%d7%95%d7%93-%d7%a2/?utm_source=outbrain&utm_medium=cpc&utm_campaign=00fdda0aa1a80e88b52018bb65cf266d80&utm_term=$section_id$&utm_content=006bad9dcc075bba864ecc9c9a934faf36&obOrigUrl=true
Title: בשורות טובות מקופות החולים - סבסוד על מכשיר לטיפול בנחירות חדשות גוש דן | ממומן

URL: https://news.walla.co.il/item/3442943?obOrigUrl=true
Title: אולמרט למגל: "אתה לא עיתונאי. אתה עבריין מין"; מגל: "אתה קשקשן ואידיוט" וואלה

URL: https://www.sheee.co.il/item/3441470?obOrigUrl=true
Title: גם שלי יחימוביץ': "הוא משך אותי וצבט בציצי שלא היה לי" וואלה

URL: https://goo21.com/click.php?key=klnlzd8xi1srafdkzouv&ob_click_id=$ob_click_id$&trafficsource=00a6219cf71b26ee5bf6566e2166275d96&clickcost=$cpc$&trafficsource_name=$section_name$&siteid=$section_id$&campaign_name=Apomeds_Desktop_SE_A/B_Semi&obOrigUrl=true
Title: Så här får du potensmedel: lagligt, snabbt, diskret Apomagazine | ממומן

URL: https://5080c5.llsdzktnxwnnr.com/?subid1=$section_name$&adtitle=Kostnaden+f%C3%B6r+tandimplantat+2021+kan+%C3%B6verraska+dig&subid3=$section_id$&subid4=ar-se-a-dentasw1-42377-0206-ob-fl-wd1&site=$publisher_name$_$section_name$&network=outbrain&OutbrainClickId=$ob_click_id$&obOrigUrl=true
Title: Kostnaden för tandimplantat 2021 kan överraska dig Tandimplantat | Sökannonser | ממומן

URL: https://www.sheee.co.il/item/3439145?obOrigUrl=true
Title: מחקר חושף: זו השעה ביום בה אנחנו הכי חרמנים - והפער גדול בין גברים לנשים וואלה

URL: https://www.volvocars.com/se/care-by-volvo/?utm_source=outbrain&utm_medium=native&utm_content=lifestyle_native&utm_campaign=se_lifestyle_awareness_0321_care-by-volvo_campaign_xc40bev&obOrigUrl=true
Title: Nu kan du prenumerera på en Volvo. Care by Volvo | ממומן

URL: https://www.topp5svenskadejtingsajter.se/?utm_source=22&tmplt=1.1&zoneid=$section_id$&zonename=$section_name$&adid=00268bd7b487252a5b7b173cc4b6ac1d14&adname=De+b%C3%A4sta+dejtingsajterna+f%C3%B6r+seri%C3%B6sa+f%C3%B6rh%C3%A5llanden&cmpgid=0055f540e0142a59afc0936d08cb579c83&adacc=outb1&srcclkid=$ob_click_id$&obOrigUrl=true
Title: De bästa dejtingsajterna för seriösa förhållanden Top 5 Dating | ממומן

URL: https://b3ea12.llsdzktnxwnnr.com/?subid1=$section_name$&adtitle=Kostnaden+f%C3%B6r+takl%C3%A4ggning+i+2021+kan+%C3%B6verraskar+dig&subid3=$section_id$&site=$publisher_name$_$section_name$&network=outbrain&OutbrainClickId=$ob_click_id$&subid4=ar-se-a-roof1se-51603-a1705-ob-sm&kw1=Nytt+Tak+Pris&kw2=Takl%C3%A4ggning+{City}&kw3=Komplett+Takrenovering&kw4=Takl%C3%A4ggning+Sverige&kw5=Takl%C3%A4ggning+Priser&backfill=0&obOrigUrl=true
Title: Kostnaden för takläggning i 2021 kan överraskar dig Takläggningstjänster | Sökannonser | ממומן

URL: https://real-invest.co.il/?p=27881&utm_source=outbrain&utm_medium=cpc&utm_campaign=00d8523a5da412529e0b4ec80cf9c380f4&utm_term=$section_id$&utm_content=00c0ed883c3d4583c3525e9d631f514c29&obOrigUrl=true
Title: "מי שמנהל סכומים של 300 אלף דולר במט"ח או בחשבון בחו"ל חייב להכיר אותנו" Real Invest השקעות | ממומן

URL: https://celebs.walla.co.il/item/3442716?obOrigUrl=true
Title: מזל טוב כפול: פנינה רוזנבלום הפכה לסבתא לתאומים וואלה

URL: https://lifeexact.com/trending/stjarnornas-vackraste-hus-musicians-ob?utm_source=outbrain&utm_campaign=007fcc4163ee82600ca8da9cfb50fe9b8e&utm_medium=$section_name$__$section_id$&utm_term=%5BFotos%5D+Vid+62+%C3%A5rs+%C3%A5lder+bor+Per+Gessle+i+det+h%C3%A4r+huset&ts=$time_stamp$&tbv=$cpc$&pcl=1&obOrigUrl=true
Title: [Fotos] Vid 62 års ålder bor Per Gessle i det här huset https://lifeexact.com/ | ממומן

URL: https://tags.walla.co.il/%D7%90%D7%99%D7%A8%D7%95%D7%95%D7%99%D7%96%D7%99%D7%95%D7%9F_2021
Title: אירוויזיון 2021

URL: https://tags.walla.co.il/
Title: תגיות וואלה!

URL: https://tags.walla.co.il/%D7%90%D7%91%D7%99_%D7%93%D7%A0%D7%92%D7%95%D7%A8
Title: אבי דנגור

URL: https://tags.walla.co.il/%D7%90%D7%97%D7%99%D7%A0%D7%95%D7%A2%D7%9D_%D7%A0%D7%99%D7%A0%D7%99
Title: אחינועם ניני

URL: https://tags.walla.co.il/%D7%90%D7%A0%D7%94_%D7%96%D7%A7
Title: אנה זק

URL: https://tags.walla.co.il/%D7%90%D7%A1%D7%99_%D7%9B%D7%94%D7%9F
Title: אסי כהן

URL: https://tags.walla.co.il/%D7%90%D7%A8%D7%A5_%D7%A0%D7%94%D7%93%D7%A8%D7%AA
Title: ארץ נהדרת

URL: https://tags.walla.co.il/%D7%91%D7%A0%D7%99%D7%9E%D7%99%D7%9F_%D7%A0%D7%AA%D7%A0%D7%99%D7%94%D7%95
Title: בנימין נתניהו

URL: https://tags.walla.co.il/%D7%92'%D7%90%D7%96
Title: ג'אז

URL: https://tags.walla.co.il/%D7%96%D7%95%D7%92_%D7%9E%D7%A0%D7%A6%D7%97_VIP
Title: זוג מנצח VIP

URL: https://tags.walla.co.il/%D7%9C%D7%92%D7%95
Title: לגו

URL: https://tags.walla.co.il/%D7%9E%D7%A9%D7%97%D7%A7%D7%99_%D7%94%D7%A9%D7%A3
Title: משחקי השף

URL: https://tags.walla.co.il/%D7%A0%D7%93%D7%91_%D7%90%D7%91%D7%95%D7%A7%D7%A1%D7%99%D7%A1
Title: נדב אבוקסיס

URL: https://tags.walla.co.il/%D7%A1%D7%99%D7%A4%D7%95%D7%A8%D7%94_%D7%A9%D7%9C_%D7%A9%D7%A4%D7%97%D7%94
Title: סיפורה של שפחה

URL: https://tags.walla.co.il/%D7%A2%D7%93%D7%9F_%D7%97%D7%A1%D7%95%D7%9F
Title: עדן חסון

URL: https://tags.walla.co.il/%D7%A2%D7%9E%D7%99%D7%AA_%D7%A1%D7%92%D7%9C
Title: עמית סגל

URL: https://tags.walla.co.il/%D7%A2%D7%AA%D7%99_%D7%A9%D7%95%D7%9C%D7%91%D7%A8%D7%92
Title: עתי שולברג

URL: https://tags.walla.co.il/%D7%A4%D7%95%D7%AA%D7%97%D7%99%D7%9D_%D7%99%D7%95%D7%9D
Title: פותחים יום

URL: https://tags.walla.co.il/%D7%A4%D7%A1%D7%98%D7%99%D7%91%D7%9C_%D7%9E%D7%93%D7%99%D7%98%D7%A8%D7%A0%D7%94
Title: פסטיבל מדיטרנה

URL: https://tags.walla.co.il/%D7%A8%D7%A6%D7%97_%D7%9E%D7%90%D7%93%D7%95%D7%9D_%D7%9C%D7%A9%D7%97%D7%95%D7%A8
Title: רצח מאדום לשחור

URL: https://tags.walla.co.il/%D7%A8%D7%A9%D7%AA_13
Title: רשת 13

URL: https://tags.walla.co.il/%D7%A9%D7%A8%D7%94_%D7%91%D7%A8%D7%99%D7%99%D7%9C%D7%99%D7%A1
Title: שרה ברייליס

URL: http://www.oref.org.il/11093-he/Pakar.aspx
Title: פיקוד העורף

URL: https://www.hamal.co.il/
Title: חמ״ל

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://e.walla.co.il/ HTTP 301
https://e.walla.co.il/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 123

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 153

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 180

https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=1769&cs_ucfr=1&ns__t=1624297341658&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D1769%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DSE&c9=https%3A%2F%2Fe.walla.co.il%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=1769&cs_ucfr=1&ns__t=1624297341658&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D1769%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DSE&c9=https%3A%2F%2Fe.walla.co.il%2F

Request Chain 270

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 283

https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624297343149-986437238242-008051-007-005489%26biddername%3D42%26key%3D HTTP 302
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624297343149-986437238242-008051-007-005489%26biddername%3D42%26key%3D&s=190719&C=1

Request Chain 284

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east

Request Chain 301

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNDPf1HxcegOV7-rg0sUoQAAApcAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDQlwJgjt4twSqw7W77CGh0&google_cver=1

Request Chain 302

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNDPf1HxcegOV7-rg0sUoQAAApcAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNDPf1HxcegOV7-rg0sUoQAAApcAAAIB&dcc=t

Request Chain 304

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNDPf1HxcegOV7.rg0sUoQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOcb6jOuAqyOperoxCHRboM&google_cver=1&gdpr=1&google_hm=2

Request Chain 306

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1624383743&gdpr=1

Request Chain 309

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 374

https://r4---sn-5goeen7y.googlevideo.com/videoplayback?expire=1624326144&ei=gM_QYJmINoKD1gK3xYeIBw&ip=185.236.42.79&id=3ed4896f16188a53&itag=22&source=youtube&requiressl=yes&mh=Yp&mm=31&mn=sn-5goeen7y&ms=au&mv=m&mvi=4&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.116&lmt=1622667551720452&mt=1624297021&txp=5311224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAO4Uj6KKI353tsXkWdHrL1zMnzmSGx_xkw1gpke0SvTfAiEAkEvB5Tfhs3ENnApKLXYIIyR_ardeLsgrHg9AoLNcdZQ=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhANZT_q5jOHorgBUamSK4QyOGxsODpYKdQ3LdXUocg8IwAiBVmOdnTN_iWjmyWonpZ-LHCrW7wgyEYFvP9YmETpSaQA==&cpn=GpxN8tXE2EAPoE08 HTTP 302
https://r4---sn-4g5e6nsr.googlevideo.com/videoplayback?expire=1624326144&ei=gM_QYJmINoKD1gK3xYeIBw&ip=185.236.42.79&id=3ed4896f16188a53&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.116&lmt=1622667551720452&txp=5311224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAO4Uj6KKI353tsXkWdHrL1zMnzmSGx_xkw1gpke0SvTfAiEAkEvB5Tfhs3ENnApKLXYIIyR_ardeLsgrHg9AoLNcdZQ=&cpn=GpxN8tXE2EAPoE08&redirect_counter=1&rm=sn-5gole7z&req_id=2d0f6db20a6936e2&cms_redirect=yes&ipbypass=yes&mh=Yp&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5e6nsr&ms=au&mt=1624297021&mv=m&mvi=4&pl=49&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAOzAPK1PLgO2npSHZDgMSeSB2uzk84G4dc14t7GpG1evAiAK3h3BzyXbd5rua9Y47Gaw6C3mAjDg-AuHPfXVCqglmg%3D%3D

406 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
e.walla.co.il/
Redirect Chain

http://e.walla.co.il/
https://e.walla.co.il/

386 KB
213 KB

181ms
77ms

Document
text/html

143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: d86c3896fb9c60b7ac2fe21cc4192b0af45125b2cf1e9bfd552075544c95440e

Request headers

:method: GET
:authority: e.walla.co.il
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 21 Jun 2021 17:35:23 GMT
server: openresty/1.15.8.1
cache-control: public, max-age=600
etag: W/"60732-j7q/egAmEAeXEnYaoznT2CFNSEc"
x-cached: MISS
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: vtGst9a7R3EpAtdL6HNoIlArTnPhfh1GqLJXRuwXpTlyV_vA08xUZA==
age: 416

Redirect headers

Server: CloudFront
Date: Mon, 21 Jun 2021 17:42:19 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://e.walla.co.il/
X-Cache: Redirect from cloudfront
Via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: jvIXIKT1S5LERe6UpJXT4hxlNQ8OxtoaP3E7vGekEHeDZJ8mlK5ynQ==

GET
H2 200 mobile.svg
e.walla.co.il/public/assets/logo/ 1 KB
1013 B 75ms
74ms Image
image/svg+xml 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.walla.co.il/public/assets/logo/mobile.svg
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 0049a61681f009097e433d79763495def6c0a29963c2349643b10bad537266d1

Request headers

:path: /public/assets/logo/mobile.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: e.walla.co.il
referer: https://e.walla.co.il/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 14:03:31 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 13:45:21 GMT
server: openresty/1.15.8.1
age: 13128
etag: W/"437-17a2ed18568"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: pBT8CSXEyUwYaxfUmXFis1As6vbgenQcRP1Y_y0MVtFxfsdd3tX7Aw==
x-cached: MISS

GET
H2 200 logo_new.svg
e.walla.co.il/public/assets/logo/ 1 KB
956 B 75ms
75ms Image
image/svg+xml 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.walla.co.il/public/assets/logo/logo_new.svg
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a6cbbfde0f8fa5053ac3b8a87d712870edae2c840f56df167e4c33f31e61e84b

Request headers

:path: /public/assets/logo/logo_new.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: e.walla.co.il
referer: https://e.walla.co.il/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 14:03:31 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 13:45:21 GMT
server: openresty/1.15.8.1
age: 13128
etag: W/"4bf-17a2ed18568"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: FnnoNOXN8gQ9wivvQxbgWE5eFxRp8FZEz13EADh6_tzBMWzcfMSfYQ==
x-cached: MISS

GET
H2 200 yad2.png
e.walla.co.il/public/assets/icons/ 1 KB
1 KB 72ms
72ms Image
image/png 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.walla.co.il/public/assets/icons/yad2.png
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274

Request headers

:path: /public/assets/icons/yad2.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: e.walla.co.il
referer: https://e.walla.co.il/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 14:03:31 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified: Mon, 21 Jun 2021 13:45:21 GMT
server: openresty/1.15.8.1
age: 13128
etag: W/"488-17a2ed18568"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1160
x-cached: MISS
x-amz-cf-id: SFQf00HghloYgcPgKXO_ZTPiJmg8HTG_G6I2_PZl1LMbhhXVdAGn9g==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 359 KB
57 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T728TH

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7b8c5e32a794c166ba64608bef865a70f47409add58c922f492dcef0624500d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:19 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57772
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 15:36:59 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Jun 2021 17:42:19 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 499 KB
52 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd8fee6e42d755df14a7396b5dd9046b0285375a76d364d2d414cec14ae4fd96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:19 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53453
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 15:36:59 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 21 Jun 2021 17:42:19 GMT

GET
H2 200 almoni-neue-aaa-600.woff
e.walla.co.il/public/font/almoni/ 58 KB
59 KB 69ms
69ms Font
font/woff 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

:path: /public/font/almoni/almoni-neue-aaa-600.woff
pragma: no-cache
origin: https://e.walla.co.il
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: e.walla.co.il
referer: https://e.walla.co.il/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://e.walla.co.il
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 14:03:31 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified: Mon, 21 Jun 2021 13:45:21 GMT
server: openresty/1.15.8.1
age: 13128
etag: W/"e954-17a2ed18568"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 59732
x-cached: MISS
x-amz-cf-id: tYHAdkwXJNyPaoWAJs7ebqUVCtW_B5JTRYxyUn_RPHUAS8GSq7aBXg==

GET
H2 200 vod.png
e.walla.co.il/public/assets/icons/ 1 KB
2 KB 67ms
67ms Image
image/png 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.walla.co.il/public/assets/icons/vod.png
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 7ff6e89ef0a4dcb72ed72196173642deb38c4b539baf3d7030ba8e122c284475

Request headers

:path: /public/assets/icons/vod.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: e.walla.co.il
referer: https://e.walla.co.il/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 14:03:31 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified: Mon, 21 Jun 2021 13:45:21 GMT
server: openresty/1.15.8.1
age: 13128
etag: W/"4a6-17a2ed18568"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1190
x-cached: MISS
x-amz-cf-id: bfmsE7OvMDjnZdFhG2RdKO0gUAukkD8CqP8QIwsfdCjHGkPKlv-5GQ==

GET
H2 200 wallaicons.woff
e.walla.co.il/public/font/fonticon/ 15 KB
15 KB 66ms
65ms Font
font/woff 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

:path: /public/font/fonticon/wallaicons.woff
pragma: no-cache
origin: https://e.walla.co.il
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: e.walla.co.il
referer: https://e.walla.co.il/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://e.walla.co.il
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 14:03:31 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified: Mon, 21 Jun 2021 13:45:21 GMT
server: openresty/1.15.8.1
age: 13128
etag: W/"3bdc-17a2ed18568"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 15324
x-cached: MISS
x-amz-cf-id: mr2gifbm5tjRs0aaotQ8sPZamb7gI9JPwZshtFoi6gsSfy7ZXYgS7g==

GET
H2 200 3196726-46.jpg
img.wcdn.co.il/f_auto,q_auto,w_700,t_54/3/1/9/6/ 23 KB
24 KB 190ms
66ms Image
image/jpeg 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wcdn.co.il/f_auto,q_auto,w_700,t_54/3/1/9/6/3196726-46.jpg
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-83.fra50.r.cloudfront.net
Software: cloudinary /
Resource Hash: 13d8bcd347481231e811181a37654e4936ce0fe32917d1e9cc93441699a3443c

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 05:03:56 GMT
via: 1.1 varnish, 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
age: 45503
edge-cache-tag: 327079464712999492007487317826688912487,403068103238392341085206751664600012668,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 24004
x-request-id: 4323e4550c1edcd6ebdd1db49f560c43
x-served-by: cache-wdc5581-WDC
last-modified: Mon, 21 Jun 2021 05:03:57 GMT
server: cloudinary
x-timer: S1624251836.998180,VS0,VE419
etag: "881cfa34974d149c4ee18718421c7718"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: MSZ85_BjjUbDg8QZUjVd8g_bBXkkmTINfM2hG-JPcaUEkmyws8g_2w==
x-cache-hits: 0

GET
H2 200 3196763-46.jpg
img.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/1/9/6/ 7 KB
8 KB 216ms
91ms Image
image/jpeg 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/1/9/6/3196763-46.jpg
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-83.fra50.r.cloudfront.net
Software: cloudinary /
Resource Hash: 7f145e9467af6fd2586984cc813c7c6e651027da54e30b11a955e0f8c016b74b

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 07:58:09 GMT
via: 1.1 varnish, 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
age: 35050
edge-cache-tag: 345976335051502464294769620194362906097,257272893150882183723114023424477357410,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 7169
x-request-id: 6c6e5664fc1c379890be907a2c406976
x-served-by: cache-wdc5536-WDC
last-modified: Mon, 21 Jun 2021 07:58:10 GMT
server: cloudinary
x-timer: S1624262289.605899,VS0,VE1103
etag: "59c6fa2212c5648e93e607dfb04596de"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: _6Ksq_xgFSlD77_tthFydl8hk3JG_lsFBlBGzTz7KW8uDi-jNPgj-A==
x-cache-hits: 0

GET
H2 200 3197096-46.jpg
img.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/1/9/7/ 8 KB
9 KB 190ms
66ms Image
image/jpeg 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/1/9/7/3197096-46.jpg
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-83.fra50.r.cloudfront.net
Software: cloudinary /
Resource Hash: 67b77112331ffcdca7c1ab3626f1c78089403f51f8a1fd6c80dc246302aa50e0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 16:37:56 GMT
via: 1.1 varnish, 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
age: 3863
edge-cache-tag: 281825388361770649929252612122436869417,257272893150882183723114023424477357410,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 8473
x-request-id: cdda5fc48f8ab706330d7c5dd8e00e01
x-served-by: cache-wdc5521-WDC
last-modified: Mon, 21 Jun 2021 16:36:15 GMT
server: cloudinary
x-timer: S1624293477.651582,VS0,VE1
etag: "4e71f060789bb54810ada82e96db23ed"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: lPpwIiFrfEnGT8SxXYJPgBlldhRUacj39yB8Q5I92VNKpksEIksQlw==
x-cache-hits: 1

GET
H2 200 wallawb.js Show response
cf.dxmcdn.com/dta/ 9 KB
2 KB 32ms
7ms Script
application/javascript 2600:9000:2156:5000:11:da61:a100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.dxmcdn.com/dta/wallawb.js
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5000:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 11fc7b19762b5431e93ab967c1890cb22f0464ce66ec4ab0a3e3ea9a5b951543

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 27 May 2021 11:15:28 GMT
server: AmazonS3
age: 56214
etag: W/"2e6faffac78eacab17ea5bfaf1c8a5d6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
date: Mon, 21 Jun 2021 02:06:23 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: wczZX1yiPhRHVbkcIV-8dLS9oozHo8ElYDUXBLmvQywB6-hdXepc8Q==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6752) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 17:42:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/6752)
Age: 246
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28779

GET
H2 200 almoni-neue-aaa-200.woff
e.walla.co.il/public/font/almoni/ 58 KB
58 KB 56ms
55ms Font
font/woff 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e.walla.co.il/public/font/almoni/almoni-neue-aaa-200.woff
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 86603f4ce9518ae254073f2db409d9ea59f3344a0a37a9064b27d353fc487d5c

Request headers

:path: /public/font/almoni/almoni-neue-aaa-200.woff
pragma: no-cache
origin: https://e.walla.co.il
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: e.walla.co.il
referer: https://e.walla.co.il/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://e.walla.co.il
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 14:04:24 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified: Mon, 21 Jun 2021 13:45:21 GMT
server: openresty/1.15.8.1
age: 13075
etag: W/"e848-17a2ed18568"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 59464
x-cached: MISS
x-amz-cf-id: cA-DkQwQ_rfyOxsKQ7aT2Q8fvKrTWUZll7f6GzZDEpxuu3Lk-PkQEA==

GET
H2 200 almoni-neue-aaa-800.woff
e.walla.co.il/public/font/almoni/ 58 KB
58 KB 56ms
55ms Font
font/woff 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e.walla.co.il/public/font/almoni/almoni-neue-aaa-800.woff
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: ab5efe24966aca3d3addf00730f734a3fd62d552cc8c5dee2a837c057d62856a

Request headers

:path: /public/font/almoni/almoni-neue-aaa-800.woff
pragma: no-cache
origin: https://e.walla.co.il
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: e.walla.co.il
referer: https://e.walla.co.il/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://e.walla.co.il
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 14:03:31 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified: Mon, 21 Jun 2021 13:45:21 GMT
server: openresty/1.15.8.1
age: 13128
etag: W/"e65c-17a2ed18568"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 58972
x-cached: MISS
x-amz-cf-id: IGNrfavKsovvB_3_YclPw-DE7h25bI54qZh6Xz0bkhyupBRtieTlFA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2622
date: Mon, 21 Jun 2021 16:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 21 Jun 2021 18:58:37 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 94 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

388906152967f639b6aa0e48c8cd9b7c536aa9a9484393754cfb6f14b178c8a5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24515
x-xss-protection: 0
pragma: public
x-fb-debug: V6RjJgtIjYyMuEKQ005kxZSMwJRzTAsQQr7zXZd02nxTHGT0BVHlMMGXEI3cRe2du+4l/XimDXHNlrxZ8+Tezw==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Mon, 21 Jun 2021 17:42:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 403 bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js
cdn.permutive.com/ 0
0 104ms
46ms Script
text/html 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2021-06-21
Requested by: Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 325_8fce9a60e3de5d6fca96_walla.js Show response
e.walla.co.il/public/ 295 KB
93 KB 56ms
55ms Script
application/javascript 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e.walla.co.il/public/325_8fce9a60e3de5d6fca96_walla.js
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 89af83a84efd2bfb5708da8f6a2ae1606a4e85a63bf631e3698d6d9d20cb0a2f

Request headers

:path: /public/325_8fce9a60e3de5d6fca96_walla.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: e.walla.co.il
referer: https://e.walla.co.il/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 14:03:31 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 13:47:23 GMT
server: openresty/1.15.8.1
age: 13128
etag: W/"49b37-17a2ed361f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 1_MZZWfr0bIoEWLpR6o-tofdZiNgdxfzCNAz4bWDyfStznE-1JzjIw==
x-cached: HIT

GET
H2 200 main_78b7abe8e04567f25426_walla.js Show response
e.walla.co.il/public/ 750 KB
179 KB 57ms
56ms Script
application/javascript 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e.walla.co.il/public/main_78b7abe8e04567f25426_walla.js
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 5ca988c6f1af4c998f57106024e3d1f3605bac8fcdf4e0c5333c42c29dcd9b19

Request headers

:path: /public/main_78b7abe8e04567f25426_walla.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: e.walla.co.il
referer: https://e.walla.co.il/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 14:03:31 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 13:47:23 GMT
server: openresty/1.15.8.1
age: 13128
etag: W/"bb8b0-17a2ed361f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Cy5-5E3wGi2kY398VZFBXj7vP0JPa8V-pr1CLsxGWue-rIeTgnCTMA==
x-cached: HIT

GET
H2 200 252_3a2273c2ba3dcbd45b6a_walla.js Show response
e.walla.co.il/public/ 19 KB
6 KB 56ms
55ms Script
application/javascript 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e.walla.co.il/public/252_3a2273c2ba3dcbd45b6a_walla.js
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 11a82b890f14b69c7015aedd080e2ea072a0da881cff7a063f7d55f99e0e6f28

Request headers

:path: /public/252_3a2273c2ba3dcbd45b6a_walla.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: e.walla.co.il
referer: https://e.walla.co.il/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 14:03:31 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 13:47:23 GMT
server: openresty/1.15.8.1
age: 13128
etag: W/"4b32-17a2ed361f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: F83d4ssYPmIU7GSaHVHrets484KDMay8ydDwHNorlD7BDUkAw6cfYA==
x-cached: MISS

GET
H2 200 323_a05d8bed5da86d8b7580_walla.js Show response
e.walla.co.il/public/ 55 KB
13 KB 75ms
74ms Script
application/javascript 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e.walla.co.il/public/323_a05d8bed5da86d8b7580_walla.js
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: d5ad94e318351486a2b1415edc37ef884adeaaad428f335d6da9282c17192400

Request headers

:path: /public/323_a05d8bed5da86d8b7580_walla.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: e.walla.co.il
referer: https://e.walla.co.il/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 14:03:31 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 13:47:23 GMT
server: openresty/1.15.8.1
age: 13128
etag: W/"db2a-17a2ed361f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Ls8IhF4C135dk5cee_bA8qghaKBh9uPsGnYO3P-Xs3TUoRCP-__Ceg==
x-cached: HIT

GET
H2 200 vertical_5363eee8898b9e6dc2d2_walla.js Show response
e.walla.co.il/public/ 336 KB
69 KB 70ms
70ms Script
application/javascript 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e.walla.co.il/public/vertical_5363eee8898b9e6dc2d2_walla.js
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 5840f95cce9f59fca781c746e43dcf4c5350dc7e23e591886a3d010c9f704a02

Request headers

:path: /public/vertical_5363eee8898b9e6dc2d2_walla.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: e.walla.co.il
referer: https://e.walla.co.il/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 14:03:31 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 13:47:23 GMT
server: openresty/1.15.8.1
age: 13128
etag: W/"540dc-17a2ed361f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: epnROzVJtdkseYX7l52NkgsRLJcidXXLv0ujYl8yBJO9ewPUefJLaQ==
x-cached: HIT

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame 6FD0 319 KB
103 KB 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fe.walla.co.il
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://e.walla.co.il/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e.walla.co.il/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 336471
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 21 Jun 2021 17:42:19 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6760)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H/1.1 200
OK widget-c.js Show response
d29k50lkkhkjby.cloudfront.net/19762286-74a3/5/ 745 B
1 KB 170ms
55ms Script
application/javascript 65.9.84.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29k50lkkhkjby.cloudfront.net/19762286-74a3/5/widget-c.js
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8099a196b2170630895f07f2cfe3300a710f47f9f15aa5a574e44237cff91619

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 16 Nov 2020 03:20:48 GMT
Via: 1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 09 Feb 2017 14:13:37 GMT
Server: AmazonS3
Age: 18800491
ETag: "ddea3a811593486529ca061aaabe4dee"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=29030400, public
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
Content-Length: 745
X-Amz-Cf-Id: lUQzR_exa0bBfyzWSsdMkYh7piiYyHc7E86ign_Z2FIN1kkXAoVndw==

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
18 KB 193ms
70ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5795e23ab075ada2d107030286b0b7952fd039d00fd2083c072ac87adb01ce3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17407
x-xss-protection: 0
server: cafe
etag: 6415388614174845058
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 21 Jun 2021 17:42:19 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 26ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=826440049&t=pageview&_s=1&dl=https%3A%2F%2Fe.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%AA%D7%A8%D7%91%D7%95%D7%AA%20%7C%20%D7%9E%D7%92%D7%95%D7%95%D7%9F%20%D7%A8%D7%97%D7%91%20%D7%A9%D7%9C%20%D7%AA%D7%9B%D7%A0%D7%99%20%D7%AA%D7%A8%D7%91%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%94%D7%A2%D7%95%D7%9C%D7%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1455955672&gjid=395106528&cid=250153691.1624297340&tid=UA-4780630-1&_gid=131909892.1624297340&_r=1&gtm=2wg6g0T728TH&cd1=&cd2=4&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%AA%D7%A8%D7%91%D7%95%D7%AA&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=1&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fe.walla.co.il&z=1437460495

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://e.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 1616785908557850 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1616785908557850?v=2.9.41&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

781e0e3ac083ec545977bcbda28b77e1cdde4e90d788a49e39e73741ad8be428

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76022
x-xss-protection: 0
pragma: public
x-fb-debug: /8Xi3bZswhNvAVFc369/Kgb+3gPyjyyx9noytkAQB0Gf6kCt/W5w+7YOB8ksWmA/ooO/vOPI+BlpkWr7WYl64g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 21 Jun 2021 17:42:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 6FD0 256 B
442 B 262ms
156ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=50d7d0e2928c2a4f437d1098c6e55ebdb178d62a

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fe.walla.co.il

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:19 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 17:42:19 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 4982b2f768f79073b61a79804b0b08fdfa9ae4fffd075c9996913b1e1707cd6d
content-length: 176

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
86 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-4780630-1&cid=250153691.1624297340&jid=1455955672&gjid=395106528&_gid=131909892.1624297340&_u=YEBAAEAAAAAAAC~&z=188537237

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 21 Jun 2021 17:42:19 GMT
content-type: text/plain
access-control-allow-origin: https://e.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fe.walla.co.il%2F&rl=&if=false&ts=1624297339709&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&fbp=fb.2.1624297339707.1049627674&it=1624297339663&coo=false&rqm=GET

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 21 Jun 2021 17:42:19 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
111 B 30ms
29ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-4780630-1&cid=250153691.1624297340&jid=1455955672&_u=YEBAAEAAAAAAAC~&z=500599811

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-4780630-1&cid=250153691.1624297340&jid=1455955672&_u=YEBAAEAAAAAAAC~&z=500599811

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 713_32fc0b6e92a597cdb9b9_walla.js Show response
e.walla.co.il/public/ 121 KB
35 KB 54ms
54ms Script
application/javascript 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e.walla.co.il/public/713_32fc0b6e92a597cdb9b9_walla.js
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/public/main_78b7abe8e04567f25426_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: dab3a09fac8af20283b6e95782d8043a98fa0cb4decab151260fa7ee4ba0ff3a

Request headers

:path: /public/713_32fc0b6e92a597cdb9b9_walla.js
pragma: no-cache
cookie: _ga=GA1.3.250153691.1624297340; _gid=GA1.3.131909892.1624297340; _gat_UA-4780630-1=1; _fbp=fb.2.1624297339707.1049627674
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: e.walla.co.il
referer: https://e.walla.co.il/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 14:03:31 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 13:47:23 GMT
server: openresty/1.15.8.1
age: 13129
etag: W/"1e4de-17a2ed361f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: rIU__nPaVX8iMQTSzZ4geQCN1xEoES6H3B1w6ZRdqHvTKUCBBAiDiA==
x-cached: MISS

GET
H2 200 PikudInner_66bdc5e27850d28723d7_walla.js Show response
e.walla.co.il/public/ 3 KB
2 KB 54ms
54ms Script
application/javascript 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e.walla.co.il/public/PikudInner_66bdc5e27850d28723d7_walla.js
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/public/main_78b7abe8e04567f25426_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 9b44ef75ae5fd51653cfcd21374a62962d95676140734cb67578ae51b5213fb2

Request headers

:path: /public/PikudInner_66bdc5e27850d28723d7_walla.js
pragma: no-cache
cookie: _ga=GA1.3.250153691.1624297340; _gid=GA1.3.131909892.1624297340; _gat_UA-4780630-1=1; _fbp=fb.2.1624297339707.1049627674
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: e.walla.co.il
referer: https://e.walla.co.il/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 14:03:31 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 13:47:23 GMT
server: openresty/1.15.8.1
age: 13129
etag: W/"cf0-17a2ed361f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: GzVnU6Cq1UYvK-c9kVxeC64dkBkiD7E71Uh9FdmxcKLiG42Jaf5yZA==
x-cached: MISS

GET
H2 200 737_a9308c69b603007b2626_walla.js Show response
e.walla.co.il/public/ 22 KB
7 KB 55ms
54ms Script
application/javascript 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e.walla.co.il/public/737_a9308c69b603007b2626_walla.js
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/public/main_78b7abe8e04567f25426_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 3fd93c4907173c79718956ea6ebe2af3dfb694b2adc4575bac0416e9620a4fe3

