urlscan.io logo urlscan.io
SecurityTrails logo

www.walla.co.il Open in urlscan Pro
13.224.189.75  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.walla.co.il/
Submission: On October 19 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 117 IPs in 12 countries across 96 domains to perform 616 HTTP transactions. The main IP is 13.224.189.75, located in United States and belongs to AMAZON-02, US. The main domain is www.walla.co.il. The Cisco Umbrella rank of the primary domain is 156315.
TLS certificate: Issued by Amazon RSA 2048 M01 on March 27th 2023. Valid for: a year.
This is the only time www.walla.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
44 13.224.189.75 16509 (AMAZON-02)
1 205.185.216.10 20446 (STACKPATH...)
11 2a00:1450:400... 15169 (GOOGLE)
41 151.101.65.44 54113 (FASTLY)
2 146.75.116.157 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 18.66.112.5 16509 (AMAZON-02)
2 2600:9000:205... 16509 (AMAZON-02)
17 34.160.198.118 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2600:9000:20e... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 11 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f08... 32934 (FACEBOOK)
8 142.250.186.98 15169 (GOOGLE)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
8 52.86.91.163 14618 (AMAZON-AES)
1 23.21.139.150 14618 (AMAZON-AES)
1 104.244.42.72 13414 (TWITTER)
2 2a00:1450:400... 15169 (GOOGLE)
1 9 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 34.120.218.58 396982 (GOOGLE-CL...)
1 216.239.32.21 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 51.77.64.70 16276 (OVH)
1 34.111.199.139 396982 (GOOGLE-CL...)
5 108.129.69.108 16509 (AMAZON-02)
3 184.30.16.195 16625 (AKAMAI-AS)
1 18 104.22.69.131 13335 (CLOUDFLAR...)
2 2a03:2880:f17... 32934 (FACEBOOK)
2 151.101.193.44 54113 (FASTLY)
1 7 2a02:2638:3::c 44788 (ASN-CRITE...)
3 10 51.38.120.206 16276 (OVH)
8 141.226.228.48 200478 (TABOOLA-AS)
1 172.64.205.37 13335 (CLOUDFLAR...)
4 7 216.52.2.39 32475 (SINGLEHOP...)
2 4 168.119.146.39 24940 (HETZNER-AS)
6 7 46.228.174.117 56396 (AMOBEE)
2 2 2001:678:cb4:... 56396 (AMOBEE)
2 2 96.46.183.20 7979 (SERVERS-COM)
3 8.2.108.175 46636 (NATCOWEB)
1 12 37.157.2.229 198622 (ADFORM)
3 3 2a02:2638:3::6 44788 (ASN-CRITE...)
3 4 178.250.1.9 44788 (ASN-CRITE...)
3 8 3.71.157.32 16509 (AMAZON-02)
1 34.160.236.64 15169 (GOOGLE)
1 1 23.216.77.50 20940 (AKAMAI-ASN1)
2 3.122.6.226 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.59.25.76 16509 (AMAZON-02)
8 178.32.210.226 16276 (OVH)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 95.101.149.35 16625 (AKAMAI-AS)
6 12 37.252.171.53 29990 (ASN-APPNEX)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
5 34.149.20.76 396982 (GOOGLE-CL...)
5 2602:803:c003... 26667 (RUBICONPR...)
2 3 185.184.8.90 204995 (RTB-HOUSE...)
5 2a02:6b8::90 208722 (GLOBAL_DC)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 185.64.189.112 62713 (AS-PUBMATIC)
4 7 104.18.26.193 13335 (CLOUDFLAR...)
1 35.186.253.211 15169 (GOOGLE)
1 52.210.78.166 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 52.223.40.198 16509 (AMAZON-02)
3 2a05:d018:d29... 16509 (AMAZON-02)
3 3.71.149.231 16509 (AMAZON-02)
2 34.95.69.49 396982 (GOOGLE-CL...)
60 2a00:1450:400... 15169 (GOOGLE)
1 1 2600:9000:211... 16509 (AMAZON-02)
3 99.86.4.49 16509 (AMAZON-02)
64 2a00:1450:400... 15169 (GOOGLE)
25 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 85.14.248.72 24961 (MYLOC-AS ...)
27 48 172.217.18.98 15169 (GOOGLE)
8 104.18.27.193 13335 (CLOUDFLAR...)
5 35.244.159.8 15169 (GOOGLE)
1 6 23.211.8.12 16625 (AKAMAI-AS)
4 4 85.114.159.118 24961 (MYLOC-AS ...)
3 3 69.173.144.165 26667 (RUBICONPR...)
1 2600:9000:211... 16509 (AMAZON-02)
1 2 151.101.2.49 54113 (FASTLY)
1 1 35.186.193.173 15169 (GOOGLE)
2 4 35.190.0.66 15169 (GOOGLE)
6 37.157.6.236 198622 (ADFORM)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.96.105.8 396982 (GOOGLE-CL...)
3 4 37.157.6.237 198622 (ADFORM)
2 52.18.227.145 16509 (AMAZON-02)
8 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
8 130.211.44.5 15169 (GOOGLE)
1 67.202.105.22 32748 (STEADFAST)
1 23.32.184.180 16625 (AKAMAI-AS)
2 104.18.25.18 13335 (CLOUDFLAR...)
2 88.221.125.233 16625 (AKAMAI-AS)
2 3 13.248.245.213 16509 (AMAZON-02)
2 4 185.64.190.78 62713 (AS-PUBMATIC)
2 52.58.233.134 16509 (AMAZON-02)
1 69.173.144.138 26667 (RUBICONPR...)
1 2 52.46.151.131 16509 (AMAZON-02)
1 2 35.204.74.118 396982 (GOOGLE-CL...)
1 2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 2620:116:800d... 16509 (AMAZON-02)
2 98.98.134.243 21859 (ZEN-ECN)
5 11 198.47.127.205 62713 (AS-PUBMATIC)
1 2 54.239.33.159 16509 (AMAZON-02)
4 185.64.191.210 62713 (AS-PUBMATIC)
1 2 54.217.195.217 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 52.214.195.193 16509 (AMAZON-02)
2 2 52.57.124.150 16509 (AMAZON-02)
1 89.149.192.196 60781 (LEASEWEB-...)
2 2 35.214.136.204 15169 (GOOGLE)
6 6 185.64.190.79 62713 (AS-PUBMATIC)
4 198.47.127.20 62713 (AS-PUBMATIC)
2 2 188.166.17.21 14061 (DIGITALOC...)
2 2 31.172.81.158 44066 (DE-FIRSTC...)
1 1 52.54.238.224 14618 (AMAZON-AES)
1 1 64.74.236.95 22075 (AS-OUTBRAIN)
5 5 52.208.23.16 16509 (AMAZON-02)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
1 1 185.86.139.101 201081 (SMARTADSE...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.121 42697 (NETIC-AS)
2 2 15.235.15.221 16276 (OVH)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
616 117
44    13.224.189.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-75.fra2.r.cloudfront.net
www.walla.co.il
1    205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.valuad.cloud
11    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
www.googletagservices.com
41    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
trc.taboola.com
images.taboola.com
imprammp.taboola.com
2    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
platform.twitter.com
5    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    18.66.112.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-5.fra56.r.cloudfront.net
tags.dxmdp.com
2    2600:9000:2057:1200:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
17    34.160.198.118 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 118.198.160.34.bc.googleusercontent.com
images.wcdn.co.il
1    2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
2    2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
web-sdk.smartlook.com
2    2600:9000:20eb:f800:11:da61:a100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.dxmcdn.com
4    2a00:1450:4001:801::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
hb-dot-valuad.appspot.com
11    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
8    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
www.googleadservices.com
googleads4.g.doubleclick.net
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
12890047.adoric-om.com
static.adoric.com
8    52.86.91.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-91-163.compute-1.amazonaws.com
mabping.chartbeat.net
1    23.21.139.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-139-150.compute-1.amazonaws.com
ping.chartbeat.net
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
2    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
9    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    34.120.218.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.218.120.34.bc.googleusercontent.com
app.adoric-om.com
1    216.239.32.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net
tr.dxmcdn.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
6    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
1    34.111.199.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.199.111.34.bc.googleusercontent.com
dal.walla.co.il
5    108.129.69.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-69-108.eu-west-1.compute.amazonaws.com
event.dxmdp.com
3    184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com
ads.pubmatic.com
18    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
static.smilewanted.com
prebid.smilewanted.com
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
pm-widget.taboola.com
vidstat.taboola.com
7    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
10    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
8    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
1    172.64.205.37 (United States)

ASN13335 (CLOUDFLARENET, US)
metrics.getrockerbox.com
7    216.52.2.39 (New York, United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
4    168.119.146.39 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.39.146.119.168.clients.your-server.de
sync.richaudience.com
7    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
3    8.2.108.175 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
12    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
3    2a02:2638:3::6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ssp-sync.criteo.com
4    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
8    3.71.157.32 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-157-32.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
1    23.216.77.50 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-50.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    3.122.6.226 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-6-226.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    52.59.25.76 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-25-76.eu-central-1.compute.amazonaws.com
tlx.3lift.com
8    178.32.210.226 (France)

ASN16276 (OVH, FR)
PTR: ip226.ip-178-32-210.eu
prg.smartadserver.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
12    37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    2a02:fa8:8806:21::1780 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
5    34.149.20.76 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
5    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
5    2a02:6b8::90 (Ulyanovsk, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
bs.yandex.ru
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
7    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    52.210.78.166 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-78-166.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
2    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
6    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    2a05:d018:d29:3601:c184:4582:9358:8e30 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
60    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2600:9000:211e:9e00:1a:1d58:31c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-uw2-prod.tsv2.amagi.tv
3    99.86.4.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-49.fra6.r.cloudfront.net
amg01742-walla-wallanews-ono-btlna.amagi.tv
64    2a00:1450:4001:81c::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
25    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
2    85.14.248.72 (Neukirchen-Vluyn, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
48    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
cm.g.doubleclick.net
8    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
pixelgroup-d.openx.net
6    23.211.8.12 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-8-12.deploy.static.akamaitechnologies.com
sync.teads.tv
4    85.114.159.118 (Mossingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2600:9000:211e:3e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
4    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
6    37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
4    37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
2    52.18.227.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-227-145.eu-west-1.compute.amazonaws.com
match.360yield.com
8    2a02:26f0:3500:d::1732:83c8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
8    130.211.44.5 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 5.44.211.130.bc.googleusercontent.com
rtb0.doubleverify.com
rtbc-ew1.doubleverify.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
1    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    23.32.184.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-180.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    88.221.125.233 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-125-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    52.58.233.134 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-233-134.eu-central-1.compute.amazonaws.com
vfd2dyn.vodafone.de
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
2    2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
pubmatic-match.dotomi.com
2    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
11    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    54.239.33.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    54.217.195.217 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-195-217.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    52.214.195.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-195-193.eu-west-1.compute.amazonaws.com
a.audrte.com
2    52.57.124.150 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-124-150.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    89.149.192.196 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ssbsync.smartadserver.com
2    35.214.136.204 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 204.136.214.35.bc.googleusercontent.com
csync.loopme.me
6    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
4    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
2    188.166.17.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    31.172.81.158 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
1    52.54.238.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-238-224.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    64.74.236.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
5    52.208.23.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-23-16.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    185.86.139.101 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    15.235.15.221 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-3.cloudy.ovh
pixel.onaudience.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
91 googlesyndication.com
7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
521 KB
74 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
pubads.g.doubleclick.net — Cisco Umbrella Rank: 412
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443
361 KB
64 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
2 MB
51 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1126
pm-widget.taboola.com — Cisco Umbrella Rank: 3680
trc.taboola.com — Cisco Umbrella Rank: 680
vidstat.taboola.com — Cisco Umbrella Rank: 3058
trc-events.taboola.com — Cisco Umbrella Rank: 2281
am-trc-events.taboola.com — Cisco Umbrella Rank: 15139
images.taboola.com — Cisco Umbrella Rank: 1964
imprammp.taboola.com — Cisco Umbrella Rank: 14739
am-match.taboola.com — Cisco Umbrella Rank: 15405
am-vid-events.taboola.com — Cisco Umbrella Rank: 13899
758 KB
45 walla.co.il
www.walla.co.il — Cisco Umbrella Rank: 156315
dal.walla.co.il — Cisco Umbrella Rank: 150646
1 MB
33 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 588
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 581
image6.pubmatic.com — Cisco Umbrella Rank: 967
simage2.pubmatic.com — Cisco Umbrella Rank: 959
image2.pubmatic.com — Cisco Umbrella Rank: 1116
image8.pubmatic.com — Cisco Umbrella Rank: 748
simage4.pubmatic.com — Cisco Umbrella Rank: 1354
image4.pubmatic.com — Cisco Umbrella Rank: 1249
98 KB
22 adform.net
cm.adform.net — Cisco Umbrella Rank: 1279
track.adform.net — Cisco Umbrella Rank: 4131
s1.adform.net — Cisco Umbrella Rank: 9659
c1.adform.net — Cisco Umbrella Rank: 643
dmp.adform.net — Cisco Umbrella Rank: 3616
253 KB
18 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 2991
static.smilewanted.com — Cisco Umbrella Rank: 10113
prebid.smilewanted.com — Cisco Umbrella Rank: 6260
33 KB
17 wcdn.co.il
images.wcdn.co.il — Cisco Umbrella Rank: 99528
2 MB
16 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 541
rtb0.doubleverify.com — Cisco Umbrella Rank: 941
rtbc-ew1.doubleverify.com — Cisco Umbrella Rank: 19493
tps.doubleverify.com — Cisco Umbrella Rank: 562
tpsc-ew1.doubleverify.com — Cisco Umbrella Rank: 11169
252 KB
15 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 570
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513
dsum.casalemedia.com — Cisco Umbrella Rank: 1698
10 KB
15 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 478
ssp-sync.criteo.com — Cisco Umbrella Rank: 1344
dis.criteo.com — Cisco Umbrella Rank: 648
bidder.criteo.com — Cisco Umbrella Rank: 895
mug.criteo.com — Cisco Umbrella Rank: 2541
16 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
secure.adnxs.com — Cisco Umbrella Rank: 542
acdn.adnxs.com — Cisco Umbrella Rank: 663
26 KB
11 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 563
pixel.rubiconproject.com — Cisco Umbrella Rank: 409
eus.rubiconproject.com — Cisco Umbrella Rank: 662
token.rubiconproject.com — Cisco Umbrella Rank: 504
17 KB
11 dxmdp.com
tags.dxmdp.com — Cisco Umbrella Rank: 46747
event.dxmdp.com — Cisco Umbrella Rank: 45696
133 KB
10 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1721
ssbsync.smartadserver.com — Cisco Umbrella Rank: 951
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 898
15 KB
10 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 913
2 KB
10 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2714
2 KB
9 chartbeat.net
mabping.chartbeat.net — Cisco Umbrella Rank: 5630
ping.chartbeat.net — Cisco Umbrella Rank: 1445
2 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
2 KB
7 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1558
sync.teads.tv — Cisco Umbrella Rank: 1584
1 KB
7 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 754
3 KB
6 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
1 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
889 B
6 openx.net
rtb.openx.net — Cisco Umbrella Rank: 912
us-u.openx.net — Cisco Umbrella Rank: 547
pixelgroup-d.openx.net — Cisco Umbrella Rank: 112800
993 B
6 33across.com
ssc.33across.com — Cisco Umbrella Rank: 4057
ssc-cms.33across.com — Cisco Umbrella Rank: 1180
935 B
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 624
3 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
295 KB
5 yandex.ru
bs.yandex.ru — Cisco Umbrella Rank: 13295
1 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 649
2 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 6147
753 B
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
42 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
424 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2979
3 KB
4 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 328
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1086
3 KB
4 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 8325
810 B
4 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1617
2 KB
4 amagi.tv
cdn-uw2-prod.tsv2.amagi.tv — Cisco Umbrella Rank: 61879
amg01742-walla-wallanews-ono-btlna.amagi.tv — Cisco Umbrella Rank: 155239
4 KB
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 659
eb2.3lift.com — Cisco Umbrella Rank: 434
2 KB
4 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2114
840 B
4 appspot.com
hb-dot-valuad.appspot.com — Cisco Umbrella Rank: 74994
122 B
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 22832
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27465
921 B
3 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 498
fonts.googleapis.com — Cisco Umbrella Rank: 49
358 KB
3 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7541
creativecdn.com — Cisco Umbrella Rank: 646
905 B
3 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3968
casale-match.dotomi.com — Cisco Umbrella Rank: 3530
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4048
499 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1696
mp.4dex.io — Cisco Umbrella Rank: 2423
26 KB
3 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3356
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
124 KB
3 dxmcdn.com
cf.dxmcdn.com — Cisco Umbrella Rank: 57831
tr.dxmcdn.com — Cisco Umbrella Rank: 48161 Failed
125 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1738
mab.chartbeat.com — Cisco Umbrella Rank: 2811
27 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1192
syndication.twitter.com — Cisco Umbrella Rank: 1427
131 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3315
972 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1270
1 KB
2 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 3932
1 KB
2 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2536
1 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1165
640 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1069
2 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1011
484 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 847
374 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 929
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 952
1 KB
2 vodafone.de
vfd2dyn.vodafone.de — Cisco Umbrella Rank: 123785
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 753
cdn.indexww.com — Cisco Umbrella Rank: 1795
2 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
60 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2517
397 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 985
s.tribalfusion.com — Cisco Umbrella Rank: 2451
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 782
802 B
2 exactag.com
m.exactag.com — Cisco Umbrella Rank: 12883
3 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1374
104 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 621
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1822
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1343
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1024
952 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
216 B
2 adoric-om.com
12890047.adoric-om.com — Cisco Umbrella Rank: 229141
app.adoric-om.com — Cisco Umbrella Rank: 53462
54 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 153
20 KB
2 smartlook.com
web-sdk.smartlook.com — Cisco Umbrella Rank: 24211
22 KB
1 gstatic.com
fonts.gstatic.com
16 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4613
465 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3540
438 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 602
655 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 637
379 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 915
1 KB
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2268
174 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 50844
612 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 893
235 B
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 2049
46 KB
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3692
855 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
2 KB
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 620
614 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1386
213 B
1 getrockerbox.com
metrics.getrockerbox.com — Cisco Umbrella Rank: 7164
554 B
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5842
175 B
1 adoric.com
static.adoric.com — Cisco Umbrella Rank: 56775
16 KB
1 valuad.cloud
cdn.valuad.cloud — Cisco Umbrella Rank: 111730
277 KB
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
616 96
Domain Requested by
64 s0.2mdn.net imasdk.googleapis.com
www.walla.co.il
s0.2mdn.net
7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
60 pagead2.googlesyndication.com securepubads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
www.walla.co.il
pagead2.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
www.googletagservices.com
48 cm.g.doubleclick.net 27 redirects googleads.g.doubleclick.net
7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
44 www.walla.co.il www.walla.co.il
28 images.taboola.com www.walla.co.il
25 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
www.walla.co.il
googleads.g.doubleclick.net
s0.2mdn.net
17 images.wcdn.co.il www.walla.co.il
11 simage2.pubmatic.com 5 redirects ads.pubmatic.com
11 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
11 csync.smilewanted.com 1 redirects cdn.valuad.cloud
csync.smilewanted.com
11 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
www.googleadservices.com
7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
pagead2.googlesyndication.com
10 track.adform.net 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
s1.adform.net
10 onetag-sys.com 3 redirects csync.smilewanted.com
cdn.valuad.cloud
7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
9 ib.adnxs.com 3 redirects cdn.valuad.cloud
googleads.g.doubleclick.net
acdn.adnxs.com
csync.smilewanted.com
9 www.google.com 1 redirects www.walla.co.il
tpc.googlesyndication.com
7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
8 cdn.doubleverify.com s1.adform.net
cdn.doubleverify.com
www.walla.co.il
8 prg.smartadserver.com cdn.valuad.cloud
8 x.bidswitch.net 3 redirects imprammp.taboola.com
7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
ads.pubmatic.com
8 mabping.chartbeat.net www.walla.co.il
8 cdn.taboola.com www.walla.co.il
cdn.taboola.com
7 ap.lijit.com 4 redirects csync.smilewanted.com
cdn.valuad.cloud
6 image8.pubmatic.com 6 redirects
6 s1.adform.net track.adform.net
s1.adform.net
7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
6 googleads4.g.doubleclick.net www.walla.co.il
6 sync.teads.tv 1 redirects googleads.g.doubleclick.net
7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
6 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
ssum-sec.casalemedia.com
ads.pubmatic.com
7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
6 gum.criteo.com 1 redirects cdn.taboola.com
static.criteo.net
cdn.valuad.cloud
6 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 tags.dxmdp.com www.walla.co.il
tags.dxmdp.com
6 securepubads.g.doubleclick.net www.walla.co.il
securepubads.g.doubleclick.net
5 match.prod.bidr.io 5 redirects
5 www.googletagservices.com 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
5 prebid.smilewanted.com cdn.valuad.cloud
5 bs.yandex.ru cdn.valuad.cloud
5 fastlane.rubiconproject.com cdn.valuad.cloud
5 ssc.33across.com cdn.valuad.cloud
5 sync.1rx.io 4 redirects 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
5 trc-events.taboola.com cdn.taboola.com
www.walla.co.il
5 event.dxmdp.com tags.dxmdp.com
12890047.adoric-om.com
5 www.google.de www.walla.co.il
5 www.googletagmanager.com www.walla.co.il
www.googletagmanager.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 image2.pubmatic.com ads.pubmatic.com
4 image6.pubmatic.com 2 redirects ads.pubmatic.com
4 ads.travelaudience.com 2 redirects 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
4 dsp.adfarm1.adition.com 4 redirects
4 us-u.openx.net googleads.g.doubleclick.net
4 dis.criteo.com 3 redirects 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
4 sync.richaudience.com 2 redirects csync.smilewanted.com
4 hb-dot-valuad.appspot.com cdn.valuad.cloud
12890047.adoric-om.com
4 www.google-analytics.com www.walla.co.il
www.google-analytics.com
www.googletagmanager.com
3 eb2.3lift.com 2 redirects cdn.valuad.cloud
3 secure.adnxs.com 3 redirects
3 c1.adform.net 2 redirects ads.pubmatic.com
3 pixel.rubiconproject.com 3 redirects
3 amg01742-walla-wallanews-ono-btlna.amagi.tv www.walla.co.il
3 ups.analytics.yahoo.com am-match.taboola.com
googleads.g.doubleclick.net
ads.pubmatic.com
3 pr-bh.ybp.yahoo.com imprammp.taboola.com
am-match.taboola.com
ads.pubmatic.com
3 ssp-sync.criteo.com 3 redirects
3 us.ck-ie.com csync.smilewanted.com
3 trc.taboola.com cdn.taboola.com
www.walla.co.il
3 ads.pubmatic.com cdn.valuad.cloud
ads.pubmatic.com
3 connect.facebook.net www.walla.co.il
connect.facebook.net
2 tpsc-ew1.doubleverify.com cdn.doubleverify.com
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 sync.bumlam.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 match.adsby.bidtheatre.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 creativecdn.com 2 redirects
2 csync.loopme.me 2 redirects
2 pm.w55c.net 2 redirects
2 tps.doubleverify.com cdn.doubleverify.com
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 pixel-sync.sitescout.com ssum-sec.casalemedia.com
7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
2 cms.quantserve.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
2 vfd2dyn.vodafone.de 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
2 rtbc-ew1.doubleverify.com cdn.doubleverify.com
2 eus.rubiconproject.com cdn.valuad.cloud
eus.rubiconproject.com
2 rtb0.doubleverify.com cdn.doubleverify.com
2 static.criteo.net cdn.valuad.cloud
static.criteo.net
2 match.360yield.com 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 m.exactag.com 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
2 i.clean.gg cadmus.script.ac
2 imasdk.googleapis.com www.walla.co.il
imasdk.googleapis.com
2 script.4dex.io cdn.valuad.cloud
12890047.adoric-om.com
2 match.sharethrough.com csync.smilewanted.com
2 cm.adform.net 1 redirects csync.smilewanted.com
2 ads.betweendigital.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 ad.turn.com 2 redirects
2 static.smilewanted.com csync.smilewanted.com
2 www.facebook.com www.walla.co.il
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.googleadservices.com www.googletagmanager.com
2 cf.dxmcdn.com tags.dxmdp.com
2 web-sdk.smartlook.com www.walla.co.il
web-sdk.smartlook.com
2 static.chartbeat.com www.walla.co.il
2 platform.twitter.com www.walla.co.il
platform.twitter.com
1 fonts.gstatic.com fonts.googleapis.com
1 pubmatic-match.dotomi.com
1 ads.playground.xyz 1 redirects
1 mwzeom.zeotap.com
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 ssbsync.smartadserver.com 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 token.rubiconproject.com eus.rubiconproject.com
1 pixelgroup-d.openx.net cdn.valuad.cloud
1 js-sec.indexww.com cdn.valuad.cloud
1 acdn.adnxs.com cdn.valuad.cloud
1 ssc-cms.33across.com cdn.valuad.cloud
1 mug.criteo.com
1 fonts.googleapis.com s0.2mdn.net
1 tr.blismedia.com 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
1 s.tribalfusion.com 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 s.ad.smaato.net 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
1 pubads.g.doubleclick.net imasdk.googleapis.com
1 cdn-uw2-prod.tsv2.amagi.tv 1 redirects
1 cadmus.script.ac script.4dex.io
1 am-vid-events.taboola.com www.walla.co.il
1 am-match.taboola.com vidstat.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 hb-api.omnitagjs.com cdn.valuad.cloud
1 rtb.openx.net cdn.valuad.cloud
1 htlb.casalemedia.com cdn.valuad.cloud
1 hbopenbid.pubmatic.com cdn.valuad.cloud
1 bidder.criteo.com cdn.valuad.cloud
1 prebid-eu.creativecdn.com cdn.valuad.cloud
1 web.hb.ad.cpe.dotomi.com cdn.valuad.cloud
1 a.teads.tv cdn.valuad.cloud
1 mp.4dex.io cdn.valuad.cloud
1 tlx.3lift.com cdn.valuad.cloud
1 cdn.jsdelivr.net cdn.valuad.cloud
1 ads.stickyadstv.com 1 redirects
1 odr.mookie1.com csync.smilewanted.com
1 metrics.getrockerbox.com www.walla.co.il
1 am-trc-events.taboola.com www.walla.co.il
1 vidstat.taboola.com cdn.taboola.com
1 dal.walla.co.il www.walla.co.il
1 pro.ip-api.com www.walla.co.il
1 region1.analytics.google.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 tr.dxmcdn.com 12890047.adoric-om.com
1 app.adoric-om.com 12890047.adoric-om.com
1 static.adoric.com 12890047.adoric-om.com
1 syndication.twitter.com platform.twitter.com
1 ping.chartbeat.net www.walla.co.il
1 12890047.adoric-om.com www.walla.co.il
1 mab.chartbeat.com static.chartbeat.com
1 cdn.valuad.cloud www.walla.co.il
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
616 168
Subject Issuer Validity Valid
*.walla.co.il
Amazon RSA 2048 M01		 2023-03-27 -
2024-04-24		 a year crt.sh
valuad.cloud
E1		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-08-20		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
tags.dxmdp.com
Amazon RSA 2048 M02		 2023-01-22 -
2024-02-21		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
images.wcdn.co.il
R3		 2023-08-30 -
2023-11-28		 3 months crt.sh
1688964705.rsc.cdn77.org
R3		 2023-10-05 -
2024-01-03		 3 months crt.sh
cf.dxmcdn.com
Amazon RSA 2048 M02		 2023-03-27 -
2024-04-24		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-28 -
2023-10-26		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
adoric-om.com
E1		 2023-08-30 -
2023-11-28		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
syndication.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-19 -
2024-09-17		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
adoric.com
GTS CA 1P5		 2023-09-14 -
2023-12-13		 3 months crt.sh
*.adoric.com
R3		 2023-10-03 -
2024-01-01		 3 months crt.sh
tr.dxmcdn.com
GTS CA 1D4		 2023-09-03 -
2023-12-02		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
dal.walla.co.il
R3		 2023-08-30 -
2023-11-28		 3 months crt.sh
dxmdp.com
Amazon RSA 2048 M01		 2023-02-09 -
2024-02-16		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-18 -
2024-05-17		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
getrockerbox.com
E1		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
teads.tv
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2023-08-30 -
2023-11-28		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-09-24 -
2024-03-24		 6 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
cadmus.script.ac
E1		 2023-09-02 -
2023-12-01		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
i.clean.gg
GTS CA 1D4		 2023-09-17 -
2023-12-16		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.amagi.tv
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-13		 a year crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA		 2023-08-22 -
2024-09-15		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-07 -
2024-05-07		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
dyn.vodafone.de
DigiCert SHA2 Secure Server CA		 2023-03-07 -
2024-03-06		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2023-10-08 -
2024-11-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2023-09-29 -
2024-09-28		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh

This page contains 83 frames:

Primary Page: https://www.walla.co.il/
Frame ID: 3D911EE902790C143C14075FF8205AB3
Requests: 232 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.walla.co.il
Frame ID: D33994DBDE90914C66867C78F0B22850
Requests: 2 HTTP requests in this frame

Frame: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 360EB9BD6558E1FB681646A1F6832EA1
Requests: 1 HTTP requests in this frame

Frame: https://www.walla.co.il/public/player.html?imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Frame ID: 09797878016864A4274F17CC2D7EC6F0
Requests: 15 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: AF1C5E85D5E3FB056472EC6BC6A92127
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 3BC6AB012FFFF39E6E974A975658C5C3
Requests: 1 HTTP requests in this frame

Frame: https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=&monitoringConfig=%7B%22uuid%22%3A%22bc8a7a32-7d98-4226-8af9-d2a43a8621cc%22%2C%22enabled%22%3Afalse%2C%22verboseMode%22%3A%22ERRORS%22%2C%22sampling%22%3Anull%2C%22observedUserId%22%3Anull%2C%22includeDatabase%22%3Afalse%2C%22includeLocalStorage%22%3Afalse%2C%22includeLoggerState%22%3Afalse%7D
Frame ID: 940672BA77FDDFBB44A6359AFFCC2705
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: F9962E9D88F6D38C9C374F9BACD725E5
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
Frame ID: 228F8C99B79A98025220929360310A5A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-436bbb5d-f7ce-45e0-8fae-3b29e0b3abc4-003
Frame ID: 4765DDA71EBED473BF48118E4A2F5EE3
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/6882523b-dd7f-5324-be12-7e61db22bf42
Frame ID: D0CFD9DE7EB413566A13B7D6F4D3E3BC
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 2B8B9BA6F26799707B9A7F9F8194B6DB
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Frame ID: 95CF0D8EBDE0410D7767AEA40DC36578
Requests: 1 HTTP requests in this frame

Frame: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=79b6a802-6256-4df8-b0fc-8508986a8d6d&ssp=criteo&gdpr=&gdpr_consent=
Frame ID: 6A594FBC25F3B713622223DD1EA3D569
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/a932122a9745f9661f8467a6fc26d37?gdpr_consent=&gdpr=0
Frame ID: FAE844734D0EEA50F7958D74D4BFBF86
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 5AEF800A6E28576906AD1288D4104639
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8DWsCLAa0W_a5n_v2bhBot-xzP_ft3SgAAABgYID-AIlMHIONy2NaCzfGyVq0HA7WCsto5BbuRpvVardxznwrIyCRiWOwcXlMa-HGOFmLlsPBWmEZjdzC3WizWu02zplvZQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDhvxNR5fd4rr8DHqLQeSyHEQP18Vl-QcAAAAAEAAAAAAkABDEf0sAxOBOnvj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hvC-vDIrSAUQEikILMIIAAAAgKRRndORSTpBxaLK__9_vxWAKwAAAYtGcm4UWXQHJd7CAAAAAIxZoIfF7zc77Bq_22X-_________838n_lHI1TElZImSIRiT80vIADAml9AAAA24wYA4I0AnKCTEKvFZDKYTBaroxC74Wyxmy0Wk9kBAAAAuPP___-vByR8g9VuMLHMTMuZw-Ka7UYbl222sFhWm8nGMNhsTxtWYrA7ntVSnwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFsMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGMYWXyj0WAtGm08btFm41grjBuLWzWxWWwTl2PkWrncotfH9LEsTLOFZYsEA0L2InlapBPJxjMYLkyu4WS4WrkcI9tsZpvYjBuXzTnxLCwbi1iiOVmkE9ll3_ANVrvBxDIzLWcOi2u2G21cttnCYlltJhvDYLPvGEYW32g0WItGG49btNk41grjxuJWTWwW28TlGLlWLrfo9TF9LAvTbGHZN2bL3Wy5WQ5n-8ZsuZstN8vhbN9hMj1Tn7PRdcs4Pjr14rz4CWtOg8JlsHh_EtNi2p0dPL_f0alTv5RFndHv9_v9fr_f7_f7DVrPwWxQ-LY1W1X9m0iblZXVcTAoYongIp3oHmazw2l26x5ms8MilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpiNJvrBnPFYjfXDVcJAAAAAAAAAMASTDPdBAAAAMDJoIaTzWa1TgczWQ1Xi9VyAVzATOr6gd1bw2roc9yVEqjEt12HLVGsscca7mE2O5xmt-5hNjusDODC5ZvZZp8RxFqtljUAAAABbAAAAAHcdONNQJgV9____z8OAACAjBx6AAAA9PuApCj1wo9cKfgVxGIxGO0fgAqxVqvV7cZarVbAglktdqsJ_P___wc!&cmcv=&pix=undefined&cb=1697693987668&uv=3348&tms=1697693987668&abt=adxsub-out_vA!adxsub-out_vB!lvlstst-in2_vB!lvlstst1_vB!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=2b10cec4-8c82-4980-a24d-8743557c9f7e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 67FAD898E7F3E5E1A65AD06D2025523A
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8DWsCLAa0W_a5n_v2bhBot-xzP_ft3SgAAABgYID-AIlMHIONy2NaCzfGyVq0HA7WCsto5BbuRpvVardxznwrIyCRiWOwcXlMa-HGOFmLlsPBWmEZjdzC3WizWu02zplvZQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDhvxNR5fd4rr8DHqLQeSyHEQP18Vl-QcAAAAAEAAAAAAkABDEf0sAxOBOnvj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hvC-vDIrSAUQEikILMIIAAAAgKRRndORSTpBxaLK__9_vxWAKwAAAYtGcm4UWXQHJd7CAAAAAIxZoIfF7zc77Bq_22X-_________838n_lHI1TElZImSIRiT80vIADAml9AAAA24wYA4I0AnKCTEKvFZDKYTBaroxC74Wyxmy0Wk9kBAAAAuPP___-vByR8g9VuMLHMTMuZw-Ka7UYbl222sFhWm8nGMNhsTxtWYrA7ntVSnwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFsMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGMYWXyj0WAtGm08btFm41grjBuLWzWxWWwTl2PkWrncotfH9LEsTLOFZYsEA0L2InlapBPJxjMYLkyu4WS4WrkcI9tsZpvYjBuXzTnxLCwbi1iiOVmkE9ll3_ANVrvBxDIzLWcOi2u2G21cttnCYlltJhvDYLPvGEYW32g0WItGG49btNk41grjxuJWTWwW28TlGLlWLrfo9TF9LAvTbGHZN2bL3Wy5WQ5n-8ZsuZstN8vhbN9hMj1Tn7PRdcs4Pjr14rz4CWtOg8JlsHh_EtNi2p0dPL_f0alTv5RFndHv9_v9fr_f7_f7DVrPwWxQ-LY1W1X9m0iblZXVcTAoYongIp3oHmazw2l26x5ms8MilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpiNJvrBnPFYjfXDVcJAAAAAAAAAMASTDPdBAAAAMDJoIaTzWa1TgczWQ1Xi9VyAVzATOr6gd1bw2roc9yVEqjEt12HLVGsscca7mE2O5xmt-5hNjusDODC5ZvZZp8RxFqtljUAAAABbAAAAAHcdONNQJgV9____z8OAACAjBx6AAAA9PuApCj1wo9cKfgVxGIxGO0fgAqxVqvV7cZarVbAglktdqsJ_P___wc!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 87803245C5442CE519437AB9F0638101
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Frame ID: 224D9D957F8978FDDF50BF99952528C5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1AC045BAE164C196D5C9EE86C65B3C43
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 08EC7346880006DAAB05351E28F03D71
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 52C98C3F2C5CF8FBF3346EA48CCEDB97
Requests: 2 HTTP requests in this frame

Frame: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C82D4D0A1FEC9E4A90043779A9A3A35C
Requests: 32 HTTP requests in this frame

Frame: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 30858C2976C0766D624ED8465680AD7A
Requests: 31 HTTP requests in this frame

Frame: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 42AB71814D6DE882EC8355ECE61D0D7A
Requests: 20 HTTP requests in this frame

Frame: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 22D7D9FD2A133EA2CB7D28166C0A3477
Requests: 15 HTTP requests in this frame

Frame: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7D26737E34F5638CE19D5CF0DEA38053
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQYjLCD-gEwAQ&v=APEucNVzBLHVmaJ0OegILze0kwBcvP-S2t7MCdFsoicGBSsR8Qp8Z5Dz-bm1ApvQaT6MS_GKIj8k1te7pFE_y9JK0cL5wzw0zvzPZpba_8nhaOeFBzHFsUpvN3Iz7jFx_AJ8kW1iwprCMeIt_nonShljf1qc4gmrXp1nRtZJIBTq63bYDp3AVUg
Frame ID: 42C886047AB40A5A2187E76F8A15D341
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQYss6D-gEwAQ&v=APEucNWwZOlObb7_TKcVji2jyv2AKGr39XPfYq9lJoXlW0vwnGpC1IcxyIZFLX4K6-TQeZHDMYoYSdahIHzzA_fo2EVLw2tXQZPKGyWa1ABRYmfdYhTsPK9EBLCnPbA8E3dF8u4HNQ96KuKLKlu93Zo5rFW6_pO3YptZI3sbt1aqYc4DOdlYzko
Frame ID: 2D973E67DD466B8D4D5954594B806B0E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGND95voBMAE&v=APEucNU9GkIrGQkKrrOjfUh0aVFErSkb--_lXkBOcPXYU76IpfUqgO9bakFTO8KlfvIHXqyFUuQoe5v-8bs6NyJKhBlKyT8OkPUH7zoRWCGlsJPlWEChBp_VdRbhoROZrb8K-Z4vpLEO4UcGWlOzplZ61gdF0mU17xQUfHtBPpjOxRqDaz6zcEw
Frame ID: 5D7D07C14F35D1DDCBBC6734C3B1DAAF
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjYn9btATAB&v=APEucNWH2_KfW--Vf_MgPfGZSCo0fRqTZosWwjDq_IsAPB3ksWq3RhyQiEab0tdL96zd6kd8fifcv6lq_It_HUlBOr6HU8-f0U1W-hVL-Y-2HQYpqtnyIy2P_R2brlSkPvvQwfrz9ROOH_EZ7VTNF_isQ2RgZlwAsIrKx5ED_maywdZ2Bs81QbM
Frame ID: BC492708F140BDA51E03DC64FF60479A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CD1410F9844D159F157D99AC104AFA56
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjYn9btATAB&v=APEucNWl7dJO5nvSfAtA8ZGmm_11dbpVreR2f4wC_Os1KNr62tiPk1SWKlMRVmJP67SGuBI7QWajtmim1NEZHwHMgwi0ko46C9fD-8x-TiNciWXe-lGzt3vSlgGoqcozfWmFbHzMJtW-phZ5KuyZfYhAeHBSS5S7n_4Syyvt6a-Kuq5lEIUhRvQ
Frame ID: C15F9462A35D180A24E96A55AA77FBAC
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 169E0902C96572E866F02739A487D3D3
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2DB2D9F07968BBA435AAF83BC2C80889
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Frame ID: 096D965E4FCB71327696150C2F01D30D
Requests: 32 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2CB97799F187A7A996ED232D7EE66174
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Frame ID: 140E30A8779A9368A083CF1147CA651C
Requests: 26 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 757A8513A08EA26E2B9CF0C49596CECE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E20A81927D3AC65B79683AC49BEE4457
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9015645056701891402/index.html?ev=01_250
Frame ID: F7FCA515C0A6F63BCACD83A69497155D
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D46F30ED8D03CC0083792D626A3E33A7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E5F5E39F2F027AE0DC3539B9DC6553BF
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il
Frame ID: 1BD2A0D771689E5696FEF9DD22C995C9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Frame ID: 59587A70575F565C37C1082109C24283
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Frame ID: DA27C4B832600F465987EC0931AFCA20
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cR0USG9OKr6ykwaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Frame ID: FD2818D80C0D48A0AC831605A7446125
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1697693987786
Frame ID: 2CC216562E88CF5422A65E062AE543DD
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C478A12313CAFE0DD3C101DF18E256BB
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Frame ID: 1DEFD70E2CD60E33D625EC80BEF91A2C
Requests: 21 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 88FF96FF3F83C29CDC03993F98C667AA
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 07AEE582039D99AD2616251EB3D2ACC5
Requests: 1 HTTP requests in this frame

Frame: https://pixelgroup-d.openx.net/w/1.0/pd
Frame ID: 3E57615212D2AAD3939C34EF69341E32
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 07D9567412A3923A26B13E60D4162080
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 7F57A76044B2661979D67AAF40BC079A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 7297B831F2D2567F9C83637FE886410C
Requests: 10 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4826.js
Frame ID: 5962191729303B4554AB51034B2CD9EF
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4826.js
Frame ID: 7D79F29BFB4860A069807412454312B4
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 40A2FE4F817C946FC2F43FC794F37FE1
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=98B12778-86D1-46D7-9B76-57EC3E77AA22&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 5516DFFD4655C2630FF560C9E247B7FD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=IWywvnRosbk6POG2JDquuS8_4Lg6O7W_L2laPhz-
Frame ID: E0FBEED1C44BB6E835965D5EA8975283
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 20425D397FB3BAEBC6086FC2DF445F50
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 55109CD74B92865B2AF0D24B5FA309AE
Requests: 9 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 53F47753F9C80021FEF1560AE88FB184
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: A416B934BD54DDF03A8A36829C5A547D
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 2162DB3C4ADF3852A5E2AE7D8C36EDAD
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: 4FEAF4DB5E04DA0D20B3B12EEA6A06AA
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 534B71DD85F83C17925DE0BB19F625FB
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/6964033605059843123
Frame ID: 960FFF0BAB5D76BA2527699C09B61169
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/criteo/k-jldD77DnhvanlR5U6QZ7dim-am3G0_bRgGAo1w
Frame ID: F09A9D7629C7450E0720605825435D9E
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 200A3386E14D45496686DACF23B8784D
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 8A1B64C6D939E697ABF0585F74155235
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/mw2u5KYALJX3fCK21CLl?pi=smilewanted&tc=1
Frame ID: 20E7AB0F61DE41F21097A82E676ED7C8
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=23251c695016eb0e1e014d5766c166f6
Frame ID: 7FE53101A18CAFEEC60D62852811C4CC
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=98B12778-86D1-46D7-9B76-57EC3E77AA22&gdpr=0&gdpr_consent=
Frame ID: 36072ECFB08660F573FB0366322B6011
Requests: 1 HTTP requests in this frame

Frame: https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=156578&sc=1&us_privacy=%24%7BUS_PRIVACY%7D
Frame ID: C5DC16F250B54DA7A9CB08DBBDDE37B3
Requests: 1 HTTP requests in this frame

Frame: https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=156578&sc=1&us_privacy=%24%7BUS_PRIVACY%7D
Frame ID: 2392FB87A6B9C33FCD2542C7C0EA2157
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=476&user_id=ee8a7756-6e41-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=79b6a802-6256-4df8-b0fc-8508986a8d6d
Frame ID: B0F15BBDFA69A3BF2001402AC859A560
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kXdSCbFXWUd5eCVoF5upWZJGdU4&gdpr=0&gdpr_consent=
Frame ID: B46C32D0620182015128B592BD7A1C44
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: 11F0FC12EE86AB05D7DAD0C4FE23CBB3
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 662294D68746E7F4BC322EA40BA1875A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 0139E3E174AEBEB7E35EF6A48D02C1AA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADL7E7KYYIAABZFCc3oiw&gdpr=0&gdpr_consent=
Frame ID: A2B03DBCB46CB7D89862EB6FEE9EA889
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