Request headers

:path: /public/737_a9308c69b603007b2626_walla.js
pragma: no-cache
cookie: _ga=GA1.3.250153691.1624297340; _gid=GA1.3.131909892.1624297340; _gat_UA-4780630-1=1; _fbp=fb.2.1624297339707.1049627674
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: e.walla.co.il
referer: https://e.walla.co.il/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 14:03:31 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 13:47:23 GMT
server: openresty/1.15.8.1
age: 13129
etag: W/"57bf-17a2ed361f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 6hoeDdJOR0ZF-4KgvU8KGuOkLuaWMMMat3W4w24zTfWyxkQ2Yu12bA==
x-cached: MISS

GET
H2 200 WebPushPromptInner_2b6c740214db877ed752_walla.js Show response
e.walla.co.il/public/ 4 KB
2 KB 56ms
55ms Script
application/javascript 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e.walla.co.il/public/WebPushPromptInner_2b6c740214db877ed752_walla.js
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/public/main_78b7abe8e04567f25426_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 13b8782785afe742a091990bfaf5329f6fd522673a0b9897fcbb7c5cc204f678

Request headers

:path: /public/WebPushPromptInner_2b6c740214db877ed752_walla.js
pragma: no-cache
cookie: _ga=GA1.3.250153691.1624297340; _gid=GA1.3.131909892.1624297340; _gat_UA-4780630-1=1; _fbp=fb.2.1624297339707.1049627674
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: e.walla.co.il
referer: https://e.walla.co.il/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 14:03:31 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 13:47:23 GMT
server: openresty/1.15.8.1
age: 13129
etag: W/"1008-17a2ed361f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Rqfgwz72F5t__VHf-gataB6UzLMnbaXRjPVvkQWXCL81b6m83aFO4Q==
x-cached: MISS

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 63 KB
21 KB 192ms
74ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/public/325_8fce9a60e3de5d6fca96_walla.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81abbfb293e9fd97861a2c4ce9c86f767de18187ef9ea7b988b7fbcc7597ef1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "908 / 938 of 1000 / last-modified: 1624273814"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21529
x-xss-protection: 0
expires: Mon, 21 Jun 2021 17:42:20 GMT

GET
H/1.1 403
Forbidden render Show response
campaigns.yad2.co.il/widgets/ Frame 43B2 5 KB
3 KB 202ms
63ms Document
text/html 141.226.253.243
RADWARE

General

Check archive.org

Show headers Download Go to

Full URL: https://campaigns.yad2.co.il/widgets/render?widgetId=6
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/public/325_8fce9a60e3de5d6fca96_walla.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 141.226.253.243 , Israel, ASN48851 (RADWARE, IL),
Reverse DNS
Software: rdwr /
Resource Hash: e1905ac65ef86355d0e1ce6b3e5739686b1a49a07bef166686e0b250d497a3b7

Request headers

Host: campaigns.yad2.co.il
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://e.walla.co.il/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e.walla.co.il/

Response headers

Server: rdwr
Date: Mon, 21 Jun 2021 17:42:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

GET
H3-29 200 page.php Show response
www.facebook.com/plugins/ Frame C926 45 KB
14 KB 73ms
72ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallaentertainment&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/public/325_8fce9a60e3de5d6fca96_walla.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

24663c13c61eb32d6a7351e537726b9cf54e3d50c28d17183b1baaf2b32d4d36

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallaentertainment&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e.walla.co.il/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e.walla.co.il/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: F7fPcv/5KR9IvLid3vvu2yk2FyRbPCAw2nr6KXmbvLVRxnYdaNp8K6gFLlSHZ9qQ1GLs+J8ij1c0/BK3+W8yCQ==
date: Mon, 21 Jun 2021 17:42:20 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 401 counter Show response
api-mail.walla.co.il/email/ 13 KB
14 KB 348ms
229ms XHR
text/html 143.204.98.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-mail.walla.co.il/email/counter
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/public/325_8fce9a60e3de5d6fca96_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-40.fra50.r.cloudfront.net
Software: nginx/1.17.3 / PHP/7.1.30
Resource Hash: 89b763a10d03c0b25b98e916d0cfff4e717e68beeec1e6d25334c7f53f1e2d81

Request headers

Accept: application/json, text/plain, */*
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:20 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
server: nginx/1.17.3
x-amz-cf-pop: FRA50-C1
x-powered-by: PHP/7.1.30
x-speed: 0.0748181343
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://e.walla.co.il
cache-control: private; no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-cache: Error from cloudfront
x-amz-cf-id: Wx1VkWqsYath-StY4A4vy32xyHHsQaq4aFQrk5MMvxIyLKNhVe3FTw==
expires: 0

GET
H2 401 counter Show response
api-mail.walla.co.il/email/ 13 KB
14 KB 291ms
172ms XHR
text/html 143.204.98.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-mail.walla.co.il/email/counter
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/public/325_8fce9a60e3de5d6fca96_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-40.fra50.r.cloudfront.net
Software: nginx/1.17.3 / PHP/7.1.30
Resource Hash: dc4c0ae6141041bf1ee8d55269f880b1f539247519f7fe5dcce33f942e43cec0

Request headers

Accept: application/json, text/plain, */*
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:20 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
server: nginx/1.17.3
x-amz-cf-pop: FRA50-C1
x-powered-by: PHP/7.1.30
x-speed: 0.0734319687
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://e.walla.co.il
cache-control: private; no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-cache: Error from cloudfront
x-amz-cf-id: o2Xy2VOrPf8zOSoj1yhKcvCL_pi0FomxTH9zuegrY5CB-gQtumz5sw==
expires: 0

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fe.walla.co.il%2F%23!%2Fwallahistory&rl=&if=false&ts=1624297340134&sw=1600&sh=1200&v=2.9.41&r=stable&ec=1&o=30&fbp=fb.2.1624297339707.1049627674&it=1624297339663&coo=false&rqm=GET

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 21 Jun 2021 17:42:20 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fe.walla.co.il%2F&rl=&if=false&ts=1624297340135&sw=1600&sh=1200&v=2.9.41&r=stable&ec=2&o=30&fbp=fb.2.1624297339707.1049627674&it=1624297339663&coo=false&rqm=GET

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 21 Jun 2021 17:42:20 GMT

GET
H2 200 close.png
e.walla.co.il/public/assets/ads/ 1 KB
1 KB 53ms
51ms Image
image/png 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.walla.co.il/public/assets/ads/close.png
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

:path: /public/assets/ads/close.png
pragma: no-cache
cookie: _ga=GA1.3.250153691.1624297340; _gid=GA1.3.131909892.1624297340; _gat_UA-4780630-1=1; _fbp=fb.2.1624297339707.1049627674; strip_step=2; _wpnis=2; _wfsis=https://e.walla.co.il
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: e.walla.co.il
referer: https://e.walla.co.il/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 14:03:37 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified: Mon, 21 Jun 2021 13:45:21 GMT
server: openresty/1.15.8.1
age: 13123
etag: W/"46c-17a2ed18568"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1132
x-cached: HIT
x-amz-cf-id: 2NwtpmRAliScM3QPm1CntNJB8wi09Soi6n8GGupVUQtNVT6tOFOdyA==

GET
H2 200 3099592-46.jpg
img.wcdn.co.il/f_auto,q_auto,w_100/3/0/9/9/ 8 KB
9 KB 71ms
69ms Image
image/jpeg 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wcdn.co.il/f_auto,q_auto,w_100/3/0/9/9/3099592-46.jpg
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-83.fra50.r.cloudfront.net
Software: cloudinary /
Resource Hash: af887288e7bd0fcfd2c92b1975fcd74de0ace925886ff7e86284ef7abb29cf48

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 18:53:32 GMT
via: 1.1 varnish, 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
age: 1723728
edge-cache-tag: 222284760587566458466588818901920291019,306801026895664067003183096840615817698,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 8602
x-served-by: cache-wdc5529-WDC
last-modified: Mon, 10 May 2021 07:34:08 GMT
server: cloudinary
x-timer: S1622573612.433939,VS0,VE1
etag: "d3827d762fae19932df29aeb3ab0692e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 29HJxvgI3g4Q7JfaHi4RFnnLbKfne3bJ86d5nyRmHeH5FqI8rhKv1w==
x-cache-hits: 1

GET
H2 200 3196599-46.jpg
img.wcdn.co.il/f_auto,q_auto,w_400,t_54/3/1/9/6/ 22 KB
22 KB 82ms
80ms Image
image/jpeg 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wcdn.co.il/f_auto,q_auto,w_400,t_54/3/1/9/6/3196599-46.jpg
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-83.fra50.r.cloudfront.net
Software: cloudinary /
Resource Hash: ffa3bc32f0f87aa58446132c3870f47ce1c23f587f69851747e2ffaf4219ce13

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 05:37:24 GMT
via: 1.1 varnish, 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
age: 43496
edge-cache-tag: 396387586581765813220678705933641566928,223977879359987201642630465316355490465,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 22281
x-request-id: a9c61f6783ad1054c77bf8aae7e45945
x-served-by: cache-wdc5570-WDC
last-modified: Mon, 21 Jun 2021 05:37:25 GMT
server: cloudinary
x-timer: S1624253844.899466,VS0,VE767
etag: "58d815a580a81b32e58d9dd903858a34"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: -Q9B1JkcAED4TEVdLAvKPV416qH4Sh1t9BLY4qQt0_u9w7SbH4W9eg==
x-cache-hits: 0

GET
H2 200 3196744-46.jpg
img.wcdn.co.il/f_auto,q_auto,w_400,t_54/3/1/9/6/ 17 KB
17 KB 123ms
121ms Image
image/jpeg 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wcdn.co.il/f_auto,q_auto,w_400,t_54/3/1/9/6/3196744-46.jpg
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-83.fra50.r.cloudfront.net
Software: cloudinary /
Resource Hash: 2faf10b10dbba457438faf6151559508d4cb994a862746184b9c5eafadaace32

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 06:39:54 GMT
via: 1.1 varnish, 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
age: 39746
edge-cache-tag: 143059933970652870920638422923791965528,223977879359987201642630465316355490465,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 17186
x-request-id: 527322c857a55c8d601ec26ad890c973
x-served-by: cache-wdc5548-WDC
last-modified: Mon, 21 Jun 2021 06:39:55 GMT
server: cloudinary
x-timer: S1624257592.531334,VS0,VE2914
etag: "876600b35c941c6b9b23cfc4f0ce01d3"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: NLng1zFIEPZtSy00WgdpHQsye_10tb508MOPcGYO0l4N2qptSiKZzw==
x-cache-hits: 0

GET
H2 200 3195306-46.jpg
img.wcdn.co.il/f_auto,q_auto,w_400,t_54/3/1/9/5/ 12 KB
13 KB 74ms
73ms Image
image/jpeg 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wcdn.co.il/f_auto,q_auto,w_400,t_54/3/1/9/5/3195306-46.jpg
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-83.fra50.r.cloudfront.net
Software: cloudinary /
Resource Hash: a36e1a1b718f81cba84c261af9360bc4d1abe3b8832e01bcc10f9733ebccec5b

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 20:15:26 GMT
via: 1.1 varnish, 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
age: 163614
edge-cache-tag: 175634874940832655823573744261992626999,223977879359987201642630465316355490465,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 12565
x-request-id: becf5ba43802a0a7e7e8d3d336f18ce0
x-served-by: cache-wdc5523-WDC
last-modified: Sat, 19 Jun 2021 20:15:27 GMT
server: cloudinary
x-timer: S1624133726.178123,VS0,VE656
etag: "ff9e0d23f566f2ed082e7d88a929b30a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: _MwY-ePvYMpKL9eouIDSdf81dKD9tL-W-Lz544uwfckkR9IWZPpB9g==
x-cache-hits: 0

GET
H2 200 1425392-46.jpg
img.wcdn.co.il/f_auto,q_auto,w_400,t_54/1/4/2/5/ 11 KB
12 KB 124ms
123ms Image
image/jpeg 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wcdn.co.il/f_auto,q_auto,w_400,t_54/1/4/2/5/1425392-46.jpg
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-83.fra50.r.cloudfront.net
Software: cloudinary /
Resource Hash: ac92511e60e8b903d6d362eb5efb07d0bc6570a10cabd2c4f5dc5335644ef7ab

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 16:31:49 GMT
via: 1.1 varnish, 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
age: 90631
edge-cache-tag: 394544636792867975426952246812635920430,223977879359987201642630465316355490465,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 11554
x-request-id: 0feaf17bbb640ba25ff0bcc010effbd0
x-served-by: cache-wdc5551-WDC
last-modified: Sun, 20 Jun 2021 16:31:50 GMT
server: cloudinary
x-timer: S1624206709.267062,VS0,VE341
etag: "80db120e5c8037657b67c4163b93556b"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: ZTpyVPqiWTKs9K95KfbECQgtlXv-_qHyYVNqecHAb5ZTU8MA3-gBbQ==
x-cache-hits: 0

GET
H2 200 3113474-46.jpg
img.wcdn.co.il/f_auto,q_auto,w_1000/3/1/1/3/ 4 KB
5 KB 76ms
74ms Image
image/jpeg 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wcdn.co.il/f_auto,q_auto,w_1000/3/1/1/3/3113474-46.jpg
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-83.fra50.r.cloudfront.net
Software: cloudinary /
Resource Hash: ebd260858b1ebcac6c7c3ff685da00611500a0e05e7ab9327a26c796b9958947

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 07:35:37 GMT
via: 1.1 varnish, 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
age: 3665203
edge-cache-tag: 241418839859046475327764808374152598752,130619888663023881404670022816817465671,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 4430
x-request-id: b4d6253fd8b6a4320507741fd3c53e1d
x-served-by: cache-wdc5539-WDC
last-modified: Mon, 10 May 2021 07:35:38 GMT
server: cloudinary
x-timer: S1620632137.626502,VS0,VE529
etag: "52bab60b4d9bf17ab30f4ce4424283e6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: P_9QgACjP3ZHLe7uWYoqlHqbszzpIcf2W2XCjpaB7Eldxb1pR7LuMA==
x-cache-hits: 0

GET
H2 200 3125845-46.jpeg
img.wcdn.co.il/f_auto,q_auto,w_1000/3/1/2/5/ 100 KB
101 KB 94ms
93ms Image
image/jpeg 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wcdn.co.il/f_auto,q_auto,w_1000/3/1/2/5/3125845-46.jpeg
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-83.fra50.r.cloudfront.net
Software: cloudinary /
Resource Hash: 96bcefe6b087cda4c70bb59286de1e1d56797808abd0a543cd69ee100b109642

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 07:35:37 GMT
via: 1.1 varnish, 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
age: 3665203
edge-cache-tag: 164366029343258314607887645805057330158,103900859607195828848191214078861785264,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 102517
x-request-id: 96b3048564df643b813b4f593b9f9ab3
x-served-by: cache-wdc5555-WDC
last-modified: Mon, 10 May 2021 07:35:38 GMT
server: cloudinary
x-timer: S1620632137.069582,VS0,VE663
etag: "b60b5c1837904b26a5e85e5bec32501f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 5KzG9oCJQpAJy7DIVf7EpJwfTr8upZ3egStiIoz6dKlzzBPWeCYI8g==
x-cache-hits: 0

GET
H2 200 2969545-46.jpg
img.wcdn.co.il/f_auto,q_auto,w_1000/2/9/6/9/ 109 KB
110 KB 127ms
126ms Image
image/jpeg 143.204.98.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wcdn.co.il/f_auto,q_auto,w_1000/2/9/6/9/2969545-46.jpg
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-83.fra50.r.cloudfront.net
Software: cloudinary /
Resource Hash: 98a259007cef43b93082634da7df66e152a88dce49617df63e3bcdf85f153f0c

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 10 May 2021 07:35:38 GMT
via: 1.1 varnish, 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
age: 3665202
edge-cache-tag: 295537164381412186009496866916250944849,130619888663023881404670022816817465671,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 111517
x-request-id: 82bfacfd641375d92bfc03ab59e4c1dc
x-served-by: cache-wdc5566-WDC
last-modified: Mon, 10 May 2021 07:35:39 GMT
server: cloudinary
x-timer: S1620632137.324062,VS0,VE817
etag: "eceb9bbec12444d4b91f2184fe29af31"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: kP9Zb7j7Qzbk0MZwpdKwzUD6OVuNDdnccXVu8XKy_NhqvJ6VLPo54A==
x-cache-hits: 0

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 175 KB
58 KB 163ms
55ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/public/325_8fce9a60e3de5d6fca96_walla.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bd04b954f60aa82c29b90219a9700d424c007dfc6ca94acd18d3178a3fc205ff

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
content-encoding: gzip
last-modified: Sun, 20 Jun 2021 13:23:49 GMT
etag: W/"2ba75-3zb+lM9pwb1vTgpDr3KZwyioMC4"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: af676427c34132f6df8c8df715354caf
timing-allow-origin: *, *
content-length: 59205
expires: Mon, 21 Jun 2021 21:42:20 GMT

GET
H2 200 walla-sprite.svg
e.walla.co.il/public/assets/icons/ 19 KB
6 KB 55ms
54ms Image
image/svg+xml 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.walla.co.il/public/assets/icons/walla-sprite.svg
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 3241bf3866d5c2c02fd32bc792aa155f587efc0780ad197d0040d3377ff5af3f

Request headers

:path: /public/assets/icons/walla-sprite.svg
pragma: no-cache
cookie: _ga=GA1.3.250153691.1624297340; _gid=GA1.3.131909892.1624297340; _gat_UA-4780630-1=1; _fbp=fb.2.1624297339707.1049627674; strip_step=2; _wpnis=2; _wfsis=https://e.walla.co.il
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: e.walla.co.il
referer: https://e.walla.co.il/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 14:03:38 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 13:45:21 GMT
server: openresty/1.15.8.1
age: 13122
etag: W/"4a05-17a2ed18568"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: wp1hRL3cKDLh-qjOUoWe-XlJnoOptYpJebx-QAYtVHsbuROUXBz-EA==
x-cached: HIT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryLSPfbosLcYjA3rxi

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 21 Jun 2021 17:42:20 GMT
content-type: text/plain
access-control-allow-origin: https://e.walla.co.il
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H/1.1 200
OK widget.js Show response
d2muzdhs7lpmo0.cloudfront.net/ 0
596 B 167ms
53ms Script
text/javascript 65.9.84.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2muzdhs7lpmo0.cloudfront.net/widget.js?id=19762286&secure&9023874

Requested by

Host: d29k50lkkhkjby.cloudfront.net
URL: https://d29k50lkkhkjby.cloudfront.net/19762286-74a3/5/widget-c.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.204 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Jun 2021 17:41:22 GMT
Content-Encoding: gzip
Connection: keep-alive
Age: 58
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript; charset=UTF-8
Via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache="set-cookie"
X-Amz-Cf-Pop: AMS1-C1
Content-Length: 20
X-Amz-Cf-Id: pv5ngec8_NYY1dV5n4fmusE_xWK6wJNia2VC0q5Pbf-zxuUg2dOBuw==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1624297340226&cv=9&fst=1624297340226&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fe.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%AA%D7%A8%D7%91%D7%95%D7%AA%20%7C%20%D7%9E%D7%92%D7%95%D7%95%D7%9F%20%D7%A8%D7%97%D7%91%20%D7%A9%D7%9C%20%D7%AA%D7%9B%D7%A0%D7%99%20%D7%AA%D7%A8%D7%91%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%94%D7%A2&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdb16b2b8daabb65a9f654cc0fef3eb11ee4eac9afeed076f919040de5630fea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1060
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo.png
e.walla.co.il/public/assets/pikud/ 21 KB
22 KB 53ms
53ms Image
image/png 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.walla.co.il/public/assets/pikud/logo.png
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

:path: /public/assets/pikud/logo.png
pragma: no-cache
cookie: _ga=GA1.3.250153691.1624297340; _gid=GA1.3.131909892.1624297340; _gat_UA-4780630-1=1; _fbp=fb.2.1624297339707.1049627674; strip_step=2; _wpnis=2; _wfsis=https://e.walla.co.il
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: e.walla.co.il
referer: https://e.walla.co.il/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 14:03:31 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified: Mon, 21 Jun 2021 13:45:21 GMT
server: openresty/1.15.8.1
age: 13129
etag: W/"558e-17a2ed18568"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 21902
x-cached: HIT
x-amz-cf-id: 5yOXUk-yatZs1ssdt3mr46TCMxAxSjG-FlZCoVEOKQvZOtGW_wQrNw==

GET
H/1.1 200
OK moment~timeline.bcb1cafa923482f4826e32741fe16a98.js Show response
platform.twitter.com/js/ 25 KB
8 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.bcb1cafa923482f4826e32741fe16a98.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BE) /
Resource Hash: 5197134265816a7fc5bf360b151eccef4b22bad4b875f4314970860a2e1f2127

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 17:42:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:41 GMT
Server: ECS (frb/67BE)
Age: 336473
Etag: "16c9189d13c8dd38e3e003ac2c6bcc8f+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 8011

GET
H/1.1 200
OK timeline.28ecda9667eeb8e1b18898b99fee6c31.js Show response
platform.twitter.com/js/ 20 KB
7 KB 13ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.28ecda9667eeb8e1b18898b99fee6c31.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6752) /
Resource Hash: a5069082fd23bba93317d61fd6da244d6a85f60e68af7dcb9b0a43284f1d835a

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 17:42:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:41 GMT
Server: ECS (frb/6752)
Age: 336471
Etag: "c0840e4754c01a08685ae9833ec830c8+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 6363

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/964224610/ 42 B
64 B 48ms
45ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/964224610/?random=1624297340226&cv=9&fst=1624294800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fe.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%AA%D7%A8%D7%91%D7%95%D7%AA%20%7C%20%D7%9E%D7%92%D7%95%D7%95%D7%9F%20%D7%A8%D7%97%D7%91%20%D7%A9%D7%9C%20%D7%AA%D7%9B%D7%A0%D7%99%20%D7%AA%D7%A8%D7%91%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%94%D7%A2&fmt=3&is_vtc=1&random=3536172040&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/964224610/ 42 B
64 B 31ms
28ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/964224610/?random=1624297340226&cv=9&fst=1624294800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fe.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%AA%D7%A8%D7%91%D7%95%D7%AA%20%7C%20%D7%9E%D7%92%D7%95%D7%95%D7%9F%20%D7%A8%D7%97%D7%91%20%D7%A9%D7%9C%20%D7%AA%D7%9B%D7%A0%D7%99%20%D7%AA%D7%A8%D7%91%D7%95%D7%AA%20%D7%9E%D7%94%D7%90%D7%A8%D7%A5%20%D7%95%D7%94%D7%A2&fmt=3&is_vtc=1&random=3536172040&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 134 KB
8 KB 39ms
18ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_wallatarbut_old&dnt=false&domain=e.walla.co.il&lang=he&screen_name=wallatarbut&suppress_response_codes=true&t=1804774&tz=GMT%2B0200&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (lcy/1D6A) /

Resource Hash

fcdcc64172ceb88cd3ce110800226f0bcd9ab5a75f98d427c09102d49412a10c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39
x-cache: HIT
content-disposition: attachment; filename=jsonp.jsonp
access-control-allow-methods: GET
vary: Accept-Encoding
content-length: 7360
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 17:41:41 GMT
server: ECS (lcy/1D6A)
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
expires: Mon, 21 Jun 2021 17:47:20 GMT
cache-control: must-revalidate, max-age=300
x-connection-hash: 2064cfc324c589fa716717b34f92d27a733dda29ea7f63f0a3564f5bb6838b32
accept-ranges: bytes
timing-allow-origin: *
x-transaction: 922c40a355287d2d
access-contol-allow-origin: platform.twitter.com

GET
H2 200 ltCvamTqRiJ.css
static.xx.fbcdn.net/rsrc.php/v3/yw/l/1,cross/ Frame C926 23 KB
6 KB 23ms
7ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/1,cross/ltCvamTqRiJ.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallaentertainment&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7c6b4ebd134a7c14b2df9788458783a90b2650a3401a791965bc618a65c90cc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: EX4Av0gc3TMoqwOazLb0pw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 5320
x-fb-rlafr: 0
x-fb-debug: Q+LVFhWsuONxzgWHJwL2lSqlyXHcQKwSKCQKMq4rDjqpN2VMZpUDC3RCxxly4qsU5ckZBk056WgQvqPw1DIZLA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 20 Jun 2022 18:07:54 GMT

GET
H2 200 ggzcJLJkhSr.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/1,cross/ Frame C926 3 KB
1 KB 33ms
17ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/1,cross/ggzcJLJkhSr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d9c39420455c00b8b262c3a629f97aa1888c9c2c16cbc364d801254eb31ab679

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: nTSZf089ckVz6+BpGrIE4Q==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1102
x-fb-rlafr: 0
x-fb-debug: TPxgeNnkxuOLINPWj+fQWnb3ld70k2azl791k1jYcg+0qKhIYcjvTSTTo3S5JtBNtl5DiRLSjf7rdoeJFcX4dQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 17 Jun 2022 01:22:08 GMT

GET
H2 200 jXrsEmrUaEC.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ Frame C926 297 KB
81 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/jXrsEmrUaEC.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5a915d50f69eefcd76b8b57ce8b439080c67d16fb77def91b9d6ba947d662c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: u4XoyvmBU4eRGoHYqdK/aQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 82192
x-fb-rlafr: 0
x-fb-debug: p0naGKt/O1BXTK18T5RXjisGGxVUxsdVRulA15JalNfYl4Mr3BGuYOvkHhxjlkoeM4LpBHkwGUXe7W8DlbjAMw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 18 Jun 2022 23:20:08 GMT

GET
H2 200 IEOQM8FL8ot.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame C926 5 KB
2 KB 33ms
17ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/IEOQM8FL8ot.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mrvV7Xg6Liq29ANLrbPdkw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1630
x-fb-rlafr: 0
x-fb-debug: OdKsDzsNhr9sjZ/JbXj0gS7XVoMbhsXKM0SCQeWKtb75+F9PSOddU43A7GPij9eebBYBv4OL6ArptG+oyZphMQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 15 Jun 2022 04:07:44 GMT

GET
H2 200 izNpnVzjaFg.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yu/r/ Frame C926 64 KB
20 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/izNpnVzjaFg.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a97514722de8ae5975077745ae7cf17543bb809e20a85ce4afa57ef61ff26b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Ek9hLdAByDLugS0gNUcNrg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 19882
x-fb-rlafr: 0
x-fb-debug: SsMoZimwBS1cF4hrSJRL3QyLofqRkYZlruHVXX1545S3Hw5l/M9u687UF1PwZZNjgcJMEdYo44+7ltjhYeVsag==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 20 Jun 2022 17:40:59 GMT

GET
H2 200 hquZTtfTKhX.js Show response
static.xx.fbcdn.net/rsrc.php/v3ixBN4/y_/l/my_MM/ Frame C926 131 KB
36 KB 33ms
18ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ixBN4/y_/l/my_MM/hquZTtfTKhX.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bb6a09fc57d6a02bbc34f7d3ebac790c1d835b0a6c028a8628f7ccd24829e498

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 95C4cW8d7mwTEld3/j6RWg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 37043
x-fb-rlafr: 0
x-fb-debug: 4ac65bTY48XRrNwpqL/g/E4Pu3FtROu6OrhcbEfA7rsBlVpcwmMrA0j8gn0h3vtBwSn8LuI2vJO9hwmkLLGE8g==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 19 Jun 2022 18:27:00 GMT

GET
H2 200 VGuXbDgeBk9.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ Frame C926 1 KB
686 B 32ms
17ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/VGuXbDgeBk9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

20aee8d80ee838e99d01de9b1d0308999080ae8eae2c0243f91b24f73391d317

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Jpynzh/ocvSrdFSn2TC8uA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 521
x-fb-rlafr: 0
x-fb-debug: mA+QY3skFU8YND99wJCYELHrxbihAtF//JhE+X5rda6bdZzhnYgb5Mg2N4DsWPL3Y0g1SB8zmnHD0nnDmieqWw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Mon, 20 Jun 2022 17:40:59 GMT

GET
H2 200 123606937_3863173990359284_3116473627363404761_n.jpg
scontent.xx.fbcdn.net/v/t1.6435-0/p130x130/ Frame C926 14 KB
14 KB 7ms
6ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t1.6435-0/p130x130/123606937_3863173990359284_3116473627363404761_n.jpg?_nc_cat=100&ccb=1-3&_nc_sid=dd9801&_nc_ohc=uPW0mOKmQZ0AX__TkUm&_nc_ht=scontent.xx&tp=6&oh=10c96ac93eb90f1647b4a1850e7b5783&oe=60D52076
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallaentertainment&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 113af0a6a207a579cc6df130531a61c199080c1720bab5aaacc1bb639c816d62

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 3946341963
date: Mon, 21 Jun 2021 17:42:20 GMT
x-fb-trip-id: 2050670934
last-modified: Thu, 05 Nov 2020 07:28:59 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3927514865
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 14206

GET
H2 200 21032495_1720778564598848_2190431934169280054_n.png
scontent.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/ Frame C926 2 KB
2 KB 8ms
7ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/21032495_1720778564598848_2190431934169280054_n.png?_nc_cat=107&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=G4sKq8Z2PIQAX_amn4j&_nc_ht=scontent.xx&tp=30&oh=34a7c6265cb90afc16d4deff8a5ad324&oe=60D59450
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallaentertainment&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 921fe41768abd651a0284c993ba4be61d5cf169092d976b2fc97f7dfdc293462

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 362075049
date: Mon, 21 Jun 2021 17:42:20 GMT
x-fb-trip-id: 2050670934
last-modified: Thu, 24 Aug 2017 11:50:29 GMT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1561338431
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 2434

GET
H3-29 200 qGoWo6gBwwP.png
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame C926 3 KB
3 KB 6ms
6ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/qGoWo6gBwwP.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/1,cross/ltCvamTqRiJ.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/1,cross/ltCvamTqRiJ.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: q08gJb2TBBeJztWMIVhAW6gTIyhr6S6Y9pHdNusjUL+p6u611HA7VjglDopdxCg4IhF3a2wqIAdyA/4cHRsOxw==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: iN31dShDArRt9ZikrDb13w==
date: Mon, 21 Jun 2021 17:42:20 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 2616
x-fb-rlafr: 0
expires: Fri, 17 Jun 2022 01:55:19 GMT

GET
H3-29 200 ApcBOUT5FoS.png
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ Frame C926 573 B
624 B 6ms
6ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/ApcBOUT5FoS.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/1,cross/ltCvamTqRiJ.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/1,cross/ltCvamTqRiJ.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: xrEoyZu0esf8HhnYPAneyLQDt4dUTpVvsP1uTT9Eq/lT1+2HTA0qu7FJ6/tf9CaNNgq2BnFXZjn1uuADlNL8/A==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Y/eW3MWFNJnkcpEqoXzG3Q==
date: Mon, 21 Jun 2021 17:42:20 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 573
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
x-fb-rlafr: 0
expires: Fri, 17 Jun 2022 00:36:28 GMT

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.rtl.css
platform.twitter.com/css/ Frame 9E83 53 KB
12 KB 7ms
6ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.rtl.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: f2008e497684af9e51a9addb53a7f907beec98ea65c244662de30f96fc9162b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 17:42:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Jun 2021 20:42:54 GMT
Server: ECS (frb/6724)
Age: 336473
Etag: "5555e86438bf61ce4a3af787903fc491+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12149

GET
H/1.1 200
OK timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.rtl.css
platform.twitter.com/css/ 53 KB
53 KB 7ms
7ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.rtl.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 17:42:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Jun 2021 20:42:54 GMT
Server: ECS (frb/6724)
Age: 336473
Etag: "5555e86438bf61ce4a3af787903fc491+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12149

GET
H3-29 200 pubads_impl_2021061503.js Show response
securepubads.g.doubleclick.net/gpt/ 325 KB
114 KB 130ms
65ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

408abc3a5bedff37056ecb1ba4872225de8a269ffe9aa04fd8fd38a7e7ec5116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Jun 2021 21:10:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116743
x-xss-protection: 0
expires: Mon, 21 Jun 2021 17:42:20 GMT

GET
H2 200 put.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 94A3 416 B
797 B 55ms
54ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e.walla.co.il/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e.walla.co.il/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1624202906.691501"
last-modified: Sun, 20 Jun 2021 13:23:02 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Mon, 21 Jun 2021 17:42:20 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1624297340~rv=44~id=93162f303e800739c21bee07b650c66c; path=/; Expires=Mon, 21 Jun 2021 17:42:20 GMT; Secure; SameSite=None

GET
H/1.1 200
OK ZS53YWxsYS5jby5pbA== Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 168ms
56ms XHR
application/json 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/ZS53YWxsYS5jby5pbA==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 17:42:20 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=15879
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: b2159619d96de7e63dba4d6bf3a36dbb
Content-Length: 16
Expires: Mon, 21 Jun 2021 22:06:59 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
451 B 55ms
53ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=0.4637513603371519
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Wed, 21 Jul 2021 17:42:20 GMT

GET
H2 200 xN7c6zqM_normal.jpg
pbs.twimg.com/profile_images/590408974098305025/ Frame 9E83 2 KB
2 KB 16ms
12ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/590408974098305025/xN7c6zqM_normal.jpg

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E0) /

Resource Hash

dd8f1f0a49a0aae0c5810fa4259a79c535f6c389f96be752452a8aac1929aba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
x-content-type-options: nosniff
age: 248922
x-cache: HIT
content-length: 1655
x-response-time: 118
surrogate-key: profile_images profile_images/bucket/2 profile_images/590408974098305025
last-modified: Tue, 21 Apr 2015 06:55:23 GMT
server: ECS (frb/67E0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a182e21c88e4fcfac0d519076f04c10a25f105d5e7b7b8d4fcf1535ad787dfb4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E4ZFT0JVUAEjTBF
pbs.twimg.com/media/ Frame 9E83 25 KB
25 KB 17ms
13ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E4ZFT0JVUAEjTBF?format=jpg&name=360x360

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E2) /

Resource Hash

f171cd3324cb33c406ab260b04cd4793d0d8fb8802291455f6e19647f380c537

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
x-content-type-options: nosniff
age: 34079
x-cache: HIT
content-length: 25272
surrogate-key: media media/bucket/9 media/1406888140317478913
last-modified: Mon, 21 Jun 2021 08:12:06 GMT
server: ECS (frb/67E2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 51925fc6b6b69832f4472b35fe315d19445f5ab3b086f41e262428e872585024
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E4Ybwo6UYAUk9FL
pbs.twimg.com/media/ Frame 9E83 14 KB
14 KB 16ms
13ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E4Ybwo6UYAUk9FL?format=jpg&name=360x360

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E0) /

Resource Hash

993b14b8241aafd27522e96ca09eed72c189702d3a33c6f6e039d59a4cd9c42c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
x-content-type-options: nosniff
age: 44959
x-cache: HIT
content-length: 14570
surrogate-key: media media/bucket/0 media/1406842456029552645
last-modified: Mon, 21 Jun 2021 05:10:34 GMT
server: ECS (frb/67E0)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8ef99dfb5ac84b925f7ae4f6b8a5cbe9e002088844f1e7bf56b53889c0ccd9c1
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E4XJeiLUcAAm_wJ
pbs.twimg.com/media/ Frame 9E83 13 KB
13 KB 11ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E4XJeiLUcAAm_wJ?format=jpg&name=360x360

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/668C) /

Resource Hash

9f391ba9272dd40a08dfc3e541b593f7af8e85695d76d8d3b7c0eae976f64540

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
x-content-type-options: nosniff
age: 66542
x-cache: HIT
content-length: 13513
surrogate-key: media media/bucket/6 media/1406751985030688768
last-modified: Sun, 20 Jun 2021 23:11:04 GMT
server: ECS (frb/668C)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 89588c8c8df4d135c1fc4e83dc3b45bfbd21d2a67f07d319f55b7cb4ed1476c6
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E4T6y0yVEAQDBmA
pbs.twimg.com/media/ Frame 9E83 14 KB
14 KB 9ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E4T6y0yVEAQDBmA?format=jpg&name=360x360

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D6) /

Resource Hash

1799ca4bf65a2278a34598bfda34e5a1904aff9384104bc168307e1d585fddd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
x-content-type-options: nosniff
age: 120722
x-cache: HIT
content-length: 14239
surrogate-key: media media/bucket/9 media/1406524734716579844
last-modified: Sun, 20 Jun 2021 08:08:03 GMT
server: ECS (frb/67D6)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1cbcccd55826d3df7935989438097f688bf61d63a0d1df0a03bc141775d1af43
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E4TRexHVUAAzfNE
pbs.twimg.com/media/ Frame 9E83 19 KB
19 KB 10ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E4TRexHVUAAzfNE?format=jpg&name=360x360

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6762) /

Resource Hash

2977282a918a10aa6ec1b24425f297dc721a788586e230925a711c10b0e9a8ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
x-content-type-options: nosniff
age: 131538
x-cache: HIT
content-length: 18995
surrogate-key: media media/bucket/8 media/1406479310156812288
last-modified: Sun, 20 Jun 2021 05:07:33 GMT
server: ECS (frb/6762)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e4bbdf318cefdb2b07f46efbd6a72774e88ccd92acf850ebdaf2d4dbbaa4c785
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E4R--YcUcAg3Wkh
pbs.twimg.com/media/ Frame 9E83 14 KB
14 KB 9ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E4R--YcUcAg3Wkh?format=jpg&name=360x360

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6772) /

Resource Hash

75b03bacec5aa3713fb18c5bd6d9839ea225df9cb08d0cccdf21b6f799b17adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
x-content-type-options: nosniff
age: 153173
x-cache: HIT
content-length: 14663
surrogate-key: media media/bucket/8 media/1406388593824657416
last-modified: Sat, 19 Jun 2021 23:07:04 GMT
server: ECS (frb/6772)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f7976a4dde1a3a8ddf152ae92a665d7717e9bc0c9511bcfc4279cd06121cb26b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E4KPNp2UcAY7AnI
pbs.twimg.com/media/ Frame 9E83 9 KB
9 KB 8ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E4KPNp2UcAY7AnI?format=jpg&name=360x360

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6760) /

Resource Hash

1fc221b63d6aa11aabb62751929e65436204c144ebcaae35d71a391a65eb3c76

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
x-content-type-options: nosniff
age: 283145
x-cache: HIT
content-length: 9311
surrogate-key: media media/bucket/9 media/1405843498427772934
last-modified: Fri, 18 Jun 2021 11:01:03 GMT
server: ECS (frb/6760)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e3e3dee8ac7cfabf211308ad5da95fc60597fbda862047fc8dc441f6ade5b1e3
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E4JmH9iUUAMyKIf
pbs.twimg.com/media/ Frame 9E83 15 KB
15 KB 10ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E4JmH9iUUAMyKIf?format=jpg&name=360x360

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E2) /

Resource Hash

964f49974bf3d18fa02583951e2fe17da03f7f6c28104194a7a03252fb8cca63

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
x-content-type-options: nosniff
age: 293867
x-cache: HIT
content-length: 15458
surrogate-key: media media/bucket/4 media/1405798320656633859
last-modified: Fri, 18 Jun 2021 08:01:32 GMT
server: ECS (frb/67E2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1a511e38949d01c2ae3a5ba3cd08ea1a161cc91f29ffdfb988430cb2b8e16ce2
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E4HqFKoVgAIfbpj
pbs.twimg.com/media/ Frame 9E83 18 KB
18 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E4HqFKoVgAIfbpj?format=jpg&name=360x360

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6763) /

Resource Hash

99e9cc6c64f54a1147a134b9c0d752e75948f14f92d8bd0ed3a7d0d71751da32

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
x-content-type-options: nosniff
age: 326407
x-cache: HIT
content-length: 18558
surrogate-key: media media/bucket/7 media/1405661933190086658
last-modified: Thu, 17 Jun 2021 22:59:35 GMT
server: ECS (frb/6763)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 11d4d46d6cdb928079f04d4848bb1dfb996e05f0a472b9ec2d25048a0fecdb78
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E4Ebv8CVkAAGU9W
pbs.twimg.com/media/ Frame 9E83 15 KB
16 KB 10ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E4Ebv8CVkAAGU9W?format=jpg&name=360x360

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D6) /

Resource Hash

23cf967d28af3aab5646cbb57587ef86739b0336e0f7b7d12a190598b48c5bd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
x-content-type-options: nosniff
age: 380527
x-cache: HIT
content-length: 15762
surrogate-key: media media/bucket/0 media/1405435069100036096
last-modified: Thu, 17 Jun 2021 07:58:06 GMT
server: ECS (frb/67D6)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c4d7e6357e65992133f8d3b05b47e0d49d968a694fbd41749d2bd5a027e6cfd3
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E4EbvW1UcAYyX_O
pbs.twimg.com/media/ Frame 9E83 23 KB
23 KB 8ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E4EbvW1UcAYyX_O?format=jpg&name=360x360

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6760) /

Resource Hash

9d1cdff84de2324a8826d27778318eb2b8f385b72fb21f16428fb565ee3fcbfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
x-content-type-options: nosniff
age: 380527
x-cache: HIT
content-length: 23728
surrogate-key: media media/bucket/0 media/1405435059113324550
last-modified: Thu, 17 Jun 2021 07:58:04 GMT
server: ECS (frb/6760)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6e3b99c3baf81ed83e9d30811bd22d1753382505e8a21803f698ce777de98ca8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E4Cf6W4VgAEIh0P
pbs.twimg.com/media/ Frame 9E83 10 KB
10 KB 8ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E4Cf6W4VgAEIh0P?format=jpg&name=360x360

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6723) /

Resource Hash

b93598fa8ae4226ec3e4f5cca11520a4a4173bea14e3962e775d27c31887d68b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
x-content-type-options: nosniff
age: 412977
x-cache: HIT
content-length: 10441
surrogate-key: media media/bucket/5 media/1405298908662693889
last-modified: Wed, 16 Jun 2021 22:57:03 GMT
server: ECS (frb/6723)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3d2ca3b795ea04e0ee8f6ff0ea78174e15acea2c237e7556a4b2a35c64df825c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E3_RH6BVEAMqZN4
pbs.twimg.com/media/ Frame 9E83 20 KB
20 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E3_RH6BVEAMqZN4?format=jpg&name=360x360

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6712) /

Resource Hash

075532b541c32a22f2532a05c3f6d98d014eb6eea0aa321737fa7f3697842f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
x-content-type-options: nosniff
age: 467203
x-cache: HIT
content-length: 20602
surrogate-key: media media/bucket/3 media/1405071542527004675
last-modified: Wed, 16 Jun 2021 07:53:35 GMT
server: ECS (frb/6712)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: eea091af911fb125fa7a5f7498d68a530db7f6076d86cb903a3b342760556ab8
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E3_RHTuVEAEnV2D
pbs.twimg.com/media/ Frame 9E83 8 KB
8 KB 11ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E3_RHTuVEAEnV2D?format=jpg&name=360x360

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/673A) /

Resource Hash

dd005911266950f0371130dca41245472078fa55709dcb905e0f81fda51d4b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
x-content-type-options: nosniff
age: 467203
x-cache: HIT
content-length: 8067
surrogate-key: media media/bucket/2 media/1405071532246765569
last-modified: Wed, 16 Jun 2021 07:53:32 GMT
server: ECS (frb/673A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8077f0176ecd9abb56f8fbce95ae02cdf0a7f1b291c61a7776be5c49f275c9e5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E39Vwy7VkAEIJTR
pbs.twimg.com/media/ Frame 9E83 15 KB
15 KB 9ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E39Vwy7VkAEIJTR?format=jpg&name=360x360

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6712) /

Resource Hash

52a9be94b47385137e4b726dbf2f096df826d606258ed015d71b0446b6c758b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
x-content-type-options: nosniff
age: 499521
x-cache: HIT
content-length: 15305
surrogate-key: media media/bucket/3 media/1404935905555615745
last-modified: Tue, 15 Jun 2021 22:54:36 GMT
server: ECS (frb/6712)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8a167317670ca93ce96daa402c91907e5c9e65a18ccc2e578a5dc1b1e224df83
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E36G-b4VEAMnyVs
pbs.twimg.com/media/ Frame 9E83 17 KB
17 KB 10ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E36G-b4VEAMnyVs?format=jpg&name=360x360

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6723) /

Resource Hash

a2a31405e7d15afcee28e6867a11cd0ba997c4bf99ecc98141c0b0b42cdd41ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
x-content-type-options: nosniff
age: 553743
x-cache: HIT
content-length: 17292
surrogate-key: media media/bucket/5 media/1404708540980203523
last-modified: Tue, 15 Jun 2021 07:51:09 GMT
server: ECS (frb/6723)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4632c1057c72e5b49e778b3b2cd8cb1b73f26645e00aa757b9df901896ba23ef
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E36G92qVEAMFaJg
pbs.twimg.com/media/ Frame 9E83 21 KB
21 KB 9ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E36G92qVEAMFaJg?format=jpg&name=360x360

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67E2) /

Resource Hash

ec3a79b811e949e07858977e3dfca5ecb603ebc15f7ebfbe9a5668fbc5e91f14

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
x-content-type-options: nosniff
age: 553743
x-cache: HIT
content-length: 21492
surrogate-key: media media/bucket/6 media/1404708530989371395
last-modified: Tue, 15 Jun 2021 07:51:06 GMT
server: ECS (frb/67E2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ed01acd31c924257bab23aacbbaf19a9e51ccf3d8a66a618a962c3833bcb152e
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E34LXMsUcAA6Q4H
pbs.twimg.com/media/ Frame 9E83 15 KB
15 KB 10ms
9ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E34LXMsUcAA6Q4H?format=jpg&name=360x360

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D5) /

Resource Hash

4a5ea7bb88fdde3aedf292c53d3f7ebd2fe59a329efe7ef8d3fb99f0097d4ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
x-content-type-options: nosniff
age: 586142
x-cache: HIT
content-length: 15357
surrogate-key: media media/bucket/2 media/1404572626958184448
last-modified: Mon, 14 Jun 2021 22:51:04 GMT
server: ECS (frb/67D5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6ede0546d62071cb417a0c2f9d5cdaaa2ebe65c3ee427f1071141d528ecbaef0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E3086iRUYAMFZhh
pbs.twimg.com/media/ Frame 9E83 15 KB
15 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E3086iRUYAMFZhh?format=jpg&name=360x360

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6711) /

Resource Hash

c3e179a58fcfe60fcf122b2a78a67e1d6ce078d8052d93951910f3660fd2698d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
x-content-type-options: nosniff
age: 35424
x-cache: HIT
content-length: 14951
surrogate-key: media media/bucket/5 media/1404345635138985987
last-modified: Mon, 14 Jun 2021 07:49:05 GMT
server: ECS (frb/6711)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3e14a1fd4d99db79f1a7b2a35271038f14f326b9e6d3f6d999ccdbc0328a132c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 E308567VgAgzljN
pbs.twimg.com/media/ Frame 9E83 12 KB
12 KB 13ms
11ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/E308567VgAgzljN?format=jpg&name=360x360

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6723) /

Resource Hash

b594709a1ab62efc769545d2068f60134273f1cef25d9750e51075f26632b0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:20 GMT
x-content-type-options: nosniff
age: 35424
x-cache: HIT
content-length: 12426
surrogate-key: media media/bucket/4 media/1404345624577802248
last-modified: Mon, 14 Jun 2021 07:49:03 GMT
server: ECS (frb/6723)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4269aa95500ab6519e4df07e77c48881028da017419ef9366a02c3388f33f3d6
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
DATA 200
OK truncated
/ Frame 43B2 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4dac4e4e88103ecfab3d80268b9c260bb69860463264441c7c3133d39f380d00

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9E83 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 9E83 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 9E83 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 9E83 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 9E83 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 94A3 610 B
991 B 54ms
53ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/test.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: thirdparty=yes
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1624202907.391908"
last-modified: Sun, 20 Jun 2021 13:23:02 GMT
server: AkamaiNetStorage
content-length: 610
cache-control: max-age=345600
date: Mon, 21 Jun 2021 17:42:20 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1624297340~rv=51~id=653c574012489c12c80606512b28f00f; path=/; Expires=Mon, 21 Jun 2021 17:42:20 GMT; Secure; SameSite=None

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 520ms
130ms XHR
application/json 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1624297340647&sessionId=42eb8770-2955-4e14-6561-d37f05327525&url=e.walla.co.il&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Jun 2021 17:42:21 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 37114a16e3cdb5e7fd2ef407b00988fe
Content-Length: 4
Expires: 0

GET
H2 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
853 B 35ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=e.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 17:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=e.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 17:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 55 KB
14 KB 442ms
442ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=697835742480134&correlator=2890334332988070&output=ldjh&impl=fifs&eid=31061040%2C31061474%2C31061411&vrg=2021061503&ptt=17&sc=1&sfv=1-0-38&ecs=20210621&iu_parts=43010785%2Cwallanews%2Cinnerpages%2Ctop_desktop&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160&prev_scp=slot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D4%26vertical_name%3Dentertainment%26mobile%3D0%26vertical_eng_name%3Dentertainment%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fe.walla.co.il%26strip_step%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1624297340&dt=1624297340730&dlt=1624297339442&idt=1247&frm=20&biw=1600&bih=1200&oid=3&adxs=805&adys=99&adks=2574293897&ucis=1&ifi=1&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fe.walla.co.il%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x0&msz=970x0&ga_vid=250153691.1624297340&ga_sid=1624297341&ga_hid=826440049&ga_fc=false&fws=4&ohw=970&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e794cfcbfa41acf01e623f746def251abeb8d4bd7668a5ce9a0c806a88bc9fcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14051
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://e.walla.co.il
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 47ms
14ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
7 KB 664ms
664ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=697835742480134&correlator=2890334332988070&output=ldjh&impl=fifs&eid=31061040%2C31061474%2C31061411&vrg=2021061503&ptt=17&sc=1&sfv=1-0-38&ecs=20210621&iu_parts=43010785%2Cwallanews%2Cinnerpages%2Cskyscraper_desktop&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=120x600%7C160x600&prev_scp=slot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D4%26vertical_name%3Dentertainment%26mobile%3D0%26vertical_eng_name%3Dentertainment%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fe.walla.co.il%26strip_step%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1624297340&dt=1624297340737&dlt=1624297339442&idt=1247&frm=20&biw=1600&bih=1200&oid=3&adxs=1480&adys=180&adks=2790448677&ucis=2&ifi=2&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fe.walla.co.il%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=120x-1&msz=120x-1&ga_vid=250153691.1624297340&ga_sid=1624297341&ga_hid=826440049&ga_fc=false&fws=516&ohw=120&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8921525701f2503ec73ed11d17724b6a3039c68f2954ac93138d58c45aa27eaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7285
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://e.walla.co.il
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 10 KB
5 KB 881ms
880ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=697835742480134&correlator=2890334332988070&output=ldjh&impl=fifs&eid=31061040%2C31061474%2C31061411&vrg=2021061503&ptt=17&sc=1&sfv=1-0-38&ecs=20210621&iu_parts=43010785%2Cwallanews%2Cinnerpages%2Cnickbar_desktop&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=970x40%7C970x50%7C970x80&prev_scp=slot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D4%26vertical_name%3Dentertainment%26mobile%3D0%26vertical_eng_name%3Dentertainment%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fe.walla.co.il%26strip_step%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1624297340&dt=1624297340742&dlt=1624297339442&idt=1247&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1200&adks=578455068&ucis=3&ifi=3&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fe.walla.co.il%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=250153691.1624297340&ga_sid=1624297341&ga_hid=826440049&ga_fc=false&fws=516&ohw=970&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd3af2ea2961bff04e6177aeb6b88b2e788fa0b47335eef253cb69861d3983a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5154
x-xss-protection: 0
google-lineitem-id: 5384999427
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138351619773
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://e.walla.co.il
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 451 B
265 B 1269ms
1268ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=697835742480134&correlator=2890334332988070&output=ldjh&impl=fifs&eid=31061040%2C31061474%2C31061411&vrg=2021061503&ptt=17&sc=1&sfv=1-0-38&ecs=20210621&iu_parts=43010785%2Cwallanews%2Cinnerpages%2Cprestitial_desktop&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ists=1&prev_scp=slot_name%3Dprestitial_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D4%26vertical_name%3Dentertainment%26mobile%3D0%26vertical_eng_name%3Dentertainment%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fe.walla.co.il%26strip_step%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1624297340&dt=1624297340746&dlt=1624297339442&idt=1247&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3148174723&ucis=4&ifi=4&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fe.walla.co.il%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=250153691.1624297340&ga_sid=1624297341&ga_hid=826440049&ga_fc=false&fws=640&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99bc97f5f48dd37b5f7722e0c290a8b7a9c4f94e51dfb14c20b5a4b19c173ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://e.walla.co.il
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 1275ms
1274ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=697835742480134&correlator=2890334332988070&output=ldjh&impl=fifs&eid=31061040%2C31061474%2C31061411&vrg=2021061503&ptt=17&sc=1&sfv=1-0-38&ecs=20210621&iu_parts=43010785%2Cwallanews%2Cinnerpages%2Cvideo_slider_desktop&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&prev_scp=slot_name%3Dvideo_slider_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D4%26vertical_name%3Dentertainment%26mobile%3D0%26vertical_eng_name%3Dentertainment%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fe.walla.co.il%26strip_step%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1624297340&dt=1624297340749&dlt=1624297339442&idt=1247&frm=20&biw=1600&bih=1200&oid=3&adxs=1600&adys=114&adks=2933179666&ucis=5&ifi=5&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fe.walla.co.il%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&ga_vid=250153691.1624297340&ga_sid=1624297341&ga_hid=826440049&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e96eede3591f58ee14dc5ae6bda3e5fea3fe68269eb6e7d51b98911b3a412a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4179
x-xss-protection: 0
google-lineitem-id: 5448236810
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138319714452
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://e.walla.co.il
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 1279ms
1279ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=697835742480134&correlator=2890334332988070&output=ldjh&impl=fifs&eid=31061040%2C31061474%2C31061411&vrg=2021061503&ptt=17&sc=1&sfv=1-0-38&ecs=20210621&iu_parts=43010785%2Cwallanews%2Cinnerpages%2Crectangle1_desktop&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=320x50%7C300x250%7C300x600%7C300x1050&fluid=height&prev_scp=slot_name%3Drectangle1_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D4%26vertical_name%3Dentertainment%26mobile%3D0%26vertical_eng_name%3Dentertainment%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fe.walla.co.il%26strip_step%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1624297340&dt=1624297340752&dlt=1624297339442&idt=1247&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=700&adks=2040804355&ucis=6&ifi=6&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fe.walla.co.il%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=250153691.1624297340&ga_sid=1624297341&ga_hid=826440049&ga_fc=false&fws=4&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7ceb0cf31dec6d9504af0a205235faf2096d5aa0a3fd7dfd326924a1ac75c74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23367
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://e.walla.co.il
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 45 KB
11 KB 1755ms
1755ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=697835742480134&correlator=2890334332988070&output=ldjh&impl=fifs&eid=31061040%2C31061474%2C31061411&vrg=2021061503&ptt=17&sc=1&sfv=1-0-38&ecs=20210621&iu_parts=43010785%2Cwallanews%2Cinnerpages%2Crectangle2_desktop&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x250&prev_scp=slot_name%3Drectangle2_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D4%26vertical_name%3Dentertainment%26mobile%3D0%26vertical_eng_name%3Dentertainment%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fe.walla.co.il%26strip_step%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1624297340&dt=1624297340754&dlt=1624297339442&idt=1247&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=840&adks=4136504620&ucis=7&ifi=7&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fe.walla.co.il%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=250153691.1624297340&ga_sid=1624297341&ga_hid=826440049&ga_fc=false&fws=4&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34ebd5f4b12b6466025839a771fd91769037414390c9b7ed31544c634da9b529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11119
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://e.walla.co.il
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
8 KB 1456ms
1456ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=697835742480134&correlator=2890334332988070&output=ldjh&impl=fifs&eid=31061040%2C31061474%2C31061411&vrg=2021061503&ptt=17&sc=1&sfv=1-0-38&ecs=20210621&iu_parts=43010785%2Cwallanews%2Cinnerpages%2Crectangle3_desktop&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=320x50%7C300x250&fluid=height&prev_scp=slot_name%3Drectangle3_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D4%26vertical_name%3Dentertainment%26mobile%3D0%26vertical_eng_name%3Dentertainment%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fe.walla.co.il%26strip_step%3D1&cookie_enabled=1&bc=31&abxe=1&lmt=1624297340&dt=1624297340759&dlt=1624297339442&idt=1247&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=2273&adks=3491967477&ucis=8&ifi=8&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fe.walla.co.il%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=250153691.1624297340&ga_sid=1624297341&ga_hid=826440049&ga_fc=false&fws=4&ohw=300&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c35302029e7edf076671b5c3255e30059272149099aa0d5bc765d1ad7df8615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7709
x-xss-protection: 0
google-lineitem-id: 5712913917
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138352996921
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://e.walla.co.il
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK .lp Show response
pikud-a0b24.firebaseio.com/ Frame E55C 422 B
664 B 246ms
113ms Script
application/javascript 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pikud-a0b24.firebaseio.com/.lp?start=t&ser=39269355&cb=1&v=5

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/public/713_32fc0b6e92a597cdb9b9_walla.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

cfd61c0f388a1e67af548ca389fda39f8e91c722e193211d8fb24c9291a29343

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 17:42:20 GMT
Server: nginx
Connection: keep-alive
Content-Length: 422
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H2 200 get Show response
odb.outbrain.com/utils/ 25 KB
9 KB 392ms
291ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fe.walla.co.il%2F&idx=0&rand=85862&key=NANOWDGT01&widgetJSId=SFC&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=650&py=3228&vpd=2028&cw=635&ts=1624297340801&settings=true&recs=true&version=2000372&sig=W7iJ5D4L&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c6ecddc16dcec1587dcbe373ccb5ed5e63b8ff9954f77a9e17a50a4743807551

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.117.48
x-cache-hits: 0, 0
x-traceid: 89606e6442532236a6ee0952b3c3dabd
content-encoding: gzip
content-length: 8704
x-served-by: cache-lga21948-LGA, cache-hhn4052-HHN
x-timer: S1624297341.974651,VS0,VE197
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame DD2D
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
571 B

6ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://e.walla.co.il
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 336473
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 21 Jun 2021 17:42:20 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67F3)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

date: Mon, 21 Jun 2021 17:42:20 GMT
pragma: no-cache
server: tsa_o
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Mon, 21 Jun 2021 17:42:20 GMT
x-transaction: b97feb6a76f2f272
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-connection-hash: 4982b2f768f79073b61a79804b0b08fdfa9ae4fffd075c9996913b1e1707cd6d

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-264.firebaseio.com/ Frame 87DC 420 B
649 B 247ms
112ms Document
text/html 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-264.firebaseio.com/.lp?dframe=t&id=3059519&pw=cyUGIb0Srl&ns=pikud-a0b24

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/public/713_32fc0b6e92a597cdb9b9_walla.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

8a38564b58680510baa1c1814966bc2dce045f55f62294620137c8178e4ae33e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Host: s-usc1c-nss-264.firebaseio.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://e.walla.co.il/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e.walla.co.il/

Response headers

Server: nginx
Date: Mon, 21 Jun 2021 17:42:21 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 420
Connection: keep-alive
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-264.firebaseio.com/ Frame E55C 15 B
256 B 246ms
113ms Script
application/javascript 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-264.firebaseio.com/.lp?id=3059519&pw=cyUGIb0Srl&ser=44427922&ns=pikud-a0b24

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/public/713_32fc0b6e92a597cdb9b9_walla.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

3d14e96bd08692f39b357173c908dcb0b21ee11d0bdb29b963ce7fcc836eb4fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 17:42:21 GMT
Server: nginx
Connection: keep-alive
Content-Length: 15
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-264.firebaseio.com/ Frame E55C 58 B
299 B 245ms
113ms Script
application/javascript 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-264.firebaseio.com/.lp?id=3059519&pw=cyUGIb0Srl&ser=44427923&ns=pikud-a0b24&seg0=0&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6MSwiYSI6InMiLCJiIjp7ImMiOnsic2RrLmpzLjktMC0wLWJldGEtNSI6MX19fX0.

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/public/713_32fc0b6e92a597cdb9b9_walla.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

ef824052cc54e24358011a6d1f363813e99264883d6a019f5c98f75e43f78dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 17:42:21 GMT
Server: nginx
Connection: keep-alive
Content-Length: 58
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012106141722000/ Frame 5B9A 189 KB
55 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106141722000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55b50d801b8502706ea91f90c83eb08253f16eb27bc83c6f4047af3655eed6ff

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55217
x-xss-protection: 0
server: sffe
date: Mon, 21 Jun 2021 17:06:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6e85c2cf35b93d5b"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jun 2022 17:06:51 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012106141722000/v0/ Frame 5B9A 13 KB
5 KB 39ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106141722000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73a783d2e5f778e1af41cc4126dfea9956cf43a518e2707658c0200c93765527

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4808
x-xss-protection: 0
server: sffe
date: Mon, 21 Jun 2021 17:06:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "20d5993134a00e72"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jun 2022 17:06:51 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012106141722000/v0/ Frame 5B9A 85 KB
27 KB 40ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106141722000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d10bfad757ebad3e5250a813741d2e98dde085d3dee974beaa2fd5b3d8c76f21

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27288
x-xss-protection: 0
server: sffe
date: Mon, 21 Jun 2021 17:06:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0e18b5d4ac760a2b"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jun 2022 17:06:51 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012106141722000/v0/ Frame 5B9A 3 KB
1 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106141722000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b51423401412ab5d2fec98015b6892087f95d633507fb7a047e9851abb23f221

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1299
x-xss-protection: 0
server: sffe
date: Mon, 21 Jun 2021 17:06:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "da415af7878c9ead"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jun 2022 17:06:51 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012106141722000/v0/ Frame 5B9A 40 KB
13 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106141722000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06503352984183697b7695de1d989652bc05634c474b958169e92a3b430d9d34

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12849
x-xss-protection: 0
server: sffe
date: Mon, 21 Jun 2021 17:06:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b6ce0de783bcb6f"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jun 2022 17:06:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5B9A 5 KB
800 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Heebo:400|Roboto:400,500&lang=iw

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4be8fee6d25b57f8af82aaf6fc6451f07d5795a514e52bb727773733c5ac1c9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 17:10:15 GMT
server: ESF
date: Mon, 21 Jun 2021 17:42:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Jun 2021 17:42:21 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5B9A 4 KB
690 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 15:48:38 GMT
server: ESF
date: Mon, 21 Jun 2021 17:42:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Jun 2021 17:42:21 GMT

GET
DATA 200
OK truncated
/ Frame 5B9A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d231718c727beb10ffe6f2b7107f7544fa74f8024f07e0c1bddb277c7e00fba

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 15650580419221236063
s0.2mdn.net/simgad/ Frame 5B9A 309 KB
310 KB 29ms
8ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15650580419221236063

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f7bc2ac8c94d5231071888c8ee7cdd24223d2b655464aa736351ffbfbb1eeb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 22:52:06 GMT
x-content-type-options: nosniff
age: 327015
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316550
x-xss-protection: 0
last-modified: Thu, 17 Jun 2021 15:30:32 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jun 2022 22:52:06 GMT

GET
H3-29 200 ad
googleads.g.doubleclick.net/dbm/ Frame 5B9A 42 B
63 B 39ms
36ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8v9Uk4M3wrWrCxps6tUJOXD-441w4D5F_hcbV2tdU-ea4bmSnBBnfr9ckIrDA24l_cclqHuKPPFbkXkhE4Pt0eE8PrkGXYBFJ9r2DiKCLUQvHYyBamFAUJlGXMmVxOIvKbnTtYPsCI0KhF6S1v2bSb1fCqg&dbm_d=AKAmf-C5rtymZE_I0nTMeLRigAE8jUmgFnSLoAThHDKpuDszO9WvEe3xeU5IrghBdOeA0I3ia8okXwID55GecISMicIzjyRMgSz3QgDRnJQrsvDkztonDOpFa89qT3cwQ8LBXMBVjRdRpO6YQ5gWYUJ91kWsDp_677IkSupMRBg7h-r31JQIQoO6CqWqsT7_hu6vf1lubwY351IBShtI-TDzoLiG-KPb62RFxsHOONL_cNiD5wMQWWBEGaRKRAbymzS2Fpb0c5U74FYZNrYsOzFzw6DI2RKViqxE2kHxntWSvAoB-ceQAiSsGIskMaOpCdcxSBfSq-wKY0MgWiNoErdeWox9S4LHRn2xCLx8cge0iX5yVZAHxEmHvu3Oe6dTQEyzT53xHC-CBo7yiAre0MI_neU3p-vDtGbEZ1Vt2EdjLy7zCfbZDeGAqJSnB2Hay2xEeCxYtEvatN5KUDDr97asRNkwV83xoEAd8AmRIwQdmp52B_XtkOGAyqE_ZJiio4wCfxEl6U5koVUL1PswIBX1lyc0AXqsqqxnF1_NBPzE_59zuJY_zkSQcWPmLBov8bkkEkKi90ZaPaFXUP5rGqZGvaGBcZGB4Pyd2Qo8G927F-RdbmufPjz8HFgnMD0aCAq99aT3kSaWqBpNlcHjzD5vmOXITghjPFD7MxpDAEL-qpLfGgCLt2v3QVgoI8o5j6l13KYuFfR1Fn2BaB7Ndi80DKX5ILeuNUHrKIpUkN8bUjYcPuS_w9FdsjNNna-ue-5-xV8efvBE8NgZTo8quE3TEfEMTGgVFM77lL0ALPfzAB4NurEfI_3SWSwRGyO4nDg4ukOXovzwlwXHX8ep-ad831CyZWO_4Qy1ONeKVaJaxVgZB4O-PnFxIVUw0C8WtMkpiyyCaddFIFZjdgaE9NWMDtismrgihFCZ4yGzQGxuh40HpmRzoPOoFtV_TTdt48Mojrk51YPgFzKQWrEd7i2coy8Kqd9Oh091qTLQScXO6ui8Wo3GOlvdkHV4r47gR5dH3XOQt2ILgiw3gNzCtmspb_RUQTFyYcLeqw5UFfLiWciDOy90-El7ZfSOzQ62eMcSZ9Y_MWngIafVXIZLlZ_1DqUHvpWflFHTl08PVbPKG1AQaW8uwHHeC2ziRzDrwd9ZA14OpFGCeYQxzUpPEgklnuYDoB2mb1dy94Yic8QkZQbhRnMTf3jkFR2CCqXyuHmAhk3ZLL_g8DSJ_AlxP4Iba3SmRMvSEsBTfF-4YX0o11jnzg3cNX6C3m6ZSwr8HWzJKBWuKeY5Q4LJBISjtyfq5FtzWFwc1XMYjA_ND-2R1YGHcMKuJDERCCGYCfob2PRlYpV9JeEh2HjK83BiA65ZNetKzNfIcTezxukAScDcPVtmwOMVjD4gCzRpYDHXNeZCAbagldjm-h1vqt6FV_--xVkRvZpLeKvaBnq8NR4uirLfomVAVgOeZpySxGEfmTPK5cSezpyN446S8ZmCEJcbzVwRi4HSz0Zhvk_vGeu4O4EK3O7R-IGKdaCnOM7utybxx0m0pNiws0VgjF-0ko8NFqF1FvhgnzHyW14N-oR7vjpG_McikuWvj5W9lw5HTy1xPs3rV2gpkMIMY3TO4a6pVpzt5Tb1D_N807fl0TPdva0s3Dq0PXxqb_pNGReB8NcI0JcYgI1bgicjOSc_APnouPAFJSK9XoPqrM_32wRrlQ8VCcoSly7smVzmnV6l0sxM1pUXY4bg9YfD31Wv5T6raUKnCultEVxfXgd4p2cwwI9Eq_qfe0hYZ3WO-bTdbkCJPz2Oo4Vj5aU1PygxAPFftLJ9ZvouUAmpy989kT_L9LpKKFTCrHRmr10hPMXiH8BRhTE7q8S0T_py4IM0iULA5u_6UzBSjo0n2Dhqcb_bdbhfpEyM1MKx2TMDb35bOc7_f0d-dfxK8RZeSQ56Lzoh6IyRqd3JLZwb-7AXAD6opbPZJBpuyo0GFZO97h4Y1iZM7v_GnT8xRdU2mFQS4AliACF2QZtfAvnFb3d-xDGL4qygsXc6hE00D86tVq-EvIcdwbhUqmsASn9JByP5nxkAluNRCJj5NT1x4FNLGe563hMorXZIylDreGV35M1sQmf_NugYqzp97xpTUjJGPX8Hc0k4QkI3CkfM50sDIQe2VDZPTrWn1bKLuG91ujy5G30oZpyhsKk5d2Zb_b1pFEXNmZFhNv732QxJwYQeagRQlVIzHXC70UHcv-oJrSeS0plC3-I3_qgXXRwabL7gOv7ytUgPTbV16JadqfWTHy7lu-_i4GGmwJ0Ji8Wt5IKjfuQ7_v9HR2LazSvru_kohQj9OthDWNRlanAyR8drbbqDQJXib94AiW-bpXUjBsY3ckuOMJ5stJDHvVPd479dH-LKGoPQgXVu6p9bn20ngYpgfvKzHodqrpQYjgw3hp6WROm4SMLQ04WWJshB0otZ06542whyx1q3jQBA0G0asmziZzB3b3szDccSTcpz1cXM9EUMziazkwpGcHcD6Bek5UkKwP-7HgC_lng0pYjHAFYXexlgGZRnElT9VpXs7zhDRCBK2fVQwHHsYi8GzSHrZAW4hbVkUICNavmNyCNxweKq2Ep6jjos-MmXrg0VMAwRnYOGXX0lwMPs52NogcSUOvf2C-wyamdJ6V-M0KTrPAIDH-WuBSFdF5I_KkBMEk_6qd9RSH0L1GPPkabDOiwm8IoK_lYrDf2dPC02U2SF_qTwSgKAhwNfySzKKxtMpwgsYUAmVajp6HpvmyyrJu42WHCk_USan_ubQeg7Z88mpcSpPD4vB2ikDGVL997PFFdcQMMUxanTzbLHMuj_qhJkEbda58sokBeeuDB43xw4FEEmFM05-Rxji9TEeRB6r1JYc9C11smImUYuhys0aryRhdZnSOQhQNl99CF-GwfJzxYeRJuD1-VUg-oeCTWH1RsyhXFANyGDa5GUKeqq7skv7SykP6pc6K3Ch6yzR7Qo4I-o3Efa9WLdP5PuXNkrMfYzFbu5mz-HcG6nqiLfQm2dKB9XTF7pii4XZzV_QMcm__-EBIpccO3t6sJ8HYIvOuqbZgCufETifZjRHv7VJFbGt8Z_qmrp0jwz5bNBBY07i5LOxeQ_LmrvWPYzcJV2z8njB7foc1WT1WAJ3QLR3RvM3OXnAtWP2d1S9PXVT2y68IzFRGRgkGM-qz9Co4jjq1okrRYMA304QW6_kcjYa3t5NuJaWlR_f9TMY8Xt-lkXW4S3Nh0Tof4fAoi3Sikum-M1-M3PYnzAAz7FnMFf87O7_j_hi2v2v8bTpR_J0J4cdf6HEYvn1bHP-Dg&cid=CAASPeRoXFiNXokBCURue6w_37k9AFZMqAAiIX0LevIVbMXPL4mNnegg3SkJVd6gasruJZictt2w2fbU9F83qmo