וואלה! חדשות. ספורט. סלבס. אוכל - עדכונים ודיווחים שוטפים

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

616
Requests

90 %
HTTPS

32 %
IPv6

96
Domains

168
Subdomains

117
IPs

12
Countries

9740 kB
Transfer

23886 kB
Size

119
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/777956447/?random=1746083038&cv=11&fst=1697693984554&bg=ffffff&guid=ON&async=1&gtm=45He3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=1475452520.1697693984&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=IMEwZaS4J6rgx_APzoaz8Ac&sscte=1&crd=&eitems=ChEI8IS-qQYQhenDxpqygaf5ARIdAA8LS5fXzvq3jebBmxV9yCFRZ3LX7hRDrrCNHh4&pscrd=Ek9DaEVJOElTLXFRWVFyc2lneHBQdGd0UFNBUkltQUlnQXlIbnhYVE5OVk9JbGMzcnZCNnNhX0I3akhncm44VzVZOUM4SFhkWlJvakd3Qkc0GlpDaEVJOElTLXFRWVFnNlhUdklQOXBNcm5BUkl1QVBLbVh4Nk9NYWZzSXREdTVjNm5vbDdoVk15RjZxUHROZUpnc2M0WEtSaTFJcjIycmNOTnNxU2lUd2hkTlEiEwikyJH3soGCAxUq8BEIHU7DDH4 HTTP 302
  • https://www.google.com/pagead/1p-conversion/777956447/?random=1746083038&cv=11&fst=1697693984554&bg=ffffff&guid=ON&async=1&gtm=45He3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=1475452520.1697693984&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOElTLXFRWVFyc2lneHBQdGd0UFNBUkltQUlnQXlIbnhYVE5OVk9JbGMzcnZCNnNhX0I3akhncm44VzVZOUM4SFhkWlJvakd3Qkc0GlpDaEVJOElTLXFRWVFnNlhUdklQOXBNcm5BUkl1QVBLbVh4Nk9NYWZzSXREdTVjNm5vbDdoVk15RjZxUHROZUpnc2M0WEtSaTFJcjIycmNOTnNxU2lUd2hkTlEiEwikyJH3soGCAxUq8BEIHU7DDH4&is_vtc=1&ocp_id=IMEwZaS4J6rgx_APzoaz8Ac&cid=CAQSKQDICaaNhRihLQ1_0MZmpJa4LchYtNiFiIo9ZqyqG1olQXLiWeCKSlbc&eitems=ChEI8IS-qQYQhenDxpqygaf5ARIdAA8LS5cRDYNSaYzd4Zpta_kTdqERQ1fFfTg566U&random=1656639407 HTTP 302
  • https://www.google.de/pagead/1p-conversion/777956447/?random=1746083038&cv=11&fst=1697693984554&bg=ffffff&guid=ON&async=1&gtm=45He3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=1475452520.1697693984&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOElTLXFRWVFyc2lneHBQdGd0UFNBUkltQUlnQXlIbnhYVE5OVk9JbGMzcnZCNnNhX0I3akhncm44VzVZOUM4SFhkWlJvakd3Qkc0GlpDaEVJOElTLXFRWVFnNlhUdklQOXBNcm5BUkl1QVBLbVh4Nk9NYWZzSXREdTVjNm5vbDdoVk15RjZxUHROZUpnc2M0WEtSaTFJcjIycmNOTnNxU2lUd2hkTlEiEwikyJH3soGCAxUq8BEIHU7DDH4&is_vtc=1&ocp_id=IMEwZaS4J6rgx_APzoaz8Ac&cid=CAQSKQDICaaNhRihLQ1_0MZmpJa4LchYtNiFiIo9ZqyqG1olQXLiWeCKSlbc&eitems=ChEI8IS-qQYQhenDxpqygaf5ARIdAA8LS5cRDYNSaYzd4Zpta_kTdqERQ1fFfTg566U&random=1656639407&ipr=y
Request Chain 159
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
Request Chain 168
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1697693986976 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8754517387 HTTP 302
  • https://sync.1rx.io/usersync/turn/4605418256330473032?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-436bbb5d-f7ce-45e0-8fae-3b29e0b3abc4-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-436bbb5d-f7ce-45e0-8fae-3b29e0b3abc4-003 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-436bbb5d-f7ce-45e0-8fae-3b29e0b3abc4-003
Request Chain 169
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=313987386854555902 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/6882523b-dd7f-5324-be12-7e61db22bf42
Request Chain 174
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230 HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=73&p=230&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fgdprapplies%3d0%26gdpr%3d%26redir%3dhttps%253A%252F%252Fcsync.smilewanted.com%252Fset_partner_userid_get%252Fcriteo%252F%2524%257BCRITEO_USER_ID%257D%26profile%3d230%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=&gpp= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24{CRITEO_USER_ID}&profile=230&uid=e5854141-6ab8-4aa5-890b-5034ca225f8d&dised=true&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=ETatI19nWndQb0JOTyUyQldVV1NRUG56RTRKWGhlMU45T3dUaEZEdW5sOExiWW15b0NOTzMlMkZuT0syTDVHdDhtMFYxS3M4eWxpZ1drNUtlR3JMVWFYTE9qaUN3NVZpalpNYmJmNVclMkJpQ3pQS2E1S0RlSE0yd3dheDdNNVVRMHpoMG9DeWoySnIxNUolMkZXRjBUZHhZWkZSZjZndWxBS2ZZcSUyRno5RTBMWmxTMEdpZlUzNjFIYXBnRUN1S1FMbFI3UFlEME9qTXhI&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-AlhN8rDnhvanlR5U6QZ7dim-am2LdDsiQeOfSg HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=ETatI19nWndQb0JOTyUyQldVV1NRUG56RTRKWGhlMU45T3dUaEZEdW5sOExiWW15b0NOTzMlMkZuT0syTDVHdDhtMFYxS3M4eWxpZ1drNUtlR3JMVWFYTE9qaUN3NVZpalpNYmJmNVclMkJpQ3pQS2E1S0RlSE0yd3dheDdNNVVRMHpoMG9DeWoySnIxNUolMkZXRjBUZHhZWkZSZjZndWxBS2ZZcSUyRno5RTBMWmxTMEdpZlUzNjFIYXBnRUN1S1FMbFI3UFlEME9qTXhI&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-AlhN8rDnhvanlR5U6QZ7dim-am2LdDsiQeOfSg HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=79b6a802-6256-4df8-b0fc-8508986a8d6d&ssp=criteo&gdpr=&gdpr_consent=
Request Chain 181
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/a932122a9745f9661f8467a6fc26d37?gdpr_consent=&gdpr=0
Request Chain 254
  • https://cdn-uw2-prod.tsv2.amagi.tv/linear/amg01742-walla-wallanews-ono/playlist.m3u8 HTTP 302
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
Request Chain 329
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0hYTIDlVitxWOukROYue0&google_cver=1
Request Chain 330
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTDBJYSuXZ0b0UlPSVd.0QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0hYTIDlVitxWOukROYue0&google_cver=1&google_hm=2
Request Chain 331
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHw2yQAlH4-twzpBu2g3iyI&google_cver=1
Request Chain 332
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA3Nzg0MzE3Mjg4OTU4MjEwNw%3D%3D
Request Chain 333
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0hYTIDlVitxWOukROYue0&google_cver=1
Request Chain 334
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTDBJYSuXZ0b0UlPSVd.0QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0hYTIDlVitxWOukROYue0&google_cver=1&google_hm=2
Request Chain 335
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHw2yQAlH4-twzpBu2g3iyI&google_cver=1
Request Chain 336
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA3Nzg0MzE3Mjg4OTU4MjEwNw%3D%3D
Request Chain 337
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENVKWh9nSQaG2JW7nwa_foM&google_cver=1
Request Chain 339
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEB7toIH7R1KUiacNxA2ayCE&google_cver=1
Request Chain 342
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENVKWh9nSQaG2JW7nwa_foM&google_cver=1
Request Chain 344
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEB7toIH7R1KUiacNxA2ayCE&google_cver=1
Request Chain 349
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEG9UuMYqDA-7rjRHjjQ4nv4&google_cver=1
Request Chain 364
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAvvOApc0JL23NUIcjLEGf8&google_cver=1&google_push=AXcoOmSqK0rU9pqP7fog-290aU8Cu6iv2PqfJZNmTM77YsBzSqk_WV61bnyO2TQh6FtU-vLIQJQe7bxOQgOgLaqaGqQq48gc-Kc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MTU0MDE2MTM5MDk2NjkzNQ%3D%3D&google_push=AXcoOmSqK0rU9pqP7fog-290aU8Cu6iv2PqfJZNmTM77YsBzSqk_WV61bnyO2TQh6FtU-vLIQJQe7bxOQgOgLaqaGqQq48gc-Kc
Request Chain 365
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR22F1OUFx_wjHlEFTuRjh-0nMaKuGf3RiGiUxaEdQa4_UWMvr2De1NEGzYHmmtDryx9wAOXpnNFD-HWAdyEaGPN63K_pQ&google_gid=CAESEOcz8XwOsftul7Un6UHsd8U&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id91eLDnhvanlR5U6QZ7dim-am1YAmV__SryYQ&google_push=AXcoOmR22F1OUFx_wjHlEFTuRjh-0nMaKuGf3RiGiUxaEdQa4_UWMvr2De1NEGzYHmmtDryx9wAOXpnNFD-HWAdyEaGPN63K_pQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
Request Chain 366
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEK0Xbdr5r73m3QJ4DWVpVtI&google_cver=1&google_push=AXcoOmSsHs5FrctF-zl-aZlJeTJRz0RlottTEGglmXhCzXIwJ8C6eFXS93rDbGrSy9Oh_lqQBW8GuYeu2IG-0Eq0SN-4nzEu5Nc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5XUjYwRFUtVi1GTDlL&google_push=AXcoOmSsHs5FrctF-zl-aZlJeTJRz0RlottTEGglmXhCzXIwJ8C6eFXS93rDbGrSy9Oh_lqQBW8GuYeu2IG-0Eq0SN-4nzEu5Nc
Request Chain 367
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEgH3yyYtiDML8uvBUCXe0Q&google_cver=1&google_push=AXcoOmRasl4BVRwuKPMxIBAqSpwNfe_XqJEyH1dli8gCF8rTLz_bbX8UioBt9Y5IKsKmoD5CY3DI9ghc3RjTIlViK1ZaoKlx0Sw HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEgH3yyYtiDML8uvBUCXe0Q&google_cver=1&google_push=AXcoOmRasl4BVRwuKPMxIBAqSpwNfe_XqJEyH1dli8gCF8rTLz_bbX8UioBt9Y5IKsKmoD5CY3DI9ghc3RjTIlViK1ZaoKlx0Sw&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRasl4BVRwuKPMxIBAqSpwNfe_XqJEyH1dli8gCF8rTLz_bbX8UioBt9Y5IKsKmoD5CY3DI9ghc3RjTIlViK1ZaoKlx0Sw&google_hm=HgqzvGZHol_dljjUQc29kQQs
Request Chain 369
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEH5LpO7Sy8k8Xb8_vkXbziY&google_cver=1&google_push=AXcoOmSOZ3knaQu_M_BDuwTpecY1zNg9B3f95TFugv3Pu61mPVoUElXuQgAsNAgsSUq2DXdTz7RsdjuRin1_JNL_0caby64gTG8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSOZ3knaQu_M_BDuwTpecY1zNg9B3f95TFugv3Pu61mPVoUElXuQgAsNAgsSUq2DXdTz7RsdjuRin1_JNL_0caby64gTG8 HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 370
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEH5LpO7Sy8k8Xb8_vkXbziY&google_cver=1&google_push=AXcoOmT9BpmYp_BPO1wwdP5O6dx_iBpjnH0Z4B_9wMoWu3EEmaqx9JrQO_f57gWWEcVsl6U9ItRhf_2MYzt664W2eDnMUID3SCY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT9BpmYp_BPO1wwdP5O6dx_iBpjnH0Z4B_9wMoWu3EEmaqx9JrQO_f57gWWEcVsl6U9ItRhf_2MYzt664W2eDnMUID3SCY HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 375
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMEffKYTQ_V2ku2vA8re78I&google_cver=1&google_push=AXcoOmR9gjhoKSncKCsGUeikRWIE2Q08doDlukwME5CAhivn6TvHU2qpR315eVvKmQN6VTa83RmSx7XxhGx_DldtZaIKzQOiwshBjw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMEffKYTQ_V2ku2vA8re78I&google_push=AXcoOmR9gjhoKSncKCsGUeikRWIE2Q08doDlukwME5CAhivn6TvHU2qpR315eVvKmQN6VTa83RmSx7XxhGx_DldtZaIKzQOiwshBjw
Request Chain 376
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECEYVP4qDACEl8YawvXnVDs&google_cver=1&google_push=AXcoOmTppNkN5Vra5ipoKHIX7y9Tpd-8wbcNXXOBnXq9nc2omiJ8GxX18W33EUihhykX7rzOL_obnVRaRtRrbi_UBuuZGE-HMFW8lA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTppNkN5Vra5ipoKHIX7y9Tpd-8wbcNXXOBnXq9nc2omiJ8GxX18W33EUihhykX7rzOL_obnVRaRtRrbi_UBuuZGE-HMFW8lA&google_hm=wDxNkS3RTZOBrECTqV65nk4
Request Chain 377
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAvvOApc0JL23NUIcjLEGf8&google_cver=1&google_push=AXcoOmQKeIB8rEFlaL_CdtvGmJF58mfKQG_ZWx3M7UxChFaC9xsWQc9Fq88Q3fg6F6Z80w4LhBPZk1-T7lCaxLx-9LwYfWV0rPtD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MTU0MDE2MTM5MDk2NjkzNQ%3D%3D&google_push=AXcoOmQKeIB8rEFlaL_CdtvGmJF58mfKQG_ZWx3M7UxChFaC9xsWQc9Fq88Q3fg6F6Z80w4LhBPZk1-T7lCaxLx-9LwYfWV0rPtD
Request Chain 378
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEPw04OeR4KLuAMP7qGtosI0&google_cver=1&google_push=AXcoOmR9T5Oz13rgppS8akkdl1RVu4iaOozfoClfppvMAK0_s53mWm0mAqkC-S_Qn6RH-pcYhAO9DT94vzY01tmMGiW7s-GcaK9p HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Z_G2Y-XsTl4iX9BSZi6puw&google_push=AXcoOmR9T5Oz13rgppS8akkdl1RVu4iaOozfoClfppvMAK0_s53mWm0mAqkC-S_Qn6RH-pcYhAO9DT94vzY01tmMGiW7s-GcaK9p HTTP 302
  • https://ads.travelaudience.com/google_match.ashx?google_error=5
Request Chain 379
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEgH3yyYtiDML8uvBUCXe0Q&google_cver=1&google_push=AXcoOmRnJ6AuDDb7qPlMZ7-njvclYiaZvrRb6xPU9a9J8GPy8rxamTwOkIe03S96HxGzAdVK9IE0bEF8_y-vID5pp97toS88gHmNZg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRnJ6AuDDb7qPlMZ7-njvclYiaZvrRb6xPU9a9J8GPy8rxamTwOkIe03S96HxGzAdVK9IE0bEF8_y-vID5pp97toS88gHmNZg&google_hm=HgqzvGZHol_dljjUQc29kQQs
Request Chain 380
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEFpkYYQu8X5rkGy4Bh0TLEM&google_cver=1&google_push=AXcoOmQuCgfX7BZ5gwGidlC0GhJQzlHP_dPdVl0qWnwVpyEeljHMNkrFJmN1tSiSFg5aWyJu51c8IBoO9CzcxCi38eTe24T6vOsX HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-436bbb5d-f7ce-45e0-8fae-3b29e0b3abc4-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQuCgfX7BZ5gwGidlC0GhJQzlHP_dPdVl0qWnwVpyEeljHMNkrFJmN1tSiSFg5aWyJu51c8IBoO9CzcxCi38eTe24T6vOsX%26google_hm%3DA0Nru133zkXgj647KeCzq8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQuCgfX7BZ5gwGidlC0GhJQzlHP_dPdVl0qWnwVpyEeljHMNkrFJmN1tSiSFg5aWyJu51c8IBoO9CzcxCi38eTe24T6vOsX&google_hm=A0Nru133zkXgj647KeCzq8Q HTTP 302
  • https://sync.1rx.io/syncpixel/rmpssp?sub=google&google_error=5
Request Chain 381
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEH5LpO7Sy8k8Xb8_vkXbziY&google_cver=1&google_push=AXcoOmS_-YgzyJpBpTu2nKHw70DADjlCj1dz1Y-TXkBULoId0qhzlCZkQ_WG46wZKeCH5KlA2WPDucY9Y_qg7bsauuTiY26ztu6jMhc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS_-YgzyJpBpTu2nKHw70DADjlCj1dz1Y-TXkBULoId0qhzlCZkQ_WG46wZKeCH5KlA2WPDucY9Y_qg7bsauuTiY26ztu6jMhc HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 447
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFiO9XEJOW8IBi8kpAvlCFI&google_cver=1&google_push=AXcoOmQNWWIoxabTiY-pPkAfRE9EUsvRq1KTEkv8uqgmLqhCfsJc7XxjjajT8H4ah67LM32LPWc_9y_0E5qsGzTtomdVod7DxrUU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQNWWIoxabTiY-pPkAfRE9EUsvRq1KTEkv8uqgmLqhCfsJc7XxjjajT8H4ah67LM32LPWc_9y_0E5qsGzTtomdVod7DxrUU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFiO9XEJOW8IBi8kpAvlCFI&google_cver=1&google_push=AXcoOmQNWWIoxabTiY-pPkAfRE9EUsvRq1KTEkv8uqgmLqhCfsJc7XxjjajT8H4ah67LM32LPWc_9y_0E5qsGzTtomdVod7DxrUU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQNWWIoxabTiY-pPkAfRE9EUsvRq1KTEkv8uqgmLqhCfsJc7XxjjajT8H4ah67LM32LPWc_9y_0E5qsGzTtomdVod7DxrUU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 450
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPkv5fgQ6iIHZUs9anSyGzA&google_cver=1&google_push=AXcoOmTJF7rlCcHiNB0Z4lQBaj1wnia_Pc2SuM-qgl2n3ei_LcbLOwuqxm47EKf7L8Cbx7ulutwRj8lSAjMdJhGxUvIpxxfqQyhc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk2NDAzMzYwNTA1OTg0MzEyMw&google_push=AXcoOmTJF7rlCcHiNB0Z4lQBaj1wnia_Pc2SuM-qgl2n3ei_LcbLOwuqxm47EKf7L8Cbx7ulutwRj8lSAjMdJhGxUvIpxxfqQyhc
Request Chain 452
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBuJfkpNwSPftqvwp8cX3A0&google_cver=1&google_push=AXcoOmQOfsyM_Wg9bxIGOBCbLxH8szWM5Ez9rSRkMlbKbU82puZpzqqKQ05dxJJorCqZkYM07eMX6y5k1TLYV2zeISKN4JDIxh4k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQOfsyM_Wg9bxIGOBCbLxH8szWM5Ez9rSRkMlbKbU82puZpzqqKQ05dxJJorCqZkYM07eMX6y5k1TLYV2zeISKN4JDIxh4k HTTP 302
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&google_error=5
Request Chain 453
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBkoKJwwpMgfjGZUOmznFKo&google_cver=1&google_push=AXcoOmRrtxWlOQUpGkITC6xOMe0f3o2phRYVwDb4spHTYHccRBwufHcSit0pjX5ctPyFKCBkHJn-qThy1TMIdqnETbNv_B_RTd-87w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODA3Nzg0MzE3Mjg4OTU4MjEwNw%3D%3D&google_gid=CAESEBkoKJwwpMgfjGZUOmznFKo&google_cver=1&google_push=AXcoOmRrtxWlOQUpGkITC6xOMe0f3o2phRYVwDb4spHTYHccRBwufHcSit0pjX5ctPyFKCBkHJn-qThy1TMIdqnETbNv_B_RTd-87w HTTP 302
  • https://s0.2mdn.net/dot.gif?google_error=5
Request Chain 490
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=t2RYC3w1SDVvNDNUdkNBcGFVaGN0QmV1cFMvekI3VzBBUStsMHBkYmtiR2JQL2xFbFpZK3g4dkxJOUwzVHU0M2FBSGtwZm5zdWxMcGl2eXNZSHBMbFZYR1RWSE5IQXNrQmthMWxFd2I4ZU5vd1NRMG56MjNJY1drVVBQd29zclBVK0FYUTN0RDFKclFtU3JXZ3N0ZTFHOGJEMFlTL2lYOXV1NUk5MFpDcnpWMjQ0QlRRd3FrQWwzakJDTXErVjVCcnFtaDJCeDFLWXRoTFlHSmFWZTlna29vbjFvNXZYVGdOZmo4MEJ5RnZrdUlqTVFISWloZXVaNWZ6MVMyVVp1NHN3MHRKYmM2VXNVVmVrb0xJUWJqMXUrWEhzUT09fA&cppv=2
Request Chain 523
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTDBJYSuXZ0b0UlPSVd-0QAAFFMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOzkahyAOeSmm5vUc2zglh0&google_cver=1
Request Chain 524
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTDBJYSuXZ0b0UlPSVd-0QAAFFMAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTDBJYSuXZ0b0UlPSVd-0QAAFFMAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 526
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8077843172889582107
Request Chain 527
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=4EB861DAAE7B42B8B43C8819195C7E0A
Request Chain 528
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1697780392
Request Chain 529
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=PNCGG2nUhxwngNcTMtyYGjzUhRgnh9FNOtWbs1e-
Request Chain 535
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 536
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=98B12778-86D1-46D7-9B76-57EC3E77AA22&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=98B12778-86D1-46D7-9B76-57EC3E77AA22&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 537
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=IWywvnRosbk6POG2JDquuS8_4Lg6O7W_L2laPhz-
Request Chain 538
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mLEneIbRRtebdlfsPneqIg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 540
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=939809072 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=98B12778-86D1-46D7-9B76-57EC3E77AA22
Request Chain 541
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=98B12778-86D1-46D7-9B76-57EC3E77AA22 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NGQyY0lyTXhDeU5UOEtaUnJnTURtTkZKdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6964033605059843123&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 542
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OThCMTI3NzgtODZEMS00NkQ3LTlCNzYtNTdFQzNFNzdBQTIy&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 543
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPKwCA_RJ9z-bX1kNfVms18&google_cver=1
Request Chain 545
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6964033605059843123
Request Chain 561
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDKE3GwKsYDmD1v0KnJBp8M&google_cver=1&google_push=AXcoOmQclir2xPswu_hBaXmtgc9RSVQOXLN3V1qcTXZMhNPDhG3QStLn6gGO9pDoInYEf1e1NPpEzZbp97K7QgkM3UPcIcG1Cbpl HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDKE3GwKsYDmD1v0KnJBp8M&google_cver=1&google_push=AXcoOmQclir2xPswu_hBaXmtgc9RSVQOXLN3V1qcTXZMhNPDhG3QStLn6gGO9pDoInYEf1e1NPpEzZbp97K7QgkM3UPcIcG1Cbpl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bkV5S01vR3YxUVRsTGE1&google_gid=CAESEDKE3GwKsYDmD1v0KnJBp8M&google_cver=1&google_push=AXcoOmQclir2xPswu_hBaXmtgc9RSVQOXLN3V1qcTXZMhNPDhG3QStLn6gGO9pDoInYEf1e1NPpEzZbp97K7QgkM3UPcIcG1Cbpl
Request Chain 563
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEK0Xbdr5r73m3QJ4DWVpVtI&google_cver=1&google_push=AXcoOmRR54hrHyjfLb1gUrwNg9r9qWu87SeBvV62PSuLx6ogqsmzD6BeSa7ZHvuuBj9iQ1E4IQTmHhCJAMGKkRUVDVRELIdX-VlI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5XUjYwRFUtVi1GTDlL&google_push=AXcoOmRR54hrHyjfLb1gUrwNg9r9qWu87SeBvV62PSuLx6ogqsmzD6BeSa7ZHvuuBj9iQ1E4IQTmHhCJAMGKkRUVDVRELIdX-VlI
Request Chain 564
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEgH3yyYtiDML8uvBUCXe0Q&google_cver=1&google_push=AXcoOmRuccKg4PNQPyrzQR0B1KS3ihDwBMo-Qkbg0dK-cXLYN853d2-1gnJhl6UbZPZAnK7lpyeFZwOzBmdvzxGnSqlyFpvxaYI HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRuccKg4PNQPyrzQR0B1KS3ihDwBMo-Qkbg0dK-cXLYN853d2-1gnJhl6UbZPZAnK7lpyeFZwOzBmdvzxGnSqlyFpvxaYI&google_hm=HgqzvGZHol_dljjUQc29kQQs
Request Chain 565
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEC5kiafLFzJcXjhAhNyWBpI&google_cver=1&google_push=AXcoOmTvPzNIEljkOCDHGHNLdwAIw0Egfecor81p-vKoFrwcz2Ui4j_tRPdWenjy-Di2i79it5AUPqyVVz_gBTXLOttL6OXw5WJ_ HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTvPzNIEljkOCDHGHNLdwAIw0Egfecor81p-vKoFrwcz2Ui4j_tRPdWenjy-Di2i79it5AUPqyVVz_gBTXLOttL6OXw5WJ_&google_gid=CAESEC5kiafLFzJcXjhAhNyWBpI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY0MTk4NzcxMDE5NTA0NDg0Mzk0MQ%3D%3D&google_push=AXcoOmTvPzNIEljkOCDHGHNLdwAIw0Egfecor81p-vKoFrwcz2Ui4j_tRPdWenjy-Di2i79it5AUPqyVVz_gBTXLOttL6OXw5WJ_
Request Chain 567
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEEz2EmV-RUnt8MBESfFwEnA&google_cver=1&google_push=AXcoOmSbcYzTsD-jtl1Z0XoILClX6XyRTAx8xGJB62TUvRZqKLaqlAhiRXx6LvxZSmus5eUcY9botOziUUTtF_DptKHcEO7UedAVzQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=11eea70d-3040-4751-b673-a211c27d2403&google_cver=1&google_gid=CAESEEz2EmV-RUnt8MBESfFwEnA&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSbcYzTsD-jtl1Z0XoILClX6XyRTAx8xGJB62TUvRZqKLaqlAhiRXx6LvxZSmus5eUcY9botOziUUTtF_DptKHcEO7UedAVzQ&gdpr=${GDPR} HTTP 302
  • https://s0.2mdn.net/dot.gif?gdpr_consent=${GDPR_CONSENT_109}&gdpr=${GDPR}&google_error=5
Request Chain 571
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAvvOApc0JL23NUIcjLEGf8&google_cver=1&google_push=AXcoOmSrtsytXRMwXyXhaGlTVZ9ZZHFkFANAdGqOpLbTAKybeRrzhkPmgBHUuA3FsHvto_spaKw3egCkHXrT7gtBfqGZWAsU_XAU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MTU0MDE2MTM5MDk2NjkzNQ%3D%3D&google_push=AXcoOmSrtsytXRMwXyXhaGlTVZ9ZZHFkFANAdGqOpLbTAKybeRrzhkPmgBHUuA3FsHvto_spaKw3egCkHXrT7gtBfqGZWAsU_XAU
Request Chain 572
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEPw04OeR4KLuAMP7qGtosI0&google_cver=1&google_push=AXcoOmSGgdClXvEgbcECZ8JPTgMEc8GGflf1CmstHDpJV9FidLMmc_jJAkCn4-es4YK4oxeDCribaDAMX9l9aw6QwGWqyBIT_VjS HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Z_G2Y-XsTl4iX9BSZi6puw&google_push=AXcoOmSGgdClXvEgbcECZ8JPTgMEc8GGflf1CmstHDpJV9FidLMmc_jJAkCn4-es4YK4oxeDCribaDAMX9l9aw6QwGWqyBIT_VjS HTTP 302
  • https://ads.travelaudience.com/google_match.ashx?google_error=5
Request Chain 574
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIVh4vrFozoN7Bk8i_mKg_o&google_cver=1&google_push=AXcoOmTttrrcF-RoDBqofTanOIKg_F15L7X81F1i42A1u7IdzzyUOh1hvizJdpmDkXOLWEvSk1hDjCDxd-Ucq7-3qgi7fq-7kfBX3Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mLEneIbRRtebdlfsPneqIg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTttrrcF-RoDBqofTanOIKg_F15L7X81F1i42A1u7IdzzyUOh1hvizJdpmDkXOLWEvSk1hDjCDxd-Ucq7-3qgi7fq-7kfBX3Q HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&p=156578&mpc=4&fp=1&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156578%26sc%3D1&google_error=5 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=-1&gdpr_consent=
Request Chain 575
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEK0Xbdr5r73m3QJ4DWVpVtI&google_cver=1&google_push=AXcoOmSwdPK0QMq6i4uH7_N1qVkR452oLF5q8eOjIuFX25tg751AGyiH1CubOBeQ9bFZZHoLClV4nhP94TqLUpkA-NtuIrD5uxQgTw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5XUjYwRFUtVi1GTDlL&google_push=AXcoOmSwdPK0QMq6i4uH7_N1qVkR452oLF5q8eOjIuFX25tg751AGyiH1CubOBeQ9bFZZHoLClV4nhP94TqLUpkA-NtuIrD5uxQgTw
Request Chain 578
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 582
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/6964033605059843123
Request Chain 583
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/criteo/k-jldD77DnhvanlR5U6QZ7dim-am3G0_bRgGAo1w
Request Chain 586
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/mw2u5KYALJX3fCK21CLl?pi=smilewanted&tc=1
Request Chain 587
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=23251c695016eb0e1e014d5766c166f6
Request Chain 601
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8077843172889582107&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:32032f0d-2dcc-4f99-b2f5-09667af1cc4d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=156578&sc=1&us_privacy=%24%7BUS_PRIVACY%7D
Request Chain 602
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7291540161390966935&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6154dd0b-2bde-47ad-9304-053d1c264d69&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=156578&sc=1&us_privacy=%24%7BUS_PRIVACY%7D
Request Chain 603
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=79b6a802-6256-4df8-b0fc-8508986a8d6d&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&s_data=CAIQARiqgsOpBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEO6Kd1ZuQRHuhuAAJZDAZHyqAQhwdWJtYXRpY7IBJDc5YjZhODAyLTYyNTYtNGRmOC1iMGZjLTg1MDg5ODZhOGQ2ZA** HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=476&user_id=ee8a7756-6e41-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=79b6a802-6256-4df8-b0fc-8508986a8d6d
Request Chain 604
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kXdSCbFXWUd5eCVoF5upWZJGdU4&gdpr=0&gdpr_consent=
Request Chain 605
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 607
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 608
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFETDdFN0tZWUlBQUJaRkNjM29pdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AADL7E7KYYIAABZFCc3oiw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADL7E7KYYIAABZFCc3oiw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADL7E7KYYIAABZFCc3oiw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8032806050647978792&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADL7E7KYYIAABZFCc3oiw&gdpr=0&gdpr_consent=
Request Chain 610
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=98B12778-86D1-46D7-9B76-57EC3E77AA22&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=98B12778-86D1-46D7-9B76-57EC3E77AA22&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 611
  • https://pixel.onaudience.com/?partner=214&mapped=98B12778-86D1-46D7-9B76-57EC3E77AA22&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=008781a40227629c/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 612
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4605418256330473032&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8077843172889582107