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5B9A 0
0 94ms
93ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CnhrufM_QYL_AMPSU7_UPhcGwmAGi2b37X4LA_aGlDvAuEAEg0ZPDKmDxrfyFpB-gAZPblqsCyAEGqQKNNIbnyVt_PqgDAcgDCqoEzwFP0NhBuVwDGTD9n3Cs2hpBDFChWQTBHDHypYc-MKvZPyjhj5tCX1gT8ZjZCaVImCLfwUYhkFdmiPqnSlvGLc-Gco9kUdmPz5GomGWZAzB7Cagr-WSpyN7L2tEZsrE-OxyQnNMNjvV5FlFrW6m-EpTVicJMlqGn_ST58MouD70PD1TSgGiFQf2tm5O5zmG9HpsFqNAXZH7pG_q9kVb8lMl-X6E2SkDnk61Aj26OVzGPeEdwjwRubUtwZnf2GiysyIqvYGW8_us_Sccv9GxBCYbABMzyoOebA-AEA4gFkYzIhSaSBQYIAxAFGAGSBQYIGxABGAGSBQoIIhABGAFIkKthkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAfVpOnUAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUb2AcB8gcKENevHxjb0K-tAdIICQiA4YBwEAEYHYAKA8gLAbATmbrbC8gT_bjNCNATANgTDYgUBNgUAdAVAYAXAbIXGgoYCAASFHB1Yi00NDkxNjU5NDk2MzcyMTcy&sigh=6Tcp653o5vA&cid=CAQSOwCNIrLMdG9E2tDy6zRmEgZozxx6HUhDdNYmmhJTS0qB31rZI19WwLK-fH72uJ69hxaNtn-TvYEVP_xK&template_id=509&vt=10
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 5B9A 0
0 16ms
15ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfdEt7gPZD4GkD_hsBRKAPK34aZYa1FsQfL4yJMpvq129NRkdaRWnI8JcaB8gPKaZd3DAV
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 iw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5B9A 3 KB
3 KB 27ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/iw.png

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 12:56:06 GMT
x-content-type-options: nosniff
server: cafe
age: 17175
etag: 415739381108731362
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2712
x-xss-protection: 0
expires: Tue, 22 Jun 2021 12:56:06 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 5B9A 344 B
449 B 27ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 09:32:16 GMT
x-content-type-options: nosniff
server: cafe
age: 29405
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 22 Jun 2021 09:32:16 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 47ms
19ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021061503&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8661fb5a2de8706a92fffac8563ca4455a6ac085fca6ee0c5a2ff6bd4db3913b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 17:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7862
x-xss-protection: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 5B9A 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:400|Roboto:400,500&lang=iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://e.walla.co.il
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 17:35:42 GMT
x-content-type-options: nosniff
age: 173199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 17:35:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 5B9A 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:400|Roboto:400,500&lang=iw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://e.walla.co.il
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 15:26:07 GMT
x-content-type-options: nosniff
age: 180974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 15:26:07 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 54ms
53ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
last-modified: Thu, 10 Jun 2021 10:07:44 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1623321643.048214"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Wed, 21 Jul 2021 17:42:21 GMT

GET
H2 200 ob_logo_16x16.png
widgets.outbrain.com/images/widgetIcons/ 1 KB
2 KB 55ms
55ms Image
image/png 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.png
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 77f703c4f140a4a24d0fb351cc4e36716ccc4e7c5cac201f28b09a31d5f84f67

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
last-modified: Thu, 10 Jun 2021 10:07:44 GMT
server: AkamaiNetStorage
etag: "96dd1eed1ecd3297bab335082e4a072e:1623321656.76441"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 1524
expires: Wed, 21 Jul 2021 17:42:21 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 493ms
122ms Fetch
text/plain 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=6e12991520116553bf58aef1bb3a1944_1769_1624297341116&tm=767&eT=0&widgetWidth=635&widgetHeight=232&widgetX=650&widgetY=3443&tpcs=0&wRV=2000372&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 21 Jun 2021 17:42:21 GMT
content-encoding: gzip
X-TraceId: 267dec7b4d192074f83e48eccd97aaf2
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 obUserSync.html Show response
widgets.outbrain.com/widgetOBUserSync/ Frame 1BE2 16 KB
6 KB 56ms
55ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6d058d256de1bd7fdb8bfffdfbe42df8e05a8316b80baeb8cd39a2ebf98875a6

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /widgetOBUserSync/obUserSync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e.walla.co.il/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e.walla.co.il/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c4222339e6f5b792e8f284617c533e40:1624286590.582587"
last-modified: Mon, 21 Jun 2021 14:42:58 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=86400
expires: Tue, 22 Jun 2021 17:42:21 GMT
date: Mon, 21 Jun 2021 17:42:21 GMT
content-length: 5465
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1624297341~rv=93~id=954a4a030e83f4b6d83b5d51df2e6c4f; path=/; Expires=Mon, 21 Jun 2021 17:42:21 GMT; Secure; SameSite=None

GET
H2 200 get Show response
odb.outbrain.com/utils/ 23 KB
7 KB 249ms
249ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fe.walla.co.il%2F&idx=1&rand=54764&key=NANOWDGT01&widgetJSId=SF_1&va=true&et=true&format=html&pdobuid=-1&t=NmUxMjk5MTUyMDExNjU1M2JmNThhZWYxYmIzYTE5NDQ=&adblck=false&abwl=false&px=650&py=6743&vpd=5543&cw=635&ts=1624297341253&settings=true&recs=true&version=2000372&sig=W7iJ5D4L&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ba40a67b22928d7d07d42875b4a1333d66bb5855edb5aa57974b14a6caf0738d

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.117.72
x-cache-hits: 0, 0
x-traceid: e16551efb3f69b8e88f1b5390a31b2fe
content-encoding: gzip
content-length: 6918
x-served-by: cache-lga21972-LGA, cache-hhn4052-HHN
x-timer: S1624297341.280619,VS0,VE200
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 eyJpdSI6IjczYjcxOWU3MzAxYTE1ZDYwYTJhODczZDJhZjBjN2VmYzI1NjNiYTk4NmIyYzQ4NjQxMTQ3MTM2N2M4NjA2ODciLCJ3IjozMDAsImgiOjE2OSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 13 KB
13 KB 164ms
55ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjczYjcxOWU3MzAxYTE1ZDYwYTJhODczZDJhZjBjN2VmYzI1NjNiYTk4NmIyYzQ4NjQxMTQ3MTM2N2M4NjA2ODciLCJ3IjozMDAsImgiOjE2OSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2d2e810e083b668ab176b8db056a128a78d44ffdd0f91637be87e3b89f2e12a8

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
cache-control: max-age=2344270
last-modified: Sun, 20 Jun 2021 07:11:32 GMT
x-traceid: c59a4bb04b57da4913a164941fc71706
timing-allow-origin: *
content-length: 13186
content-type: image/webp

GET
H2 200 eyJpdSI6IjgzZWFiN2ViMDlmZTZhODBlOGZjODA4NzE1NGIzZmU0OTQwZjI0Mjg4ODM1M2EzZWQ2NzZkMGE0YTEwYzc1NTQiLCJ3IjozMDAsImgiOjE2OSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 6 KB
6 KB 188ms
78ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjgzZWFiN2ViMDlmZTZhODBlOGZjODA4NzE1NGIzZmU0OTQwZjI0Mjg4ODM1M2EzZWQ2NzZkMGE0YTEwYzc1NTQiLCJ3IjozMDAsImgiOjE2OSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 01810e25ad916871d2deb2744db51fa7fd3a04eacc815c23f5bc24bd38882ae7

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
cache-control: max-age=1479979
last-modified: Wed, 09 Jun 2021 07:32:21 GMT
x-traceid: 5ff4a729ece4124a4dd12fa10e9f9e20
timing-allow-origin: *
content-length: 6328
content-type: image/webp

GET
H2 200 eyJpdSI6Ijg4YTQzMGIyMTU1MDExNTU0YjliNGZlMTBmNmQ5ZjMzOWU1ZGI3YzkyNzQ0ZDAwZGNmMTkzZmUyMWQxMDk2MjYiLCJ3IjozMDAsImgiOjE2OSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 10 KB
10 KB 192ms
83ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijg4YTQzMGIyMTU1MDExNTU0YjliNGZlMTBmNmQ5ZjMzOWU1ZGI3YzkyNzQ0ZDAwZGNmMTkzZmUyMWQxMDk2MjYiLCJ3IjozMDAsImgiOjE2OSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 65386bdbeff7d1df6d5bcec02e38d13725c8e9582f1070331609c1e2ab997847

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
cache-control: max-age=2298087
last-modified: Tue, 08 Jun 2021 07:27:59 GMT
x-traceid: 127f6f272a3f3a0b68a08d118ddb2b6f
timing-allow-origin: *
content-length: 9874
content-type: image/webp

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 21 Jun 2021 17:42:21 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 5B9A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

40ms
39ms

Image
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Mon, 21 Jun 2021 17:42:21 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 879B 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e.walla.co.il/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e.walla.co.il/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 21 Jun 2021 16:18:58 GMT
expires: Tue, 21 Jun 2022 16:18:58 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5003
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 13C2 783 B
532 B 16ms
16ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a742482e9faf8dfaccef0f048560969cf901672345b3d63c3b03701ee0c56b33

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JQ6WCvMBKNyupYbseQ7llA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e.walla.co.il/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e.walla.co.il/

Response headers

expires: Mon, 21 Jun 2021 17:42:21 GMT
date: Mon, 21 Jun 2021 17:42:21 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-JQ6WCvMBKNyupYbseQ7llA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-264.firebaseio.com/ Frame E55C 58 B
299 B 113ms
112ms Script
application/javascript 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-264.firebaseio.com/.lp?id=3059519&pw=cyUGIb0Srl&ser=44427924&ns=pikud-a0b24&seg0=1&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6MiwiYSI6InEiLCJiIjp7InAiOiIvYWxlcnRzIiwiaCI6IiJ9fX0.

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/public/713_32fc0b6e92a597cdb9b9_walla.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

01fe65d4fd93c66f51043f540156e23f6c69ef7ca0b6a0484bb063888989eb0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 17:42:21 GMT
Server: nginx
Connection: keep-alive
Content-Length: 58
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H3-29 200 container.html Show response
eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0E03 6 KB
3 KB 21ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e.walla.co.il/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e.walla.co.il/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 21 Jun 2021 17:42:20 GMT
expires: Tue, 21 Jun 2022 17:42:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 32ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842926269324"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28241
x-xss-protection: 0
expires: Mon, 21 Jun 2021 17:42:21 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 1BE2 1 KB
2 KB 163ms
53ms Script
application/javascript 65.9.77.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:27:58 GMT
via: 1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 863
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: DrETmdwF5dKWxNQPhVCyaogz302aOifo32A67GwL5fUTYhaBzEPO_g==

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4EE3 0
16 B 16ms
15ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPTQ7wEQo62PAhiqkqKtATAB&v=APEucNV2t9B0uJFRKKEFaWv1K3hiLRWEQUCqAScaxIy0DTsR5OTD8Ze8B6mm03rl90Z2vU-NRyfUiox_PRLg7K5C6dxvelBx4g

Requested by

Host: eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com
URL: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPTQ7wEQo62PAhiqkqKtATAB&v=APEucNV2t9B0uJFRKKEFaWv1K3hiLRWEQUCqAScaxIy0DTsR5OTD8Ze8B6mm03rl90Z2vU-NRyfUiox_PRLg7K5C6dxvelBx4g
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnVOPvOd7NBA_P89pxVHxatrduyGUONm18DPnKE-NAsTGKP6GRyLleEu5Yrwdw; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 21 Jun 2021 17:42:21 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0E03 44 KB
21 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cif9kpoiGQbEv0_C3jgpJo9NRWamTceSXRZMZ88rWLTJsF_b-GmuP4nxhnQ4-jU3wbxd3JnCfogm6flDuDrosdDgjdi3ohaPxWkXmEcLgV5upg8GeRyJ2OZEqDXV_rztkLyiKMssJ6WPlBgGUT88TJ8iQCaw&dbm_d=AKAmf-D_lM0mvNxJDBv62xALic-VKNcn_xQ78QOoP55NWZB-5kr1ZT783WBr__5rUTz5mRxrM5auNxwJJ8rAAxoJ0QxNlThjEred-lm1C6YgBU_gNBLruWZsj8GUM-TrmFMEBtwHzelnreLs51YHH61Kl5Nkuih4Rq_Esbiar0RpH42tINFK51DF446_SNEQ-p9aJal6Zx6O29jY11dEq75gcQGwhPQ9Zt79UTWffquUFkH-MEwKxr3d8bSqy9p6wB6RzT8kBtJOVPSz3fIeRLlmVSKcIJFOjMtKt_C3HramtDcEBUJeKYVoAleTgyCmicEmKsf5miUAwRAidXrFPA5ohL5CDnS9EiQm-lK9VSs9Tz_fths3yfDk-YPqP8TZyMgSAMS_yLY_0AG2Td2tyu6Ailn2RT2bHSn8rB6r8ZRUYW-tlCFhDPxaypJiFLXLk38vv0HipB_RLu3Yd5ZHKJQvXkDSAs4IFd3THMvf8Fb5cA92Y9WDWr1ojgRzggvPngn6h2ZXCPu4ZncsQ0nMzbBrz8aYS8Ox23txKiv080bkjNLcm1qXoBacIUz7fBels12clDwifIM0_p9keSFqkIF-7Y6NuyyS7Elj9rP0A2sSGM6EcNM04JBZ1PMyCd2syn8CcCpQrl7OiOwU_ZsEQpjV82kG8RzmD3ludvcHb4igQVN_QFLqkN3OX3--qzG78i0RrxpXLKUkC2ER1WNUe6NCW3zL059gd9euLS9VekrtnrmzzJeEXE2AToi1vleTo8Oq1iRiC5zHbjpnouxsvds-FPmBAeucMHhgUHf_d37TP7fi-KV-scglJTJE_P2qHEsOj5k_fNGCMWlR2yw39UevaN1dpBprTnmGWF8gWklfDlzpB1s-Wdc2F837FhBhiAilBir-xHmp4pHvuXc2XcdyZcel8kY8gA1F5sft6kKZU2zHc5FAm6bPcI3S9Dj5pdXSEFxjcKr8i86b967ywg1CYPM495ePn8O6NW-A9bmuqen_7wyzPO0FT5EGJGFExQNoQX8c73_xM6rBFsyimO1XH8P8UB4Et5yJpzoAVAO0-vOzwwTfJPCWOHzY9CnizLNJCb68pStb36N4H2OyjviErnU-PDc6gu1fM9au8mwn4cQJNNOWXMuZa107sbYre7K_pefsmwfKNJqX_h4OdgeN4yV_KhjSf2PM44hAEk4-2NTOQRoCHAQvowVi_-OvPvqIWNikskZCO42dpQcosD2OPtv2EKJyCboKMpvMD_QvgfEGcnJ50N-KkTyMNssQEYxxzUA1tktc0FabUTLIvnKG3XEiMqexRopJdmpzp6S0Cj12WpPo_d-USPcSXkDIZY22Uy6xsF_D8yAOhGWXK3MvDj-u4CP4iSTQqQxFTAxE7ZCdhhuAq6NWxdH-T5s9TfTua-np53p2rZJmjL139nVsM3a5n7CAxXvdOLqMCA4kLwsOGlrKA_5-JetthSPpUUwTdT610u4awZFJShQ-YmE4lzPBHGFvOymzPW80nEA2UkT5yRnrSdSGEvBp1aEVda3-sYBPJCsq9UvXlmdh4YDeoJOsb_7kaLZQy6H2KCu9jt4k9GIy9iACHvdt0ebltp1EtsPus0lDkD5391wMo-ulNmlz5vqCw-UxH2Uc1lus2JHGtWG-Crbvm_Hs5NLjvcMMY8QGy1qsjp748DuGIXha2fw2qUwjF3m1ExRG56Lc9SrTFMz8OoyeEIN22iKZMf6ENr9sV-3JeKkoq9mq-rh50SFBXc3J9UnjEYmLPJcqGWson_4bJgAgnMCcro1kVJu4cFo7oJcAF0_y5IbM8JMO0SE-wMjn9gMdV-CypWznfY3xU7TmWGO-VM3B997ofRZwEu7abthoUpcHKYNSK8KyFtMUulrDFfB9Zmdav94eH-DJvg4xv79iXTfn3OYB0IfNvQTzkxs6oJxAiNa59ykV97kCSJm_mH6HvMUDDtxeIpR3cfmxXsOom_9snZCZg0c_yxfSGwq48hi5alYaqIvyHC5j54Bo7pbfOQFCWdaMwuKkBvrWlArZeP56s1tWcM97Qi5mXm3zdhZIQC9vBFxdCpjxqnyMs08GkltYkQ69CJ5p7DmfRxKuRLYYXKgp_Z5B9WBIboFTi5ySdTG6vQbPZHE5_LutBpVgzxxBAhDHR5ODlD_GfJ1jk0QZEaFnbgwKTYfTYj52F0ITtztLYBLvjBv5LZQ5drHrl3QlEcQBLRpxFf5D16-i3rfjeiQP8kpAQ7Dru3xOSrB-t5nFkvb1fZn9leTRhmN7lvWPM70UaXRUtYeG7v-nEGhMKzyIalBXxxxa6I0YoEIt694MQAsi1-oxUkw7EjNf5dNPDlbTQUQejhQFUJbW_-bi-4xSa3EzQ_O9STsJlCj4A5rMu_DPtdK2oUL_3_hMI4rBgP0IWvU0VtbqfclWYmzINnb7ogZ4LQYkdr0kh0oO7Y78fG9D_xnoHp4uQ7g6qAJrdtDQjNLPjk2BxtO89O61AOEaii-SBrvMy3aJBX9xCY8Ox45yhQcRhlMpe-pmo_cefK547xillDD8bC2OCMJUuE4wOATKBXPrmaIxlc3tnRSAFhPkEwraaSSniLsi6FqgCEFa31WqVgL2orbLkdtJpdAC1Fwp9Wt7MhaH3GUKRQFdFvF_kzMO2Dwmvvg3EhpogGT0GLKHQJorikoUZCvga8863jk_DbvGmhLUMu07LA_1jc026Y0Wq4DbPsSlU4ri7140yOTtplwLzJPfLJSrjTAQHuhMrIsY6ph2TEQHYcNHAzjlK8RdeAEkjSGDYmXgGxuzzOS69FkHr_bCoQBQPqHiSr9IxFSl1PLWtLrnW8hpBf2KzLpGxy9UgIlBQajbo9LNSOhkSbygeJtg0wuxRvt8rANYydJn-640_xE-xOVyDTBEXcj1E7vNXmvHeNJTlXFd7XpOTjgfvFGkO-Cgn9tzU646SQYNFINpcUrRA1njNMR6CiP8X7bUuc8SM5YYSgppkXng-OynN4X8zLIwU_Y3Npw8w7ab1vvu5_prGF06u0s7UfABM8qDOm1YM0TLkG0OYp53ikKCcdxw_ImKAdEXORkK9XW_n_OT-2Tsxjnu4lJyQZQspuLFYQrguRudNr7VS4qlauCaHc0&cid=CAASPeRoJkAXGFhNkj49g0D6MbqL05c557c_0DQHwW55p__-d9aBr_3cKEhh5twy9Gf491dPzbOlg8u1sbo6PNA&rfl=1%2Chttps%253A%252F%252Fe.walla.co.il%252F%240

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1d4014bea80f8b21c433643317f43072275c84d31911ce1d0efd8d0d4722444

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21821
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E03 42 B
63 B 49ms
46ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DkeNT81CmnZ7mRJISFB4QJzGVGqgSuVDaijSiImCuR6w_xPcloM2UbZOhKH9hzoni-sXWlVA0LsAJawcy83rs_yvm1mG-LV3q6ienbPvfVyG_rcPQ

Requested by

Host: eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com
URL: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 0E03 3 KB
1 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/window_focus_fy2019.js

Requested by

Host: eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com
URL: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jul 2021 17:42:01 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E03 122 KB
37 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com
URL: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Mon, 21 Jun 2021 17:42:21 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 0E03 13 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com
URL: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 10674426802404029766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jul 2021 17:41:06 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 0E03 0
0 16ms
14ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7ulYO3RtSDziOzw1n-QUQGVNZlwIh43jcZi3zP0mIopg-J2rVxwbYEmie3FXBwznOZ89M
Requested by: Host: eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com
URL: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js Show response
pagead2.googlesyndication.com/bg/ Frame 879B 14 KB
6 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450cd8f0848a395dd1c0e329fe4f5444e58cfd576162312a30d74a095d7135f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 15:29:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5759
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jun 2022 15:29:23 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 54ms
54ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
last-modified: Thu, 10 Jun 2021 10:07:44 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1623321643.048214"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Wed, 21 Jul 2021 17:42:21 GMT

GET
H2 200 ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
7 KB 56ms
56ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
last-modified: Thu, 10 Jun 2021 10:07:44 GMT
server: AkamaiNetStorage
etag: "f370d19306add072a726e7f4ade8dc57:1623321664.37845"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7090
expires: Wed, 21 Jul 2021 17:42:21 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 326ms
122ms Fetch
text/plain 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=5d80d523f7aa7ac838cab129f9136093_1769_1624297341420&tm=1057&eT=0&widgetWidth=635&widgetHeight=441&widgetX=650&widgetY=6730&wRV=2000372&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 21 Jun 2021 17:42:21 GMT
content-encoding: gzip
X-TraceId: 91ed1c6d8c7784f578f6a36f45562455
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000372/module/ 53 KB
17 KB 59ms
59ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000372/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d22849876fc735a177a8f53deb99c128867defde55e499ad9630f1684f57d1e5

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
content-encoding: gzip
last-modified: Sun, 20 Jun 2021 13:23:02 GMT
server: AkamaiNetStorage
etag: "b90ed48ec5d1817fa7830c9a698eae05:1624202818.478488"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 17458

GET
H2 200 get Show response
odb.outbrain.com/utils/ 26 KB
9 KB 254ms
254ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fe.walla.co.il%2F&idx=2&rand=23329&key=NANOWDGT01&widgetJSId=SF_2&va=true&et=true&format=html&pdobuid=-1&t=NmUxMjk5MTUyMDExNjU1M2JmNThhZWYxYmIzYTE5NDQ=&adblck=false&abwl=false&px=315&py=1106&vpd=0&cw=300&ts=1624297341538&settings=true&recs=true&version=2000372&sig=W7iJ5D4L&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cd7d4e83f837c3e6f09dc75f2a14f22aa435b8e79850136b266bcffd24a4dee8

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.117.22
x-cache-hits: 0, 0
x-traceid: 9228e848dbec1f0d1a375b3443020360
content-encoding: gzip
content-length: 9087
x-served-by: cache-lga21922-LGA, cache-hhn4052-HHN
x-timer: S1624297342.564805,VS0,VE205
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/ Frame 0E03 22 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cif9kpoiGQbEv0_C3jgpJo9NRWamTceSXRZMZ88rWLTJsF_b-GmuP4nxhnQ4-jU3wbxd3JnCfogm6flDuDrosdDgjdi3ohaPxWkXmEcLgV5upg8GeRyJ2OZEqDXV_rztkLyiKMssJ6WPlBgGUT88TJ8iQCaw&dbm_d=AKAmf-D_lM0mvNxJDBv62xALic-VKNcn_xQ78QOoP55NWZB-5kr1ZT783WBr__5rUTz5mRxrM5auNxwJJ8rAAxoJ0QxNlThjEred-lm1C6YgBU_gNBLruWZsj8GUM-TrmFMEBtwHzelnreLs51YHH61Kl5Nkuih4Rq_Esbiar0RpH42tINFK51DF446_SNEQ-p9aJal6Zx6O29jY11dEq75gcQGwhPQ9Zt79UTWffquUFkH-MEwKxr3d8bSqy9p6wB6RzT8kBtJOVPSz3fIeRLlmVSKcIJFOjMtKt_C3HramtDcEBUJeKYVoAleTgyCmicEmKsf5miUAwRAidXrFPA5ohL5CDnS9EiQm-lK9VSs9Tz_fths3yfDk-YPqP8TZyMgSAMS_yLY_0AG2Td2tyu6Ailn2RT2bHSn8rB6r8ZRUYW-tlCFhDPxaypJiFLXLk38vv0HipB_RLu3Yd5ZHKJQvXkDSAs4IFd3THMvf8Fb5cA92Y9WDWr1ojgRzggvPngn6h2ZXCPu4ZncsQ0nMzbBrz8aYS8Ox23txKiv080bkjNLcm1qXoBacIUz7fBels12clDwifIM0_p9keSFqkIF-7Y6NuyyS7Elj9rP0A2sSGM6EcNM04JBZ1PMyCd2syn8CcCpQrl7OiOwU_ZsEQpjV82kG8RzmD3ludvcHb4igQVN_QFLqkN3OX3--qzG78i0RrxpXLKUkC2ER1WNUe6NCW3zL059gd9euLS9VekrtnrmzzJeEXE2AToi1vleTo8Oq1iRiC5zHbjpnouxsvds-FPmBAeucMHhgUHf_d37TP7fi-KV-scglJTJE_P2qHEsOj5k_fNGCMWlR2yw39UevaN1dpBprTnmGWF8gWklfDlzpB1s-Wdc2F837FhBhiAilBir-xHmp4pHvuXc2XcdyZcel8kY8gA1F5sft6kKZU2zHc5FAm6bPcI3S9Dj5pdXSEFxjcKr8i86b967ywg1CYPM495ePn8O6NW-A9bmuqen_7wyzPO0FT5EGJGFExQNoQX8c73_xM6rBFsyimO1XH8P8UB4Et5yJpzoAVAO0-vOzwwTfJPCWOHzY9CnizLNJCb68pStb36N4H2OyjviErnU-PDc6gu1fM9au8mwn4cQJNNOWXMuZa107sbYre7K_pefsmwfKNJqX_h4OdgeN4yV_KhjSf2PM44hAEk4-2NTOQRoCHAQvowVi_-OvPvqIWNikskZCO42dpQcosD2OPtv2EKJyCboKMpvMD_QvgfEGcnJ50N-KkTyMNssQEYxxzUA1tktc0FabUTLIvnKG3XEiMqexRopJdmpzp6S0Cj12WpPo_d-USPcSXkDIZY22Uy6xsF_D8yAOhGWXK3MvDj-u4CP4iSTQqQxFTAxE7ZCdhhuAq6NWxdH-T5s9TfTua-np53p2rZJmjL139nVsM3a5n7CAxXvdOLqMCA4kLwsOGlrKA_5-JetthSPpUUwTdT610u4awZFJShQ-YmE4lzPBHGFvOymzPW80nEA2UkT5yRnrSdSGEvBp1aEVda3-sYBPJCsq9UvXlmdh4YDeoJOsb_7kaLZQy6H2KCu9jt4k9GIy9iACHvdt0ebltp1EtsPus0lDkD5391wMo-ulNmlz5vqCw-UxH2Uc1lus2JHGtWG-Crbvm_Hs5NLjvcMMY8QGy1qsjp748DuGIXha2fw2qUwjF3m1ExRG56Lc9SrTFMz8OoyeEIN22iKZMf6ENr9sV-3JeKkoq9mq-rh50SFBXc3J9UnjEYmLPJcqGWson_4bJgAgnMCcro1kVJu4cFo7oJcAF0_y5IbM8JMO0SE-wMjn9gMdV-CypWznfY3xU7TmWGO-VM3B997ofRZwEu7abthoUpcHKYNSK8KyFtMUulrDFfB9Zmdav94eH-DJvg4xv79iXTfn3OYB0IfNvQTzkxs6oJxAiNa59ykV97kCSJm_mH6HvMUDDtxeIpR3cfmxXsOom_9snZCZg0c_yxfSGwq48hi5alYaqIvyHC5j54Bo7pbfOQFCWdaMwuKkBvrWlArZeP56s1tWcM97Qi5mXm3zdhZIQC9vBFxdCpjxqnyMs08GkltYkQ69CJ5p7DmfRxKuRLYYXKgp_Z5B9WBIboFTi5ySdTG6vQbPZHE5_LutBpVgzxxBAhDHR5ODlD_GfJ1jk0QZEaFnbgwKTYfTYj52F0ITtztLYBLvjBv5LZQ5drHrl3QlEcQBLRpxFf5D16-i3rfjeiQP8kpAQ7Dru3xOSrB-t5nFkvb1fZn9leTRhmN7lvWPM70UaXRUtYeG7v-nEGhMKzyIalBXxxxa6I0YoEIt694MQAsi1-oxUkw7EjNf5dNPDlbTQUQejhQFUJbW_-bi-4xSa3EzQ_O9STsJlCj4A5rMu_DPtdK2oUL_3_hMI4rBgP0IWvU0VtbqfclWYmzINnb7ogZ4LQYkdr0kh0oO7Y78fG9D_xnoHp4uQ7g6qAJrdtDQjNLPjk2BxtO89O61AOEaii-SBrvMy3aJBX9xCY8Ox45yhQcRhlMpe-pmo_cefK547xillDD8bC2OCMJUuE4wOATKBXPrmaIxlc3tnRSAFhPkEwraaSSniLsi6FqgCEFa31WqVgL2orbLkdtJpdAC1Fwp9Wt7MhaH3GUKRQFdFvF_kzMO2Dwmvvg3EhpogGT0GLKHQJorikoUZCvga8863jk_DbvGmhLUMu07LA_1jc026Y0Wq4DbPsSlU4ri7140yOTtplwLzJPfLJSrjTAQHuhMrIsY6ph2TEQHYcNHAzjlK8RdeAEkjSGDYmXgGxuzzOS69FkHr_bCoQBQPqHiSr9IxFSl1PLWtLrnW8hpBf2KzLpGxy9UgIlBQajbo9LNSOhkSbygeJtg0wuxRvt8rANYydJn-640_xE-xOVyDTBEXcj1E7vNXmvHeNJTlXFd7XpOTjgfvFGkO-Cgn9tzU646SQYNFINpcUrRA1njNMR6CiP8X7bUuc8SM5YYSgppkXng-OynN4X8zLIwU_Y3Npw8w7ab1vvu5_prGF06u0s7UfABM8qDOm1YM0TLkG0OYp53ikKCcdxw_ImKAdEXORkK9XW_n_OT-2Tsxjnu4lJyQZQspuLFYQrguRudNr7VS4qlauCaHc0&cid=CAASPeRoJkAXGFhNkj49g0D6MbqL05c557c_0DQHwW55p__-d9aBr_3cKEhh5twy9Gf491dPzbOlg8u1sbo6PNA&rfl=1%2Chttps%253A%252F%252Fe.walla.co.il%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5913491ab33dd1891820af7d900c22d50839b52cc5e6c7c8da2bfa405d2ba8b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:41:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8638
x-xss-protection: 0
server: cafe
etag: 15675381762197352129
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jul 2021 17:41:07 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/elements/html/ Frame 0E03 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jul 2021 17:41:46 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0E03 0
107 B 216ms
97ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvrnT0vXIf3Il0wjj5YGveJf8zicV-o2FHBhvuB2eWgOdb-nnnTdWxk2c0vD5d7-GupfKE9cN5tV3ynbBopE_qb4K95hMUp3qpiWecB4IRjQ46LneQd7n5rw_CVg0m4ndpkswDP7sE7-3qCfLqz3OwWjtz7OUXZ45C1QOnb3o_ec785HyjsO6g49gqnzKuhYWoH7LPbv6qmumx1oVJrZecx3TNNowE_1SXVQbtiTy9CXlKE9dQPCO7I77ufEFAlQdlgADatliNYA6C8rZksdCmgThsGE46tIi9njSfHBoBVxyJ9K6OYPyFyYto-2y8sqlC4JC9-zbV7vHpMkW88WbumwpAYvg75NtO6D695xXvzojCGHuI8fSOSI5XUH0WAe37TlnKj_0ioQz1qy8yLSOeHchcV-hjFs4c_NcKC1mzGP_g6sKWYfH-AkW6lCbz4dhs6defxy5dqOyMZJwrhErvhjPJgCXgGNO70H2trOO-YnPGHMOQ7mlY1BK4tPcWTzjtvFuJeMfO4c2MV3qqGiKN0N68zv7_kTIID6778HVnJ7Je6mPF_eHeVV0VHrAe1q02jry-FzZdgUGmYxfyxH5ULDY4zCOzbU3FDT0gfAt3m7N6NbntGauScv28EVTYoUIsu0_Q7viukCotkoep2MMVz7gmvvdBrDB1zkMXymdvNXxz_4NSB4IgixNyzq3-9ZljOp5k4hi2vP2176_qUguEoyLc5M3PQzWijGCYgtv4WI4Y-vfx_mOf1CphIchQBNf3dM1ZUiam1pHUcnPAC6DHcRlal32ry_U-E0pFd2s-AtEfMs830MlhR2wxCHgd297q7jEwazhE5R8HuR1dpO3sdcHCnhCptfPMKmWZAs_CMIhEgkYuFNhPvxCqBLCT-njCJ86Fy-EBwFb2-gDyewD9yF9PPYesQ5uo-BpFMx3uF4dAzQasCPiPqlbliCohmyZa926wVpXS2G-zcQY9Y63vyPjtUlbaOZF9ummuTr0MCYnkt7RiDHOt3bmatuxmUgq8y8NILt-IGDz2FlC7QfHetWVFh1DqM9-km75CPgakkkd2L_mIvi-wfMJfPZvKqk4Uq_128Qdxzv_DVfYuQFRQifAWa-nxhkmzjObuiwTLAE-29KdZ3qhGzRT88g4x3HnhtozT-Lvh_ok1meUQNCIYbRWWHyoNivBW-jyhiAGer53HD5O0g37p0AB2DqA&sai=AMfl-YSuSqbVlvPntQr4SKDGyPBgWe_Ulu0jiHnP51lTJko5FXtHQ4MzXJjCA_FMoKMprn8ZZtOoZ5BxWh2Nrhbcx2RKRqT78XGaJ4Hq6pE-Z4azYHiTA-U509SPC863y8p3bDhK8KWDKL9Jnm_K7G_Hg1-Rh6TXt1K71r8Jj9TvlvigBraX65W1iBHt5tgXX7Z4yuTzbAEVh6U_MpVh2QW_Molr3EIcFpLMlb4xghOAKg&sig=Cg0ArKJSzFRUxy3UfG7HEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210616.84333&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 21 Jun 2021 17:42:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0E03 41 KB
15 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 355490
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jun 2022 14:57:31 GMT

GET
H3-29 200 CKSW_Authentic_160x600_M_01.jpg
s0.2mdn.net/9329913/3075575760239036/ Frame 0E03 32 KB
32 KB 21ms
7ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9329913/3075575760239036/CKSW_Authentic_160x600_M_01.jpg

Requested by

Host: eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com
URL: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51e2c8dd95a2e5e26c777c3ff8e97687369443801fbd6334b1209f51d18986b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 19:04:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Jun 2021 18:35:54 GMT
server: sffe
age: 81482
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32814
x-xss-protection: 0
expires: Mon, 21 Jun 2021 19:04:19 GMT

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-264.firebaseio.com/ Frame E55C 47 B
288 B 193ms
192ms Script
application/javascript 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-264.firebaseio.com/.lp?id=3059519&pw=cyUGIb0Srl&ser=44427925&ns=pikud-a0b24

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/public/713_32fc0b6e92a597cdb9b9_walla.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

1e77c60056c5fc881da96a001d25d0a31ebacb33bbbbe6aa32d512fe25603aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 17:42:21 GMT
Server: nginx
Connection: keep-alive
Content-Length: 47
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0E03 0
545 B 171ms
91ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 17:42:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

b2
sb.scorecardresearch.com/ Frame 1BE2
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=1769&cs_ucfr=1&ns__t=1624297341658&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2Fob...
https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=1769&cs_ucfr=1&ns__t=1624297341658&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2Fo...

64 B
326 B

62ms
62ms

Image
image/gif

65.9.77.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=1769&cs_ucfr=1&ns__t=1624297341658&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D1769%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DSE&c9=https%3A%2F%2Fe.walla.co.il%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
via: 1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: X-hUL4kqLnFIF13o1m6ClcuhSm0n4US5ikA1Xi21u_U5nsnpt5_aFQ==

Redirect headers

date: Mon, 21 Jun 2021 17:42:21 GMT
via: 1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=14320224&c3=1769&cs_ucfr=1&ns__t=1624297341658&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D1769%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DSE&c9=https%3A%2F%2Fe.walla.co.il%2F
content-length: 437
x-amz-cf-id: XTBNbz9KfeZgzjCurYRHvl8BM8H_wBmYpiGi5euJWnshw6V6jV0PmQ==

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 114 KB
27 KB 870ms
769ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fe.walla.co.il%2F&settings=true&recs=true&widgetJSId=SF_1&key=NANOWDGT01&version=2000372&apv=true&sig=W7iJ5D4L&format=html&rand=51117&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=NmUxMjk5MTUyMDExNjU1M2JmNThhZWYxYmIzYTE5NDQ=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=1&lastIdx=2&lastCardIdx=0&fAB=11523-77045&layeredTestInfo=11523-77045-&pcer=p%3DwO-o27C661-zWlfDLYHvepqlo5IJtT7yRPJ1957prlU%26c%3D2d1a6f0%26v%3D3&dpr=1&cw=635&wdr-natlaz=true&ts=1624297341663
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000372/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 15a9781d106e9c3d4452d454a490746feadd8ec1ca92595be69562b0b06ef1bb

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:22 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.117.37
x-cache-hits: 0, 0
x-traceid: 2847001a234b62f7b61f6025db682d51
content-encoding: gzip
content-length: 26518
x-served-by: cache-lga21937-LGA, cache-fra19147-FRA
x-timer: S1624297342.790487,VS0,VE720
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 spam_signals_bundle_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/elements/html/spam_signals/ Frame 90B6 6 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0787c3c7e5c140cbc850a79735184859f7a26a455c788ebcdf0cae2f197958f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:40:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3018
x-xss-protection: 0
server: cafe
etag: 13523348275520225788
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jul 2021 17:40:35 GMT

GET
H3-29 200 305097236822973016
tpc.googlesyndication.com/simgad/ Frame 90B6 451 KB
451 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/305097236822973016

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17f58d96f9a04c249d52fb0ff24d51c464dc75c11e9ac519d25567ce9203c544

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 12:34:16 GMT
x-content-type-options: nosniff
age: 191285
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 462056
x-xss-protection: 0
last-modified: Thu, 03 Jun 2021 07:23:51 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 12:34:16 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 90B6 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jul 2021 17:42:01 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 90B6 122 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Mon, 21 Jun 2021 17:42:21 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 90B6 0
0 14ms
13ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRp31eQCxlgRC9G-GFvx-iydisAe0Pc11crfh-C70WzpH3gQL3FhESM_DKH5ID20NGYuIEz
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-264.firebaseio.com/ Frame E55C 38 B
279 B 115ms
114ms Script
application/javascript 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-264.firebaseio.com/.lp?id=3059519&pw=cyUGIb0Srl&ser=44427926&ns=pikud-a0b24&seg0=2&ts0=1&d0=eyJ0IjoiYyIsImQiOnsidCI6Im4iLCJkIjp7fX19

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/public/713_32fc0b6e92a597cdb9b9_walla.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

b9ed83a68ecae92dd158107eda45ec91444645a5a0fa2350b0460a3abc3975f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 17:42:21 GMT
Server: nginx
Connection: keep-alive
Content-Length: 38
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 90B6 0
0 92ms
92ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv71FJHt2TN539R1DpwQtLYJt2DZCq7QjCys0Yf2FpHdrlmZrn08todZUDLdOz8V1YdcyRxlI4mYWdtcxASupZPTGh3Nw3iOTA4bkXZZiyfN586vUNIc7fMkCLGukIehngM9G3FwvTvYrg5XiP68PLKBUw-bOQQc_icVqM38HdZSsV1VX3iWg24j43wUwL58E_1hOOuxNH3JgVsiWNNFJZjIf8BbA6_7rbduDMkrr-iS3kmOCwN87eJ7lhN_kfKFoqxRHoCaCBTH-YV5iy71_B2ZgLXAqd8CGmxjLF4k722HtOYQ7lbhmWE-tdeJ9QOKt8Lqxow_wo&sig=Cg0ArKJSzNCojOOcklsLEAE&adurl=

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 17:42:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2211 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 21 Jun 2021 09:54:31 GMT
expires: Tue, 21 Jun 2022 09:54:31 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 28070
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0E03 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a18de12354a547146dc5fd891e8f666da849299143f18a381ccda3fd021deccd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 90B6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4dcdf3ff964bfbab830199805e87af8a46ab60a96c688571b0241d75efea781

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 90B6 0
0 158ms
93ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjuiE_Vrp7nMOe30aUcSglkS6s0I7zaIaS1C56ZULuiPRpGFZQ4ZYofH3YZ8NyaSg2Umt2ceVUddfCPpxmEe7hy44wlqal5jqA0iFaGCOT7DhmLqJIaQsR7ES1hLUtI26kUXiyYcCr14c8pGzDBSajMKXuM6bNPe45fnE1Mwqr1sR9dqGR17in-G3Rh_xzYDAmXGl65A26XjB_9WtCX1bxovh5K8U1QufZi62lppXBlF0JNBjUcgWJK6o4DJdHvaBMxvZ-jbvYle1PiaJl3a7a_eLwYlk1GZatTS3OhbP31Pe_VKbIC8q0yDR77TMww1Z7J6DxYZgpeg&sig=Cg0ArKJSzKTch8bVcTiNEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 17:42:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 21 Jun 2021 17:42:21 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 55ms
54ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
last-modified: Thu, 10 Jun 2021 10:07:44 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1623321643.048214"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Wed, 21 Jul 2021 17:42:21 GMT

GET
H2 200 ob_logo_16x16.png
widgets.outbrain.com/images/widgetIcons/ 1 KB
2 KB 56ms
56ms Image
image/png 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.png
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 77f703c4f140a4a24d0fb351cc4e36716ccc4e7c5cac201f28b09a31d5f84f67

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
last-modified: Thu, 10 Jun 2021 10:07:44 GMT
server: AkamaiNetStorage
etag: "96dd1eed1ecd3297bab335082e4a072e:1623321656.76441"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 1524
expires: Wed, 21 Jul 2021 17:42:21 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 123ms
123ms Fetch
text/plain 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=380e8f9eb41b243210fc16aacafab078_1769_1624297341708&tm=1416&eT=0&widgetWidth=300&widgetHeight=746&widgetX=315&widgetY=1069&wRV=2000372&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 21 Jun 2021 17:42:21 GMT
content-encoding: gzip
X-TraceId: 520f91aae5345d935e2be22083241222
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjgzZWFiN2ViMDlmZTZhODBlOGZjODA4NzE1NGIzZmU0OTQwZjI0Mjg4ODM1M2EzZWQ2NzZkMGE0YTEwYzc1NTQiLCJ3IjozMDAsImgiOjE2OSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 01810e25ad916871d2deb2744db51fa7fd3a04eacc815c23f5bc24bd38882ae7

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
cache-control: max-age=1479979
last-modified: Wed, 09 Jun 2021 07:32:21 GMT
x-traceid: 5ff4a729ece4124a4dd12fa10e9f9e20
timing-allow-origin: *
content-length: 6328
content-type: image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjczYjcxOWU3MzAxYTE1ZDYwYTJhODczZDJhZjBjN2VmYzI1NjNiYTk4NmIyYzQ4NjQxMTQ3MTM2N2M4NjA2ODciLCJ3IjozMDAsImgiOjE2OSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2d2e810e083b668ab176b8db056a128a78d44ffdd0f91637be87e3b89f2e12a8

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
cache-control: max-age=2344270
last-modified: Sun, 20 Jun 2021 07:11:32 GMT
x-traceid: c59a4bb04b57da4913a164941fc71706
timing-allow-origin: *
content-length: 13186
content-type: image/webp

GET
H2 200 eyJpdSI6IjJlOTcyNzE4ZDU5YzU0MjY0ZWU3OGRjNTI4MTE0MGE5ODA3MWQ4NjQwNTUzM2FmY2FiZWEzMTZhN2FjOGU5OWYiLCJ3IjozMDAsImgiOjE2OSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 15 KB
15 KB 66ms
66ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjJlOTcyNzE4ZDU5YzU0MjY0ZWU3OGRjNTI4MTE0MGE5ODA3MWQ4NjQwNTUzM2FmY2FiZWEzMTZhN2FjOGU5OWYiLCJ3IjozMDAsImgiOjE2OSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ba126c9164f4e7355889b585318e564eb1c886ad185f81e42e8c2d09667e4f69

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:21 GMT
cache-control: max-age=1746030
last-modified: Sun, 13 Jun 2021 09:01:15 GMT
x-traceid: 2097b72fa22875646ac1c698111e6b0f
timing-allow-origin: *
content-length: 15354
content-type: image/webp

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 131ms
130ms Fetch
application/json 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=380e8f9eb41b243210fc16aacafab078&pvId=6e12991520116553bf58aef1bb3a1944&sid=1817713&pid=1769&idx=2&wId=105&pad=3&org=0&tm=1437&eT=3&cnsnt=no_consent&wRV=2000372&pVis=1&lsd=-1&eIdx=0&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Jun 2021 17:42:21 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 23d34f3bf6a67923f8221f945e1c781c
Content-Length: 4
Expires: 0

GET
H3-29 200 RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2211 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450cd8f0848a395dd1c0e329fe4f5444e58cfd576162312a30d74a095d7135f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 15:29:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5759
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jun 2022 15:29:23 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021061503&jk=697835742480134&bg=!lZalltLNAAZktE7iZLQ7ACkAdvg8Wt9WHs_rdn9N8sDjXa8SeNPnFItnr_KcGfq8_vBCgAY9-VLXJgIAAAFtUgAAAC1oAQcKAPtL5QlvL_SX8JnH9nD7XXQPF_V1uzajuAkG5VmV6nUBy_aDdZraIkBVz4Qu4hXcJdSZABXmhITflnW-AvJdZewjnn1VQM3oT_EYdgQZ2kb4CMXY1q0PHqSE64EHH0hilVz1YTpYS2Vfe1PM7xAOWhUadlKfdaZqnBWcEr2GuIgKDXiBEI8eKPWrInreUcdyKgOEUptx8RxWXb0gmRsKFvd2X3x0Yt5_v8isrwbNoxjcdfr5JZphLOf6DJTLIW7dn3a7uRid9FI3hHTk1aMBBhfyz37DwyKQMC5YIMCA78acP3MK7H_vQRQahIw9nte0iyNjpRf8stHdXAHPUpkCcnhWxkl4LumOldF6RKWUwyELdL91Wlo21zKw-1TVGtA0RK9OWndmiMZiUOPfQicM8gJUY6MJ5rdgMzkxG26yVfdu4CoTL2LXZJGr8xDMTp8bMS2zMlf1jRclBgevhhQB8iC7gwu_-3p8eVpP5Vnf-r0B0cCjFzwgFFenqo-eXqdoc8s0iipXmOgO0cLPc3saH75cAFq1zmd6cISOGMW9GTk67g0qxUK9bD6V_9gvvZ9G0zNF5ekyRojmOOUttwY6UEpg1StBfO0tLuZy6zgJZKBNLH0TqFC0kRcm-lv2fqCtO3v8BDDYMjvTv_qBy_u3nLGvZHrbGf_UVQe89VL6d87KqRWwX8xCG-TuO7bAxEmL-VbMFQWQ5r6nF7MunCmr3aW8wh9uO2Jr_T8kFoBV0GbyLr_ZL70HaH63AhCVB2pTdMw1xm6jLA2KcFrpN3tU-PQLloYTVGAFIS2NVD7woP6-Hgc7LKZalOxQkVPO1SqNs7Hz0_fZxrd60jmsFXkrbsRA5fXbcPv03N7h-d1oEMufHYuuh3rBc0yzokKgGmtife5DfXJ4LmOR32Qcj7KbNt9VDVGZT4Sk6ki8uTqyv1eXcaBJY5v1OQ58eBe3dKgGjYk16BrDMB2515QFPg5yeUAS9m8XQgL-YmuMfgd2KX_oUMwKbdtPrFRCPZ5UQdZIKxakow9SjCPxu5fP-YzHbiA3Y2qzJRKb5oHULRb9grLU4zoidLbmm-urIYUu8nxdWx4xh_SUgJbXDKXQXtxoXtQuCg8YsZs-5LoMLEzDB5cwZdkQXRZEpjqKQBUvWTyHbyXIg7yEj0KGacH4Jz_gKuxG

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame AAC4 0
0 102ms
100ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnJxyfg5e9Q7YFCPnrRjDknSBlnEFUhNOu8QZsJJPit6Ds6hC1zaKQ4SImtOzBaNDO8WE65A_C2G95-dF9C8FfGQ6lnzEv5YBPk064oeQyfz6WD3wDjIFJV-ojUG9-5czg69laOl19L3xFaRUkLqs4cHwjjhqGP0KwoUwAi75to_TmOoJaunXM4jSgfjWr8q5nRaEtWYEIfIqUPhTqxHiwxv-xHJj9qmPy3gX-GH6zpv7V_NboKq-hbtkr1F72m6O1_LLwTGIFzMmTkWhg1BBSqnetttvW2UKClB-51DPilTDutUBLnrcTxnlj4D1nLPH03FODyAPB5Rx7mwSTRzTwAME8BabSWmsHiZTb9RZze4oPPUs6AeI&sig=Cg0ArKJSzONygoxHFOeMEAE&urlfix=1&adurl=

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 17:42:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 fee23b5a-054e-4b5d-8f8f-96951508ed72 Show response
player.ex.co/renderer/ Frame AAC4 988 KB
329 KB 102ms
29ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ex.co/renderer/fee23b5a-054e-4b5d-8f8f-96951508ed72
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f91a42227f1c8659daec396c47b6bef88bb74d818bcd0ca6a0ca351ad2d4b1ae

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:22 GMT
content-encoding: gzip
age: 116
x-cache: HIT, HIT
access-control-max-age: 600
content-length: 336305
x-served-by: cache-dca17746-DCA, cache-bma1624-BMA
access-control-allow-origin: *
server: nginx
x-timer: S1624297342.125271,VS0,VE1
etag: W/"f7084-OPrDkwFaduuzaxSxYfJSBGKg1eQ"
vary: Accept-Encoding, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Content-Type
x-cache-hits: 1, 1

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AAC4 122 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:22 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Mon, 21 Jun 2021 17:42:22 GMT

GET
H3-29 200 container.html Show response
eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E599 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e.walla.co.il/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e.walla.co.il/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 21 Jun 2021 17:42:20 GMT
expires: Tue, 21 Jun 2022 17:42:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame AAC4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d6ca4efa79db2819dbf2ed5a83e4764a3e908d69be12dd9dde8062ed89bd543

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 88F0 0
16 B 21ms
21ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_NShDr9lwY08KCrQEwAQ&v=APEucNVxDjKyB-idquwN1lbsEHRLywyRFdb_X8W2u8KCwYPF-pIIKV2EXYLalCZCuYiGkLT_br_w9yvQeTAk3zGhbdNYS5eCVw

Requested by

Host: eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com
URL: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CM_NShDr9lwY08KCrQEwAQ&v=APEucNVxDjKyB-idquwN1lbsEHRLywyRFdb_X8W2u8KCwYPF-pIIKV2EXYLalCZCuYiGkLT_br_w9yvQeTAk3zGhbdNYS5eCVw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUlLIupuKdzaqdbXRtox-Z59auy2NJH62R-shcB78BIOV_W5Capufx5TyIHNGTI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 21 Jun 2021 17:42:22 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/ Frame E599 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/abg_lite_fy2019.js

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b886992795015ddf192ba7c46ea89376cef0fec304d850d735da268c332226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:36:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7072
x-xss-protection: 0
server: cafe
etag: 14457676323939599074
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jul 2021 17:36:52 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/elements/html/ Frame E599 6 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210616/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
server: cafe
etag: 7752240862628680351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jul 2021 17:42:10 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame E599 0
24 B 160ms
98ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvE0PWhStaHepeJCW-48WBnpX8PYhgIQ0mXta7H6suuvBMkO6csfHzoorplXTgettTaonuMfWcIIMq1BKdP2PUKUba6Y3___AVhXbiIaaYiJzAPg6HBxyCObPhGGcPfsL7ppsUXt28adGc4KwNVT5iHQCbRvqehC54_-x344TF6NEhWz_uXy4IjB72UjStjRCz_c_O52dEELm6KcLiivIGw1Gh-MvNRJPg22cNu9ea7_qkXP45ekhU0rb7CzK_dJ4QeyMGdFwF9I7pRh8M2UulIqIRKT8QPQ0ZvpkgPmGbjFeTE1qXLMYqtbkZ85ZV7r5bDL5hPCMLkOzlTl1UCtgemTHH-vrbPd4JIw0pWlSN35bx16b3TFWqWjhoaM6D4HLNQpQaPHQlmKtfldrGTOGTLhOHqDI3xjAJ-A6rlXGhP6UKtJ3M7_Dhpv0PK9b4IxGOzUC7vt8GowBbAuWdLRMPLPAh3q-P9cI3YRzKUki9scyUjTpgV9_zCVqtXvJapRPFqpV79uZIILqYj-o1pt7pGmf8heIviKUhZq9j13D9dPnyl7dGQBk5j1QZ7VUrT5FOImkXbZ6tUA3lYK5vyV1hrKF_jUW1_zjENjcro-rON-CIZMa97iuPCcJknav3yrEV4HXlbfLzNu5niKecsnvAl8uwAdVSdpDJLwvF2Qse26_TQBjfOaOPA3crQ2R6bunGwedmRyEXf0xFyka2rCFZ9Yh9hEtkNuBeTFhmREfIDxmXTiIrZ0QH7pDvZSRrgq7BhPIuU_AitAp19G2P6x4t2c9z5XVxF-2HAUvQSByNRN81nAkC-IHzSqChl_72eJ1IEDCz9bMtgDFS7RJNK_Pb7roMXWiAwHFDIJTbdYlJp6Rgm26vicOc-gMz1LZ9Aue8SWY7EiI69YzWFdGRA2t0jGIOFOxOaNF9KyLGq2Qox731NIUpj6Xesh-zxdkTrBvfwNVjNCBA_01HgH_UaV8sxrTR7_iq1aTpYAjaO0-vntB0mTisYG-2rtUcNK1WmeyDktSaTuCcYy0M_PbB-pTy6UuCneOB0S8cN15-_wLMpwTOpVpan8CwbetFaUhSlXE-OpQCWqs8IzyuhMA1QpDzStyT2oqURlM2s4quVuh_GabkKghM&sai=AMfl-YThM3_ykROh8jhGSNfEukYmqdcwDS8hgiXM4TWWYNMwQFOphxQeeXO5yh063PEpDeOyCP2TCTmMB4Fn9idEljQdh6Z0Ap6PPN_lQQABHRbczY3jnncKpW9JsGcYsi13AkdGyyvd6jnm5QKwvv313cW79QgFVs5XThhwOz9-A8aWMvqd0anceUmKw2Lq6ndXfxC3TU8BgHyImtSwej880hmtultoKSgOuNQaZjfnAnkQpjMn-af_KDvu4j3L7Q0YOWAIa-oBrp7OvmSzzFaCCjL8og&sig=Cg0ArKJSzEz3_bwWiEefEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210616.71317&adurl=

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 21 Jun 2021 17:42:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E599 41 KB
15 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 14:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 355491
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jun 2022 14:57:31 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E599 42 B
63 B 39ms
38ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CbpPy8D10melQNEjwi8oyb0jIaePu3ocIXxiqJcG07QaVQvqDxs0RTxKib1mk3efQH3RDNJ2Eu1SOau1idEUHNyWlCAQ_Wgt0cYKJvwnyqoHKi74s

Requested by

Host: eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com
URL: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame E599 3 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/window_focus_fy2019.js

Requested by

Host: eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com
URL: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jul 2021 17:42:01 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E599 122 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com
URL: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:22 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Mon, 21 Jun 2021 17:42:22 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame E599 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com
URL: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 10674426802404029766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jul 2021 17:41:06 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame E599 0
0 15ms
14ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRRmvsmxLLn3H8kAmBrtyfa4KGb-xawiciQ0Ms1CHX4dtiueTPj2ko426oTMFww1eCou0EG
Requested by: Host: eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com
URL: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 13622831937640958707
s0.2mdn.net/simgad/ Frame E599 80 KB
80 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13622831937640958707

Requested by

Host: eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com
URL: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16283fe78566e305a6f65eb6b0f86f52ca264c989056df46605fc2db846b1cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 15 Jun 2021 21:02:23 GMT
x-content-type-options: nosniff
age: 506399
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82168
x-xss-protection: 0
last-modified: Fri, 11 Jun 2021 08:19:37 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jun 2022 21:02:23 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame E599 0
23 B 122ms
92ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 17:42:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E1F9 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 21 Jun 2021 09:54:31 GMT
expires: Tue, 21 Jun 2022 09:54:31 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 28071
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E599 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b89e16223d93572ba3ed0797850e03cc55c2ac4cec83fccc4111fd5c69e94577

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 894B 0
0 94ms
93ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1GhwTlsW-KZbZyi_DDXM-kDwDcNRPDuymhoNEZVxJwoueww_s2fcp9rvnhcsEwpGx_keNLDgYJ-fR3CIi4Ga9vGazWTZ6Dshau6iCHzG2jK1lma7tlN4QDEFTIniMRTm30clWtlcXXWXO_MXuef8AvYI_c_KNakV-AKTkxmVwgcSgb_ssQhoYs1_ZdKn2nxw6SgqpgLh1UTZsb_2N0oYLbJvSa4o-r00lhG2LUeEnzwnYT9NIuepx5UUwBNI1v-wJP3k-emJAtABUTPFcZKqm0Zl_X5CIH8AIVuq1cRS4KpYxnNojOOC77nYPYTapXtGqgIOliXDsWag&sig=Cg0ArKJSzHe8UJ1UbZwcEAE&adurl=

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 17:42:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 894B 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Jul 2021 17:42:01 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 894B 122 KB
37 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:22 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Mon, 21 Jun 2021 17:42:22 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 894B 0
0 16ms
14ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSKrgnwuA0pw2pCA84kNbdzRbg4CY9m3eT9eaS8ycz1n_Bc66wsJJzL1UHeN5AEOrOEaTBq
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 1007866856661191423
tpc.googlesyndication.com/simgad/ Frame 894B 45 KB
45 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1007866856661191423

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0b34e169e0153cb180a889aeddfc30adfd87ec409c450819f7b7ebefdf37c99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 13:22:30 GMT
x-content-type-options: nosniff
age: 101992
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46099
x-xss-protection: 0
last-modified: Sun, 13 Jun 2021 13:08:47 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Jun 2022 13:22:30 GMT

POST
H2 200 events Show response
prd-collector-anon.ex.co/main/ Frame AAC4 0
135 B 359ms
119ms XHR
text/plain 54.145.239.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-anon.ex.co/main/events
Requested by: Host: player.ex.co
URL: https://player.ex.co/renderer/fee23b5a-054e-4b5d-8f8f-96951508ed72
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.239.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://e.walla.co.il
date: Mon, 21 Jun 2021 17:42:22 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

GET
H2 200 fee23b5a-054e-4b5d-8f8f-96951508ed72 Show response
player.ex.co/player/ 640 KB
192 KB 40ms
39ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ex.co/player/fee23b5a-054e-4b5d-8f8f-96951508ed72
Requested by: Host: player.ex.co
URL: https://player.ex.co/renderer/fee23b5a-054e-4b5d-8f8f-96951508ed72
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5d5b6aac23a8667ef61439818c4a7d139de2943478d5d85468221d2be419bccc

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:22 GMT
content-encoding: gzip
age: 21803
x-cache: MISS, HIT
access-control-max-age: 600
content-length: 196373
x-served-by: cache-dca17762-DCA, cache-bma1624-BMA
access-control-allow-origin: *
server: nginx
x-timer: S1624297342.336325,VS0,VE1
etag: W/"a010d-OItBLiiYPOF+eO6OrX1ed1INch4"
vary: Accept-Encoding, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Content-Type
x-cache-hits: 0, 1

GET
H3-29 200 RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js Show response
pagead2.googlesyndication.com/bg/ Frame E1F9 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450cd8f0848a395dd1c0e329fe4f5444e58cfd576162312a30d74a095d7135f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 15:29:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5759
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jun 2022 15:29:23 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 894B 0
0 92ms
91ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstd_Wx6CDx-zyfbfpyUCWumpy5T__3gOe6THwYT_FZZRwvq2GSINtphygMUemOyiw0oOAJLMdGyR_MS0BYfP4DOMrtP4vjMviE20r9DdoBa9Y73UTr3sQlnc-q0L8ENxR6t0BSWUVZ5QqNVGeRzncFU8gLoOen9aGi5TGTUmNE6W7Erwhj3ngym59luZtIoUmaQPrdJnG6I1QyqUDiCvHKJJQhOiHXD1K0_aEFw5_8U41R8MulXZ0aGub-_v5zUXKVs7hNdrsWTGSpYUNVkjax0HAmwmRXbjrWhwxuCQ2Q64O-Dbsf5zIMq7c6RIvOy70TPgzjP8CaIQ0pm_Q&sig=Cg0ArKJSzJDKvS2rNTHTEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 17:42:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 21 Jun 2021 17:42:22 GMT

GET
DATA 200
OK truncated
/ Frame 894B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59e03b4dd6b4c4ef37b9ca679c13445b39ada51ef77ab7c8066a07b566074789

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame AAC4 0
0 91ms
91ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPX7WPK4qOYxXdd1IuA1MH7L-X1i4bj4jBOlp1rJx91uakh3IqKKlsZDMY4PeH-yWvw6lY1SHke7iWRs2fpax1TG5CYT1p4ftgHyZ0tNfkqvUrnVek0cZGSNxdcskhI9rRkjVEWGHUToABHe3GKODPqJVaJZtosR8gtyCK9KpMzmTHP0Z1nuCsDjIIm2lEgUW4isC43ucKHULZVG2U17LvHNy5BqAJ04KpQ6ecNRGp8P3IAQS-SICtFC_i_8HvLzgIsDWdz3O83GGvJqgpzxJwAD4KOYMkXxV-BWRqaLXQ2rZZMX0DEcWzLYkRA4i8O9_gUbxbx3pAb5mDxFX8&sig=Cg0ArKJSzLfbwJkVL8ZtEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-35-156-106-231.eu-central-1.compute.amazonaws.com

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 17:42:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 21 Jun 2021 17:42:22 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2211 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2ezYfc_QYJOHHtTy3wOPjaaQBQAAAAA4AeAEAg&bg=!gIOlg8fNAAZktE7iZLQ7ACkAdvg8Wiin5gVEyZbs8-4FhYXck5MjJhcKSD9ccqvrH0dxWb21KWv_dQIAAAEbUgAAAGhoAQeZArp3JWsyzCnyJWQtNs6s6G51W8vRJLmwICOrW4TtdshxWkWCtaJCfZaT5zle2b0DD_J16NU77NTmuL9MnMWTY33iJu4K6TQsp16RkF7zfycni6W3PotrH7LAfrqPLwwzrvqI3ZTqyAPvNTPWSoDCPNHmfzgydqaCXRovFe16QWmNiMHBS4KCvwLJ7jRKZkjZsaPbs0sj7_FseGX6HvgsjnAK79InPOZrUp6bBDcBJgqc17JxnhLEYBpd9_OFZh5AgSUKGvCSYyTFjtfLLtTW_GAJcm5em0-WvgcjTIaCrPTgMVFoLQoW7MkhbTcRUE6DsQUHfJqUSFfhwJLexfOmnNjA6GKnHEAn2Qkg75g_Yct-LmfXvvOl-73bK-hnrWAnZgndYjHjt4svFIOeZ0OGM2RY7v09UIPuSf3NFn7ZTEL2WAQG0J5ssmD6gkr2gchbHggzVYo_5QxTrtGQLwN2lssPLKptPNjd2jldlqudteCBSR4y-VMV6HNT7SX-53NG5-wDYr2K3R1l8m6eeV-NrIptZrg7O4W-43NTZYf2FmFGoVUHKv-TyDXPqzutHt1MfuL1adu8eNQzl-EOMy4sqsjp0-pb0h16MtFAHoytr89kHbnjSMWxPULRkhCxyuh_s_FLHQKa3H_DYiPXott4Jky2m4TbCXTZ7Jc3o3iyPbSzAuBEDsNHQ5j889Jy6HDGrLVJa3LTGkpkW0jbjn0-nJytglpAfrwFJox7KVOdo_qJzgvwMvrBXCQJaJrXFHf_3ccBQYM2ElSoyapxKmTpSvfK_e59GaVX4CV3OeaEs-IW5FGItK8A0cwwJ4rro1YGxwu_UOn1SwwzIMJ5vu23gaq2Ksiry8f26e4rD7vftXndExPq-8ADvQolEZcwbgQkRQOlBszivme_9kVsnZwVYDFrZRESQO5MuCzvJw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 events Show response
prd-collector-anon.ex.co/main/ 0
134 B 233ms
120ms XHR
text/plain 54.145.239.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-anon.ex.co/main/events
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/fee23b5a-054e-4b5d-8f8f-96951508ed72
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.239.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://e.walla.co.il
date: Mon, 21 Jun 2021 17:42:22 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

GET
H3-29 200 css2
fonts.googleapis.com/ 2 KB
548 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 17:37:50 GMT
server: ESF
date: Mon, 21 Jun 2021 17:42:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 21 Jun 2021 17:42:22 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5B9A 42 B
64 B 41ms
41ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFXiWCUT-1G8LbEzFtxqrbm1ED5eUfSBn_iH-ZJ304c0vJLxKdKxK7b-PN5NBXmKhkU4Gknyfkzc_kn7iSfUmOGFA9Fr9VzuXYNw4mb42ErNnAtSSbqLrcMQfxkQ&sai=AMfl-YQayIunGDsoAr0pqZLdr5eo92UlQTLBpfQNhMCEGMrXMuSpcAlgdTzqnpKakfLDgfFfgYh4y6yPUC8Jwo9yes2zTj1MzCkYSYAFHhfHfKl1XNYW1_d8yvSugkQ&sig=Cg0ArKJSzJO23uQ3OAxBEAE&cid=CAASPeRoXFiNXokBCURue6w_37k9AFZMqAAiIX0LevIVbMXPL4mNnegg3SkJVd6gasruJZictt2w2fbU9F83qmo&id=ampim&o=314,100&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1025&mtos=0,0,0,1025,1025&tos=0,0,0,1025,0&tfs=132&tls=1157&g=99.79381561279297&h=99.79381561279297&tt=1157&r=v&avms=ampa&adk=2574293897

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 events Show response
prd-collector-anon.ex.co/main/ 0
134 B 194ms
119ms XHR
text/plain 54.145.239.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-anon.ex.co/main/events
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/fee23b5a-054e-4b5d-8f8f-96951508ed72
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.239.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://e.walla.co.il
date: Mon, 21 Jun 2021 17:42:22 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

GET
H2 200 hls.min.js Show response
player.avplayer.com/script/2/2.55/libs/ 247 KB
71 KB 28ms
7ms Script
application/javascript 2a02:26f0:6c00::210:bb21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/fee23b5a-054e-4b5d-8f8f-96951508ed72
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:22 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-Uzg4smcUyUdWef64hHqkVmexb85uQtozqglSdLDYlq0y4WzGiRoCxPq02FU-Y5pBb8g369Z-mWegPyPvosNsY8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 71831
last-modified: Sun, 10 Jan 2021 14:52:52 GMT
server: UploadServer
etag: "7888b98658e8cef4a98786556ccdab66"
vary: Accept-Encoding
x-goog-hash: crc32c=vMWMIg==
content-language: en
x-goog-generation: 1610290372874389
cache-control: public, max-age=300
x-goog-stored-content-length: 71831
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 21 Jun 2021 17:47:22 GMT

GET
DATA 200
OK truncated
/ 548 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 902dde5c61e28b2ea557a81ff2d3a2be505654f7a8d74b35c52410f47dc75f66

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 484 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f677418329f1492ff13d5041c5872f1570eda43eaca5d1854a61de27385dab66

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 478 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23727e1fd90dc2bc2566aeef37ee69dd72c888dd8ba8d726f45e843c85eb0d67

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 365 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04b2684e2a85ed8bf65eb0e6a3b4d942ebe82fcec4169bf3b322b9ad06f6565f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 wallalogo.png
cdn.playbuzz.com/content/monetization/logos/ 11 KB
11 KB 199ms
55ms Image
image/png 104.111.232.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.playbuzz.com/content/monetization/logos/wallalogo.png
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.232.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-26.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4188a1476a4c74f3e8402c64c016c92ddd3e009427e0f65058c8ed98bc50e706