616 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.walla.co.il/ 		551 KB
248 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5369609877c4554928c1f44d1eec8808cb3492a567c1e6dd7bab04cc916b77b3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=30
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 05:39:43 GMT
etag
W/"89cc6-V488kCvxfGB9PpEWMXjtA+Dm//I"
server
openresty/1.15.8.3
vary
Accept-Encoding
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
x-amz-cf-id
C1F0eXqCWTQUN_xabLzh4atDDTUcjgqtGQoYIhl_PPAk2gxJnyykHw==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-cached
HIT
wallacoil-prod.js
cdn.valuad.cloud/hb/ 		1012 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
0849561081bbc490033d91e340952e50ca31812abac49fb9dca6f3ae67732237
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 05:39:43 GMT
Content-Encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
Last-Modified
Wed, 18 Oct 2023 09:08:00 GMT
x-amz-request-id
tx00000000000000e481af7-00652fbfd2-3b70040e-fra1a
etag
"628376ed27a8d8f545902d0257f34495"
x-envoy-upstream-healthchecked-cluster
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1697693983.dop234.lo4.t,1697693983.cds249.lo4.shn,1697693983.dop234.lo4.t,1697693983.cds303.lo4.c
Content-Type
application/javascript
x-rgw-object-type
Normal
cache-control
public, max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
282876
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c32897b9d9b3ce785b48420a83c6e5a2c922ed462fd3ed26f966924b8949fd00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29604
x-xss-protection
0
server
cafe
etag
535 / 19649 / 31078751 / config-hash: 13153089758077232901
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 05:39:43 GMT
loader.js
cdn.taboola.com/libtrc/wallail-walla/ 		891 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b1daa0c24e7c3313982f2357d6f94f2b78c902f2d767e78f018917972833a7c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
KjK8cSiGMyeM8cwle_uz05FacMc4WdwT
content-encoding
gzip
via
1.1 varnish
date
Thu, 19 Oct 2023 05:39:43 GMT
x-amz-request-id
23H95Q5FQ5DTHT9A
age
5784
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
69569
x-amz-id-2
S4M1oVx6VYJ3XNH6uicFtD+EcBSVLeYEwsb4foO3cVyjBCW/p2EdgXUjKk7HtRs3KyY0qH+gg3I=
x-served-by
cache-fra-eddf8230080-FRA
last-modified
Thu, 19 Oct 2023 04:03:16 GMT
server
AmazonS3
x-timer
S1697693984.777007,VS0,VE0
etag
"4d310e1964fbdc0a811ffc933790aa5e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
63
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
45
widgets.js
platform.twitter.com/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:43 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
MISS, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
27598
x-served-by
cache-iad-kiad7000153-IAD, cache-fra-eddf8230107-FRA
last-modified
Mon, 09 Oct 2023 20:29:49 GMT
etag
"391b7fdf0c468036f27102529636f0ca+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
tw-cdn
FT
gtm.js
www.googletagmanager.com/ 		492 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6ba6b18016a3600bd92f6763a81f2038329a30106d7ab93d21cf42ca7e596446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111371
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 19 Oct 2023 05:39:43 GMT
gtm.js
www.googletagmanager.com/ 		427 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
15a1dda7814bd9cc48f83ff558d928c2f8daadffc6e17ef0df2a34012ecfd427
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83761
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 19 Oct 2023 05:39:43 GMT
js
www.googletagmanager.com/gtag/ 		204 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11170679829
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d7211c6be77add6e7faa747a59c14d2b3a8fd4bce6cc59a6dac0927df4d07204
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75271
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 19 Oct 2023 05:39:43 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 19 Oct 2023 03:51:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6490
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 19 Oct 2023 05:51:33 GMT
dmp-provider.js
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/ 		211 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-5.fra56.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
229e400458da09038771f0974640be7bc3fb91571e41b8c0af3f323d89bfc3a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 10:15:53 GMT
content-encoding
br
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA56-P5
age
69830
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
6y19Uf3s5sRCAmXdsYFcsuTpjw_7_ikOLzWrEcmpmx6MbPBcRJu5dg==
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1200:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 17:22:00 GMT
content-encoding
gzip
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 00:45:38 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
44263
etag
W/"64d2e1b2-94a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
UhOmLTCU4VAtZFkkSsim3LEnuPz2rPasQ2BdkKuTgjEpov-9Y2qulA==
expires
Thu, 19 Oct 2023 17:22:00 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:1200:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:56:29 GMT
content-encoding
gzip
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 00:37:14 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
45794
etag
W/"649b80ba-5df1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
RB_I5CxPY-Ji-lPLP4ccTTtq3sPJOpgoaizYZGg2nOWBXPhn_3v73w==
expires
Thu, 19 Oct 2023 16:56:29 GMT
logo-with-israel-flag.svg
www.walla.co.il/public/assets/logo/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/logo/logo-with-israel-flag.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
38df94ec98f3e97f36a6a80b2e58776f9053ffecf8b140f68e83f3f748918063

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:43 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"bee-18b432e54ea"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
R8RIS9tC_RJoyuJYyXxC-E5z0m8MnmbVvDX_1wR4on0pNwmXnJ796Q==
x-cached
MISS
icon-weather-mobile.svg
www.walla.co.il/public/assets/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-weather-mobile.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:43 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"7ee-18b432e54e4"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
zD58pclGl1vf9raTmBlznY4n1xDqhEhT37WMrIndVhUQJQe4V-0KjQ==
x-cached
MISS
icon-mail-no-bg.svg
www.walla.co.il/public/assets/homepage2/ 		464 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-mail-no-bg.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:43 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"1d0-18b432e54df"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
464
x-cached
MISS
x-amz-cf-id
AcfpUXx5espGCzqUZA5FecnHVmz86FEbw0aBmWMk49QTXlEZdkVh5A==
allay-icon.svg
www.walla.co.il/public/assets/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/allay-icon.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:43 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"c00-18b432e54e2"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
OI4gFbKdMNhaIKHNkGhvvG4FQmu2rccWsuc_vWyLyRQdn_LFSenzNg==
x-cached
MISS
google.gif
www.walla.co.il/public/assets/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/google.gif
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:43 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"5b6-18b432e54e3"
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1462
x-cached
MISS
x-amz-cf-id
MqIKN63zUwMZLHwuOEbT74gELYCcvzQoBijBKtVrbvgWZeMr1W4Efg==
icon-serch.svg
www.walla.co.il/public/assets/homepage2/ 		743 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-serch.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:43 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"2e7-18b432e54df"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
743
x-cached
MISS
x-amz-cf-id
WYmuME7XCutyBCFiLUtzN1yjUCB_nBfdiPKKc7l9XQ9pwGUvRZjLpQ==
icon-5-g.svg
www.walla.co.il/public/assets/icons/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-5-g.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
9e3035b7f5b0074bf8401e498b2160a29e3f13741f03e537ad98e9a1836a701f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:43 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"b30-18b432e54e3"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
GNsP7FTN8gNt0o4czO7FiiU1VA1hvpSOVMWHOVGhvdBjwPjOgAfXOQ==
x-cached
MISS
icon-wather.svg
www.walla.co.il/public/assets/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-wather.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:43 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"85c-18b432e54e4"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
pYXYBAIi-aZjBhsEGXM0UWaiqYvG8G7FH6YG1aphsLp4eDp35CQMpg==
x-cached
MISS
icon-mail-empty.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-mail-empty.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:43 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"5f6-18b432e54df"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
ZIfjigEHp7Y-sahloNs5KRpfPevhER4HfF8ErXkgFkFfxWLuTx2-ZQ==
x-cached
MISS
almoni-neue-aaa-600.woff
www.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:43 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"e954-18b432e5512"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59732
x-cached
MISS
x-amz-cf-id
IOvf_vONEgVh3-b3pzBXZlTtqNK1oTQJdPT0wrhXE0RGw_IcC36ZrQ==
tiktok.svg
www.walla.co.il/public/assets/navigation/ 		628 B
997 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/navigation/tiktok.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
40083197f6c3fad2ef5d99095c72f3a60072e92bdfcd920dd91299f3679027b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"274-18b432e54ed"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
628
x-cached
MISS
x-amz-cf-id
Qvv2i7mFBGGqpjAMdc_LTSH-2XCNQy8o_o85OJGNXKFHJDSLBMRUAA==
insta.svg
www.walla.co.il/public/assets/navigation/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/navigation/insta.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
23e2409494818d5a7bbcf232f0818db8599da2d9c3c1856572f95ffc7b4b1d2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"79e-18b432e54ed"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
rN6DkqbPSAvWX5_n75uS4wXKTVuItjMF0Qoe4gyMdkQC8n0Y_5QccQ==
x-cached
MISS
twitter.svg
www.walla.co.il/public/assets/navigation/ 		1004 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/navigation/twitter.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
d685d349bc446d06cf68755fd4dbd95bb51f8913ad08cea281e371aa1fc284eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"3ec-18b432e54ed"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
GEAahlkd2DT_uQFiXajHH_P71Q7DzWM6XETqwjPJ9BEc6UdvDtwoDA==
x-cached
MISS
facebook.svg
www.walla.co.il/public/assets/navigation/ 		471 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/navigation/facebook.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5d2840fc0bf868ec7e60c9e2f14a0f623b865ee0a7f8459fbfb25881709f7838

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"1d7-18b432e54ed"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
471
x-cached
MISS
x-amz-cf-id
zR4J2ZLh9cbitqNVfWRV3SFDwVuYOpG9ebnXxxQwkfUw7YOuTs9y8A==
3612427-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/3/6/1/2/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/3/6/1/2/3612427-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
cdbdd773bb4c7c16c3033cd972211e3fc35467a7b3ad50353ac34ac3ba187624

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:29:40 GMT
via
1.1 google
age
604
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48384
3612704-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/6/1/2/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/6/1/2/3612704-46.jpeg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
546c7bd997cbec5d4847243977d5ed9a02aab85f799965f001cb10eb96eba776

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 17:32:50 GMT
via
1.1 google
age
43614
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18626
3580163-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/8/0/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/8/0/3580163-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
ee7fafc2f935351d7d3693ca55f003d7cdfb39c0117defeacb43c06f44ce9b36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 15:25:57 GMT
via
1.1 google
age
51227
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5698
invalid-name2.svg
www.walla.co.il/public/assets/shivuki/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/shivuki/invalid-name2.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"834-18b432e54f8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
SMXA_25xSi1KnONevco-2lbk6MiKvqkml6a1M7VJYiBLdSQPvKFExw==
x-cached
MISS
3611496-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/6/1/1/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/6/1/1/3611496-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
40282ad50f382b7c5cec29f36e637ce4580cada8e828c7bdf67a69a396e34aac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 14:35:54 GMT
via
1.1 google
age
54230
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6110
logo_walla+.png
www.walla.co.il/public/assets/homepage2/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/logo_walla+.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
301bf90c72cd880946376981a30c087ebfdb02bf1a96780e311b7c48a0ed03a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"26ba-18b432e54df"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
9914
x-cached
MISS
x-amz-cf-id
eee0ZL5Gt5pVuZWuVwq_A0OdzmEPmbgHxsm_FeaktAi1Dw-xNeL4pw==
3540886-46.mp4
images.wcdn.co.il/q_auto,w_300,t_18/3/5/4/0/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/q_auto,w_300,t_18/3/5/4/0/3540886-46.mp4
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
9c0d30699abac345d40690a79678462b3b5de6b0325aa4f3370cf2ee8954922f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 17:38:15 GMT
via
1.1 google
age
43289
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1468700
3598564-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/9/8/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/9/8/3598564-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
7455f093e10ad855982456bdd10cfcd51d0cff859356cec3ffb5c9317b8294ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:35:53 GMT
via
1.1 google
age
47031
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9944
3615826-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/6/1/5/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/6/1/5/3615826-46.jpeg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
500973e71008ffeef9857494a0f42ed59960033cb289572a960fe8af73199302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:01:41 GMT
via
1.1 google
age
49083
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10516
winner_logo.webp
www.walla.co.il/public/assets/sport/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/sport/winner_logo.webp
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5ac127188e6475f95cf602b5aeacfaf667081820adc57b78e9d46b9cb9149776

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"1a56-18b432e54fb"
x-cache
Miss from cloudfront
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
6742
x-cached
MISS
x-amz-cf-id
p06VWE15SZRI-ew7PjYGspoj8VQeqIw48IgyZkU2W0oBAB9x0n2t0g==
video@2x.webp
www.walla.co.il/public/assets/icons/homepage3/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/homepage3/video@2x.webp
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
1c4dcf3b62662f4aa2a585956c0a77eb845c6bb99dbc5d71263f742286d79c18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"74c-18b432e54e3"
x-cache
Miss from cloudfront
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1868
x-cached
MISS
x-amz-cf-id
uf7sJYQsGaRA1ungRB6k8Z1ahVLS32xxxGEYbVagrPjr0mBU4x3rbQ==
almoni-neue-aaa-400.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-400.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"e770-18b432e5511"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59248
x-cached
HIT
x-amz-cf-id
_nuJNulNUuiQPspic_4S4MuyHu-OEABAaMUfhHERX_4cGODKGQ6rZA==
almoni-neue-aaa-700.woff
www.walla.co.il/public/font/almoni/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-700.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"ea00-18b432e5512"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59904
x-cached
MISS
x-amz-cf-id
Re6zQAaI1l9OBIEfKqGrpLZMsutxgT_QBdFwUvZH0CMFbYulh_KQGA==
almoni-neue-aaa-500.woff
www.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"e7c0-18b432e5511"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59328
x-cached
MISS
x-amz-cf-id
_b4tEbvtlpoFSL6Dm8JfsxMUVNkoSGpYLHPEFihb-cKWasmaXQ4dvg==
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		10 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=walla.co.il&domain=walla.co.il&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eac910a34f69515d6a77249c022533c089356172e2706a96a1c65d6603d1bcc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 19 Oct 2023 05:39:44 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
2
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1990
x-served-by
cache-fra-eddf8230070-FRA
x-timer
S1697693984.212839,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Tue, 17 Oct 2023 05:39:42 GMT
wallaicons.woff
www.walla.co.il/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"3bdc-18b432e5513"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15324
x-cached
MISS
x-amz-cf-id
BuhmqXTXT01f641uDhvQ8twS6m0xd9xTEPP26VWJejHFaHDXOvohcg==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090203/ 		420 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090203/pubads_impl.js?cb=31078751
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
697320190e408fd7c001296ec7d590d125411f536e4b861713de851fd3c133ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:21:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
47869
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134769
x-xss-protection
0
server
cafe
etag
4459444514439950162
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 17 Oct 2024 16:21:55 GMT
PRE
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/PRE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-5.fra56.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
1800
age
64224
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Wed, 18 Oct 2023 11:49:20 GMT
server
nginx/1.20.0
vary
Origin
via
1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-id
yk3u5WLJq2J0nyE_su2u4-yVc-53_j-ptlUsSJpAisJlUCSIBt8pKg==
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
POST
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/POST
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-5.fra56.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
1800
age
64226
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Wed, 18 Oct 2023 11:49:18 GMT
server
nginx/1.20.0
vary
Origin
via
1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-id
QxwHbKkMCH-1DyowR8UxkkcEVcrBRetwmGivE7XE5NdIkQW6bg2RuQ==
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
6950_1ee1e84a2c2bf62f2adf_1ee1e84a2c2bf62f2adf_walla.js
www.walla.co.il/public/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/6950_1ee1e84a2c2bf62f2adf_1ee1e84a2c2bf62f2adf_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
f20aa3c1f32442a08428b3f922e78848c790294e3acb607322a235c1ad7fc9c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"248c-18b432e54c8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
juwKJqKRKJ8ZH4MLDnNvQ3hwSMbb8PriGW2C0mh_AF9NBW4mjppZfA==
x-cached
HIT
5785_6990edb44130741d99e1_6990edb44130741d99e1_walla.js
www.walla.co.il/public/ 		297 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/5785_6990edb44130741d99e1_6990edb44130741d99e1_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
d8f67c15ef1136522d80b265ec52d3eea969960885ff6a99d40ccef0e3809c5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"4a47c-18b432e54c8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
uFYilTb--smcr6gmwSQfmoRxnDRKRZG4jIchtzyxlTwwvNpkVTZWQw==
x-cached
MISS
main_ea927127a4d4f6e0f079_ea927127a4d4f6e0f079_walla.js
www.walla.co.il/public/ 		994 KB
229 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/main_ea927127a4d4f6e0f079_ea927127a4d4f6e0f079_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
7eaf9dbd58033051c38ddae4b8ad507e77041c0cb8e1e1f4de31c1f3d430a792

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"f8608-18b432e5516"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
uQufvTwEkLfLoxjTH4M5_0O7sRuVQSjqL3-_oOe86NwBjBQGiMX3jg==
x-cached
MISS
9561_a6cb45b79e6001ccc514_a6cb45b79e6001ccc514_walla.js
www.walla.co.il/public/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/9561_a6cb45b79e6001ccc514_a6cb45b79e6001ccc514_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
801d6ff0dd3191cc7e44d8060ed2336706e8301bf4478df935f1ef87a82c11de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"6b6b-18b432e54c9"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
y-XSRQstqaLg08HLYpAB4lhdv4IZ5NwGXlJ6UnIVz1XjQQPwvpN_ow==
x-cached
HIT
homepage_d7e0bf56996ada9effe7_d7e0bf56996ada9effe7_walla.js
www.walla.co.il/public/ 		219 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/homepage_d7e0bf56996ada9effe7_d7e0bf56996ada9effe7_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
8c867cb790473babcc0452c4af3d47188e5dc4c5a2757514620c58c68dd3b4e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"36acd-18b432e5515"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
EU0LRWaAJB7QVnQDz5gNy2xd-GEUK4KkoSz3jhpy9tHkdFrOmej2oQ==
x-cached
MISS
recorder.js
web-sdk.smartlook.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/recorder.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
cafc15d62bcd7743712d138cce8f2581fc208ea2653a5bc8c4865933fb0fd8df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 19 Oct 2023 05:39:44 GMT
strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
576
x-accel-date
1697693408
x-77-nzt
AcO1qhE3Nzf/QAIAAA
x-accel-expires
@1697694008
x-77-age
576
last-modified
Mon, 16 Oct 2023 10:33:30 GMT
server
CDN77-Turbo
etag
W/"652d117a-2fdd"
x-77-nzt-ray
4c156224d7e82fba20c13065e55b7214
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
survey.js
cf.dxmcdn.com/dta/ 		189 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/survey.js
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f800:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd769d1da98da1a60dc08258b017b34d6962b92ec431b17df51c69fbfb2c6abf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
YtNR9erNG.NoRBEcRdBoVE4OGMJQuym3
content-encoding
gzip
via
1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
date
Wed, 18 Oct 2023 23:19:01 GMT
last-modified
Wed, 27 Sep 2023 11:46:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
22844
x-amz-server-side-encryption
AES256
etag
W/"b034abfcfb6819eabeb9878dfce0a78a"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
sCOZEbROKn1Ges_z0tvFmeUGXx3q9W0NmF353ABtSFbp_H4u7dn9ag==
PRE
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ 		0
320 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/PRE
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-5.fra56.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/javascript

Response headers

date
Wed, 18 Oct 2023 11:48:59 GMT
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA56-P5
age
64245
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
PXlyJkYA46q_2QjhJVV4Nl6KptuzqPujZd_IypDCB2E2aUnbeg3BHg==
POST
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ 		0
320 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/POST
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-5.fra56.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/javascript

Response headers

date
Wed, 18 Oct 2023 11:48:59 GMT
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA56-P5
age
64245
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
GWrmbcpzNy37EngUxT5gvMjX-okpW572yhmn64LT2lhzqdPVT4Bl9Q==
widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html
platform.twitter.com/widgets/ Frame D339 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.walla.co.il
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105429
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 05:39:44 GMT
etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified
Mon, 09 Oct 2023 20:29:18 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kjyo7100103-IAD, cache-fra-eddf8230107-FRA
init
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 19 Oct 2023 05:39:44 GMT
server
Google Frontend
x-cloud-trace-context
d18552fab288ff5d0198fb9e667db050
x-request-id
undefined
init
hb-dot-valuad.appspot.com/ 		38 B
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
x-request-id
e4bf566d-df0a-4da9-99c2-01917a6ee4a6
x-vad-version
0.14.20

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
content-encoding
gzip
server
Google Frontend
etag
W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
aedb7b881d2640462a3c01708d515d9f
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64
x-request-id
undefined
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11170679829/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11170679829/?random=1697693984378&cv=11&fst=1697693984378&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&auid=1475452520.1697693984&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11170679829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0e944741fbf2961743a08ffb962054c13adfe0b4055362c648e7c3c4f5e863d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1381
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		198 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 19 Oct 2023 05:39:44 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53498
x-xss-protection
0
pragma
public
x-fb-debug
VwhezmjxzN3xkiNMxnfNrGN/clq+1QLV3ZTx923R02tRd4sdskmAx5Vyzc9WscJVGDmobqBYfK96OGdnHGS4yg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=108702921&t=pageview&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAACAAI~&jid=846272051&gjid=812988681&cid=1335889755.1697693985&tid=UA-4780630-1&_gid=760173411.1697693985&_r=1&_slc=1&gtm=45He3ai0n71T728TH&cd1=&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=0&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&cd117=&cd118=&cd119=&cd120=&cd121=&cd122=gtm.js&cd123=https%3A%2F%2Fwww.walla.co.il%2F&cd124=&z=560630447
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 19 Oct 2023 03:51:33 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6491
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 19 Oct 2023 05:51:33 GMT
/
www.googleadservices.com/pagead/conversion/777956447/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/777956447/?random=1697693984554&cv=11&fst=1697693984554&bg=ffffff&guid=ON&async=1&gtm=45He3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&bttype=purchase&auid=1475452520.1697693984&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
5d12cd3e1d3259d3ac614c58cb3d1bfe3cf0a52a7814a29bd4b847e8d4a3e52a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1674
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion.js
www.googleadservices.com/pagead/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
6cee0a1fd26161d05279092178df3d8243672cccf917c870bb113d992d5de5be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18645
x-xss-protection
0
server
cafe
etag
5863262954022034179
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 05:39:44 GMT
adoric.js
12890047.adoric-om.com/ 		197 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://12890047.adoric-om.com/adoric.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d6d6a5ac222219d850c5f24bde755fd3c760beb8b47ea855b307f9eaf77ffcd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
via
1.1 google
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
889
x-dns-prefetch-control
off
content-range
bytes 50-10000/*
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-adoric-api-version
9.2.0
server
cloudflare
etag
W/"3145f-xQN53+33yc76quw+EFIcYmu0REw"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
movetogcp2020.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCmU8raVrCQ6yqrDguA8JJvHbZv6eTQX7u41V%2Fcm0jzJjjg2n4RBYd1cUcG7tqXZqr4hDZXYlBb%2FAg6unV2o%2BRcfpqAi72cBH0piJM1w9aCH2UhH1LBTaOyqdf3qxaIvxCGiP9mwcK1LBY6LZmbEwFYA%2BOIn"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
access-control-allow-credentials
*
vary
Accept-Encoding
cf-ray
8186aeac0bdf9b21-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
js
www.googletagmanager.com/gtag/ 		248 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d57d52edf6a6f67f8d1fa2f0cc58894ffc47bff6348b4860c506164c10de1ee0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87663
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 19 Oct 2023 05:39:44 GMT
js
www.googletagmanager.com/gtag/ 		202 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TSQY5YTYZ0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
932d9349dd8e3af051f89869f3221e46adb88817dcef5de666b3748b8f44a6a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75610
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 19 Oct 2023 05:39:44 GMT
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BTiKwSCgqHqMBqjcWq&c=0.01&V=141&x=dO5nmm7i8sedr&v=B&ml=m&sl=CMzC4H&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.91.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-91-163.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 19 Oct 2023 05:39:44 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BTiKwSCgqHqMBqjcWq&c=0.01&V=141&x=wrm1j4HWLMsR7&v=B&ml=m&sl=BRRGhV&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.91.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-91-163.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 19 Oct 2023 05:39:44 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BTiKwSCgqHqMBqjcWq&c=0.01&V=141&x=6Kv85P2Z4V1FC&v=A&ml=m&sl=BGeIuf&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.91.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-91-163.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 19 Oct 2023 05:39:44 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BTiKwSCgqHqMBqjcWq&c=0.01&V=141&x=ZqDKwSnQROiOq&v=A&ml=m&sl=Bg1t51&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.91.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-91-163.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 19 Oct 2023 05:39:44 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BTiKwSCgqHqMBqjcWq&c=0.01&V=141&x=5Q92gm16LcDKE&v=C&ml=m&sl=HVCYR&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.91.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-91-163.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 19 Oct 2023 05:39:44 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BTiKwSCgqHqMBqjcWq&c=0.01&V=141&x=eWZUI22O2a7kF&v=A&ml=m&sl=DldyCf&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.91.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-91-163.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 19 Oct 2023 05:39:44 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BTiKwSCgqHqMBqjcWq&c=0.01&V=141&x=532TqRBhgNhZ8&v=B&ml=m&sl=CKlH4F&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.91.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-91-163.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 19 Oct 2023 05:39:44 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BTiKwSCgqHqMBqjcWq&c=0.01&V=141&x=9uxwsDwKhJAf9&v=B&ml=m&sl=BO_Wr4&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.91.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-91-163.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 19 Oct 2023 05:39:44 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=walla.co.il&p=%2F&u=BTiKwSCgqHqMBqjcWq&d=walla.co.il&g=20047&g0=%D7%95%D7%95%D7%90%D7%9C%D7%94&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11357&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.walla.co.il%2F&b=1058&t=BQhPWfDytyqiBWx7wpCYfegh18vR3&V=141&i=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&tz=-120&sn=1&sv=DdRCDxD-1NnGeJ2m3gne5pMBGPa&sd=1&im=067b2fff&_
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.139.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-139-150.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 19 Oct 2023 05:39:44 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
settings
syndication.twitter.com/ Frame D339 		869 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=6f5707a9055279f32007942bed22a5275c2b6700
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.walla.co.il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-response-time
104
date
Thu, 19 Oct 2023 05:39:43 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Thu, 19 Oct 2023 05:39:44 GMT
server
tsa_f
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
2cefad6e22611a71
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
89ffaaf8d7a10807328976c587ab8e9dc93669ef64b8f5aea4f4e925c31adb81
content-length
337
collect
stats.g.doubleclick.net/j/ 		4 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-4780630-1&cid=1335889755.1697693985&jid=846272051&gjid=812988681&_gid=760173411.1697693985&_u=aEBAAEAAEAAAACAAI~&z=2139593722
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 19 Oct 2023 05:39:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
dmp-main.js
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/ 		239 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-5.fra56.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
742f69d5a3dc576df86c9845acf047bcd745d266f40900c95706badecfafe2e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 10:15:55 GMT
content-encoding
br
via
1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA56-P5
age
69829
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
k9-GqIPl0aAiz_UUlaY1YwmYla8XvTB6bayNMaSDPNzNrU-wGl1VKQ==
/
www.google.com/pagead/1p-user-list/11170679829/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11170679829/?random=1697693984378&cv=11&fst=1697691600000&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3120227936&rmt_tld=0&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:44 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/11170679829/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/11170679829/?random=1697693984378&cv=11&fst=1697691600000&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3120227936&rmt_tld=1&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:44 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
init.f0ea58b8a94946b92431.js
web-sdk.smartlook.com/es6/ 		66 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/es6/init.f0ea58b8a94946b92431.js
Requested by
Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2cbea3a3ee1ece1c688b8b0f0227d7d107359816d3a240e3d20b5e92baf3cad7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 19 Oct 2023 05:39:44 GMT
strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
238151
x-accel-date
1697455833
x-77-nzt
AcO1qhE3Nzf/R6IDAA
x-accel-expires
@1728991833
x-77-age
238151
last-modified
Mon, 16 Oct 2023 10:33:30 GMT
server
CDN77-Turbo
etag
W/"652d117a-1071a"
x-77-nzt-ray
4c1562240ade38c420c130650d0cd430
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
/
www.google.de/pagead/1p-conversion/777956447/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/777956447/?random=1746083038&cv=11&fst=1697693984554&bg=ffffff&guid=ON&async=1&gtm=45He3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww....
  • https://www.google.com/pagead/1p-conversion/777956447/?random=1746083038&cv=11&fst=1697693984554&bg=ffffff&guid=ON&async=1&gtm=45He3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=...
  • https://www.google.de/pagead/1p-conversion/777956447/?random=1746083038&cv=11&fst=1697693984554&bg=ffffff&guid=ON&async=1&gtm=45He3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=m...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/777956447/?random=1746083038&cv=11&fst=1697693984554&bg=ffffff&guid=ON&async=1&gtm=45He3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=1475452520.1697693984&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOElTLXFRWVFyc2lneHBQdGd0UFNBUkltQUlnQXlIbnhYVE5OVk9JbGMzcnZCNnNhX0I3akhncm44VzVZOUM4SFhkWlJvakd3Qkc0GlpDaEVJOElTLXFRWVFnNlhUdklQOXBNcm5BUkl1QVBLbVh4Nk9NYWZzSXREdTVjNm5vbDdoVk15RjZxUHROZUpnc2M0WEtSaTFJcjIycmNOTnNxU2lUd2hkTlEiEwikyJH3soGCAxUq8BEIHU7DDH4&is_vtc=1&ocp_id=IMEwZaS4J6rgx_APzoaz8Ac&cid=CAQSKQDICaaNhRihLQ1_0MZmpJa4LchYtNiFiIo9ZqyqG1olQXLiWeCKSlbc&eitems=ChEI8IS-qQYQhenDxpqygaf5ARIdAA8LS5cRDYNSaYzd4Zpta_kTdqERQ1fFfTg566U&random=1656639407&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:44 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:44 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/777956447/?random=1746083038&cv=11&fst=1697693984554&bg=ffffff&guid=ON&async=1&gtm=45He3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=1475452520.1697693984&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOElTLXFRWVFyc2lneHBQdGd0UFNBUkltQUlnQXlIbnhYVE5OVk9JbGMzcnZCNnNhX0I3akhncm44VzVZOUM4SFhkWlJvakd3Qkc0GlpDaEVJOElTLXFRWVFnNlhUdklQOXBNcm5BUkl1QVBLbVh4Nk9NYWZzSXREdTVjNm5vbDdoVk15RjZxUHROZUpnc2M0WEtSaTFJcjIycmNOTnNxU2lUd2hkTlEiEwikyJH3soGCAxUq8BEIHU7DDH4&is_vtc=1&ocp_id=IMEwZaS4J6rgx_APzoaz8Ac&cid=CAQSKQDICaaNhRihLQ1_0MZmpJa4LchYtNiFiIo9ZqyqG1olQXLiWeCKSlbc&eitems=ChEI8IS-qQYQhenDxpqygaf5ARIdAA8LS5cRDYNSaYzd4Zpta_kTdqERQ1fFfTg566U&random=1656639407&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1697693984789&cv=9&fst=1697693984789&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b442924aef76ddc0e747bd3f8347f1d2201ce1e9931a3f8c9c52c2a759d3941f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1445
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adoric.v9.6.min.css
static.adoric.com/ 		172 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.adoric.com/adoric.v9.6.min.css
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ab75ec469d45ff6e3bd76fa7add45d61ac157fcc186d18ff15299141ce360df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2173
x-guploader-uploadid
ADPycdsOXsHVK3wiQB-Q8bedva8-xzK9GIbLvPWDS2RI9iUogVFKm3Hqb2xUGF3upCcfKkQJClSWooQSqeOOczH_0KspRQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 17 Oct 2023 08:40:26 GMT
server
cloudflare
etag
W/"81fffc6c13db29f36f4d8c3fa7e8195e"
vary
Accept-Encoding
x-goog-hash
crc32c=5rDl+w==, md5=gf/8bBPbKfNvTYw/p+gZXg==
x-goog-generation
1697532026746818
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBZfEfd0XdBWD3xxwTDjHwaBKjfVLOBhfJDbY%2FolK2YrJO9pRImq4b3ks171epFb99LgK%2FuuJkSJGmyaq5y2UIsyeQIMRfju9rWXYg0xfMJ0C9JCT8lHwEws7VYLJtCBVNZ7Wr2aMREOLC3VbKIA9g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
14837
cf-ray
8186aead5be45d92-FRA
expires
Thu, 19 Oct 2023 06:03:27 GMT
/
app.adoric-om.com/v1/campaigns/ 		676 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.adoric-om.com/v1/campaigns/?u=9cf2e1a44ca72a3fec13c925568a4883&l=en&cc=0&b=chrome&os=win&h=https%3A%2F%2Fwww.walla.co.il%2F&d=desktop&lsps=0&pd=M&nv=true&tz=-120&cIds=%5B%5D
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.218.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
58.218.120.34.bc.googleusercontent.com
Software
/
Resource Hash
6f0b49f3c115547066ff2f01c5c5f2b5b22c48fb08e23251a1a050637f7ad4dd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
date
Thu, 19 Oct 2023 05:39:44 GMT
x-content-type-options
nosniff
via
1.1 google
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
676
x-xss-protection
1; mode=block
x-adoric-api-version
9.2.0
etag
W/"2a4-u2jvIR05Q6c1d2Fh0ClxBCTH6/A"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
170717926997655
connect.facebook.net/signals/config/ 		138 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/170717926997655?v=2.9.134&r=stable&domain=www.walla.co.il
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e8b8ef3f53b9219b6e45674894adf50db4dc1b550fef0ff583eb9b150d81ce3c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 19 Oct 2023 05:39:44 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36587
x-xss-protection
0
pragma
public
x-fb-debug
c8NvByKOToqgCemZLq1x7Ui+981ta6CLzcg/ykbQgLIlCuFf9+K3j4gu06P5KMUBfq0FDi8vNB5lUPGaH845WA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
survey-executed
tr.dxmcdn.com/rest/api/v1/ 		0
0
survey-executed
tr.dxmcdn.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tr.dxmcdn.com/rest/api/v1/survey-executed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2015.1e100.net
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-type
text/html
date
Thu, 19 Oct 2023 05:39:45 GMT
expires
0
pragma
no-cache
server
Google Frontend
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-cloud-trace-context
d774c373a830a8c6bdaae0821b53d77a
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TSQY5YTYZ0&gtm=45je3ai0&_p=108702921&cid=1335889755.1697693985&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697693984&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSQY5YTYZ0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RYD7X7E8VN&gtm=45je3ai0&_p=108702921&_gaz=1&cid=1335889755.1697693985&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2F&sid=1697693984&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&en=page_view&_fv=1&_ss=1&ep.ga_client_id=&epn.vertical_id=173&ep.vertical_name=%D7%95%D7%95%D7%90%D7%9C%D7%94&ep.category_id=&ep.item_id=&ep.item_type=&ep.item_publication_date=&ep.item_last_update=&ep.content_provider=&ep.item_title=&ep.item_author=&ep.hostname=walla.co.il&ep.item_sections_words_count=&ep.tags=&ep.editor=&ep.tohash=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RYD7X7E8VN&cid=1335889755.1697693985&gtm=45je3ai0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RYD7X7E8VN&cid=1335889755.1697693985&gtm=45je3ai0&aip=1&z=1659041479
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4780630-1&cid=1335889755.1697693985&jid=846272051&_u=aEBAAEAAEAAAACAAI~&z=1266532105
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4780630-1&cid=1335889755.1697693985&jid=846272051&_u=aEBAAEAAEAAAACAAI~&z=1266532105
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2948625437707032&correlator=2582777683255128&eid=31078751%2C31078933&output=ldjh&gdfp_req=1&vrg=202310090203&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Crm1_desktop%2Crm2_desktop%2Crm3_desktop%2Crm4_desktop%2Crm5_desktop%2Crm6_desktop%2Crm7_desktop%2Crm8_desktop%2Crm9_desktop%2Crm10_desktop%2Crm11_desktop%2Crm12_desktop%2Crm13_desktop%2Crm14_desktop%2Crm15_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17&prev_iu_szs=1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ifi=1&didk=1909289936~4078182110~845420629~2737176580~3757563159~2051796368~2459729993~3096182529~3770086168~3931141563~3707026742~2555613071~45217321~479599996~2547616871&sfv=1-0-40&ists=32767&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697693985055&lmt=1697686785&adxs=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&adys=11357%2C11357%2C11357%2C11357%2C11357%2C11357%2C11357%2C11357%2C11357%2C11357%2C11357%2C11357%2C11357%2C11357%2C11357&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.walla.co.il%2F&vis=1&psz=1600x11357%7C1600x11357%7C1600x11357%7C1600x11357%7C1600x11357%7C1600x11357%7C1600x11357%7C1600x11357%7C1600x11357%7C1600x11357%7C1600x11357%7C1600x11357%7C1600x11357%7C1600x11357%7C1600x11357&msz=1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1335889755.1697693985&ga_sid=1697693985&ga_hid=108702921&ga_fc=true&dlt=1697693983693&idt=1160&prev_scp=slot_name%3Drm1_desktop%7Cslot_name%3Drm2_desktop%7Cslot_name%3Drm3_desktop%7Cslot_name%3Drm4_desktop%7Cslot_name%3Drm5_desktop%7Cslot_name%3Drm6_desktop%7Cslot_name%3Drm7_desktop%7Cslot_name%3Drm8_desktop%7Cslot_name%3Drm9_desktop%7Cslot_name%3Drm10_desktop%7Cslot_name%3Drm11_desktop%7Cslot_name%3Drm12_desktop%7Cslot_name%3Drm13_desktop%7Cslot_name%3Drm14_desktop%7Cslot_name%3Drm15_desktop&adks=3574292238%2C3281790396%2C98111979%2C284161084%2C2694544435%2C99995744%2C2663655591%2C1832766528%2C3711358991%2C3169800366%2C3148243285%2C211575734%2C3583292036%2C2042096236%2C3658430203&frm=20&is_cau=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090203/pubads_impl.js?cb=31078751
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51d0b711a49f4456e76d5f2093c28536e2c87842b87144c99f9def5604f9fef9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
438
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 360E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090203/pubads_impl.js?cb=31078751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:39:45 GMT
expires
Fri, 18 Oct 2024 05:39:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
json
pro.ip-api.com/ 		20 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json?key=ay3FPSS6OcBXPHg&fields=countryCode
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/5785_6990edb44130741d99e1_6990edb44130741d99e1_walla.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 19 Oct 2023 05:39:45 GMT
Content-Length
20
Content-Type
application/json; charset=utf-8
3452_28c1808d0814a46feaca_28c1808d0814a46feaca_walla.js
www.walla.co.il/public/ 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/3452_28c1808d0814a46feaca_28c1808d0814a46feaca_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_ea927127a4d4f6e0f079_ea927127a4d4f6e0f079_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
6dba6e329dfb9cefab40d65bd87209b0f98f585e82f455bff4ffb75e99573a23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:45 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"1eb65-18b432e54c7"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
OMX3Zi_iht6SjdbWsxfQo0hDmR7_Ld_I68L-z5mZfEypME1wGjvkFQ==
x-cached
MISS
PikudInner_2e1eca4b5cb115902ee9_2e1eca4b5cb115902ee9_walla.js
www.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/PikudInner_2e1eca4b5cb115902ee9_2e1eca4b5cb115902ee9_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_ea927127a4d4f6e0f079_ea927127a4d4f6e0f079_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
55e1bb5ac96493124163d21acdc1a9e620d826d6654f94a9fab30cd8a648c0b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:45 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"cfe-18b432e54cb"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
mqzcF6fRP-DlPYEOQZpZ6_J3Rc8p8Phys6IC_3lEkOFzpWz4CnPOnA==
x-cached
MISS
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/5785_6990edb44130741d99e1_6990edb44130741d99e1_walla.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
670234fd0ba4e62fadd081d844c5771195b1eb7393db234dae2ef31a67285fe3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29322
x-xss-protection
0
server
cafe
etag
714 / 19649 / m202310120101 / config-hash: 13153089758077232901
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 05:39:45 GMT
load.js
pm-widget.taboola.com/wallail-walla/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/wallail-walla/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa13c715a970ff152c581c582d0d11959260c439601eef5aca942f3b8b79ae9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
FPTG2OxoLYtveF6L1lHa_yi.RcOwh3q6
content-encoding
gzip
via
1.1 varnish
date
Thu, 19 Oct 2023 05:39:45 GMT
x-amz-request-id
EWJRSD051645SZ7W
age
942
x-cache
HIT
content-length
1113
x-amz-id-2
8ieejmpPIDpKsuOg3VR7pyVcDCwEO5Uyc1ke5XC44VLBPrOggUcPjoVerwQWjbLJg1YocDZbifo=
x-served-by
cache-fra-eddf8230080-FRA
last-modified
Tue, 26 Sep 2023 08:56:39 GMT
server
AmazonS3
x-timer
S1697693986.822332,VS0,VE1
etag
"0f035f8b52b8607074f683b28f021659"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
1
impl.20231017-7-RELEASE.js
cdn.taboola.com/libtrc/ 		813 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231017-7-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
73b4424d2202e9f35bc51ef07a84e4f2ca17e5c73fb20a25869eb92ae379e2b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
kWTGf8NvWbb5LFVDeZErjvUZoExbKdv8
content-encoding
br
via
1.1 varnish
date
Thu, 19 Oct 2023 05:39:45 GMT
x-amz-request-id
5485VPXHM2MYWHW9
age
16476
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
172298
x-amz-id-2
4RQQHVFCyQRh/wX4iKGP6SU4EJ5o5sC1bqxuX3ELPOEqIEAyt7Bbhswp+aoYui84a+7qLAyNkjI=
x-served-by
cache-fra-eddf8230080-FRA
last-modified
Tue, 17 Oct 2023 09:04:04 GMT
server
AmazonS3-br
x-timer
S1697693986.821720,VS0,VE0
etag
"3bda92b29c116dc4e083c00e4076691d"
vary
Accept-Encoding
content-type
application/javascript
abp
23
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
25191
2323
dal.walla.co.il/editor/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dal.walla.co.il/editor/2323?from=www.walla.co.il
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/5785_6990edb44130741d99e1_6990edb44130741d99e1_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.199.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.199.111.34.bc.googleusercontent.com
Software
openresty/1.15.8.3 /
Resource Hash
8b976b4e0138f7b918382760a95c63f0f6cb058ddfa7ab8e3dfcd70bb6caf33c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:18 GMT
via
1.1 google
age
27
x-srkey
9ca383bf7f5c06689b373a08cfd03266
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6750
x-cached
HIT
pragma
cache
server
openresty/1.15.8.3
x-speed
0.0347390175
x-hostname
walla-dal-prod-6bf854b668-gptkm
x-ip-r
35.191.29.1
access-control-allow-origin
https://www.walla.co.il
x-ip-x
23.241.124.157, 34.111.199.139
content-type
application/json; charset=UTF-8
cache-control
max-age=60,public
7309_9e237d99c75cf4f9de9e_9e237d99c75cf4f9de9e_walla.js
www.walla.co.il/public/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/7309_9e237d99c75cf4f9de9e_9e237d99c75cf4f9de9e_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_ea927127a4d4f6e0f079_ea927127a4d4f6e0f079_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
02b9a34773ec700d23a92657536ca41b37bdd6012f2604ed935ebc25b5cbccd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:45 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"ae04-18b432e54c9"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
wUFofR-9ZoK1X7LtPt5Ykf8kiHf2QMhe9O1TWwLKw6d95KqKaStiaA==
x-cached
MISS
player.html
www.walla.co.il/public/ Frame 0979 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player.html?imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/5785_6990edb44130741d99e1_6990edb44130741d99e1_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
3b3fa76d94428f2455ce3e6e33aa95ee5131c9a7feb8d0ce5fa0160fe9c071b3