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:22 GMT
content-encoding: gzip
etag: "564f43c114e12ab33bd14b9163751867"
last-modified: Thu, 24 Oct 2019 11:52:29 GMT
server: AmazonS3
x-amz-meta-cb-modifiedtime: Thu, 24 Oct 2019 11:52:10 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 10930

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 7E8F 340 KB
97 KB 26ms
6ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/fee23b5a-054e-4b5d-8f8f-96951508ed72
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 5b07bd7887bba590039eea15581e645fbcda1e79168a4e7026545ce3f9c65c33

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:22 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UwqM3xFuxRhGhqe4Od_JNP09EBlImZ_K7E_PdLcaCWb4NAC3Xx_UyUqvectuJ8b9oNn_6ukcdSzK6ctFG88zBM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 98363
last-modified: Wed, 16 Jun 2021 06:20:55 GMT
server: UploadServer
etag: "fd46739aa4cba1175c2fcc49d6511ba5"
vary: Accept-Encoding
x-goog-hash: crc32c=a3/y7w==, md5=/UZzmqTLoRdcL8xJ1lEbpQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1623824455865167
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 98363
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 21 Jun 2021 17:47:22 GMT

GET
H2 200 track
atrack.avplayer.com/ 0
71 B 362ms
120ms Image
text/plain 3.88.247.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=playerLoaded&cb=1624297342482&cid=5d9ae55428a0614104102f51&cou=SE&AV_PAGE_LOAD_UID=8e57d3d5-ea61-428c-acb3-d21e20d02d37&AV_CDIM4=8e57d3d5-ea61-428c-acb3-d21e20d02d37&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=dfp&AV_CDIM5=dfp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.247.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:22 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 events Show response
prd-collector-anon.ex.co/main/ 0
134 B 141ms
119ms XHR
text/plain 54.145.239.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-anon.ex.co/main/events
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/fee23b5a-054e-4b5d-8f8f-96951508ed72
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.239.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://e.walla.co.il
date: Mon, 21 Jun 2021 17:42:22 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.jpg
mcd.ex.co/video/upload/so_4/v1490095101/ 45 KB
45 KB 230ms
79ms Image
image/jpeg 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mcd.ex.co/video/upload/so_4/v1490095101/landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.jpg
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: f61e10347277cd4c1aa1392dfe5fa58c6dca4825a787e1f9cb8f7dc1ab1155c3

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 17:42:22 GMT
Last-Modified: Fri, 19 Mar 2021 19:18:08 GMT
Server: cloudinary
X-Timer: S1616247453.609992,VS0,VE1
ETag: "081d6113dd92033d72647f3ab049a424"
X-Served-By: cache-wdc5541-WDC
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=23507775
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Content-Length: 45686
X-Cache-Hits: 1

GET
H2 200 almoni-neue-aaa-600.woff
e.walla.co.il/public/font/almoni/ 58 KB
59 KB 57ms
56ms Font
font/woff 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

sec-fetch-mode: cors
origin: https://e.walla.co.il
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga=GA1.3.250153691.1624297340; _gid=GA1.3.131909892.1624297340; _gat_UA-4780630-1=1; _fbp=fb.2.1624297339707.1049627674; strip_step=2; _wpnis=2; _wfsis=https://e.walla.co.il; exco-uid=rxkbz0vhjfz7tekt; __gads=ID=cf7c28098bfad7da:T=1624297340:S=ALNI_MYTAt2dFbd-gdkygp9MYidwtgFwXw
:path: /public/font/almoni/almoni-neue-aaa-600.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: e.walla.co.il
referer: https://e.walla.co.il/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://e.walla.co.il
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 14:03:31 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified: Mon, 21 Jun 2021 13:45:21 GMT
server: openresty/1.15.8.1
age: 13131
etag: W/"e954-17a2ed18568"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 59732
x-cached: MISS
x-amz-cf-id: IbLjNUksQBi2tEqNpoasm1PjdbS4XvKu7-eYHenbI5gstoDY-g4YbA==

GET
H2 200 wallaicons.woff
e.walla.co.il/public/font/fonticon/ 15 KB
15 KB 56ms
56ms Font
font/woff 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

sec-fetch-mode: cors
origin: https://e.walla.co.il
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga=GA1.3.250153691.1624297340; _gid=GA1.3.131909892.1624297340; _gat_UA-4780630-1=1; _fbp=fb.2.1624297339707.1049627674; strip_step=2; _wpnis=2; _wfsis=https://e.walla.co.il; exco-uid=rxkbz0vhjfz7tekt; __gads=ID=cf7c28098bfad7da:T=1624297340:S=ALNI_MYTAt2dFbd-gdkygp9MYidwtgFwXw
:path: /public/font/fonticon/wallaicons.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: e.walla.co.il
referer: https://e.walla.co.il/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://e.walla.co.il
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 14:03:31 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified: Mon, 21 Jun 2021 13:45:21 GMT
server: openresty/1.15.8.1
age: 13131
etag: W/"3bdc-17a2ed18568"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 15324
x-cached: MISS
x-amz-cf-id: FiVZDprQt-zm_U6XemQOAMNwK7xxbggydLD2JAB-ipsMUFZztRbCbA==

GET
H2 200 almoni-neue-aaa-200.woff
e.walla.co.il/public/font/almoni/ 58 KB
58 KB 59ms
58ms Font
font/woff 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e.walla.co.il/public/font/almoni/almoni-neue-aaa-200.woff
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 86603f4ce9518ae254073f2db409d9ea59f3344a0a37a9064b27d353fc487d5c

Request headers

sec-fetch-mode: cors
origin: https://e.walla.co.il
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga=GA1.3.250153691.1624297340; _gid=GA1.3.131909892.1624297340; _gat_UA-4780630-1=1; _fbp=fb.2.1624297339707.1049627674; strip_step=2; _wpnis=2; _wfsis=https://e.walla.co.il; exco-uid=rxkbz0vhjfz7tekt; __gads=ID=cf7c28098bfad7da:T=1624297340:S=ALNI_MYTAt2dFbd-gdkygp9MYidwtgFwXw
:path: /public/font/almoni/almoni-neue-aaa-200.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: e.walla.co.il
referer: https://e.walla.co.il/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://e.walla.co.il
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 14:04:24 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified: Mon, 21 Jun 2021 13:45:21 GMT
server: openresty/1.15.8.1
age: 13078
etag: W/"e848-17a2ed18568"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 59464
x-cached: MISS
x-amz-cf-id: TZ3IVd1X1mV8gAx_IcSOrINq2k78Nf1Va-gRygLGiHcleY04mI4sBg==

GET
H2 200 almoni-neue-aaa-800.woff
e.walla.co.il/public/font/almoni/ 58 KB
58 KB 56ms
56ms Font
font/woff 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e.walla.co.il/public/font/almoni/almoni-neue-aaa-800.woff
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: ab5efe24966aca3d3addf00730f734a3fd62d552cc8c5dee2a837c057d62856a

Request headers

sec-fetch-mode: cors
origin: https://e.walla.co.il
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga=GA1.3.250153691.1624297340; _gid=GA1.3.131909892.1624297340; _gat_UA-4780630-1=1; _fbp=fb.2.1624297339707.1049627674; strip_step=2; _wpnis=2; _wfsis=https://e.walla.co.il; exco-uid=rxkbz0vhjfz7tekt; __gads=ID=cf7c28098bfad7da:T=1624297340:S=ALNI_MYTAt2dFbd-gdkygp9MYidwtgFwXw
:path: /public/font/almoni/almoni-neue-aaa-800.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: e.walla.co.il
referer: https://e.walla.co.il/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://e.walla.co.il
Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 14:03:31 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
last-modified: Mon, 21 Jun 2021 13:45:21 GMT
server: openresty/1.15.8.1
age: 13131
etag: W/"e65c-17a2ed18568"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 58972
x-cached: MISS
x-amz-cf-id: pMwwIfcq7KextKOBhRITJ_FYwV5q6WI0sow9t-YiiHSYaVMgvkz7lA==

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012106141722000/ Frame FD1A 189 KB
54 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106141722000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55b50d801b8502706ea91f90c83eb08253f16eb27bc83c6f4047af3655eed6ff

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55217
x-xss-protection: 0
server: sffe
date: Mon, 21 Jun 2021 17:06:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6e85c2cf35b93d5b"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jun 2022 17:06:51 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012106141722000/v0/ Frame FD1A 13 KB
5 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106141722000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73a783d2e5f778e1af41cc4126dfea9956cf43a518e2707658c0200c93765527

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4808
x-xss-protection: 0
server: sffe
date: Mon, 21 Jun 2021 17:06:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "20d5993134a00e72"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jun 2022 17:06:51 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012106141722000/v0/ Frame FD1A 85 KB
27 KB 32ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106141722000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d10bfad757ebad3e5250a813741d2e98dde085d3dee974beaa2fd5b3d8c76f21

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27288
x-xss-protection: 0
server: sffe
date: Mon, 21 Jun 2021 17:06:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0e18b5d4ac760a2b"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jun 2022 17:06:51 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012106141722000/v0/ Frame FD1A 3 KB
1 KB 33ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106141722000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b51423401412ab5d2fec98015b6892087f95d633507fb7a047e9851abb23f221

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1299
x-xss-protection: 0
server: sffe
date: Mon, 21 Jun 2021 17:06:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "da415af7878c9ead"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jun 2022 17:06:51 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012106141722000/v0/ Frame FD1A 40 KB
13 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106141722000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06503352984183697b7695de1d989652bc05634c474b958169e92a3b430d9d34

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12849
x-xss-protection: 0
server: sffe
date: Mon, 21 Jun 2021 17:06:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b6ce0de783bcb6f"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Jun 2022 17:06:51 GMT

GET
H3-29 200 iw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FD1A 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/iw.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 12:56:06 GMT
x-content-type-options: nosniff
server: cafe
age: 17176
etag: 415739381108731362
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2712
x-xss-protection: 0
expires: Tue, 22 Jun 2021 12:56:06 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FD1A 344 B
371 B 7ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 09:32:16 GMT
x-content-type-options: nosniff
server: cafe
age: 29406
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 22 Jun 2021 09:32:16 GMT

GET
DATA 200
OK truncated
/ Frame FD1A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e14dbac10a2d6977894d26b812187ae70f10ba133014cbc65b6ab563ca90af5b

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5018460640160183999/ Frame FD1A 19 KB
19 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5018460640160183999/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIrAIQnQEYASABLQAAAD8wrAI4nQFFAACAPw&rs=AOga4qmzdlG0hvllUFRHpPomJ1VsycYFvg

Requested by

Host: e.walla.co.il
URL: https://e.walla.co.il/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74fd9359d3a343b61fba9147279d872573523df420bdf87aba4889256142fda6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 09:47:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 Jul 2019 17:17:24 GMT
server: sffe
age: 114894
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19585
x-xss-protection: 0
expires: Mon, 20 Jun 2022 09:47:28 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FD1A 0
0 93ms
93ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cbnxzfs_QYISVC5OMlQfJtpT4A5CCjN9ixv7m0dAN29keEAEg0ZPDKmDxrfyFpB-gAZ2V-9wCyAEGqQLfZU8CzPuzPuACAKgDAcgDCqoE3gFP0MSlfc3F_vup880ll0eWbU1YEaslF1YwjPQ8yxd_E_HSYj6QdRbcOl0IraKknB8B-ADW3Yy6kZhl8608pnvH7GjNKqpx2gu9sHI301Kaj-xZASCXme3OK_J3lfqL0YZWhIzfx3_AsL7j-cEmm1GFKy74_wx-Xte0vQ7tmpGZnZBZ8QKUT1J-ReOxdas0sb00fc1gpbqat2kE7PKVTwV5G-2Bn3Wi7ySBf-1VL3aRnkKMXj9MCfimmTUKZNUkgh4lj83IrZ3kbM8qXjgY87ftfTmYqe6GCqHPaCpre6rABJqVjZW1A-AEAZIFBAgEGAGSBQQIBRgEoAY3gAeR-ISjAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCRlgTSCAkIgOGAcBABGB2ACgPICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItNDQ5MTY1OTQ5NjM3MjE3Mg&sigh=EZryY368N0U&template_id=492
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame FD1A 0
0 14ms
13ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS6PJ4_N8RvMHqvNaEdpsTp2JH0kC4MF0E-93Xh_SFqNDJngkDjm7crvHTsaalaUSa0OHxs
Requested by: Host: e.walla.co.il
URL: https://e.walla.co.il/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 123ms
122ms Fetch
text/plain 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=4a931c7db933a19512bc9b5511db6538_1769_1624297342077&tm=2241&eT=0&widgetWidth=635&widgetHeight=605&widgetX=650&widgetY=7568&wRV=2000372&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 21 Jun 2021 17:42:22 GMT
content-encoding: gzip
X-TraceId: 69e625f4b0371d330a6759195d212d94
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 128ms
128ms Fetch
text/plain 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=31ad312bf73bbb09737246a462eeef3b_1769_1624297342217&tm=2271&eT=0&widgetWidth=635&widgetHeight=605&widgetX=650&widgetY=8188&wRV=2000372&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 21 Jun 2021 17:42:22 GMT
content-encoding: gzip
X-TraceId: e53e31a75adf8adf7d657f16bcf3f11f
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 246ms
124ms Fetch
text/plain 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=77e9b0dcc1b3950cbba769817cfb3543_1769_1624297342329&tm=2272&eT=0&widgetWidth=635&widgetHeight=605&widgetX=650&widgetY=8808&wRV=2000372&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 21 Jun 2021 17:42:22 GMT
content-encoding: gzip
X-TraceId: 77172e417769a369341f149d35a30ba1
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 259ms
131ms Fetch
text/plain 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=019ef1a135a6ac682b8d3285639a4e15_1769_1624297342446&tm=2273&eT=0&widgetWidth=635&widgetHeight=605&widgetX=650&widgetY=9427&wRV=2000372&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 21 Jun 2021 17:42:22 GMT
content-encoding: gzip
X-TraceId: aed9d35d0c562fc1d5a1ccd7ed20aae8
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 track
track1.aniview.com/ 0
70 B 123ms
121ms Image
text/plain 3.88.247.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=e.walla.co.il&sn=&cd4=8e57d3d5-ea61-428c-acb3-d21e20d02d37&cd5=dfp&ic=0&tgt=0&app=&wi=600&he=338&test=&apppkg=&fv=1&proto=https&pid=56ea678d181f46c76f8b45fb&cid=5d9ae55428a0614104102f51&e=inventory&vi=100&cb=1624297342797
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.247.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:22 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
premiumsrv.aniview.com/api/adserver/tag/ 18 KB
3 KB 520ms
275ms XHR
application/json 35.168.30.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://premiumsrv.aniview.com/api/adserver/tag/?cou=SE&AV_PAGE_LOAD_UID=8e57d3d5-ea61-428c-acb3-d21e20d02d37&AV_CDIM4=8e57d3d5-ea61-428c-acb3-d21e20d02d37&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=dfp&AV_CDIM5=dfp&AV_VIDEOURL=https%3A%2F%2Fmcd.ex.co%2Fvideo%2Fupload%2Fsp_hd%2Fv1490095101%2Flandscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fe.walla.co.il%2F&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&AV_CHANNELID=5d9ae55428a0614104102f51&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=e.walla.co.il&AV_DADPOS=1&v=6.1.1.243&responsive=1&avtoken=342797&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1624297342839
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.30.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 79c719ec0a2da5918f5bbcbe6289f72abe3ae7a6666f0b8ae28ab69cac89a42f

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:23 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://e.walla.co.il
cache-control: no-cache
access-control-allow-credentials: true
expires: Thu, 10 Jun 2021 03:55:43 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0E03 42 B
64 B 49ms
47ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgop_HMcVSiwPpsUAQ9lc_yUlaO8SrVIBzKjApGHjUAiM4Z12ZbLXB-ROm_a6VmOSlFmVvNiKER-hFn63-MQRetIA133d9mtJDY6cDWeh-2MK_Y-boWpK9axoPWg&sai=AMfl-YSr2IfldvK8dL9UPDarf6Gjt7n9s1YFcooJOJAAEjV6wla3dEApRG5u8EA2ANssOdGOc-eiYC4MYk-TZVKOAdu9WNFn30DM0ZtdB_qZSxC4V_IdjfmYZM6fW0wB&sig=Cg0ArKJSzGYIVjb6H0fwEAE&cid=CAASPeRoJkAXGFhNkj49g0D6MbqL05c557c_0DQHwW55p__-d9aBr_3cKEhh5twy9Gf491dPzbOlg8u1sbo6PNA&id=lidar2&mcvt=1033&p=181,1439,785,1599&mtos=0,1033,1033,1033,1033&tos=0,1033,0,0,0&v=20210616&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=2790448677&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624297341431&dlt=35&rpt=380&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eafc5a6ae905e5dc4ea5772d92aec135.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame FD1A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

38ms
38ms

Image
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Mon, 21 Jun 2021 17:42:22 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5018460640160183999/ Frame FD1A 19 KB
19 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012106141722000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74fd9359d3a343b61fba9147279d872573523df420bdf87aba4889256142fda6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 20 Jun 2021 09:47:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 Jul 2019 17:17:24 GMT
server: sffe
age: 114894
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19585
x-xss-protection: 0
expires: Mon, 20 Jun 2022 09:47:28 GMT

GET
H3-29 200 iw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FD1A 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/iw.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012106141722000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 12:56:06 GMT
x-content-type-options: nosniff
server: cafe
age: 17176
etag: 415739381108731362
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2712
x-xss-protection: 0
expires: Tue, 22 Jun 2021 12:56:06 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame FD1A 344 B
371 B 7ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012106141722000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 09:32:16 GMT
x-content-type-options: nosniff
server: cafe
age: 29406
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 22 Jun 2021 09:32:16 GMT

GET
H/1.1 200
OK landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.m3u8 Show response
mcd.ex.co/video/upload/sp_hd/v1490095101/ 1 KB
2 KB 164ms
55ms XHR
application/x-mpegurl 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/sp_hd/v1490095101/landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.m3u8
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: dee1ae4866fab287fce0e14aa14b3c87d3d7eeff819b538fea9e6b2b76b161b7

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 17:42:23 GMT
Last-Modified: Fri, 19 Mar 2021 19:18:07 GMT
Server: cloudinary
X-Timer: S1616317464.008419,VS0,VE49
ETag: "4936d5a3718fdca8b05074597e512ff2"
X-Served-By: cache-wdc5541-WDC
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=23577926
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Content-Length: 1128
X-Cache-Hits: 1

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 90B6 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvXWjqMHl3vpbaZZRJwnWgbkJdt98gZk_KjTQKB2fNB_eyN2jpkyWMCB77nvketvMyvMi6uZr17wr5FLX32V-LyQCl3zmLxoGm4i1cpYGQ&sig=Cg0ArKJSzCw-X1TbpTfkEAE&id=lidar2&mcvt=1013&p=1160,315,1200,1285&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20210616&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=578455068&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624297341676&dlt=0&rpt=163&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E1F9 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BF8vRfc_QYO6RJLWM7_UP6Zi74AUAAAAAOAHgBAI&bg=!FRalFlLNAAZktE7iZLQ7ACkAdvg8Wv9mSeK7b8NsWjqcfEC0-ye0F1nhoOhfvbSDTNM0qz92i7nGjwIAAAJFUgAAAB5oAQcKALOAbNM-L7yIn-X4pCM_TtdtWibfWp-aaBjNels7VJVHh6hqIveKSDAJb7ZR65w2bZoAO3zSGl_pECv9WNIxz9BrxcfzBg_C540R7buuNERJHULi5hOxb6K5LRzktUmKx78jigsVxX5H7AkO1zL8BaemiT73qcWo9jEfx8f5-IG-mBrz-3kXFtkvRiy4oCxltgiLV9eTWxe1VLh_qmD6EarNVuiVZ6cDl8Nndx8RKxHXhLPa65kCvaRwX1lW-he7lPKqDUyZ_MoncwPQNHqgP8OSiKbQroRUaIHDNF8Sx5umkl8UCMZbwtYZGYfwH_riefagwz_-39mcCkes5c2FLKtpyeVdsVGIfeBLZaFXlgqWua_F4PeC-KYLG4f9h-z7GaEK1M33p3x8yPenX1fHKHRf20JOqNGlfSyW5B2_m-bzqH1vknYxsLPGI0jciciaj0VPt5e6JHA-y9XQCnKkjogG2QvTkLMss4jS1zvQdJMy0Tea6QLd5m2mXN4kDW6YVnk0qikY15Tb13gmnJZVG-AsG8SXYdFiTDV43rsoiCWnGhPeSLIgBUdET49Q03O0vsRlfsWmFNmxLtDxuklC8Iw2qrya7sNrxEwU5hnYqyrNkQFU1ptW4K4huFh407f92pQvhn-gefSjBFafWwzsefUvBKyUwT4ig5B1Ao5U6yP8R5PRKVd54BIeRVdqrcF8ddbGjXRmmyl7_cCMrO25kH2azGyOYrbp65G7KwSYSojErVm1IWAqGpFzDSa5ZUE0sQsTWmWffC73wc_7iqCfgG5LRFki9GbieqvfpqL5Mqo6Fo_OY3EIx4WsVdyLlgXP3qLJ3Dwq8upABJoIsE831CJsPD1A6F6XSnRzo9bnn4x1W1-ulv2oZI7jbGj6SN1RsamKzCT3GWX8sXv_Z9wV_1Xorr1ZwkPFWpSP5wAKUhkoEDPiQ_024Umo-wRFgZFv1dylswOmhKCYJolkD10mGChC9dG-BBLvKurQD5R1JkiMtog8DzOdEU2tI_2WWET_ElKkg20NbSWlPXLBvWcTI0QNvFMBnNCP-mynYFnOU9rm7sP-1DsTEjcI5CaQwgrTgbGOkl4KxH8iLk1mn77sqjB8QCznGWiLFRtj6ynRzL0VcH3gYo7vhPXdVpEWtxSp8OtmZBT7x8rBgsjZO9E1YkI3AvCw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.m3u8 Show response
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1616181445/ 1 KB
2 KB 55ms
55ms XHR
application/x-mpegurl 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1616181445/landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.m3u8
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: bc8fe7d1c89f83d5bb0cd79a9fa64b0f8b4848245f597e16601a0696df099d8e

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 17:42:23 GMT
Last-Modified: Fri, 19 Mar 2021 19:17:31 GMT
Server: cloudinary
X-Timer: S1616317640.069239,VS0,VE1
ETag: "ebd77961d9792256dc90a1ca84659026"
X-Served-By: cache-wdc5541-WDC
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=23577888
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Content-Length: 1337
X-Cache-Hits: 1

OPTIONS
H/1.1 200
OK landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1616181445/ Frame 0
0 58ms
57ms Preflight
text/html 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1616181445/landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.ts
Protocol: HTTP/1.1
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://e.walla.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: text/html
Content-Length: 13
Date: Mon, 21 Jun 2021 17:42:23 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Range

GET
H/1.1 206
Partial Content landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.ts Show response
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1616181445/ 137 KB
138 KB 64ms
63ms XHR
video/mp2t 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1616181445/landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: 450692c4aaeb4460f6746df3ed7c2f85621a7f935e7288106b320bec7fdeec63

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-140435

Response headers

Date: Mon, 21 Jun 2021 17:42:23 GMT
Content-Range: bytes 0-140435/1124616
Connection: keep-alive
Content-Length: 140436
X-Served-By: cache-wdc5555-WDC
Last-Modified: Fri, 19 Mar 2021 19:17:31 GMT
Server: cloudinary
X-Timer: S1616317640.296650,VS0,VE0
ETag: "619ad8fb207158842036011011e326ba"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=23577845
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

GET
BLOB 200
OK 81a9d16c-4888-4a22-9b8d-52611b590c62
https://e.walla.co.il/ 63 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://e.walla.co.il/81a9d16c-4888-4a22-9b8d-52611b590c62
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 64352
Content-Type: text/javascript

GET
H/1.1 200
OK landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.m3u8 Show response
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1616181445/ 1 KB
2 KB 56ms
55ms XHR
application/x-mpegurl 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1616181445/landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.m3u8
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: ab358aa41e59fbcd3d855de02449a2659ffde91110e007aab0f4169c146831d4

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 17:42:23 GMT
Last-Modified: Fri, 19 Mar 2021 19:17:41 GMT
Server: cloudinary
X-Timer: S1616317641.188509,VS0,VE1
ETag: "2d5ab426effd7b17eeca2be53e278611"
X-Served-By: cache-wdc5541-WDC
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=23578019
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Content-Length: 1343
X-Cache-Hits: 1

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AAC4 42 B
64 B 39ms
38ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNNiwTPI8OaAidwR09RcnpFxsWW-CkgoEhA7x3oK0adg_2TO2NnSa_wBiCLOv_RXIuySS_obK7XhuPV-01duGubkHUQCFnRE8UC3Do6TU&sig=Cg0ArKJSzKZIFMtBVo8sEAE&id=lidar2&mcvt=1000&p=385,800,386,801&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210616&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2933179666&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624297342037&dlt=0&rpt=1&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum.casalemedia.com/ Frame 160F
Redirect Chain

https://ssum.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624297343149-986437238242-008051-007-005489%26biddername%3D42%26key%3D
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624297343149-986437238242-008051-007-005489%26biddername%3D42%26key%3D&s=190719&C=1

2 KB
3 KB

122ms
122ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624297343149-986437238242-008051-007-005489%26biddername%3D42%26key%3D&s=190719&C=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2f978bd64c4981158a0fb73a9bc3bb7bcb58612e6d9d1e67f4defa7bfd288c52

Request headers

Host: ssum.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://e.walla.co.il/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YNDPf1HxcegOV7.rg0sUoQAA; CMPS=290
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e.walla.co.il/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|241|39|45|190|65|51|40
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1801
Expires: Mon, 21 Jun 2021 17:42:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 21 Jun 2021 17:42:23 GMT
Connection: keep-alive
Set-Cookie: CMID=YNDPf1HxcegOV7.rg0sUoQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 21 Jun 2022 17:42:23 GMT CMPS=290;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 19 Sep 2021 17:42:23 GMT CMPRO=663;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 19 Sep 2021 17:42:23 GMT CMST=YNDPf2DQz38A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 22 Jun 2021 17:42:23 GMT CMRUM3=2860d0cf7f05a00&e660d0cf7f2760&f160d0cf7f05a0&2d60d0cf7f05a0&4160d0cf7f05a0&be60d0cf7f05a0&3360d0cf7f05a0&2760d0cf7f0b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 21 Jun 2022 17:42:23 GMT

Redirect headers

Server: Apache
Content-Length: 379
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624297343149-986437238242-008051-007-005489%26biddername%3D42%26key%3D&s=190719&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Mon, 21 Jun 2021 17:42:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 21 Jun 2021 17:42:23 GMT
Connection: keep-alive
Set-Cookie: CMID=YNDPf1HxcegOV7.rg0sUoQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 21 Jun 2022 17:42:23 GMT CMPS=290;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 19 Sep 2021 17:42:23 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 0C07
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east

281 B
554 B

161ms
58ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://e.walla.co.il/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e.walla.co.il/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 21 Jun 2021 17:42:23 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Date: Mon, 21 Jun 2021 17:42:23 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 204 sync
pixel.advertising.com/ups/58195/ Frame 9D51 0
0 158ms
53ms Document
text/plain 35.156.106.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58195/sync?&gdpr=1&gdpr_consent=&redir=true

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.106.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: pixel.advertising.com
:scheme: https
:path: /ups/58195/sync?&gdpr=1&gdpr_consent=&redir=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e.walla.co.il/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e.walla.co.il/

Response headers

date: Mon, 21 Jun 2021 17:42:23 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 83DF 14 KB
5 KB 170ms
56ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624297343149-986437238242-008051-007-005489%26biddername%3D1%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624297343149-986437238242-008051-007-005489%26biddername%3D1%26key%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e.walla.co.il/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e.walla.co.il/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=57971
expires: Tue, 22 Jun 2021 09:48:34 GMT
date: Mon, 21 Jun 2021 17:42:23 GMT
vary: Accept-Encoding

GET
H2 200 avpb3.js Show response
player.aniview.com/script/6.1/ Frame 7E8F 282 KB
89 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 145a56bb48c5f09e919fb7dcf87161e1f7b6bc9260fb5f8e6b43063fd67cf744

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:23 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UzvzKhYyMbnbu0KNvWMnYigr64pUMhGXjhgFd3kQkwFxbjdyqLfMFRyfGhVIgjPYIiyb_83WP7QnzW3s0R-RKRYkK1mLQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 90379
last-modified: Wed, 16 Jun 2021 06:20:24 GMT
server: UploadServer
etag: "5d4e56201280a0e4d338f6015d54a219"
vary: Accept-Encoding
x-goog-hash: crc32c=V3XgYw==, md5=XU5WIBKAoOTTOPYBXVSiGQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1623824424580802
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 90379
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 21 Jun 2021 17:47:23 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 123ms
122ms Image
text/plain 3.88.247.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=e.walla.co.il&rs=e.walla.co.il&sid=62984&t=1624297343&cip=185.236.42.79&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1624297343149-986437238242-008051-007-005489&cha=0.1&stagid=&stplid=&cb=40633586039&cd4=8e57d3d5-ea61-428c-acb3-d21e20d02d37&cd5=dfp&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&nid=56ea678d181f46c76f8b45fb&ncid=5d9ae55428a0614104102f51&e=request&cb=1624297343382&asid=5c3df2bd073ef46dba17f348%2C5ee3d57071193a26344a4076%2C604e0bb1f199b154cc115338%2C5d9ae55028a061037d479c6c%2C5c5a9a6228a0617b9619af99%2C5c3df27928a0610ca442bb57%2C5ea6a42f2fbcd128421c754c%2C5c3df23d073ef4356f2c642c%2C5d9ae55028a0613a3949d76b%2C5c17b03b28a0615d8d0409b6%2C5fa2a98bba80693a416064d7&ofpr=%2C%2C2%2C%2C2%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.247.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:23 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 206
Partial Content landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.ts Show response
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1616181445/ 267 KB
268 KB 58ms
57ms XHR
video/mp2t 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1616181445/landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: a85951e8a8d3ef012b02c9e96c6294b9451bed20efd08247d3bf27bc9f1b3205

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-273915

Response headers

Date: Mon, 21 Jun 2021 17:42:23 GMT
Content-Range: bytes 0-273915/2227988
Connection: keep-alive
Content-Length: 273916
X-Served-By: cache-wdc5555-WDC
Last-Modified: Fri, 19 Mar 2021 19:17:40 GMT
Server: cloudinary
X-Timer: S1616317642.523788,VS0,VE1
ETag: "f8db555ab25e7880e0d996fd710a5ab5"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=23577903
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

OPTIONS
H/1.1 200
OK landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1616181445/ Frame 0
0 55ms
55ms Preflight
text/html 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1616181445/landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.ts
Protocol: HTTP/1.1
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://e.walla.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: text/html
Content-Length: 13
Date: Mon, 21 Jun 2021 17:42:23 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Range

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 188 B
388 B 259ms
153ms XHR
application/json 18.196.47.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.47.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e7624baf1c3433a4bdc057fda4d7b85c7eec636cae05f84ede817ac051a684e8

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:23 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://e.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 176
expires: 0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 185 B
387 B 210ms
106ms XHR
application/json 18.196.47.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.47.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 915338848acadcdebe44efb81d11a2cfb1d7fca3d3080de05317d07e80ae47a3

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:23 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://e.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 83DF 0
42 B 178ms
59ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=91245907&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624297343149-986437238242-008051-007-005489%26biddername%3D1%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:23 GMT
content-length: 0

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1616181445/landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.ts
Protocol: HTTP/1.1
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://e.walla.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: text/html
Content-Length: 13
Date: Mon, 21 Jun 2021 17:42:23 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Range

GET
H/1.1 206
Partial Content landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.ts Show response
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1616181445/ 331 KB
331 KB 58ms
58ms XHR
video/mp2t 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1616181445/landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: 18353a67ff0b4c756956444ca9b290fc53d032e7346c535599c04674fc169edd

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=273916-612691

Response headers

Date: Mon, 21 Jun 2021 17:42:23 GMT
Content-Range: bytes 273916-612691/2227988
Connection: keep-alive
Content-Length: 338776
X-Served-By: cache-wdc5555-WDC
Last-Modified: Fri, 19 Mar 2021 19:17:40 GMT
Server: cloudinary
X-Timer: S1616317642.523788,VS0,VE1
ETag: "f8db555ab25e7880e0d996fd710a5ab5"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=23577903
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

GET
DATA 200
OK truncated
/ 554 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 452d1771c6e4f4a4981f681d311aabb02f3b79661e4b3688293506891c4549ad

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://e.walla.co.il
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 17:35:42 GMT
x-content-type-options: nosniff
age: 173201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 17:35:42 GMT

POST
H2 200 events Show response
prd-collector-anon.ex.co/main/ 0
134 B 119ms
119ms XHR
text/plain 54.145.239.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-anon.ex.co/main/events
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/fee23b5a-054e-4b5d-8f8f-96951508ed72
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.239.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://e.walla.co.il
date: Mon, 21 Jun 2021 17:42:23 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0C07 31 KB
9 KB 55ms
54ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 81ac6d16bad082bb0cd7d9c5f4f3a8e9173a53d8851c606283be4e418d3ffbd9

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 17:42:23 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jun 2021 16:13:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=39773
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9273
Expires: Tue, 22 Jun 2021 04:45:16 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 121ms
121ms Image
text/plain 3.88.247.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=e.walla.co.il&rs=e.walla.co.il&sid=62984&t=1624297343&cip=185.236.42.79&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1624297343149-986437238242-008051-007-005489&cha=0.1&stagid=&stplid=&cb=40633586039&cd4=8e57d3d5-ea61-428c-acb3-d21e20d02d37&cd5=dfp&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&nid=56ea678d181f46c76f8b45fb&ncid=5d9ae55428a0614104102f51&e=bid&cb=1624297343690&asid=5c3df2bd073ef46dba17f348%2C5ee3d57071193a26344a4076%2C5d9ae55028a061037d479c6c%2C5c3df27928a0610ca442bb57%2C5ea6a42f2fbcd128421c754c%2C5c3df23d073ef4356f2c642c%2C5d9ae55028a0613a3949d76b%2C5c17b03b28a0615d8d0409b6%2C5fa2a98bba80693a416064d7&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.247.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:23 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 160F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YNDPf1HxcegOV7-rg0sUoQAAApcAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDQlwJgjt4twSqw7W77CGh0&google_cver=1

43 B
315 B

176ms
65ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDQlwJgjt4twSqw7W77CGh0&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624297343149-986437238242-008051-007-005489%26biddername%3D42%26key%3D&s=190719&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Jun 2021 17:42:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 21 Jun 2021 17:42:24 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDQlwJgjt4twSqw7W77CGh0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 160F
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNDPf1HxcegOV7-rg0sUoQAAApcAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNDPf1HxcegOV7-rg0sUoQAAApcAAAIB&dcc=t

43 B
433 B

124ms
123ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNDPf1HxcegOV7-rg0sUoQAAApcAAAIB&dcc=t
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624297343149-986437238242-008051-007-005489%26biddername%3D42%26key%3D&s=190719&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Jun 2021 17:42:24 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 21 Jun 2021 17:42:24 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YNDPf1HxcegOV7-rg0sUoQAAApcAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 160F 70 B
265 B 198ms
64ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YNDPf1HxcegOV7.rg0sUoQAA&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624297343149-986437238242-008051-007-005489%26biddername%3D42%26key%3D&s=190719&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 160F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YNDPf1HxcegOV7.rg0sUoQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOcb6jOuAqyOperoxCHRboM&google_cver=1&gdpr=1&google_hm=2

43 B
1 KB

69ms
68ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOcb6jOuAqyOperoxCHRboM&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624297343149-986437238242-008051-007-005489%26biddername%3D42%26key%3D&s=190719&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Jun 2021 17:42:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 21 Jun 2021 17:42:24 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOcb6jOuAqyOperoxCHRboM&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame 160F 0
0 165ms
62ms Image
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624297343149-986437238242-008051-007-005489%26biddername%3D42%26key%3D&s=190719&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 160F
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1624383743&gdpr=1

43 B
315 B

212ms
97ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1624383743&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624297343149-986437238242-008051-007-005489%26biddername%3D42%26key%3D&s=190719&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Jun 2021 17:42:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 21 Jun 2021 17:42:24 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1624383743&gdpr=1
pragma: no-cache
date: Mon, 21 Jun 2021 17:42:23 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 160F 43 B
146 B 161ms
51ms Image
image/gif 52.58.182.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624297343149-986437238242-008051-007-005489%26biddername%3D42%26key%3D&s=190719&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.182.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 cookiesyncendpoint
sync.aniview.com/ Frame 160F 0
232 B 381ms
121ms Image
text/plain 52.1.101.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1624297343149-986437238242-008051-007-005489&biddername=42&key=YNDPf1HxcegOV7.rg0sUoQAA%26663
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624297343149-986437238242-008051-007-005489%26biddername%3D42%26key%3D&s=190719&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.101.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:24 GMT
content-length: 0

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame A28C
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

119ms
119ms

Document
text/html

35.170.231.210
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1624297343149-986437238242-008051-007-005489%26biddername%3D42%26key%3D&s=190719&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.231.210 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-231-210.compute-1.amazonaws.com
Software: /
Resource Hash: 97dece9256f858dc82ec19573579d076696a8f35a00f8b5a7439fd31db435b73

Request headers

:method: GET
:authority: um2.eqads.com
:scheme: https
:path: /um/cs&eq_cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssum.casalemedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: EQUser=UID=19106942-582b-4720-a560-ee6c0f59caf6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssum.casalemedia.com/

Response headers

date: Mon, 21 Jun 2021 17:42:24 GMT
content-type: text/html; charset=utf-8
content-length: 186
cache-control: no-cache, must-revalidate
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Mon, 21 Jun 2021 17:42:24 GMT
pragma: no-cache

Redirect headers

date: Mon, 21 Jun 2021 17:42:24 GMT
content-type: text/html; charset=utf-8
content-length: 41
location: /um/cs&eq_cc=1
set-cookie: EQUser=UID=19106942-582b-4720-a560-ee6c0f59caf6; Path=/; Domain=eqads.com; Expires=Tue, 21 Sep 2021 17:42:24 GMT; Secure; SameSite=None

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 7994 338 KB
116 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

522fcf7edad25c53f9931e20f4900a7e33e7f5063e1296460d9ea8193f22ca7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118727
x-xss-protection: 0
expires: Mon, 21 Jun 2021 17:42:23 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame FEB4 338 KB
116 KB 43ms
23ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

522fcf7edad25c53f9931e20f4900a7e33e7f5063e1296460d9ea8193f22ca7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118727
x-xss-protection: 0
expires: Mon, 21 Jun 2021 17:42:23 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 80BC 338 KB
116 KB 45ms
26ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

522fcf7edad25c53f9931e20f4900a7e33e7f5063e1296460d9ea8193f22ca7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118727
x-xss-protection: 0
expires: Mon, 21 Jun 2021 17:42:23 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 533A 338 KB
116 KB 49ms
30ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

522fcf7edad25c53f9931e20f4900a7e33e7f5063e1296460d9ea8193f22ca7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118727
x-xss-protection: 0
expires: Mon, 21 Jun 2021 17:42:23 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame C71E 338 KB
116 KB 48ms
29ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

522fcf7edad25c53f9931e20f4900a7e33e7f5063e1296460d9ea8193f22ca7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118727
x-xss-protection: 0
expires: Mon, 21 Jun 2021 17:42:23 GMT

GET
H/1.1 206
Partial Content landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.ts Show response
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1616181445/ 344 KB
344 KB 61ms
60ms XHR
video/mp2t 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1616181445/landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: ddff6b44df9a0ede4727fd4caba1a4dc20c489188a0251081d0407d352e43f10

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=612692-964627

Response headers

Date: Mon, 21 Jun 2021 17:42:23 GMT
Content-Range: bytes 612692-964627/2227988
Connection: keep-alive
Content-Length: 351936
X-Served-By: cache-wdc5555-WDC
Last-Modified: Fri, 19 Mar 2021 19:17:40 GMT
Server: cloudinary
X-Timer: S1616317642.523788,VS0,VE1
ETag: "f8db555ab25e7880e0d996fd710a5ab5"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=23577903
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1616181445/landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.ts
Protocol: HTTP/1.1
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://e.walla.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: text/html
Content-Length: 13
Date: Mon, 21 Jun 2021 17:42:23 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Range

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 0C07 284 B
536 B 221ms
56ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/jpg

GET
H3-29 200 bridge3.467.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6027 576 KB
189 KB 21ms
7ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.467.0_en.html

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80748fb593fae443c019fcdee32ce92262634a0dbbb31f83273491c0ff4990a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.467.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e.walla.co.il/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e.walla.co.il/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193113
date: Fri, 18 Jun 2021 12:00:53 GMT
expires: Sat, 18 Jun 2022 12:00:53 GMT
last-modified: Thu, 17 Jun 2021 15:36:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 279690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 7994 44 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Mon, 21 Jun 2021 17:42:23 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7994 107 B
122 B 24ms
22ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=e.walla.co.il

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 17:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.467.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6EBE 576 KB
189 KB 8ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.467.0_en.html

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80748fb593fae443c019fcdee32ce92262634a0dbbb31f83273491c0ff4990a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.467.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e.walla.co.il/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e.walla.co.il/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193113
date: Fri, 18 Jun 2021 12:00:53 GMT
expires: Sat, 18 Jun 2022 12:00:53 GMT
last-modified: Thu, 17 Jun 2021 15:36:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 279690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame FEB4 44 KB
16 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Mon, 21 Jun 2021 17:42:23 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame FEB4 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=e.walla.co.il

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 17:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.467.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2A34 576 KB
189 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.467.0_en.html

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80748fb593fae443c019fcdee32ce92262634a0dbbb31f83273491c0ff4990a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.467.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e.walla.co.il/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e.walla.co.il/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193113
date: Fri, 18 Jun 2021 12:00:53 GMT
expires: Sat, 18 Jun 2022 12:00:53 GMT
last-modified: Thu, 17 Jun 2021 15:36:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 279690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame C71E 44 KB
16 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Mon, 21 Jun 2021 17:42:23 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame C71E 107 B
122 B 25ms
23ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=e.walla.co.il

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 17:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.467.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1619 576 KB
189 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.467.0_en.html

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80748fb593fae443c019fcdee32ce92262634a0dbbb31f83273491c0ff4990a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.467.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e.walla.co.il/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e.walla.co.il/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193113
date: Fri, 18 Jun 2021 12:00:53 GMT
expires: Sat, 18 Jun 2022 12:00:53 GMT
last-modified: Thu, 17 Jun 2021 15:36:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 279690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 80BC 44 KB
16 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Mon, 21 Jun 2021 17:42:23 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 80BC 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=e.walla.co.il

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 17:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.467.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9308 576 KB
189 KB 6ms
5ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.467.0_en.html

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80748fb593fae443c019fcdee32ce92262634a0dbbb31f83273491c0ff4990a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.467.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e.walla.co.il/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e.walla.co.il/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193113
date: Fri, 18 Jun 2021 12:00:53 GMT
expires: Sat, 18 Jun 2022 12:00:53 GMT
last-modified: Thu, 17 Jun 2021 15:36:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 279690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 533A 44 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Mon, 21 Jun 2021 17:42:23 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 533A 107 B
122 B 16ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=e.walla.co.il

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 17:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 388A 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Jun 2021 18:04:51 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0C52 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Jun 2021 18:04:51 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2D6B 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Jun 2021 18:04:51 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5067 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Jun 2021 18:04:51 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 34EC 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Jun 2021 18:04:51 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 20CC 281 B
554 B 51ms
51ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://e.walla.co.il/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e.walla.co.il/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 21 Jun 2021 17:42:24 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 6027 156 B
236 B 315ms
313ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fe.walla.co.il%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2120235160293648&sdkv=h.3.467.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=245059686&sdk_apis=2%2C8&sid=A15BDAE8-7DA8-49D7-BDF7-B458986C2C7C&url=https%3A%2F%2Fe.walla.co.il%2F&dt=1624297344409&cookie=ID%3Dcf7c28098bfad7da%3AT%3D1624297340%3AS%3DALNI_MYTAt2dFbd-gdkygp9MYidwtgFwXw&scor=2085758516660869&ged=ve4_td0_tt0_pd0_la0_er386.500.541.800_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.467.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 6EBE 1 KB
1 KB 92ms
91ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.0_Desktop_8&description_url=https%3A%2F%2Fe.walla.co.il%2F&cust_params=publisher_name%3De.walla.co.il&env=vp&correlator=2064750184343934&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=300x250%7C400x300%7C640x400%7C640x480&unviewed_position_start=1&max_ad_duration=60000&vid_t=Paint%20Your%20Bathroom%20This%20Color%20to%20Sell%20Your%20Hom%20e%20&vid_d&vid_kw=lawn%2Cvertebrate%2Cwhite%20paper%2Cbathroom%2Cplant%2Cphotograph%2Chairstyle%2Cfacial%20expression%2Ccartoon%2Cbathroom%20sink&sdkv=h.3.467.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=2916440812&sdk_apis=2%2C8&sid=23F7A63E-7FA8-48E3-A0DB-5FCDC8DA347A&eid=44737473&url=https%3A%2F%2Fe.walla.co.il%2F&dt=1624297344423&cookie=ID%3Dcf7c28098bfad7da%3AT%3D1624297340%3AS%3DALNI_MYTAt2dFbd-gdkygp9MYidwtgFwXw&scor=3523937264865029&ged=ve4_td0_tt0_pd0_la0_er386.500.541.800_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.467.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

072cb0fa56bcf6a3784c5c70e602c10edd034ecc9666dd8afea70c5ac432d92b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 722
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 2A34 156 B
185 B 340ms
340ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fe.walla.co.il%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3532034417732237&sdkv=h.3.467.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=3426185662&sdk_apis=2%2C8&sid=405AC7FA-002F-49E1-8433-62A136D2F41D&url=https%3A%2F%2Fe.walla.co.il%2F&dt=1624297344427&cookie=ID%3Dcf7c28098bfad7da%3AT%3D1624297340%3AS%3DALNI_MYTAt2dFbd-gdkygp9MYidwtgFwXw&scor=2405078417076055&ged=ve4_td0_tt0_pd0_la0_er386.500.541.800_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.467.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.ts Show response
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1616181445/ 225 KB
225 KB 55ms
55ms XHR
video/mp2t 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1616181445/landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: 6576095a3f4707a2fed4f1d22c4a8bb5b593f915a08e50cefbece60e739c03ef

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=964628-1194551

Response headers

Date: Mon, 21 Jun 2021 17:42:24 GMT
Content-Range: bytes 964628-1194551/2227988
Connection: keep-alive
Content-Length: 229924
X-Served-By: cache-wdc5555-WDC
Last-Modified: Fri, 19 Mar 2021 19:17:40 GMT
Server: cloudinary
X-Timer: S1616317642.523788,VS0,VE1
ETag: "f8db555ab25e7880e0d996fd710a5ab5"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=23577902
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1616181445/landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.ts
Protocol: HTTP/1.1
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://e.walla.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: text/html
Content-Length: 13
Date: Mon, 21 Jun 2021 17:42:24 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Range

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1619 1 KB
781 B 91ms
91ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.0_Desktop_10&description_url=https%3A%2F%2Fe.walla.co.il%2F&cust_params=publisher_name%3De.walla.co.il&env=vp&correlator=545296790896319&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x400%7C640x480&unviewed_position_start=1&max_ad_duration=35000&vid_t=Paint%20Your%20Bathroom%20This%20Color%20to%20Sell%20Your%20Hom%20e%20&vid_d&vid_kw=lawn%2Cvertebrate%2Cwhite%20paper%2Cbathroom%2Cplant%2Cphotograph%2Chairstyle%2Cfacial%20expression%2Ccartoon%2Cbathroom%20sink&sdkv=h.3.467.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=644742704&sdk_apis=2%2C8&sid=268319B6-1DDC-4E79-9254-F20DDC2E10A3&eid=44740339&url=https%3A%2F%2Fe.walla.co.il%2F&dt=1624297344431&cookie=ID%3Dcf7c28098bfad7da%3AT%3D1624297340%3AS%3DALNI_MYTAt2dFbd-gdkygp9MYidwtgFwXw&scor=302703163021355&ged=ve4_td0_tt0_pd0_la0_er386.500.541.800_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.467.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29521bd99dac81ae5d93207a7cb9838e8aafb2b7f474e260a334aa44e4a7d964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 707
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK crum
dsum-sec.casalemedia.com/ Frame A28C 43 B
1 KB 72ms
71ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=19106942-582b-4720-a560-ee6c0f59caf6&expiration=1632246144
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Jun 2021 17:42:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 21 Jun 2021 17:42:24 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 9308 1 KB
792 B 90ms
89ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.0_Desktop_low&description_url=https%3A%2F%2Fe.walla.co.il%2F&cust_params=publisher_name%3De.walla.co.il&env=vp&correlator=3021892695007602&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x400%7C640x480&unviewed_position_start=1&max_ad_duration=60000&vid_t=Paint%20Your%20Bathroom%20This%20Color%20to%20Sell%20Your%20Hom%20e%20&vid_d&vid_kw=lawn%2Cvertebrate%2Cwhite%20paper%2Cbathroom%2Cplant%2Cphotograph%2Chairstyle%2Cfacial%20expression%2Ccartoon%2Cbathroom%20sink&sdkv=h.3.467.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=1085818858&sdk_apis=2%2C8&sid=F01707A5-DB6A-4AC9-8D9E-C7A27ED0F9FA&eid=44737475&top=https%3A%2F%2Fe.walla.co.il%2F&url=https%3A%2F%2Fe.walla.co.il%2F&dt=1624297344442&cookie=ID%3Dcf7c28098bfad7da%3AT%3D1624297340%3AS%3DALNI_MYTAt2dFbd-gdkygp9MYidwtgFwXw&scor=2831185824871355&ged=ve4_td0_tt0_pd0_la0_er386.500.541.800_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.467.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bd1bf5758f47805d9338366fcba0111e085327984ce858b64ec12dcdff270e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 722
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 20CC 31 KB
9 KB 56ms
55ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 81ac6d16bad082bb0cd7d9c5f4f3a8e9173a53d8851c606283be4e418d3ffbd9

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 17:42:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jun 2021 16:13:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=39772
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9273
Expires: Tue, 22 Jun 2021 04:45:16 GMT

GET
H/1.1 206
Partial Content landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.ts Show response
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1616181445/ 160 KB
161 KB 61ms
60ms XHR
video/mp2t 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1616181445/landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: 869edc81b9fafb0687ed0d410227fc73dcfd7f9a5741d0801738c58cb98d1629

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=1194552-1358863

Response headers

Date: Mon, 21 Jun 2021 17:42:24 GMT
Content-Range: bytes 1194552-1358863/2227988
Connection: keep-alive
Content-Length: 164312
X-Served-By: cache-wdc5555-WDC
Last-Modified: Fri, 19 Mar 2021 19:17:40 GMT
Server: cloudinary
X-Timer: S1616317642.523788,VS0,VE1
ETag: "f8db555ab25e7880e0d996fd710a5ab5"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=23577902
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1616181445/landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.ts
Protocol: HTTP/1.1
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://e.walla.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: text/html
Content-Length: 13
Date: Mon, 21 Jun 2021 17:42:24 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Range

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 6EBE 83 KB
15 KB 309ms
308ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.0_Desktop_8&sz=300x250%7C400x300%7C640x400%7C640x480&cust_params=publisher_name%3De.walla.co.il&url=https%3A%2F%2Fe.walla.co.il%2F&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Fe.walla.co.il%2F&vad_type=linear&vpos=preroll&pod=1&vrid=1181461&max_ad_duration=30000&min_ad_duration=0&sid=23F7A63E-7FA8-48E3-A0DB-5FCDC8DA347A&adk=2916440812&correlator=2064750184343934&dt=1624297344636&ged=ve4_td1_tt1_pd1_la1000_er386.500.724.1100_vi0.0.1200.1600_vp100_ts1_eb24171&is_amp=0&npa=false&osd=2&scor=3523937264865029&sdk_apis=2%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&vis=1&u_so=l&eid=44737473&hl=en&frm=0&sdki=44d&sdkv=h.3.467.0&sdr=1&vid_kw=lawn%2Cvertebrate%2Cwhite%20paper%2Cbathroom%2Cplant%2Cphotograph%2Chairstyle%2Cfacial%20expression%2Ccartoon%2Cbathroom%20sink&vid_t=Paint%20Your%20Bathroom%20This%20Color%20to%20Sell%20Your%20Hom%20e%20&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&kfa=0&tfcd=0&ctv=0&cookie=ID%3Dcf7c28098bfad7da%3AT%3D1624297340%3AS%3DALNI_MYTAt2dFbd-gdkygp9MYidwtgFwXw

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.467.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db6b9993762c8690df6ec10006b746b9c7a761a5a6e19e8c3788e7d2d11f8d6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15156
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 events Show response
prd-collector-anon.ex.co/main/ 0
134 B 120ms
120ms XHR
text/plain 54.145.239.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-anon.ex.co/main/events
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/fee23b5a-054e-4b5d-8f8f-96951508ed72
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.239.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://e.walla.co.il
date: Mon, 21 Jun 2021 17:42:24 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

GET
H2 200 track
atrack.avplayer.com/ 0
70 B 121ms
120ms Image
text/plain 3.88.247.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M20&cb=1624297344644&cid=5d9ae55428a0614104102f51&cou=SE&AV_PAGE_LOAD_UID=8e57d3d5-ea61-428c-acb3-d21e20d02d37&AV_CDIM4=8e57d3d5-ea61-428c-acb3-d21e20d02d37&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=dfp&AV_CDIM5=dfp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.247.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:24 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 206
Partial Content landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.ts Show response
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1616181445/ 264 KB
264 KB 61ms
60ms XHR
video/mp2t 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1616181445/landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: cloudinary /
Resource Hash: 7da5eee8e544224c9b86f7a5149a3c2f95e325f3a68a00d415c290bef24c7d3d

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=1358864-1629019

Response headers

Date: Mon, 21 Jun 2021 17:42:24 GMT
Content-Range: bytes 1358864-1629019/2227988
Connection: keep-alive
Content-Length: 270156
X-Served-By: cache-wdc5555-WDC
Last-Modified: Fri, 19 Mar 2021 19:17:40 GMT
Server: cloudinary
X-Timer: S1616317642.523788,VS0,VE1
ETag: "f8db555ab25e7880e0d996fd710a5ab5"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=23577902
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
X-Cache-Hits: 1

OPTIONS
H/1.1 200
OK landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1616181445/ Frame 0
0 73ms
73ms Preflight
text/html 2.16.186.139
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1616181445/landscape7a2037a5-255c-453c-972f-6d05b3570634_1616181141140.ts
Protocol: HTTP/1.1
Server: 2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range
Origin: https://e.walla.co.il
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Content-Type: text/html
Content-Length: 13
Date: Mon, 21 Jun 2021 17:42:24 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Range

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 370ms
127ms XHR
text/plain 3.88.247.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=e.walla.co.il&rs=e.walla.co.il&sid=62984&t=1624297343&cip=185.236.42.79&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1624297343149-986437238242-008051-007-005489&cha=0.1&stagid=&stplid=&cb=40633586039&cd4=8e57d3d5-ea61-428c-acb3-d21e20d02d37&cd5=dfp&d9=1000&AV_WIDTH=600&AV_HEIGHT=338
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.247.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 21 Jun 2021 17:42:25 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 8345 338 KB
116 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

522fcf7edad25c53f9931e20f4900a7e33e7f5063e1296460d9ea8193f22ca7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118727
x-xss-protection: 0
expires: Mon, 21 Jun 2021 17:42:24 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 3FA8 338 KB
116 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

522fcf7edad25c53f9931e20f4900a7e33e7f5063e1296460d9ea8193f22ca7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118727
x-xss-protection: 0
expires: Mon, 21 Jun 2021 17:42:24 GMT

GET
H3-29 200 bridge3.467.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame E3A4 576 KB
189 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.467.0_en.html

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80748fb593fae443c019fcdee32ce92262634a0dbbb31f83273491c0ff4990a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.467.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e.walla.co.il/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e.walla.co.il/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193113
date: Fri, 18 Jun 2021 12:00:53 GMT
expires: Sat, 18 Jun 2022 12:00:53 GMT
last-modified: Thu, 17 Jun 2021 15:36:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 279691
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 8345 44 KB
16 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Mon, 21 Jun 2021 17:42:24 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8345 107 B
165 B 18ms
18ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=e.walla.co.il

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 17:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FC50 36 KB
13 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Jun 2021 18:04:51 GMT

GET
H3-29 200 bridge3.467.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8E24 576 KB
189 KB 6ms
5ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.467.0_en.html

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80748fb593fae443c019fcdee32ce92262634a0dbbb31f83273491c0ff4990a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.467.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e.walla.co.il/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://e.walla.co.il/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193113
date: Fri, 18 Jun 2021 12:00:53 GMT
expires: Sat, 18 Jun 2022 12:00:53 GMT
last-modified: Thu, 17 Jun 2021 15:36:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 279691
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 3FA8 44 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Mon, 21 Jun 2021 17:42:24 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3FA8 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=e.walla.co.il

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Jun 2021 17:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DA7B 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 21 Jun 2021 18:04:51 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6EBE 0
348 B 838ms
283ms Ping
image/gif 2404:6800:4005:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kq6wp82h&c=5883977733073&slotId=2941988866536.5&qqid=CKOe9pGjqfECFReFgwcdQpYJEA&gqid=gM_QYOaPKYSEjuwPs-CBgAY&fb=ima-html5&sdkv=h.3.467.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=AdChoices&icdi=18x18&vmfc=1&vhc=0&wta=1&hghme=1&ghmsh_eids=44737473&met.4=ghmsh_s.kq6wp8mb~ghmsh_s.kq6wp8mc&ghmsh_mi=22%2C18%2C22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=GpxN8tXE2EAPoE08
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.467.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:811::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gm_help_outline_white_24dp.png
fonts.gstatic.com/s/i/googlematerialicons/help_outline/v6/white-24dp/1x/ Frame 6EBE 412 B
883 B 25ms
5ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/googlematerialicons/help_outline/v6/white-24dp/1x/gm_help_outline_white_24dp.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a628979bbae350718233d3a7bca320732305a1b56187a2d61ef43510de5c4825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 15:06:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 2020 06:06:13 GMT
server: sffe
age: 182185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 412
x-xss-protection: 0
expires: Sun, 19 Jun 2022 15:06:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6EBE 42 B
349 B 18ms
17ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CN69OgM_QYKPeKpeKjuwPwqymgAHvrMSRY472_brxDc-igb3kJBABILmNjihg8a38haQfoAGf4PylAsgBBeACAKgDAZgEAKoEkQJP0DFo-fSTFkMHmE1Sq68nKqTdZS-QXSuukw2K9om8fborfHy90c6JUsH7xCZIwug8mhFUJ8GJSCUxysbHqiWWiWgGi33QslqWJPVh8l9dV6vEZdDxTNVycV-rEwHt8dXM4b_IPKY0pZbq5tKWS-9upGI4eEMUpD1_YxQdEDK0c6Z__bbC3NHXcnDKp68b3IW8viEYccKVW64v3jxlzzSU8shv349tlKNBhUUwHVinGau7JACc6r6Bb8gBD007cE0ihlPHXGD_MpbmEYPrBcUQDmaD_uw-em1tUUFZuUUdi4ZnGOS06fjgGZGumjASb5i3kMbj_Tr6IRXweyfoEVnMVX7kb7RNFPfHOkqK3FunJgfABO3R8JfBA-AEAYgF1tv22jCSBQYIAxABGAGgBlSAB8mfg9oBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTQ2NTAxMTg5MzEwODM4NTSaCStodHRwczovL2luc3RhbnRpbmsuaHBjb25uZWN0ZWQuY29tL3NlL3N2L2wvsQn-X8gfmeTp5IAKA8gLAdALDuALAbgMAbATnMfYC9gTDdgUAdAVAagWAeIWAggBgBcB&sigh=zYQB98dSuGQ&label=show_ad&acvw=&sdkv=h.3.467.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3NzEzMzUwMzI0NjIMNTI1MzUyODA3ODMzQNwCUh0QDyUAAHBBKAE6B3Vua25vd25CB3Vua25vd25QABgB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
pubads.g.doubleclick.net/pagead/ Frame 6EBE 0
0 94ms
93ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CVmBogM_QYKPeKpeKjuwPwqymgAHvrMSRY472_brxDc-igb3kJBABILmNjihg8a38haQfoAGf4PylAsgBBeACAKgDAZgEAKoEjgJP0DFo-fSTFkMHmE1Sq68nKqTdZS-QXSuukw2K9om8fborfHy90c6JUsH7xCZIwug8mhFUJ8GJSCUxysbHqiWWiWgGi33QslqWJPVh8l9dV6vEZdDxTNVycV-rEwHt8dXM4b_IPKY0pZbq5tKWS-9upGI4eEMUpD1_YxQdEDK0c6Z__bbC3NHXcnDKp68b3IW8viEYccKVW64v3jxlzzSU8shv349tlKNBhUUwHVinGau7JACc6r6Bb8gBD007cE0ihlPHXGD_MpbmEYPrBcUQDmaD_uw-em1tUUFZuUUdi4ZnGOS06fjgGZGumjASb5i3kJ7iZ89ps3ViuPZKbopuGO9gUSjJbll-QuQbl0DABO3R8JfBA-AEAZIFBggbEAIYAaAGVIAHyZ-D2gGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG9gHAfIHBRCnw6EEqAgB0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00NjUwMTE4OTMxMDgzODU0gAoDyAsBsBOcx9gLwhMGGJ_g_KUCyBPgtPfcA9gTDdgUAdAVAagWAeIWAggBgBcBshcaChgIABIUcHViLTk3OTA3NjI4MTEwNTc2OTk&sigh=-heHdL4F8-E&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&vt=10&sdkv=h.3.467.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3NzEzMzUwMzI0NjIMNTI1MzUyODA3ODMzQNwCUh0QDyUAAHBBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/PtSJbxYYilM/ Frame 6EBE 9 KB
9 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/PtSJbxYYilM/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dc47730190e2e8912a3374f3e7b5d6039e9e0c05d855b56a8d76817172f851e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 15:50:41 GMT
x-content-type-options: nosniff
server: sffe
age: 6704
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9497
x-xss-protection: 0
expires: Mon, 21 Jun 2021 17:50:41 GMT

GET
DATA 200
OK truncated
/ Frame 6EBE 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 204 csi
csi.gstatic.com/ Frame FEB4 0
54 B 788ms
284ms Ping
image/gif 2404:6800:4005:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kq6wp7qn&c=5883977733073&slotId=2941988866536.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:811::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EBE 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.467.0&e=44737473&id=ima_html5&c=1316915591671748&domain=e.walla.co.il

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

videoplayback
r4---sn-4g5e6nsr.googlevideo.com/
Redirect Chain

https://r4---sn-5goeen7y.googlevideo.com/videoplayback?expire=1624326144&ei=gM_QYJmINoKD1gK3xYeIBw&ip=185.236.42.79&id=3ed4896f16188a53&itag=22&source=youtube&requiressl=yes&mh=Yp&mm=31&mn=sn-5goee...
https://r4---sn-4g5e6nsr.googlevideo.com/videoplayback?expire=1624326144&ei=gM_QYJmINoKD1gK3xYeIBw&ip=185.236.42.79&id=3ed4896f16188a53&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier...

733 KB
733 KB

288ms
273ms

Media
video/mp4

2a00:1450:4001:63::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nsr.googlevideo.com/videoplayback?expire=1624326144&ei=gM_QYJmINoKD1gK3xYeIBw&ip=185.236.42.79&id=3ed4896f16188a53&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.116&lmt=1622667551720452&txp=5311224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAO4Uj6KKI353tsXkWdHrL1zMnzmSGx_xkw1gpke0SvTfAiEAkEvB5Tfhs3ENnApKLXYIIyR_ardeLsgrHg9AoLNcdZQ=&cpn=GpxN8tXE2EAPoE08&redirect_counter=1&rm=sn-5gole7z&req_id=2d0f6db20a6936e2&cms_redirect=yes&ipbypass=yes&mh=Yp&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5e6nsr&ms=au&mt=1624297021&mv=m&mvi=4&pl=49&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAOzAPK1PLgO2npSHZDgMSeSB2uzk84G4dc14t7GpG1evAiAK3h3BzyXbd5rua9Y47Gaw6C3mAjDg-AuHPfXVCqglmg%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:63::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

255e34fdc3fc7c2c696e6e8ee02ac8c79053b2e84802abcdeba5b5aed3143572

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 17:42:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Jun 2021 20:59:11 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-750493/750494
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 750494
Expires: Mon, 21 Jun 2021 17:42:25 GMT

Redirect headers

Date: Mon, 21 Jun 2021 17:42:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/html
Location: https://r4---sn-4g5e6nsr.googlevideo.com/videoplayback?expire=1624326144&ei=gM_QYJmINoKD1gK3xYeIBw&ip=185.236.42.79&id=3ed4896f16188a53&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.116&lmt=1622667551720452&txp=5311224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAO4Uj6KKI353tsXkWdHrL1zMnzmSGx_xkw1gpke0SvTfAiEAkEvB5Tfhs3ENnApKLXYIIyR_ardeLsgrHg9AoLNcdZQ=&cpn=GpxN8tXE2EAPoE08&redirect_counter=1&rm=sn-5gole7z&req_id=2d0f6db20a6936e2&cms_redirect=yes&ipbypass=yes&mh=Yp&mip=2a01:4f8:192:5414::2&mm=31&mn=sn-4g5e6nsr&ms=au&mt=1624297021&mv=m&mvi=4&pl=49&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAOzAPK1PLgO2npSHZDgMSeSB2uzk84G4dc14t7GpG1evAiAK3h3BzyXbd5rua9Y47Gaw6C3mAjDg-AuHPfXVCqglmg%3D%3D
Cache-Control: private, max-age=900
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 0
Expires: Mon, 21 Jun 2021 17:42:25 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E3A4 1 KB
766 B 100ms
100ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.0_Desktop_low&description_url=https%3A%2F%2Fe.walla.co.il%2F&cust_params=publisher_name%3De.walla.co.il&env=vp&correlator=83739862931891&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=300x250%7C400x300%7C640x400%7C640x480&unviewed_position_start=1&max_ad_duration=60000&vid_t=Paint%20Your%20Bathroom%20This%20Color%20to%20Sell%20Your%20Hom%20e%20&vid_d&vid_kw=lawn%2Cvertebrate%2Cwhite%20paper%2Cbathroom%2Cplant%2Cphotograph%2Chairstyle%2Cfacial%20expression%2Ccartoon%2Cbathroom%20sink&sdkv=h.3.467.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=1454290265&sdk_apis=2%2C8&sid=6F98627A-EB35-44A6-B750-F31F7FBD5D81&eid=44733246%2C44737475&top=https%3A%2F%2Fe.walla.co.il%2F&url=https%3A%2F%2Fe.walla.co.il%2F&dt=1624297345072&cookie_enabled=1&scor=2345749939122205&ged=ve4_td0_tt0_pd0_la0_er386.500.541.800_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.467.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

613cdd08839b1b4b7f62b98b982b2b62e72a8f682bfa08f8cece7d00c80c8786

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8E24 1 KB
752 B 94ms
94ms XHR
text/xml 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2Fca-video-pub-9790762811057699-tag%2FMCD_2.O_ADM_Desktop_walla.co.il_5&sz=400x300%7C640x400%7C640x480&description_url=https%3A%2F%2Fe.walla.co.il%2F&cust_params=publisher_name%3De.walla.co.il&env=vp&correlator=2938001219490505&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&max_ad_duration=35000&vid_t=Paint%20Your%20Bathroom%20This%20Color%20to%20Sell%20Your%20Hom%20e%20&vid_d&vid_kw=lawn%2Cvertebrate%2Cwhite%20paper%2Cbathroom%2Cplant%2Cphotograph%2Chairstyle%2Cfacial%20expression%2Ccartoon%2Cbathroom%20sink&sdkv=h.3.467.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=282856434&sdk_apis=2%2C8&sid=0AB3379E-83F4-41EC-BBD1-153A460FA0B0&url=https%3A%2F%2Fe.walla.co.il%2F&dt=1624297345125&cookie_enabled=1&scor=3610624974608234&ged=ve4_td0_tt0_pd0_la0_er386.500.541.800_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.467.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d91199490bfc8a278b795d73af93ad5148d6a40cdbae7515d6e0c95020fc2887