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 05:39:46 GMT
etag
W/"bc7-18b432e5518"
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
x-amz-cf-id
DZVcLRTtp_e9ZABADIryh4axohtsj3_rNooZT4N76WpzEZqDSFIzyg==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-cached
MISS
video.webp
www.walla.co.il/public/assets/icons/homepage3/ 		930 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/homepage3/video.webp
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
8cce178d2af1945d796fb0f59a956e2d51086ed8d5dd8152efc951c05ecf1f6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:45 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"3a2-18b432e54e3"
x-cache
Miss from cloudfront
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
930
x-cached
MISS
x-amz-cf-id
TMuG1l7N2m4qflZ-N8Txwog_xQIHjybkq6l56HXQ138eTni4l3ZDpA==
1626_f5f3b35c90a142b6399c_f5f3b35c90a142b6399c_walla.js
www.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/1626_f5f3b35c90a142b6399c_f5f3b35c90a142b6399c_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_ea927127a4d4f6e0f079_ea927127a4d4f6e0f079_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
b3eac0550b379114427c1361eccd17319ca02132838d4f93b2d39666c2ba53a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:45 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"c35-18b432e54c7"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
zNKD6jIBxinoPpsg4EDyOMZsEejf5a51-D0OY6fWxWan3JpLBi9eBg==
x-cached
MISS
close.png
www.walla.co.il/public/assets/ads/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/ads/close.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:45 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"46c-18b432e54d2"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1132
x-cached
MISS
x-amz-cf-id
Ke_VWfvLqzsBAb5iuit70LdP-eLt437fQX2R6XcTjlP8mxYAXDfghw==
3613138-46.png
images.wcdn.co.il/f_auto,q_auto,w_800,t_18/3/6/1/3/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_800,t_18/3/6/1/3/3613138-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8d5243bf693f78b16447afb204d38ba6bc49a664f650f81efb74e88dc39f0566

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 03:36:32 GMT
via
1.1 google
age
7393
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38432
3615799-46.png
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/5/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/5/3615799-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
c1e98ebdee48539fa09e0313ee1fc7cf0ddcde82302297349879ff41a02dd13c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:39:14 GMT
via
1.1 google
age
3631
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8330
3615872-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/5/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/5/3615872-46.jpeg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
dccb897ad40ab6f36103b91e65e56d18f50765e7363ac6eb46c320aff7ab6151

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 19:58:55 GMT
via
1.1 google
age
34850
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12144
3606590-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/0/6/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/0/6/3606590-46.jpeg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
7dbe438f15151d26d0af8fc4a6a88a185f3599428a6862a1443c207baf500d30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:31:37 GMT
via
1.1 google
age
40088
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5300
3615838-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/5/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/5/3615838-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
bc87b0146616265001f3921cdb675857bf1cff0a550ed6d4f8334ee37cc638b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:52:53 GMT
via
1.1 google
age
2812
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5794
3615698-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/5/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/5/3615698-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
a5699e864468364620dc85d2115515fa6034fdfee047a570daf1fee99ff7990c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:30:28 GMT
via
1.1 google
age
4157
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7040
state
event.dxmdp.com/rest/api/v1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/state
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.69.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-69-108.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
/
www.google.com/pagead/1p-user-list/964224610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/964224610/?random=1697693984789&cv=9&fst=1697691600000&num=1&guid=ON&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&fmt=3&is_vtc=1&random=1852344410&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:46 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/964224610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/964224610/?random=1697693984789&cv=9&fst=1697691600000&num=1&guid=ON&eid=375603260%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&fmt=3&is_vtc=1&random=1852344410&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:46 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 		210 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fdb3a5f6e3182c980503f12c3b7d7a6cbbf899db34df26816ac905acb58f7cdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:46 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:35:42 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=120533
accept-ranges
bytes
content-length
65459
expires
Fri, 20 Oct 2023 15:08:39 GMT
/
csync.smilewanted.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a95d0861fc3b1f3c39e7bc7cd83f6d83e57376d9596ae5a0b070ae1965cec16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:46 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
8186aeb55f562bb6-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
1616785908557850
connect.facebook.net/signals/config/ 		132 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1616785908557850?v=2.9.134&r=stable&domain=www.walla.co.il
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
48dc75f6760a4dd75285e76058d028f96823dbdc9bc11114230d1f305e573b2f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 19 Oct 2023 05:39:46 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35136
x-xss-protection
0
pragma
public
x-fb-debug
X8VPvWkiYb5qcWTHtFTEfJMZOYInixNTg4MCDe6R/zORtA7wdspoHyAkezxsNoRq1FatnCotHG/4T001OQ7n4A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1697693986123&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.2.1697693986114.1006748291&cs_est=true&ler=empty&it=1697693984815&coo=false&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 19 Oct 2023 05:39:46 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
pmk-20220605.2.js
pm-widget.taboola.com/wallail-walla/ 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/wallail-walla/pmk-20220605.2.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/wallail-walla/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4fcbd9b339d1bc8b72c3d698a6c4bb856516c41b52a3be330313cb6a51be99df

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
J_7JEZUDdQ4YrzJhODl8FUK4deJJqu3C
content-encoding
gzip
via
1.1 varnish
date
Thu, 19 Oct 2023 05:39:46 GMT
x-amz-request-id
C4CNW471XAJG1JKR
age
1975269
x-cache
HIT
content-length
28795
x-amz-id-2
4bU+8ggP5BGzYnRPZoxP18lPMdvVfqi5Se5gA4FftCE+8YQoUkJ+gWoDDRWcedCnJxJ2ekTqqNQ=
x-served-by
cache-fra-eddf8230052-FRA
last-modified
Tue, 26 Sep 2023 08:56:38 GMT
server
AmazonS3
x-timer
S1697693986.175925,VS0,VE0
etag
"a78996a082a974b0dc6659aacfa84748"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
15712
logo.png
www.walla.co.il/public/assets/pikud/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/pikud/logo.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:46 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"558e-18b432e54f6"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
21902
x-cached
MISS
x-amz-cf-id
7Qbn9SYAIer01WqEEx2TCmdmn3LdQAHi9eqGHiC_ZCY2DpRZLnH5SQ==
almoni-neue-aaa-600.woff
www.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:43 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
3
etag
W/"e954-18b432e5512"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59732
x-cached
MISS
x-amz-cf-id
sOEATDOpXrMFbA0XddNlLGRPm4RIVHL9t7K-27YRmn0CY4im7xObHA==
almoni-neue-aaa-700.woff
www.walla.co.il/public/font/almoni/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-700.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
2
etag
W/"ea00-18b432e5512"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59904
x-cached
MISS
x-amz-cf-id
zTW_OKoGh-Q95zdZhQjD7meL3wYoywhWvk0O2u2Y6rkrbCQl2ls7uw==
almoni-neue-aaa-400.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-400.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
2
etag
W/"e770-18b432e5511"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59248
x-cached
HIT
x-amz-cf-id
9dpTyT-gpcuqRWuREh0mBT-uM1YD-pv_UGjEcWDHgM0W9b64RoQx2w==
almoni-neue-aaa-500.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
2
etag
W/"e7c0-18b432e5511"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59328
x-cached
MISS
x-amz-cf-id
-jlQUvZtrBN4RQgcaqnOKR2iGXb967rN7-4jflWGZrItHc_uymqbAQ==
wallaicons.woff
www.walla.co.il/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:44 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
2
etag
W/"3bdc-18b432e5513"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15324
x-cached
MISS
x-amz-cf-id
VGlhBgXIjc8FCQ8IChDNqhwrpXJeojsYBI37fihrvLdwACHEdTidtg==
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231017-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:45 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
225332
expires
60
json
trc.taboola.com/wallail-walla/trc/3/ 		107 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/wallail-walla/trc/3/json?tim=07%3A39%3A46.272&lti=deflated&data=%7B%22id%22%3A482%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1697688193148%2C%22vi%22%3A1697693986268%2C%22cv%22%3A%2220231017-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A11479%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Left%20Rail%20Homepage%22%2C%22orig_uip%22%3A%22Left%20Rail%20Homepage%22%2C%22cd%22%3A1106.484375%2C%22mw%22%3A298%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-g%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Homepage%201%22%2C%22orig_uip%22%3A%22Mid%20Homepage%201%22%2C%22cd%22%3A4702.984375%2C%22mw%22%3A864%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-g%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Homepage%202%22%2C%22orig_uip%22%3A%22Mid%20Homepage%202%22%2C%22cd%22%3A5869.984375%2C%22mw%22%3A864%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-g%3Aabp%3D0%22%2C%22uip%22%3A%22Homepage%20Endless%22%2C%22orig_uip%22%3A%22Homepage%20Endless%22%2C%22cd%22%3A11479.265625%2C%22mw%22%3A863%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHomepage%20Endless%3Dthumbnails-g%3Aabp%3D0%2C%2CLeft%20Rail%20Homepage%3Dthumbnails-a%3Aabp%3D0%2C%2CMid%20Homepage%201%3Dthumbnails-g%3Aabp%3D0%2C%2CMid%20Homepage%202%3Dthumbnails-g%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231017-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5fdc8c621a3774aafc2fe3b72cc38e3e87774d6bd39b9017b18ffe6e2bc62cc7

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
294
date
Thu, 19 Oct 2023 05:39:46 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.815
x-fastly-to-nlb-rtt
7582
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230080-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1697693986.289536,VS0,VE294
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
3589_551e330fe89884ee4a2d_551e330fe89884ee4a2d_walla.js
www.walla.co.il/public/ Frame 0979 		736 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/3589_551e330fe89884ee4a2d_551e330fe89884ee4a2d_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5943b7e2fb4d67cfa3796992ed3bacd3eb9562caace971c147363a3a1357e8e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:46 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"b81ed-18b432e54c8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
SSRTCUJ0a-0paJAV_T74M0fwiwuAo9sF05t0OvIYwvq3zTZu1vfFCA==
x-cached
MISS
player_ec0e692c68bd258e6d75_ec0e692c68bd258e6d75_walla.js
www.walla.co.il/public/ Frame 0979 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player_ec0e692c68bd258e6d75_ec0e692c68bd258e6d75_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
b194ec6f02131053688eee2371fecd9165f8687b55e60a850b357f5cbb30fe24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:46 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"77a5-18b432e5518"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
qn39h00m-AxvXC0fBnXNfMtwUjcYEbzjtqvIYiWMMO6Wy7a-VaQXng==
x-cached
MISS
sync
event.dxmdp.com/rest/api/v1/ 		13 B
326 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.69.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-69-108.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Thu, 19 Oct 2023 05:39:46 GMT
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
sync
event.dxmdp.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.69.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-69-108.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Thu, 19 Oct 2023 05:39:46 GMT
server
nginx/1.20.0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
decode_consent.js
static.smilewanted.com/js/decode_consent/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
512303
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
8186aeb7a9982bb6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1697693986487&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.2.1697693986114.1006748291&ler=empty&it=1697693984815&coo=false&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 19 Oct 2023 05:39:46 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
drop_cookie_sw.php
csync.smilewanted.com/ Frame AF1C 		0
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8186aeb81a022bb6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 05:39:46 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 3BC6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
event.dxmdp.com/rest/api/v1/ 		13 B
326 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync?audids=
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.69.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-69-108.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Thu, 19 Oct 2023 05:39:46 GMT
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
sync
event.dxmdp.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync?audids=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.69.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-69-108.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Thu, 19 Oct 2023 05:39:46 GMT
server
nginx/1.20.0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
dmp-common-iframe.html
cf.dxmcdn.com/dta/ Frame 9406 		194 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=&monitoringConfig=%7B%22uuid%22%3A%22bc8a7a32-7d98-4226-8af9-d2a43a8621cc%22%2C%22enabled%22%3Afalse%2C%22verboseMode%22%3A%22ERRORS%22%2C%22sampling%22%3Anull%2C%22observedUserId%22%3Anull%2C%22includeDatabase%22%3Afalse%2C%22includeLocalStorage%22%3Afalse%2C%22includeLoggerState%22%3Afalse%7D
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f800:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c90f4fa10a90d240c6dcd2d798e6c528ae91f104d232870fb6f1453967a7066

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1287
content-encoding
gzip
content-type
text/html
date
Thu, 19 Oct 2023 05:18:20 GMT
etag
W/"52319100f3cad7c781dec5018ed1ca59"
last-modified
Wed, 27 Sep 2023 11:46:39 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
x-amz-cf-id
ekKDQd-FwZzutYiCa-LTiE5ZApE85iXA7rXugOYbV2Sem4vprbADAw==
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
VtKfS.xLqR2wYAZ0uda1_bwOn38WDDK3
x-cache
Hit from cloudfront
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.4.7/ 		130 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.4.7/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231017-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dccda823139f751043e07f6ee2bbafb2b3e45c8549b38823f76ff371b389c9dc

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:46 GMT
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
157865
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
35140
x-served-by
cache-fra-eddf8230052-FRA
last-modified
Tue, 17 Oct 2023 09:48:30 GMT
server
AmazonS3
x-timer
S1697693987.681573,VS0,VE0
etag
"21799b4c652cf76997ff1159f564b132"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
4wbNU5lVP5xb3U1CMoPYl12K5OFiVq0Gz045rzXULFimCShn8UHKkw==
x-cache-hits
26893
feed-card-placeholder.20231017-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231017-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
910c14a940baed90b77f884650b7363bd688a041a76950247bae44bb1845efe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
_0OYBzMJGbZFtHitQ77xVe_.moyM1eHf
content-encoding
gzip
via
1.1 varnish
date
Thu, 19 Oct 2023 05:39:46 GMT
x-amz-request-id
AZD16TMSP60NMEJS
age
34440
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1261
x-amz-id-2
DsPaGE+mDK9pIGvBGrriyXu4M6WBAyd2VKNB53FfK3gndQIBPXj0URoKEGEDxEugd4UI3v6g8RA=
x-served-by
cache-fra-eddf8230080-FRA
last-modified
Wed, 18 Oct 2023 20:05:47 GMT
server
AmazonS3
x-timer
S1697693987.636562,VS0,VE0
etag
"52acd001f636800a2fad075b824a8405"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
90
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
30431
userx.20231017-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231017-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a021c4118a8ed18c55e33971fc9eba7bdc07a6c07b43f0c9f421577bf5620acd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
MUVGj2DeaHWhTObCQMa5SGtV8hm6Uhsg
content-encoding
gzip
via
1.1 varnish
date
Thu, 19 Oct 2023 05:39:46 GMT
x-amz-request-id
PYPT3JJG9VWHTGJN
age
34412
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
Od8HH7x37tnFS+NJLTds51uixKfG4GDyMWSC5vcSsPB+QDGFmnUH7NHNPR5FhtRxyQe6DMpEPSg=
x-served-by
cache-fra-eddf8230080-FRA
last-modified
Wed, 18 Oct 2023 20:06:14 GMT
server
AmazonS3
x-timer
S1697693987.678507,VS0,VE0
etag
"dea341f076963e9a101c869bf34924ed"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
37
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
5177
distance-from-article.20231017-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231017-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
14b27f6996322cc01899e1645fe0d308e474faab17f1936e1340753110d40eb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
HNqQl6Zuv7lCT0hXV3yumHvyXvHIUSii
content-encoding
gzip
via
1.1 varnish
date
Thu, 19 Oct 2023 05:39:46 GMT
x-amz-request-id
WF91Z9YDR0G70JRA
age
34445
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
V5rfidB3ZqTSejZy0LIeMiwDvWfc70nEKUAS1C5pUKSMOZ2SYecIYOLchIAb9Q4Cyf180epd4Sk=
x-served-by
cache-fra-eddf8230080-FRA
last-modified
Wed, 18 Oct 2023 20:05:42 GMT
server
AmazonS3
x-timer
S1697693987.678696,VS0,VE0
etag
"ad4975a2ba820377c220f5aaf40ac255"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
58
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
33476
article-detection.20231017-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231017-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c96c896d339ecd2412561b1cc04a750ddbb798fe446c7d9c7fa1f44cbec81ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
WvZAuUr3viJvp3654iSj1hnkQMrSv5VU
content-encoding
gzip
via
1.1 varnish
date
Thu, 19 Oct 2023 05:39:46 GMT
x-amz-request-id
RC199KMWKZWFEAT3
age
34451
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
cA4D3UBwdDbTsKlxvWcwaZTmGdXNOygi5ICaVipVC2uE8oldZ+xACajBJeXcrMOIOgg84PDFVQs=
x-served-by
cache-fra-eddf8230080-FRA
last-modified
Wed, 18 Oct 2023 20:05:36 GMT
server
AmazonS3
x-timer
S1697693987.678668,VS0,VE0
etag
"3ab8def42c462057a94a7aa8f711817c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
19
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
33445
abtests
trc-events.taboola.com/wallail-walla/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/wallail-walla/log/3/abtests?lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-dupChecker%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1697693986704%7D&tim=07%3A39%3A46.704&id=235&llvl=2&ri=2c308ad58285ee1d66f6bf8cef9b3a2c&sd=v2_a70570b2f49fab5674ce66ab2532c003_c0db7440-44cc-43c1-a8cb-5bfb6be1d5ee-tuctc2a46a2_1697693986_1697693986_CIi3jgYQk-FcGNzbybO0MSABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABo6M-UzoD43eJUcAA&ui=c0db7440-44cc-43c1-a8cb-5bfb6be1d5ee-tuctc2a46a2&pi=/&pt=home&vi=1697693986268&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231017-7-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Thu, 19 Oct 2023 05:39:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
trc-events.taboola.com/wallail-walla/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/wallail-walla/log/3/abtests?lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-ct%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1697693986708%7D&tim=07%3A39%3A46.708&id=8927&llvl=2&ri=2c308ad58285ee1d66f6bf8cef9b3a2c&sd=v2_a70570b2f49fab5674ce66ab2532c003_c0db7440-44cc-43c1-a8cb-5bfb6be1d5ee-tuctc2a46a2_1697693986_1697693986_CIi3jgYQk-FcGNzbybO0MSABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABo6M-UzoD43eJUcAA&ui=c0db7440-44cc-43c1-a8cb-5bfb6be1d5ee-tuctc2a46a2&pi=/&pt=home&vi=1697693986268&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231017-7-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Thu, 19 Oct 2023 05:39:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
trc-events.taboola.com/wallail-walla/log/3/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/wallail-walla/log/3/abtests?lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1697693986709%7D&tim=07%3A39%3A46.709&id=2641&llvl=2&ri=2c308ad58285ee1d66f6bf8cef9b3a2c&sd=v2_a70570b2f49fab5674ce66ab2532c003_c0db7440-44cc-43c1-a8cb-5bfb6be1d5ee-tuctc2a46a2_1697693986_1697693986_CIi3jgYQk-FcGNzbybO0MSABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABo6M-UzoD43eJUcAA&ui=c0db7440-44cc-43c1-a8cb-5bfb6be1d5ee-tuctc2a46a2&pi=/&pt=home&vi=1697693986268&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231017-7-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Thu, 19 Oct 2023 05:39:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/wallail-walla/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/3/abtests?route=AM:AM:V&tvi48=10638&tvi50=11104&lti=deflated&ri=2c308ad58285ee1d66f6bf8cef9b3a2c&sd=v2_a70570b2f49fab5674ce66ab2532c003_c0db7440-44cc-43c1-a8cb-5bfb6be1d5ee-tuctc2a46a2_1697693986_1697693986_CIi3jgYQk-FcGNzbybO0MSABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABo6M-UzoD43eJUcAA&ui=c0db7440-44cc-43c1-a8cb-5bfb6be1d5ee-tuctc2a46a2&pi=/&wi=2990753527669053458&pt=home&vi=1697693986268&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1697693986636%7D&tim=07%3A39%3A46.637&id=7698&llvl=2&cv=20231017-7-RELEASE&
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 19 Oct 2023 05:39:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Thu, 19 Oct 2023 05:39:46 GMT
x-amz-request-id
Y1PG8J215N22T8P1
age
82
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
Uw5tFQx0SXBhUtt7LR3tzPg4AwJsLw0b0pfPCtMtj2dH9WxEQG/AKgaWCN1zlzUHI1DQ4s8JfL8=
x-served-by
cache-fra-eddf8230080-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1697693987.743504,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
59
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
111
social
trc.taboola.com/wallail-walla/log/3/ 		0
310 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/wallail-walla/log/3/social?lti=deflated&ri=2c308ad58285ee1d66f6bf8cef9b3a2c&sd=v2_a70570b2f49fab5674ce66ab2532c003_c0db7440-44cc-43c1-a8cb-5bfb6be1d5ee-tuctc2a46a2_1697693986_1697693986_CIi3jgYQk-FcGNzbybO0MSABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABo6M-UzoD43eJUcAA&ui=c0db7440-44cc-43c1-a8cb-5bfb6be1d5ee-tuctc2a46a2&pi=/&pt=home&vi=1697693986268&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.walla.co.il%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%22%2C%22sec%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fimages.wcdn.co.il%2Ff_auto%2Cq_auto%2Cw_1200%2Ct_54%2F3%2F1%2F3%2F6%2F3136860-46.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=07%3A39%3A46.772&id=2285&llvl=2&cv=20231017-7-RELEASE&
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Thu, 19 Oct 2023 05:39:46 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7290
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230080-FRA
pragma
no-cache
server
nginx
x-timer
S1697693987.775366,VS0,VE9
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
v5
metrics.getrockerbox.com/track/ 		44 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.getrockerbox.com/track/v5?source=weight_watchers_subscription_germany&tier_one=taboola&tier_two=28250545&tier_three=3831634844&tier_four=wallail-walla&tier_five=Desktop&auction_id=2023-10-19+05%3A39%3A46&referrer=walla.co.il&gdpr=1&gdpr_consent=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.205.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMHBatOLYSU684P6B%2BG4wIiDMlULUqeEEZo3IFPeAXK1OXmNDWbhDc1JXcrWtUxXX3opPZTWkcasMemQxwN8QABacm%2BdJ3gwKFLYGooHtN7oPufAqimqikvAhLvPMjOlw5XfHiqcMUZtGTk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
8186aeb9baed929f-FRA
alt-svc
h3=":443"; ma=86400
walla.json
www.walla.co.il/public/player-config/ Frame 0979 		111 B
491 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player-config/walla.json?cache=1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player_ec0e692c68bd258e6d75_ec0e692c68bd258e6d75_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-75.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
51f3359dfda7f7e3bb7ca5440eba096f6b170c38da65853d53fc56bdd65f396a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:46 GMT
via
1.1 google, 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Wed, 18 Oct 2023 14:26:31 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"6f-18b432e5518"
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
111
x-cached
MISS
x-amz-cf-id
P10MXje_1BNPXcYhTgb99LJhZi-ddZitZ8gF0VH6aSNRmUQFRhErDg==
pixel
ap.lijit.com/ Frame F996 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Thu, 19 Oct 2023 05:39:46 GMT
X-Sovrn-Pod
ad_ap7ams1
1c3babbc1de34dcf1559d2015b7eb3b6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1c3babbc1de34dcf1559d2015b7eb3b6.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1b4057de4b7c5c92216c075662a9c785a3bfe1707ed603220cd62dd3e1b386de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
6
date
Thu, 19 Oct 2023 05:39:46 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1c3babbc1de34dcf1559d2015b7eb3b6.jpg
age
1453501
edge-cache-tag
474381775242796111020186456057511422626,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
474381775242796111020186456057511422626,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
538
req-referer
https://www.freenet.de/
content-length
8526
x-request-id
944a95bf57ab1187c290e909eb5ea7cc
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100066-IAD, cache-iad-kiad7000073-IAD, cache-iad-kcgs7200148-IAD, cache-fra-eddf8230080-FRA
last-modified
Mon, 02 Oct 2023 08:38:18 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=13122,owidth=1000,oheight=600,obytes=74251
x-timer
S1697693987.903280,VS0,VE6
etag
"59ebb200f8ec234d21517c80e49702d3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1
10673a296992aa08cd34c9537e389c6a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/10673a296992aa08cd34c9537e389c6a.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7761b03c4623cd32344b4de53a1243b7fd693fe28147b2eea6e27f995a5b82bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 19 Oct 2023 05:39:46 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/10673a296992aa08cd34c9537e389c6a.png
age
762248
edge-cache-tag
420277336627936804159450522445309207302,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
420277336627936804159450522445309207302,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time
99
req-referer
https://rp-online.de/
content-length
3618
x-request-id
743f16eb44632c663303f431417189d5
x-backend-name
LA_nlb203
x-served-by
cache-iad-kiad7000153-IAD, cache-iad-kjyo7100159-IAD, cache-sna10750-LGB, cache-iad-kiad7000099-IAD, cache-fra-eddf8230080-FRA
last-modified
Thu, 05 Oct 2023 15:29:30 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=8974,owidth=1200,oheight=800,obytes=482489
x-timer
S1697693987.903261,VS0,VE1
etag
"6ed9f9103fd8775dc738c9c51dede843"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 0, 1
06bc0414-430d-44f5-b143-2b8ee5a89463__94RujBj6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/06bc0414-430d-44f5-b143-2b8ee5a89463__94RujBj6.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
366fc36dd0fc6970fc5e90685e15b442563b2775361b3ac91400bd68112f1d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 19 Oct 2023 05:39:46 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/06bc0414-430d-44f5-b143-2b8ee5a89463__94RujBj6.jpg
age
2547283
edge-cache-tag
377005069709105534341546911510196727580,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
377005069709105534341546911510196727580,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
278
expiration
expiry-date="Sun, 08 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.klack.de/
content-length
12768
x-backend-name
LA_nlb202
x-served-by
cache-iad-kcgs7200118-IAD, cache-iad-kjyo7100113-IAD, cache-sna10730-LGB, cache-iad-kiad7000029-IAD, cache-fra-eddf8230080-FRA
last-modified
Thu, 07 Sep 2023 04:47:25 GMT
server
nginx
surrogate-reporting
width=340,height=189,owidth=1536,oheight=1024,obytes=170192
x-timer
S1697693987.903595,VS0,VE1
etag
"aef8e3244eac207b28558aaf6ab0c97e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 18, 1
45da482e88916a96e1503f6677fe158b.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45da482e88916a96e1503f6677fe158b.jpeg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
000ecbeecc25ac8c187f58ca0f6447ea795277498b9491c89138ce2536f52d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 19 Oct 2023 05:39:46 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45da482e88916a96e1503f6677fe158b.jpeg
age
148906
edge-cache-tag
401345757396848283152878199516078818846,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
cache-tag
401345757396848283152878199516078818846,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
557
req-referer
https://www.saechsische.de/
content-length
5868
x-request-id
014d95c06a9351448357d1438e14747c
x-backend-name
LA_nlb202
x-served-by
cache-iad-kcgs7200167-IAD, cache-iad-kjyo7100082-IAD, cache-sna10744-LGB, cache-iad-kiad7000134-IAD, cache-fra-eddf8230080-FRA
last-modified
Tue, 17 Oct 2023 09:33:23 GMT
server
nginx
surrogate-reporting
width=520,height=289,bytes=12151,owidth=5464,oheight=6546,obytes=1786395
x-timer
S1697693987.904786,VS0,VE1
etag
"82e473a1a4f698a55d479180b7fc44e6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 1
4270cfbdcc58972deeaadd313e34e149.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4270cfbdcc58972deeaadd313e34e149.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
280acbfadf0ad58f81668d680d19ca345797f98f0a36f82d4956f3caceee619c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 19 Oct 2023 05:39:46 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4270cfbdcc58972deeaadd313e34e149.jpg
age
252521
edge-cache-tag
430566623968936267360032399771437235085,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
430566623968936267360032399771437235085,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
101
req-referer
https://www.calcalist.co.il/
content-length
27374
x-request-id
319f597082460ca17af4d9476b5a064e
x-backend-name
US_nlb106
x-served-by
cache-iad-kiad7000068-IAD, cache-iad-kiad7000155-IAD, cache-iad-kiad7000143-IAD, cache-fra-eddf8230080-FRA
last-modified
Sun, 15 Oct 2023 11:49:24 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=95811,owidth=1000,oheight=600,obytes=521449
x-timer
S1697693987.904861,VS0,VE1
etag
"3b1a71b2a4f302ac03c8bc0948584aeb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 228F
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
95 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.146.39 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Thu, 19 Oct 2023 05:39:35 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 05:39:35 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
0bf2fe1e50ca23352b4225abbca3bbe4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0bf2fe1e50ca23352b4225abbca3bbe4.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
76d5f6f98ea8a392367e34d8802844da85ebc4a82df1e1b8ae5b97caa0bf401e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 19 Oct 2023 05:39:46 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0bf2fe1e50ca23352b4225abbca3bbe4.jpg
age
2477686
edge-cache-tag
578688334154265888352565686747097829264,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
578688334154265888352565686747097829264,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
175
expiration
expiry-date="Sat, 07 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.livemint.com/
content-length
10124
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100127-IAD, cache-iad-kiad7000124-IAD, cache-lax10632-LGB, cache-iad-kjyo7100086-IAD, cache-fra-eddf8230080-FRA
last-modified
Wed, 06 Sep 2023 17:38:37 GMT
server
nginx
surrogate-reporting
width=340,height=189,owidth=2121,oheight=1414,obytes=990609
x-timer
S1697693987.909509,VS0,VE0
etag
"9a2e2be5c818307bcc14eca4f75defc8"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 34, 2
d47753579e30d76a8887dc5726edd0cb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d47753579e30d76a8887dc5726edd0cb.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b9501fa666cc30a6e0940095ae8b91524fe2fac46af2d25fe67374b6f5b3324f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 19 Oct 2023 05:39:46 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d47753579e30d76a8887dc5726edd0cb.jpg
age
1269572
edge-cache-tag
397419470952447593534310000284998307269,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
397419470952447593534310000284998307269,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
483
req-referer
https://alltagtipps.de/
content-length
13456
x-request-id
ff9648fc40aa26cbe9a21fe022333b88
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100084-IAD, cache-iad-kcgs7200050-IAD, cache-lax10646-LGB, cache-iad-kcgs7200093-IAD, cache-fra-eddf8230080-FRA
last-modified
Wed, 04 Oct 2023 07:46:50 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=19851,owidth=1000,oheight=600,obytes=402362
x-timer
S1697693987.920881,VS0,VE0
etag
"2ecbd4e822f2c69b89c0e87b7e1a69d2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 2
52f61e1e5d33c30b4cee9a5919ff8938.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_999%2Cx_0%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_999%2Cx_0%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/52f61e1e5d33c30b4cee9a5919ff8938.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
045788a4ccd039949f27b30df710d2aa2776b2c19fa516b76af90c142b6bdd57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 19 Oct 2023 05:39:46 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_999%2Cx_0%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/52f61e1e5d33c30b4cee9a5919ff8938.jpg
age
859156
edge-cache-tag
371749787018221237318744761459713427660,351400474140383510437951399380511509083,29ecf9b93bbf306179626feeda1fab70
cache-tag
371749787018221237318744761459713427660,351400474140383510437951399380511509083,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
519
req-referer
https://ads.taboola.com/
content-length
69644
x-request-id
e716f71f8e51a8e647fdbdc742ab12d8
x-backend-name
US_nlb104
x-served-by
cache-iad-kiad7000105-IAD, cache-iad-kiad7000054-IAD, cache-iad-kjyo7100080-IAD, cache-fra-eddf8230080-FRA
last-modified
Mon, 09 Oct 2023 07:00:20 GMT
server
nginx
surrogate-reporting
width=999,height=562,bytes=104178,owidth=1000,oheight=600,obytes=149174
x-timer
S1697693987.920852,VS0,VE0
etag
"175be19f3ecd50c05516fc57e7785422"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 4
3614580-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/4/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/4/3614580-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f20c3b723c99eae8cb814bb05254627c34d900eb485d0363bda614ad5b42d648

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Thu, 19 Oct 2023 05:39:46 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/4/3614580-46.jpg
age
252420
edge-cache-tag
356364036264290060771733714859179090360,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
cache-tag
356364036264290060771733714859179090360,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
398
req-referer
https://www.walla.co.il/
content-length
4342
x-request-id
e3bc39b865f71a5f02cf7f22018049e9
x-backend-name
CH_nlb801
x-served-by
cache-iad-kcgs7200050-IAD, cache-iad-kcgs7200032-IAD, cache-lga21962-LGA, cache-iad-kcgs7200138-IAD, cache-fra-eddf8230080-FRA
last-modified
Mon, 16 Oct 2023 07:32:39 GMT
server
nginx
surrogate-reporting
width=520,height=289,bytes=10851,owidth=230,oheight=129,obytes=2290
x-timer
S1697693987.920646,VS0,VE9
etag
"02599ebfee5309152c16960ae49b7959"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 1
3614230-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/4/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/4/3614230-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
27c15c4bdf3913ca3d6199f8dc7b07b4505f7a6426b99e17266c269e7c47e571

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 19 Oct 2023 05:39:46 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/4/3614230-46.jpg
age
322627
edge-cache-tag
349664909086624546016677937143723555745,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
349664909086624546016677937143723555745,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time
210
req-referer
https://www.walla.co.il/
content-length
5884
x-request-id
e3bb498610fe0e597fd8e9e25de24a53
x-backend-name
US_nlb104
x-served-by
cache-iad-kiad7000067-IAD, cache-iad-kiad7000176-IAD, cache-ewr18163-EWR, cache-iad-kcgs7200174-IAD, cache-fra-eddf8230080-FRA
last-modified
Sun, 15 Oct 2023 12:02:16 GMT
server
nginx
surrogate-reporting
width=287,height=159,bytes=4540,owidth=287,oheight=161,obytes=3140
x-timer
S1697693987.921148,VS0,VE1
etag
"b042c3041f68cea077a0a4f2065bb5b6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 0, 1
0f5f2d46dd028e6dd70112a59172b173.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0f5f2d46dd028e6dd70112a59172b173.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5ff7d19e051580e27bb94b9eee707b290f9de77f14ed26984102db4806aeaae7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 19 Oct 2023 05:39:46 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0f5f2d46dd028e6dd70112a59172b173.png
age
843499
edge-cache-tag
553028303197916169827536183373171094756,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
553028303197916169827536183373171094756,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
526
req-referer
https://ads.taboola.com/
content-length
6700
x-request-id
262742466ea6bb288e3392056442be95
x-backend-name
LA_nlb203
x-served-by
cache-iad-kcgs7200078-IAD, cache-iad-kjyo7100079-IAD, cache-lax10666-LGB, cache-iad-kcgs7200093-IAD, cache-fra-eddf8230080-FRA
last-modified
Mon, 09 Oct 2023 11:21:27 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=11036,owidth=1920,oheight=1080,obytes=2391297
x-timer
S1697693987.921042,VS0,VE1
etag
"9fe3caf8db8b3b408a0eea8c65206ebf"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 17, 1
96859af5-1467-479c-a301-2f55f79d0c70__nEiUFEnw.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/96859af5-1467-479c-a301-2f55f79d0c70__nEiUFEnw.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6c68f02bdd94a84856cb5c8305dcdf6911bdb78e6f5706323c31c5e1f49cc885

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 19 Oct 2023 05:39:46 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/96859af5-1467-479c-a301-2f55f79d0c70__nEiUFEnw.jpg
age
1281683
edge-cache-tag
627226957533498078938916262238723139444,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
627226957533498078938916262238723139444,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
198
expiration
expiry-date="Sat, 14 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://actu.fr/
content-length
8454
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100025-IAD, cache-iad-kcgs7200052-IAD, cache-sna10742-LGB, cache-iad-kiad7000141-IAD, cache-fra-eddf8230080-FRA
last-modified
Wed, 13 Sep 2023 01:05:10 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=12875,owidth=2000,oheight=1330,obytes=188724
x-timer
S1697693987.921543,VS0,VE1
etag
"111f49bd314833c224a25b6a270d752d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 34, 1
523de0348551dd5345d160fd3427c974.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/523de0348551dd5345d160fd3427c974.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
75a0cfc3c7df6ee8695cb6802c2f9b349a3580af9870f6b09b8cd5de7538bc74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 19 Oct 2023 05:39:46 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/523de0348551dd5345d160fd3427c974.png
age
5953712
edge-cache-tag
377768966639996786410879643163619490306,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
377768966639996786410879643163619490306,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
616
content-length
9846
x-request-id
df548c307742546b9627c834ba476fca
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000098-IAD, cache-iad-kiad7000104-IAD, cache-sna10722-LGB, cache-iad-kcgs7200116-IAD, cache-fra-eddf8230080-FRA
last-modified
Thu, 10 Aug 2023 13:39:32 GMT
server
nginx
x-timer
S1697693987.933180,VS0,VE1
etag
"7e8947f2fae06e39368d6c3749e8c58e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 4, 1
RX-436bbb5d-f7ce-45e0-8fae-3b29e0b3abc4-003
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame 4765
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1697693986976
  • https://ad.turn.com/r/cs?pid=45&rndcb=8754517387
  • https://sync.1rx.io/usersync/turn/4605418256330473032?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-436bbb5d-f7ce-45e0-8fae-3b29e0b3abc4-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-436bbb5d-f7ce-45e0-8fae-3b2...
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-436bbb5d-f7ce-45e0-8fae-3b29e0b3abc4-003
0
445 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-436bbb5d-f7ce-45e0-8fae-3b29e0b3abc4-003
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8186aebcae0f2bb6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 05:39:47 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-type
text/html
date
Thu, 19 Oct 2023 05:39:47 GMT
etag
RX436bbb5df7ce45e08fae3b29e0b3abc4003
location
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-436bbb5d-f7ce-45e0-8fae-3b29e0b3abc4-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
6882523b-dd7f-5324-be12-7e61db22bf42
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame D0CF
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=313987386854555902
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/6882523b-dd7f-5324-be12-7e61db22bf42
0
499 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/6882523b-dd7f-5324-be12-7e61db22bf42
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8186aebdbf162bb6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 05:39:47 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/6882523b-dd7f-5324-be12-7e61db22bf42
7d0e1925ff05191a31f4f0d5ec35a045.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7d0e1925ff05191a31f4f0d5ec35a045.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3bcc449ec0b64bbaf2c70eb66be608ea1952e10589ba732f28abf34735a388af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
16
date
Thu, 19 Oct 2023 05:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7d0e1925ff05191a31f4f0d5ec35a045.jpg
age
3134361
edge-cache-tag
465001665069678899320262329545940930297,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
cache-tag
465001665069678899320262329545940930297,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
400
req-referer
https://newsweek.ro/
content-length
12872
x-request-id
7e5106d28f92d356360cc464be11aa27
x-backend-name
CH_nlb804
x-served-by
cache-iad-kcgs7200071-IAD, cache-iad-kjyo7100112-IAD, cache-iad-kiad7000049-IAD, cache-fra-eddf8230080-FRA
last-modified
Thu, 24 Aug 2023 08:32:01 GMT
server
nginx
surrogate-reporting
width=360,height=212,bytes=21559,owidth=1920,oheight=1080,obytes=394037
x-timer
S1697693987.986828,VS0,VE16
etag
"031fec07fb14f95847207cb3bc9d0e45"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 33, 1
smwt256.gif
us.ck-ie.com/ Frame 2B8B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Thu, 19 Oct 2023 05:39:47 GMT
Server
nginx
sync
gum.criteo.com/ 		46 B
287 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231017-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:46 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
228749
expires
60
cookie
cm.adform.net/ Frame 95CF 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Thu, 19 Oct 2023 05:39:47 GMT
server
nginx
sync
odr.mookie1.com/t/v2/ Frame 6A59
Redirect Chain
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230
  • https://dis.criteo.com/dis/usersync.aspx?r=73&p=230&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fgdprapplies%3d0%26gdpr%3d%26redir%3dhttps%253A%252F%252Fcsync.smilewanted.co...
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24{CRITEO_USER_ID}&profile=230&uid=e5854141-6ab8-4a...
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=ETatI19nWndQb0JOTyUyQldVV1NRUG56RTRKWGhlMU45T3dUaEZEdW5sOExiWW15b0NOTzMlMkZuT0syTDVHdDhtMFYxS3M4eWxpZ1drNUtlR3JMVWFYTE9qaUN3NVZpalpNYmJmNVclMkJpQ...
  • https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=ETatI19nWndQb0JOTyUyQldVV1NRUG56RTRKWGhlMU45T3dUaEZEdW5sOExiWW15b0NOTzMlMkZuT0syTDVHdDhtMFYxS3M4eWxpZ1drNUtlR3JMVWFYTE9qaUN3NVZpalpNYmJmNVc...
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=79b6a802-6256-4df8-b0fc-8508986a8d6d&ssp=criteo&gdpr=&gdpr_consent=
42 B
213 B 		Document
General
Check archive.org
Download Go to
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=79b6a802-6256-4df8-b0fc-8508986a8d6d&ssp=criteo&gdpr=&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
content-type
image/gif
date
Thu, 19 Oct 2023 05:39:47 GMT
etag
"62bb0b72-2a"
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
via
1.1 google

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 19 Oct 2023 05:39:47 GMT
location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=79b6a802-6256-4df8-b0fc-8508986a8d6d&ssp=criteo&gdpr=&gdpr_consent=
1c3babbc1de34dcf1559d2015b7eb3b6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1c3babbc1de34dcf1559d2015b7eb3b6.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1b4057de4b7c5c92216c075662a9c785a3bfe1707ed603220cd62dd3e1b386de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 19 Oct 2023 05:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1c3babbc1de34dcf1559d2015b7eb3b6.jpg
age
1453501
edge-cache-tag
474381775242796111020186456057511422626,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
474381775242796111020186456057511422626,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
538
req-referer
https://www.freenet.de/
content-length
8526
x-request-id
944a95bf57ab1187c290e909eb5ea7cc
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100066-IAD, cache-iad-kiad7000073-IAD, cache-iad-kcgs7200148-IAD, cache-fra-eddf8230080-FRA
last-modified
Mon, 02 Oct 2023 08:38:18 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=13122,owidth=1000,oheight=600,obytes=74251
x-timer
S1697693987.024075,VS0,VE0
etag
"59ebb200f8ec234d21517c80e49702d3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2
10673a296992aa08cd34c9537e389c6a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/10673a296992aa08cd34c9537e389c6a.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7761b03c4623cd32344b4de53a1243b7fd693fe28147b2eea6e27f995a5b82bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 19 Oct 2023 05:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/10673a296992aa08cd34c9537e389c6a.png
age
762248
edge-cache-tag
420277336627936804159450522445309207302,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
420277336627936804159450522445309207302,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time
99
req-referer
https://rp-online.de/
content-length
3618
x-request-id
743f16eb44632c663303f431417189d5
x-backend-name
LA_nlb203
x-served-by
cache-iad-kiad7000153-IAD, cache-iad-kjyo7100159-IAD, cache-sna10750-LGB, cache-iad-kiad7000099-IAD, cache-fra-eddf8230080-FRA
last-modified
Thu, 05 Oct 2023 15:29:30 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=8974,owidth=1200,oheight=800,obytes=482489
x-timer
S1697693987.024320,VS0,VE0
etag
"6ed9f9103fd8775dc738c9c51dede843"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 0, 2
06bc0414-430d-44f5-b143-2b8ee5a89463__94RujBj6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/06bc0414-430d-44f5-b143-2b8ee5a89463__94RujBj6.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
366fc36dd0fc6970fc5e90685e15b442563b2775361b3ac91400bd68112f1d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 19 Oct 2023 05:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/06bc0414-430d-44f5-b143-2b8ee5a89463__94RujBj6.jpg
age
2547283
edge-cache-tag
377005069709105534341546911510196727580,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
377005069709105534341546911510196727580,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
278
expiration
expiry-date="Sun, 08 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.klack.de/
content-length
12768
x-backend-name
LA_nlb202
x-served-by
cache-iad-kcgs7200118-IAD, cache-iad-kjyo7100113-IAD, cache-sna10730-LGB, cache-iad-kiad7000029-IAD, cache-fra-eddf8230080-FRA
last-modified
Thu, 07 Sep 2023 04:47:25 GMT
server
nginx
surrogate-reporting
width=340,height=189,owidth=1536,oheight=1024,obytes=170192
x-timer
S1697693987.024313,VS0,VE0
etag
"aef8e3244eac207b28558aaf6ab0c97e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 18, 2
45da482e88916a96e1503f6677fe158b.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45da482e88916a96e1503f6677fe158b.jpeg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
000ecbeecc25ac8c187f58ca0f6447ea795277498b9491c89138ce2536f52d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 19 Oct 2023 05:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45da482e88916a96e1503f6677fe158b.jpeg
age
148906
edge-cache-tag
401345757396848283152878199516078818846,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
cache-tag
401345757396848283152878199516078818846,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
557
req-referer
https://www.saechsische.de/
content-length
5868
x-request-id
014d95c06a9351448357d1438e14747c
x-backend-name
LA_nlb202
x-served-by
cache-iad-kcgs7200167-IAD, cache-iad-kjyo7100082-IAD, cache-sna10744-LGB, cache-iad-kiad7000134-IAD, cache-fra-eddf8230080-FRA
last-modified
Tue, 17 Oct 2023 09:33:23 GMT
server
nginx
surrogate-reporting
width=520,height=289,bytes=12151,owidth=5464,oheight=6546,obytes=1786395
x-timer
S1697693987.024786,VS0,VE0
etag
"82e473a1a4f698a55d479180b7fc44e6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 2
4270cfbdcc58972deeaadd313e34e149.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4270cfbdcc58972deeaadd313e34e149.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
280acbfadf0ad58f81668d680d19ca345797f98f0a36f82d4956f3caceee619c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 19 Oct 2023 05:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4270cfbdcc58972deeaadd313e34e149.jpg
age
252521
edge-cache-tag
430566623968936267360032399771437235085,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
430566623968936267360032399771437235085,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
101
req-referer
https://www.calcalist.co.il/
content-length
27374
x-request-id
319f597082460ca17af4d9476b5a064e
x-backend-name
US_nlb106
x-served-by
cache-iad-kiad7000068-IAD, cache-iad-kiad7000155-IAD, cache-iad-kiad7000143-IAD, cache-fra-eddf8230080-FRA
last-modified
Sun, 15 Oct 2023 11:49:24 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=95811,owidth=1000,oheight=600,obytes=521449
x-timer
S1697693987.024782,VS0,VE0
etag
"3b1a71b2a4f302ac03c8bc0948584aeb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 2
0bf2fe1e50ca23352b4225abbca3bbe4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0bf2fe1e50ca23352b4225abbca3bbe4.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
76d5f6f98ea8a392367e34d8802844da85ebc4a82df1e1b8ae5b97caa0bf401e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 19 Oct 2023 05:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0bf2fe1e50ca23352b4225abbca3bbe4.jpg
age
2477686
edge-cache-tag
578688334154265888352565686747097829264,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
578688334154265888352565686747097829264,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
175
expiration
expiry-date="Sat, 07 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.livemint.com/
content-length
10124
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100127-IAD, cache-iad-kiad7000124-IAD, cache-lax10632-LGB, cache-iad-kjyo7100086-IAD, cache-fra-eddf8230080-FRA
last-modified
Wed, 06 Sep 2023 17:38:37 GMT
server
nginx
surrogate-reporting
width=340,height=189,owidth=2121,oheight=1414,obytes=990609
x-timer
S1697693987.024774,VS0,VE0
etag
"9a2e2be5c818307bcc14eca4f75defc8"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 34, 3
a932122a9745f9661f8467a6fc26d37
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame FAE8
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/a932122a9745f9661f8467a6fc26d37?gdpr_consent=&gdpr=0
0
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/a932122a9745f9661f8467a6fc26d37?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8186aebbcd4d2bb6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 05:39:47 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Thu, 19 Oct 2023 05:39:47 GMT
Expires
Thu, 19 Oct 2023 05:39:47 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/a932122a9745f9661f8467a6fc26d37?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1697693987052066-524
d47753579e30d76a8887dc5726edd0cb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d47753579e30d76a8887dc5726edd0cb.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b9501fa666cc30a6e0940095ae8b91524fe2fac46af2d25fe67374b6f5b3324f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 19 Oct 2023 05:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d47753579e30d76a8887dc5726edd0cb.jpg
age
1269572
edge-cache-tag
397419470952447593534310000284998307269,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
397419470952447593534310000284998307269,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
483
req-referer
https://alltagtipps.de/
content-length
13456
x-request-id
ff9648fc40aa26cbe9a21fe022333b88
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100084-IAD, cache-iad-kcgs7200050-IAD, cache-lax10646-LGB, cache-iad-kcgs7200093-IAD, cache-fra-eddf8230080-FRA
last-modified
Wed, 04 Oct 2023 07:46:50 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=19851,owidth=1000,oheight=600,obytes=402362
x-timer
S1697693987.044643,VS0,VE0
etag
"2ecbd4e822f2c69b89c0e87b7e1a69d2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 3
52f61e1e5d33c30b4cee9a5919ff8938.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_999%2Cx_0%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_999%2Cx_0%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/52f61e1e5d33c30b4cee9a5919ff8938.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
045788a4ccd039949f27b30df710d2aa2776b2c19fa516b76af90c142b6bdd57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 19 Oct 2023 05:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_999%2Cx_0%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/52f61e1e5d33c30b4cee9a5919ff8938.jpg
age
859156
edge-cache-tag
371749787018221237318744761459713427660,351400474140383510437951399380511509083,29ecf9b93bbf306179626feeda1fab70
cache-tag
371749787018221237318744761459713427660,351400474140383510437951399380511509083,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
519
req-referer
https://ads.taboola.com/
content-length
69644
x-request-id
e716f71f8e51a8e647fdbdc742ab12d8
x-backend-name
US_nlb104
x-served-by
cache-iad-kiad7000105-IAD, cache-iad-kiad7000054-IAD, cache-iad-kjyo7100080-IAD, cache-fra-eddf8230080-FRA
last-modified
Mon, 09 Oct 2023 07:00:20 GMT
server
nginx
surrogate-reporting
width=999,height=562,bytes=104178,owidth=1000,oheight=600,obytes=149174
x-timer
S1697693987.044875,VS0,VE0
etag
"175be19f3ecd50c05516fc57e7785422"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 5
3614580-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/4/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/4/3614580-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f20c3b723c99eae8cb814bb05254627c34d900eb485d0363bda614ad5b42d648

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 19 Oct 2023 05:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/4/3614580-46.jpg
age
252420
edge-cache-tag
356364036264290060771733714859179090360,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
cache-tag
356364036264290060771733714859179090360,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
398
req-referer
https://www.walla.co.il/
content-length
4342
x-request-id
e3bc39b865f71a5f02cf7f22018049e9
x-backend-name
CH_nlb801
x-served-by
cache-iad-kcgs7200050-IAD, cache-iad-kcgs7200032-IAD, cache-lga21962-LGA, cache-iad-kcgs7200138-IAD, cache-fra-eddf8230080-FRA
last-modified
Mon, 16 Oct 2023 07:32:39 GMT
server
nginx
surrogate-reporting
width=520,height=289,bytes=10851,owidth=230,oheight=129,obytes=2290
x-timer
S1697693987.044894,VS0,VE0
etag
"02599ebfee5309152c16960ae49b7959"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 2
3614230-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/4/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/4/3614230-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
27c15c4bdf3913ca3d6199f8dc7b07b4505f7a6426b99e17266c269e7c47e571

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 19 Oct 2023 05:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/4/3614230-46.jpg
age
322627
edge-cache-tag
349664909086624546016677937143723555745,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
349664909086624546016677937143723555745,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time
210
req-referer
https://www.walla.co.il/
content-length
5884
x-request-id
e3bb498610fe0e597fd8e9e25de24a53
x-backend-name
US_nlb104
x-served-by
cache-iad-kiad7000067-IAD, cache-iad-kiad7000176-IAD, cache-ewr18163-EWR, cache-iad-kcgs7200174-IAD, cache-fra-eddf8230080-FRA
last-modified
Sun, 15 Oct 2023 12:02:16 GMT
server
nginx
surrogate-reporting
width=287,height=159,bytes=4540,owidth=287,oheight=161,obytes=3140
x-timer
S1697693987.045211,VS0,VE0
etag
"b042c3041f68cea077a0a4f2065bb5b6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 0, 2
0f5f2d46dd028e6dd70112a59172b173.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0f5f2d46dd028e6dd70112a59172b173.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5ff7d19e051580e27bb94b9eee707b290f9de77f14ed26984102db4806aeaae7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 19 Oct 2023 05:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0f5f2d46dd028e6dd70112a59172b173.png
age
843499
edge-cache-tag
553028303197916169827536183373171094756,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
553028303197916169827536183373171094756,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
526
req-referer
https://ads.taboola.com/
content-length
6700
x-request-id
262742466ea6bb288e3392056442be95
x-backend-name
LA_nlb203
x-served-by
cache-iad-kcgs7200078-IAD, cache-iad-kjyo7100079-IAD, cache-lax10666-LGB, cache-iad-kcgs7200093-IAD, cache-fra-eddf8230080-FRA
last-modified
Mon, 09 Oct 2023 11:21:27 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=11036,owidth=1920,oheight=1080,obytes=2391297
x-timer
S1697693987.047322,VS0,VE0
etag
"9fe3caf8db8b3b408a0eea8c65206ebf"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 17, 2
96859af5-1467-479c-a301-2f55f79d0c70__nEiUFEnw.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/96859af5-1467-479c-a301-2f55f79d0c70__nEiUFEnw.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6c68f02bdd94a84856cb5c8305dcdf6911bdb78e6f5706323c31c5e1f49cc885

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 19 Oct 2023 05:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/96859af5-1467-479c-a301-2f55f79d0c70__nEiUFEnw.jpg
age
1281683
edge-cache-tag
627226957533498078938916262238723139444,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
627226957533498078938916262238723139444,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
198
expiration
expiry-date="Sat, 14 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://actu.fr/
content-length
8454
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100025-IAD, cache-iad-kcgs7200052-IAD, cache-sna10742-LGB, cache-iad-kiad7000141-IAD, cache-fra-eddf8230080-FRA
last-modified
Wed, 13 Sep 2023 01:05:10 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=12875,owidth=2000,oheight=1330,obytes=188724
x-timer
S1697693987.047407,VS0,VE0
etag
"111f49bd314833c224a25b6a270d752d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 34, 2
523de0348551dd5345d160fd3427c974.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/523de0348551dd5345d160fd3427c974.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
75a0cfc3c7df6ee8695cb6802c2f9b349a3580af9870f6b09b8cd5de7538bc74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 19 Oct 2023 05:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/523de0348551dd5345d160fd3427c974.png
age
5953712
edge-cache-tag
377768966639996786410879643163619490306,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
377768966639996786410879643163619490306,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
616
content-length
9846
x-request-id
df548c307742546b9627c834ba476fca
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000098-IAD, cache-iad-kiad7000104-IAD, cache-sna10722-LGB, cache-iad-kcgs7200116-IAD, cache-fra-eddf8230080-FRA
last-modified
Thu, 10 Aug 2023 13:39:32 GMT
server
nginx
x-timer
S1697693987.064621,VS0,VE0
etag
"7e8947f2fae06e39368d6c3749e8c58e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 4, 2
v1
match.sharethrough.com/universal/ Frame 5AEF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.6.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-6-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 19 Oct 2023 05:39:47 GMT
7d0e1925ff05191a31f4f0d5ec35a045.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7d0e1925ff05191a31f4f0d5ec35a045.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3bcc449ec0b64bbaf2c70eb66be608ea1952e10589ba732f28abf34735a388af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 19 Oct 2023 05:39:47 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7d0e1925ff05191a31f4f0d5ec35a045.jpg
age
3134361
edge-cache-tag
465001665069678899320262329545940930297,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
cache-tag
465001665069678899320262329545940930297,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
400
req-referer
https://newsweek.ro/
content-length
12872
x-request-id
7e5106d28f92d356360cc464be11aa27
x-backend-name
CH_nlb804
x-served-by
cache-iad-kcgs7200071-IAD, cache-iad-kjyo7100112-IAD, cache-iad-kiad7000049-IAD, cache-fra-eddf8230080-FRA
last-modified
Thu, 24 Aug 2023 08:32:01 GMT
server
nginx
surrogate-reporting
width=360,height=212,bytes=21559,owidth=1920,oheight=1080,obytes=394037
x-timer
S1697693987.095462,VS0,VE0
etag
"031fec07fb14f95847207cb3bc9d0e45"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 33, 2
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231019
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edeb4a5305dd8d5900fbd71a5bc5015071bdaf62b884b4ff5228bd6d8f39fe69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 19 Oct 2023 05:39:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5934
x-jsd-version
1.0.1847
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4553-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"634-m5bac47UysLU8qdvZtb/e48LOmw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzZm64Uk8SX5O3eCwblTgUX7Gv%2BnHtj7MbPzaAidjvN1CeTGn4%2FUBNDsC3amgkbzs03tXtlYpwkOVedFxQBqzONnmmpqGtCKNiYvFCGybMQl%2BliqLPx%2FwFXj1dBXOfdfg%2F2wusWfXvPc2dfxMH4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8186aebc2c0b9bf8-FRA
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 05:39:47 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 02 Oct 2023 15:19:34 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1433823
ETag
W/"4689fed115ceb1ec0446e336376eed1e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDIlvH0A%2FtKoZ3uyBvya9RTZRDOo9KGMhohhXfPMZqTlyqnTv20kH8rt5rHnQ0KWaoEurExPsMGNRJeVBsrfgldctp5IaSWPRA2nDBPRKtHeTRGdifBGoetVGgDS8ErqAqIIWo5rHFW%2Ft3y2"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
8186aebc5f4a65b7-FRA
auction
tlx.3lift.com/header/ 		19 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.5.0&referrer=https%3A%2F%2Fwww.walla.co.il%2F&tmax=3000
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.59.25.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-25-76.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:47 GMT
accept-ch
sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width
x-auction-status
29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:46 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:46 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
169858fc9a82cce2813d9646e062343c44c9164e73a365645f5e2c6639c0ebce

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:47 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
34cd8495dbb387032d2f5a3ee69ff9e12f08bfcd40ab508d8d34ca028848fcf5

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:47 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
dce1ad02d28955863fd3e100c4e00f3f2c2d7557ffc125e376133061a06d1b53

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:47 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		60 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 19 Oct 2023 05:39:47 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 4 inventory rules not found for mediatype: banner and adUnitCode: adSlot-2
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8186aebcddf691db-FRA
expires
0
bid-request
a.teads.tv/hb/ 		16 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:47 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 19 Oct 2023 05:39:47 GMT
prebid
ib.adnxs.com/ut/v3/ 		594 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
058d19e1adfa67a7f51222010ef1367b48e303e1491fec011ac70fac8028569d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:47 GMT
content-encoding
gzip
an-x-request-uuid
4bc45882-ff36-42ca-960e-1d6320241910
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.117.78; 146.70.117.78; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.5.0
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
43db16924f49e69bb2fe8cb0ec449a93fc19551727ac7d19cd95c88b8c9051d6

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 19 Oct 2023 05:39:47 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.walla.co.il
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:21::1780 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:47 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
expires
0
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2a7cf5d2b06a94a7a710a1292f81c92f653e2787562c7f5cf4d3ec83ee8ec198

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 19 Oct 2023 05:39:47 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2a7cf5d2b06a94a7a710a1292f81c92f653e2787562c7f5cf4d3ec83ee8ec198

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 19 Oct 2023 05:39:47 