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 724
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6EBE 0
54 B 451ms
283ms Ping
image/gif 2404:6800:4005:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kq6wp8mg&c=5883977733073&slotId=2941988866536.5&qqid=CKOe9pGjqfECFReFgwcdQpYJEA&gqid=gM_QYOaPKYSEjuwPs-CBgAY&fb=ima-html5&sdkv=h.3.467.0&mrd=4&aab=1&itv=1&met.4=ghmsh_s.kq6wp8mh~vss_tr.vz
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.467.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:811::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6EBE 42 B
64 B 17ms
16ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CN69OgM_QYKPeKpeKjuwPwqymgAHvrMSRY472_brxDc-igb3kJBABILmNjihg8a38haQfoAGf4PylAsgBBeACAKgDAZgEAKoEkQJP0DFo-fSTFkMHmE1Sq68nKqTdZS-QXSuukw2K9om8fborfHy90c6JUsH7xCZIwug8mhFUJ8GJSCUxysbHqiWWiWgGi33QslqWJPVh8l9dV6vEZdDxTNVycV-rEwHt8dXM4b_IPKY0pZbq5tKWS-9upGI4eEMUpD1_YxQdEDK0c6Z__bbC3NHXcnDKp68b3IW8viEYccKVW64v3jxlzzSU8shv349tlKNBhUUwHVinGau7JACc6r6Bb8gBD007cE0ihlPHXGD_MpbmEYPrBcUQDmaD_uw-em1tUUFZuUUdi4ZnGOS06fjgGZGumjASb5i3kMbj_Tr6IRXweyfoEVnMVX7kb7RNFPfHOkqK3FunJgfABO3R8JfBA-AEAYgF1tv22jCSBQYIAxABGAGgBlSAB8mfg9oBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTQ2NTAxMTg5MzEwODM4NTSaCStodHRwczovL2luc3RhbnRpbmsuaHBjb25uZWN0ZWQuY29tL3NlL3N2L2wvsQn-X8gfmeTp5IAKA8gLAdALDuALAbgMAbATnMfYC9gTDdgUAdAVAagWAeIWAggBgBcB&sigh=zYQB98dSuGQ&label=video_ad_loaded&acvw=&sdkv=h.3.467.0&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3NzEzMzUwMzI0NjIMNTI1MzUyODA3ODMzQNwCUh0QDyUAAKBBKAE6B3Vua25vd25CB3Vua25vd25QABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame 6EBE 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.467.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 04:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221672
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15406
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 04:07:53 GMT

GET
H3-29 200 adview
pubads.g.doubleclick.net/pagead/ Frame 6EBE 0
0 92ms
92ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CVmBogM_QYKPeKpeKjuwPwqymgAHvrMSRY472_brxDc-igb3kJBABILmNjihg8a38haQfoAGf4PylAsgBBeACAKgDAZgEAKoEjgJP0DFo-fSTFkMHmE1Sq68nKqTdZS-QXSuukw2K9om8fborfHy90c6JUsH7xCZIwug8mhFUJ8GJSCUxysbHqiWWiWgGi33QslqWJPVh8l9dV6vEZdDxTNVycV-rEwHt8dXM4b_IPKY0pZbq5tKWS-9upGI4eEMUpD1_YxQdEDK0c6Z__bbC3NHXcnDKp68b3IW8viEYccKVW64v3jxlzzSU8shv349tlKNBhUUwHVinGau7JACc6r6Bb8gBD007cE0ihlPHXGD_MpbmEYPrBcUQDmaD_uw-em1tUUFZuUUdi4ZnGOS06fjgGZGumjASb5i3kJ7iZ89ps3ViuPZKbopuGO9gUSjJbll-QuQbl0DABO3R8JfBA-AEAZIFBggbEAIYAaAGVIAHyZ-D2gGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgHnNwbqAfulrECqAemvhuoB-zVG9gHAfIHBRCnw6EEqAgB0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00NjUwMTE4OTMxMDgzODU0gAoDyAsBsBOcx9gLwhMGGJ_g_KUCyBPgtPfcA9gTDdgUAdAVAagWAeIWAggBgBcBshcaChgIABIUcHViLTk3OTA3NjI4MTEwNTc2OTk&sigh=-heHdL4F8-E&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&sdkv=h.3.467.0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 B25876171.305140555;dc_trk_aid=497908756;dc_trk_cid=151927306;dc_dbm_token=AD1EzRQAAAA6CjMKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI1tv22jCoApjC_foBsAKg8NIJQDsQ0dD2AtmtrP4EKmNAXcbWvb9Jufo=;ord=38195...
ad.doubleclick.net/ddm/trackimp/N5851.2093103DBM/ Frame 6EBE 42 B
554 B 200ms
76ms Image
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N5851.2093103DBM/B25876171.305140555;dc_trk_aid=497908756;dc_trk_cid=151927306;dc_dbm_token=AD1EzRQAAAA6CjMKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI1tv22jCoApjC_foBsAKg8NIJQDsQ0dD2AtmtrP4EKmNAXcbWvb9Jufo=;ord=3819509168;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_exteid=8815595657866919314;dc_av=536;dc_sk=1;dc_ctype=84;dc_ref=;dc_pubid=3;dc_btype=23?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6EBE 42 B
64 B 19ms
17ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGoxTgM_QYKPeKpeKjuwPwqymgAHvrMSRY472_brxDc-igb3kJBABILmNjihg8a38haQfoAGf4PylAsgBBeACAKgDAZgEAKoEjgJP0DFo-fSTFkMHmE1Sq68nKqTdZS-QXSuukw2K9om8fborfHy90c6JUsH7xCZIwug8mhFUJ8GJSCUxysbHqiWWiWgGi33QslqWJPVh8l9dV6vEZdDxTNVycV-rEwHt8dXM4b_IPKY0pZbq5tKWS-9upGI4eEMUpD1_YxQdEDK0c6Z__bbC3NHXcnDKp68b3IW8viEYccKVW64v3jxlzzSU8shv349tlKNBhUUwHVinGau7JACc6r6Bb8gBD007cE0ihlPHXGD_MpbmEYPrBcUQDmaD_uw-em1tUUFZuUUdi4ZnGOS06fjgGZGumjASb5i3kJ7iZ89ps3ViuPZKbopuGO9gUSjJbll-QuQbl0DABO3R8JfBA-AEAYgF1tv22jCgBlSAB8mfg9oBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTQ2NTAxMTg5MzEwODM4NTSACgPICwGwE5zH2AvYEw3YFAHQFQGoFgHiFgIIAYAXAQ&sigh=AzEpZWcTOwY&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D898%26cb%3Dj%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D386,500,724,1100%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15046%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D783%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D657692483%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1624297345522%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.1%26t%3D1624297345062&sdkv=h.3.467.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3NzEzMzUwMzI0NjIMNTI1MzUyODA3ODMzQNwCUiAQDyUAAKBBKAE6B3Vua25vd25CB3Vua25vd25I-ANQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6EBE 42 B
64 B 43ms
42ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssy3RI6XtHleaOFVurJD696q7Zp68C_hNXXTJlrOmreY2dLoi-55h4gq6afIbTzuM_HtAEPvNt-gOwjZunywVvIYnS5dlCbtl_4ROOMYG5jXUVOazqDnEwRE9_Ib8zypP5xZNZmGVYImvQ3wL9vcwq3&sai=AMfl-YRU94kMfc8nfHLhW5G_VhkjS7raOJ2uIMVb2XNBpWGiRa1XKNICCDDgMu6Meo9161JdvramT28cmwnuia744fbFB628wLTCgIN4WIOPtxBEUJf2Pk2629o_2ndqb2fO&sig=Cg0ArKJSzJrmvyvB5C9REAE&id=lidarv&acvw=sv%3D898%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D386,500,724,1100%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15046%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D783%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D657692483%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1624297345525%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.1%26t%3D1624297345062&avm=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview_ext
pagead2.googlesyndication.com/ Frame 6EBE 42 B
64 B 16ms
14ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&avm=1&dc_pubid=3&dc_exteid=8815595657866919314&acvw=sv%3D898%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D386,500,724,1100%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15046%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D783%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D657692483%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1624297345525%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.1%26t%3D1624297345062?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=8815595657866919314;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D898%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D386,500,724,1100%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,...
ade.googlesyndication.com/ddm/activity_ext/ Frame 6EBE 42 B
207 B 93ms
90ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=8815595657866919314;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D898%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D386,500,724,1100%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15046%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D783%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D657692483%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1624297345525%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.1%26t%3D1624297345062?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6EBE 42 B
64 B 19ms
17ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGoxTgM_QYKPeKpeKjuwPwqymgAHvrMSRY472_brxDc-igb3kJBABILmNjihg8a38haQfoAGf4PylAsgBBeACAKgDAZgEAKoEjgJP0DFo-fSTFkMHmE1Sq68nKqTdZS-QXSuukw2K9om8fborfHy90c6JUsH7xCZIwug8mhFUJ8GJSCUxysbHqiWWiWgGi33QslqWJPVh8l9dV6vEZdDxTNVycV-rEwHt8dXM4b_IPKY0pZbq5tKWS-9upGI4eEMUpD1_YxQdEDK0c6Z__bbC3NHXcnDKp68b3IW8viEYccKVW64v3jxlzzSU8shv349tlKNBhUUwHVinGau7JACc6r6Bb8gBD007cE0ihlPHXGD_MpbmEYPrBcUQDmaD_uw-em1tUUFZuUUdi4ZnGOS06fjgGZGumjASb5i3kJ7iZ89ps3ViuPZKbopuGO9gUSjJbll-QuQbl0DABO3R8JfBA-AEAYgF1tv22jCgBlSAB8mfg9oBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTQ2NTAxMTg5MzEwODM4NTSACgPICwGwE5zH2AvYEw3YFAHQFQGoFgHiFgIIAYAXAQ&sigh=AzEpZWcTOwY&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D898%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D386,500,724,1100%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15046%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D783%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D657692483%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1624297345528%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.1%26t%3D1624297345062&sdkv=h.3.467.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3NzEzMzUwMzI0NjIMNTI1MzUyODA3ODMzQNwCUiAQDyUAAKBBKAE6B3Vua25vd25CB3Vua25vd25I-ANQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=8815595657866919314;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D898%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D386,500,724,1100%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0...
ade.googlesyndication.com/ddm/activity_ext/ Frame 6EBE 42 B
107 B 93ms
91ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=8815595657866919314;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D898%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D386,500,724,1100%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15046%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D783%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D657692483%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1624297345528%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.1%26t%3D1624297345062?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EBE 0
20 B 40ms
38ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.467.0&e=44737473&id=ima_html5&c=1316915591671748&domain=e.walla.co.il

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6EBE 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGoxTgM_QYKPeKpeKjuwPwqymgAHvrMSRY472_brxDc-igb3kJBABILmNjihg8a38haQfoAGf4PylAsgBBeACAKgDAZgEAKoEjgJP0DFo-fSTFkMHmE1Sq68nKqTdZS-QXSuukw2K9om8fborfHy90c6JUsH7xCZIwug8mhFUJ8GJSCUxysbHqiWWiWgGi33QslqWJPVh8l9dV6vEZdDxTNVycV-rEwHt8dXM4b_IPKY0pZbq5tKWS-9upGI4eEMUpD1_YxQdEDK0c6Z__bbC3NHXcnDKp68b3IW8viEYccKVW64v3jxlzzSU8shv349tlKNBhUUwHVinGau7JACc6r6Bb8gBD007cE0ihlPHXGD_MpbmEYPrBcUQDmaD_uw-em1tUUFZuUUdi4ZnGOS06fjgGZGumjASb5i3kJ7iZ89ps3ViuPZKbopuGO9gUSjJbll-QuQbl0DABO3R8JfBA-AEAYgF1tv22jCgBlSAB8mfg9oBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTQ2NTAxMTg5MzEwODM4NTSACgPICwGwE5zH2AvYEw3YFAHQFQGoFgHiFgIIAYAXAQ&sigh=AzEpZWcTOwY&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&label=admute&ad_mt=0&acvw=sv%3D898%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D386,500,724,1100%26tos%3D23,0,0,0,0%26mtos%3D23,23,23,23,23%26amtos%3D0,0,0,0,0%26mcvt%3D23%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D23%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D23%26pst%3D-1%26dur%3D15046%26vmtime%3D-1%26dvs%3D23%26dfvs%3D23%26dvpt%3D23%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D783%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D657692483%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1624297345538%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,23,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.1%26t%3D1624297345062&sdkv=h.3.467.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3NzEzMzUwMzI0NjIMNTI1MzUyODA3ODMzQNwCUiAQDyUAAKBBKAE6B3Vua25vd25CB3Vua25vd25I-ANQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=8815595657866919314;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D898%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D386,500,724,1100%26tos%3D23,0,0,0,0%26mtos%3D23,23,23,23,23%26amtos%3D...
ade.googlesyndication.com/ddm/activity_ext/ Frame 6EBE 42 B
107 B 93ms
92ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=8815595657866919314;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D898%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D386,500,724,1100%26tos%3D23,0,0,0,0%26mtos%3D23,23,23,23,23%26amtos%3D0,0,0,0,0%26mcvt%3D23%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D23%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D23%26pst%3D-1%26dur%3D15046%26vmtime%3D-1%26dvs%3D23%26dfvs%3D23%26dvpt%3D23%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D783%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D657692483%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D1624297345538%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,23,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.1%26t%3D1624297345062?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 events Show response
prd-collector-anon.ex.co/main/ 0
134 B 119ms
119ms XHR
text/plain 54.145.239.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-anon.ex.co/main/events
Requested by: Host: player.ex.co
URL: https://player.ex.co/player/fee23b5a-054e-4b5d-8f8f-96951508ed72
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.239.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://e.walla.co.il
date: Mon, 21 Jun 2021 17:42:25 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

GET
H2 200 track
track1.aniview.com/ 0
70 B 122ms
121ms Image
text/plain 3.88.247.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=e.walla.co.il&rs=e.walla.co.il&sid=62984&t=1624297343&cip=185.236.42.79&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1624297343149-986437238242-008051-007-005489&cha=0.1&stagid=&stplid=&cb=40633586039&cd4=8e57d3d5-ea61-428c-acb3-d21e20d02d37&cd5=dfp&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&asid=5c3df23d073ef4356f2c642c&pid=56ea678d181f46c76f8b45fb&cid=5d9ae55428a0614104102f51&h=defd60ce376e1768fd716aeb90ebeafd5f2a5989&d9=1000&ad=20&vi=100&ofpr=3.32155&imid=ae93802669ef18672c00278eb8bba031_1723112141_4092839&e=impression&cb=1624297343378&ad=20&vi=100&d1=vpaid&fv=1&cb=1624297343385
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.247.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:25 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 123ms
121ms Image
text/plain 3.88.247.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=e.walla.co.il&rs=e.walla.co.il&sid=62984&t=1624297343&cip=185.236.42.79&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1624297343149-986437238242-008051-007-005489&cha=0.1&stagid=&stplid=&cb=40633586039&cd4=8e57d3d5-ea61-428c-acb3-d21e20d02d37&cd5=dfp&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&asid=5c3df23d073ef4356f2c642c&pid=56ea678d181f46c76f8b45fb&cid=5d9ae55428a0614104102f51&h=defd60ce376e1768fd716aeb90ebeafd5f2a5989&d9=1000&ad=[AV_ADDURATION]&vi=[AV_VIEWABILITY]&ofpr=3.32155&imid=ae93802669ef18672c00278eb8bba031_1723112141_4092839&e=start&d1=vpaid&fv=1&cb=1624297343385
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.247.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:25 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
DATA 200
OK truncated
/ 496 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9406825a4537c1e4b26e7fff65eb1aca58f5e779c96f7c84f60885d66a044790

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame 9225 23 KB
9 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/hhrtBw21.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imasdk.googleapis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8727
date: Sun, 20 Jun 2021 08:29:57 GMT
expires: Mon, 20 Jun 2022 08:29:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 119548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9225 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450cd8f0848a395dd1c0e329fe4f5444e58cfd576162312a30d74a095d7135f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 15:29:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5759
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jun 2022 15:29:23 GMT

GET
H2 204 playback
s.youtube.com/api/stats/ Frame 3572 0
0 43ms
15ms Image
text/html 2a00:1450:400c:c07::65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.youtube.com/api/stats/playback?ns=yt&fexp=44737473&el=adunit&cpn=GpxN8tXE2EAPoE08&docid=PtSJbxYYilM&ver=2&cmt=0.199&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fe.walla.co.il%2F&len=15.047&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=13&rtn=10
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::65 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9225 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.467.0&bgai=BUQGrgM_QYKPeKpeKjuwPwqymgAEAAAAAOAG6BRMI5s_0kaOp8QIVBIKDBx0zcABg&bg=!dXaldjLNAAZktE7iZLQ7ACkAdvg8Wh9S_pKePodYaOgMdiJgER18OLetfJwgt8hrnr5qnbp6nRCPxAIAAACAUgAAAA1oAQcKAOrekd_1tsOaVJ-5qPzz1BrfYzNgylLOQ_sA0Uyb2N42jdXzy-mEQrzTJ9UIH3rGBbcb9DHxoi6nzXJJpgSkRciTCjgVq-e-O2ARnL-y3uvUkVNftdciL89gR2G57586Z46-Dg4izqTIGtDHL-yyQApjwK_4K08LFaUq0WZWV-3N-WSHJ-1P9FPSq9VdAXSmjnxU5bOHNAIWhKeFiQLG6DY9ms26qH0jbgGNHRWFbiIuS_H7wfkahztcBoBWWrfTDoKAlNOpgZvzOxFwjTmDi2rPBf2J-teED5lzg2qnJpkXwYl9WCWEq5SpT2iZAjYAsdOdxTva7h77OUnvG7lXgJR9_KYwRUyd6hUC97swDhy4nuPPqctxFRD29jSd5b4BiUBf26eUumP1NFUo128S60d08VdTba0nabH99jnzKTLDNN3Qzu0wlb03FsyawFZZiXCjP2YCGxMYH9IeGKznkOfQFSaV4WxXw59T2OQxe3cVYULJapZ20ANosFnfG4A4NhTE_Nmm6p7fBpw0JYGjCvdhkzoE8yeocjoDw6EEbPwlTT7S70u9Kw4ZVUtmh0Ep_ebh5hpvk6ch1nd-wNxM2eP2-Cg83mq0NYsyXj51nlETUpf6UzoxiobJIPv_T0JiYfduy2C1BCBCr3BVz-_O9K7Pv23wKf7p6zv552RWZ-3ZFVTm0Pbx0j-r9aqf-d2u5_PDyqrL8U3UrpQdxUCX5W5_L3JB8N2bm1w0-mhEbLbGKdzktIW5xdz-2gJEvGfwfA-CWm0X7rMybt6rgUNjSDW6_9cU19bUctuBzcf-weHLW0UYzTcTP6Vif9n-zxvX1KcQNbEY_0Fu8hLju2dBPFO5Uh16eH-VaCjOvm8yVmr4ym9fqErdTZ-PsvSy6_PWCO8Z8GKaAcS_xK7eX_xtG2w5M8-BCysNv-8X6LKIHSw3M_4FQeEnAOcAPa8p5wKFiwgkuNjjzVs0JNsKQEJ4yUtI5a0dc3EAbmMi6wgeY4K4zimar1M-FOPwDD0ehySljAj6HeLt4Bj33D2L_G3Uiocqyd35_ijcrEC0u_wDWS0aP245mQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6EBE 42 B
108 B 47ms
47ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssy3RI6XtHleaOFVurJD696q7Zp68C_hNXXTJlrOmreY2dLoi-55h4gq6afIbTzuM_HtAEPvNt-gOwjZunywVvIYnS5dlCbtl_4ROOMYG5jXUVOazqDnEwRE9_Ib8zypP5xZNZmGVYImvQ3wL9vcwq3&sai=AMfl-YRU94kMfc8nfHLhW5G_VhkjS7raOJ2uIMVb2XNBpWGiRa1XKNICCDDgMu6Meo9161JdvramT28cmwnuia744fbFB628wLTCgIN4WIOPtxBEUJf2Pk2629o_2ndqb2fO&sig=Cg0ArKJSzJrmvyvB5C9REAE&id=lidarv&acvw=sv%3D898%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D386,500,724,1100%26tos%3D2032,0,0,0,0%26mtos%3D2032,2032,2032,2032,2032%26amtos%3D0,0,0,0,0%26mcvt%3D2032%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2032%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D428%26pst%3D426%26dur%3D15046%26vmtime%3D1948%26dtos%3D2032%26dtoss%3D1%26dvs%3D2009%26dfvs%3D2009%26dvpt%3D2009%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D783%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D13,0,0,0,0%26avms%3Dexc%26qi%3D657692483%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D1624297347547%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2032,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.1%26t%3D1624297345062

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview_ext
pagead2.googlesyndication.com/ Frame 6EBE 42 B
289 B 15ms
14ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&dc_pubid=3&dc_exteid=8815595657866919314&acvw=sv%3D898%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D386,500,724,1100%26tos%3D2032,0,0,0,0%26mtos%3D2032,2032,2032,2032,2032%26amtos%3D0,0,0,0,0%26mcvt%3D2032%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2032%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D428%26pst%3D426%26dur%3D15046%26vmtime%3D1948%26dtos%3D2032%26dtoss%3D1%26dvs%3D2009%26dfvs%3D2009%26dvpt%3D2009%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D783%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D13,0,0,0,0%26avms%3Dexc%26qi%3D657692483%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D1624297347547%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2032,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.1%26t%3D1624297345062?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=8815595657866919314;met=1;ecn1=1;etm1=0;eid1=200000;acvw=sv%3D898%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D386,500,724,1100%26tos%3D2032,0,0,0,0%26mtos%3D2032,2032,2032,2032,...
ade.googlesyndication.com/ddm/activity_ext/ Frame 6EBE 42 B
107 B 92ms
91ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=8815595657866919314;met=1;ecn1=1;etm1=0;eid1=200000;acvw=sv%3D898%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D386,500,724,1100%26tos%3D2032,0,0,0,0%26mtos%3D2032,2032,2032,2032,2032%26amtos%3D0,0,0,0,0%26mcvt%3D2032%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2032%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D428%26pst%3D426%26dur%3D15046%26vmtime%3D1948%26dtos%3D2032%26dtoss%3D1%26dvs%3D2009%26dfvs%3D2009%26dvpt%3D2009%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D783%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D13,0,0,0,0%26avms%3Dexc%26qi%3D657692483%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26ptlt%3D1624297347547%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,2032,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.1%26t%3D1624297345062?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 122ms
121ms Image
text/plain 3.88.247.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=e.walla.co.il&rs=e.walla.co.il&sid=62984&t=1624297343&cip=185.236.42.79&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1624297343149-986437238242-008051-007-005489&cha=0.1&stagid=&stplid=&cb=40633586039&cd4=8e57d3d5-ea61-428c-acb3-d21e20d02d37&cd5=dfp&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&asid=5c3df23d073ef4356f2c642c&pid=56ea678d181f46c76f8b45fb&cid=5d9ae55428a0614104102f51&h=defd60ce376e1768fd716aeb90ebeafd5f2a5989&d9=1000&ad=20&vi=100&ofpr=3.32155&imid=ae93802669ef18672c00278eb8bba031_1723112141_4092839&e=adViImpression&vit=2&vi=100&d1=vpaid&fv=1&cb=1624297343385
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.247.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:27 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 122ms
121ms Image
text/plain 3.88.247.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=e.walla.co.il&rs=e.walla.co.il&sid=62984&t=1624297343&cip=185.236.42.79&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1624297343149-986437238242-008051-007-005489&cha=0.1&stagid=&stplid=&cb=40633586039&cd4=8e57d3d5-ea61-428c-acb3-d21e20d02d37&cd5=dfp&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&asid=5c3df23d073ef4356f2c642c&pid=56ea678d181f46c76f8b45fb&cid=5d9ae55428a0614104102f51&h=defd60ce376e1768fd716aeb90ebeafd5f2a5989&d9=1000&ad=20&vi=100&ofpr=3.32155&imid=ae93802669ef18672c00278eb8bba031_1723112141_4092839&e=sec3&vi=100&d1=vpaid&fv=1&cb=1624297343385
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.247.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:28 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6EBE 42 B
210 B 17ms
16ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGoxTgM_QYKPeKpeKjuwPwqymgAHvrMSRY472_brxDc-igb3kJBABILmNjihg8a38haQfoAGf4PylAsgBBeACAKgDAZgEAKoEjgJP0DFo-fSTFkMHmE1Sq68nKqTdZS-QXSuukw2K9om8fborfHy90c6JUsH7xCZIwug8mhFUJ8GJSCUxysbHqiWWiWgGi33QslqWJPVh8l9dV6vEZdDxTNVycV-rEwHt8dXM4b_IPKY0pZbq5tKWS-9upGI4eEMUpD1_YxQdEDK0c6Z__bbC3NHXcnDKp68b3IW8viEYccKVW64v3jxlzzSU8shv349tlKNBhUUwHVinGau7JACc6r6Bb8gBD007cE0ihlPHXGD_MpbmEYPrBcUQDmaD_uw-em1tUUFZuUUdi4ZnGOS06fjgGZGumjASb5i3kJ7iZ89ps3ViuPZKbopuGO9gUSjJbll-QuQbl0DABO3R8JfBA-AEAYgF1tv22jCgBlSAB8mfg9oBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTQ2NTAxMTg5MzEwODM4NTSACgPICwGwE5zH2AvYEw3YFAHQFQGoFgHiFgIIAYAXAQ&sigh=AzEpZWcTOwY&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&label=videoplaytime25&ad_mt=3949&acvw=sv%3D898%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D386,500,724,1100%26tos%3D3995,0,0,0,0%26mtos%3D3995,3995,3995,3995,3995%26amtos%3D0,0,0,0,0%26mcvt%3D3995%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3995%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D831%26pst%3D426%26dur%3D15046%26vmtime%3D3948%26dtos%3D1963%26dtoss%3D2%26dvs%3D1963%26dfvs%3D1963%26dvpt%3D1963%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3995,3995,3995,3995,3995%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D783%26femvt%3D0%26emc%3D23%26emuc%3D0%26emb%3D23,0,0,0,0%26avms%3Dexc%26qi%3D657692483%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D-2147483633%26psa%3D0%26ptlt%3D1624297349510%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,3995,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.1%26t%3D1624297345062&sdkv=h.3.467.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3NzEzMzUwMzI0NjIMNTI1MzUyODA3ODMzQNwCUiAQDyUAAKBBKAE6B3Vua25vd25CB3Vua25vd25I-ANQABgB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_pubid=3;dc_exteid=8815595657866919314;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D898%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D386,500,724,1100%26tos%3D3995,0,0,0,0%26mtos%3D3995,3995,3995,3995,...
ade.googlesyndication.com/ddm/activity_ext/ Frame 6EBE 42 B
64 B 93ms
93ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=8815595657866919314;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D898%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D386,500,724,1100%26tos%3D3995,0,0,0,0%26mtos%3D3995,3995,3995,3995,3995%26amtos%3D0,0,0,0,0%26mcvt%3D3995%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3995%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D831%26pst%3D426%26dur%3D15046%26vmtime%3D3948%26dtos%3D1963%26dtoss%3D2%26dvs%3D1963%26dfvs%3D1963%26dvpt%3D1963%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3995,3995,3995,3995,3995%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D783%26femvt%3D0%26emc%3D23%26emuc%3D0%26emb%3D23,0,0,0,0%26avms%3Dexc%26qi%3D657692483%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D-2147483633%26psa%3D0%26ptlt%3D1624297349510%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,3995,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.1%26t%3D1624297345062?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 121ms
120ms Image
text/plain 3.88.247.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=e.walla.co.il&rs=e.walla.co.il&sid=62984&t=1624297343&cip=185.236.42.79&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1624297343149-986437238242-008051-007-005489&cha=0.1&stagid=&stplid=&cb=40633586039&cd4=8e57d3d5-ea61-428c-acb3-d21e20d02d37&cd5=dfp&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&asid=5c3df23d073ef4356f2c642c&pid=56ea678d181f46c76f8b45fb&cid=5d9ae55428a0614104102f51&h=defd60ce376e1768fd716aeb90ebeafd5f2a5989&d9=1000&ad=20&vi=100&ofpr=3.32155&imid=ae93802669ef18672c00278eb8bba031_1723112141_4092839&e=firstQuartile&ad=20&vi=100&d1=vpaid&fv=1&cb=1624297343385
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.247.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:29 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 122ms
122ms XHR
text/plain 3.88.247.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=SE&cos=Windows&r=e.walla.co.il&rs=e.walla.co.il&sid=62984&t=1624297343&cip=185.236.42.79&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&test=&aafaid=&proto=https&uid=1624297343149-986437238242-008051-007-005489&cha=0.1&stagid=&stplid=&cb=40633586039&cd4=8e57d3d5-ea61-428c-acb3-d21e20d02d37&cd5=dfp&d9=1000&AV_WIDTH=600&AV_HEIGHT=338
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=56ea678d181f46c76f8b45fb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.247.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 21 Jun 2021 17:42:29 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6EBE 42 B
66 B 19ms
18ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGoxTgM_QYKPeKpeKjuwPwqymgAHvrMSRY472_brxDc-igb3kJBABILmNjihg8a38haQfoAGf4PylAsgBBeACAKgDAZgEAKoEjgJP0DFo-fSTFkMHmE1Sq68nKqTdZS-QXSuukw2K9om8fborfHy90c6JUsH7xCZIwug8mhFUJ8GJSCUxysbHqiWWiWgGi33QslqWJPVh8l9dV6vEZdDxTNVycV-rEwHt8dXM4b_IPKY0pZbq5tKWS-9upGI4eEMUpD1_YxQdEDK0c6Z__bbC3NHXcnDKp68b3IW8viEYccKVW64v3jxlzzSU8shv349tlKNBhUUwHVinGau7JACc6r6Bb8gBD007cE0ihlPHXGD_MpbmEYPrBcUQDmaD_uw-em1tUUFZuUUdi4ZnGOS06fjgGZGumjASb5i3kJ7iZ89ps3ViuPZKbopuGO9gUSjJbll-QuQbl0DABO3R8JfBA-AEAYgF1tv22jCgBlSAB8mfg9oBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTQ2NTAxMTg5MzEwODM4NTSACgPICwGwE5zH2AvYEw3YFAHQFQGoFgHiFgIIAYAXAQ&sigh=AzEpZWcTOwY&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&label=video_skip_shown&ad_mt=5199&acvw=sv%3D898%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D386,500,724,1100%26p0%3D386,500,724,1100%26p1%3D386,500,724,1100%26tos%3D5244,0,0,0,0%26mtos%3D5244,5244,5244,5244,5244%26amtos%3D0,0,0,0,0%26mtos1%3D3995,0,0%26mcvt%3D5244%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5244%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1232%26pst%3D426%26dur%3D15046%26vmtime%3D5198%26is%3D275%26i0%3D275%26i1%3D275%26cs%3D16781587%26c%3D1%26c0%3D1%26c1%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1249,1249,1249,1249,1249%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D783%26femvt%3D0%26emc%3D29%26emuc%3D0%26emb%3D29,0,0,0,0%26avms%3Dexc%26qi%3D657692483%26psm%3D-2147483585%26psv%3D-2147483585%26psfv%3D-2147483585%26psa%3D0%26ptlt%3D1624297350760%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,5244,0%26ss0%3D0.1%26ss1%3D0.1&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.1%26t%3D1624297345062&sdkv=h.3.467.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3NzEzMzUwMzI0NjIMNTI1MzUyODA3ODMzQNwCUiAQDyUAAKBBKAE6B3Vua25vd25CB3Vua25vd25I-ANQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
atrack.avplayer.com/ 0
70 B 120ms
120ms Image
text/plain 3.88.247.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atrack.avplayer.com/track?pid=56ea678d181f46c76f8b45fb&AV_PUBLISHERID=56ea678d181f46c76f8b45fb&e=AV_M18&cb=1624297352545&cid=5d9ae55428a0614104102f51&cou=SE&AV_PAGE_LOAD_UID=8e57d3d5-ea61-428c-acb3-d21e20d02d37&AV_CDIM4=8e57d3d5-ea61-428c-acb3-d21e20d02d37&AV_DEVICETYPE=desktop&INTEGRATION_TYPE=dfp&AV_CDIM5=dfp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.247.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 17:42:32 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 6EBE 42 B
210 B 17ms
17ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGoxTgM_QYKPeKpeKjuwPwqymgAHvrMSRY472_brxDc-igb3kJBABILmNjihg8a38haQfoAGf4PylAsgBBeACAKgDAZgEAKoEjgJP0DFo-fSTFkMHmE1Sq68nKqTdZS-QXSuukw2K9om8fborfHy90c6JUsH7xCZIwug8mhFUJ8GJSCUxysbHqiWWiWgGi33QslqWJPVh8l9dV6vEZdDxTNVycV-rEwHt8dXM4b_IPKY0pZbq5tKWS-9upGI4eEMUpD1_YxQdEDK0c6Z__bbC3NHXcnDKp68b3IW8viEYccKVW64v3jxlzzSU8shv349tlKNBhUUwHVinGau7JACc6r6Bb8gBD007cE0ihlPHXGD_MpbmEYPrBcUQDmaD_uw-em1tUUFZuUUdi4ZnGOS06fjgGZGumjASb5i3kJ7iZ89ps3ViuPZKbopuGO9gUSjJbll-QuQbl0DABO3R8JfBA-AEAYgF1tv22jCgBlSAB8mfg9oBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTQ2NTAxMTg5MzEwODM4NTSACgPICwGwE5zH2AvYEw3YFAHQFQGoFgHiFgIIAYAXAQ&sigh=AzEpZWcTOwY&cmd=Ch1jYS12aWRlby1wdWItOTc5MDc2MjgxMTA1NzY5ORAAGAI&label=videoplaytime50&ad_mt=7699&acvw=sv%3D898%26cb%3Dj%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D386,500,724,1100%26tos%3D7745,0,0,0,0%26mtos%3D7745,7745,7745,7745,7745%26amtos%3D0,0,0,0,0%26mcvt%3D7745%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7745%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1834%26pst%3D426%26dur%3D15046%26vmtime%3D7698%26dtos%3D3750%26dtoss%3D3%26dvs%3D3750%26dfvs%3D3750%26dvpt%3D3750%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3750,3750,3750,3750,3750%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D783%26femvt%3D0%26emc%3D41%26emuc%3D0%26emb%3D41,0,0,0,0%26avms%3Dexc%26qi%3D657692483%26psm%3D-2147483393%26psv%3D-2147483393%26psfv%3D-2147483393%26psa%3D0%26ptlt%3D1624297353260%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,7745,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.1%26t%3D1624297345062&sdkv=h.3.467.0&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3NzEzMzUwMzI0NjIMNTI1MzUyODA3ODMzQNwCUiAQDyUAAKBBKAE6B3Vua25vd25CB3Vua25vd25I-ANQABgB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Jun 2021 17:42:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=8815595657866919314;met=1;ecn1=1;etm1=0;eid1=18;acvw=sv%3D898%26cb%3Dj%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D386,500,724,1100%26tos%3D7745,0,0,0,0%26mtos%3D7745,7745,7745,7745,7745...
ade.googlesyndication.com/ddm/activity_ext/ Frame 6EBE 42 B
107 B 91ms
91ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=8815595657866919314;met=1;ecn1=1;etm1=0;eid1=18;acvw=sv%3D898%26cb%3Dj%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D386,500,724,1100%26tos%3D7745,0,0,0,0%26mtos%3D7745,7745,7745,7745,7745%26amtos%3D0,0,0,0,0%26mcvt%3D7745%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7745%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1834%26pst%3D426%26dur%3D15046%26vmtime%3D7698%26dtos%3D3750%26dtoss%3D3%26dvs%3D3750%26dfvs%3D3750%26dvpt%3D3750%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3750,3750,3750,3750,3750%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D783%26femvt%3D0%26emc%3D41%26emuc%3D0%26emb%3D41,0,0,0,0%26avms%3Dexc%26qi%3D657692483%26psm%3D-2147483393%26psv%3D-2147483393%26psfv%3D-2147483393%26psa%3D0%26ptlt%3D1624297353260%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,7745,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.1%26t%3D1624297345062?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS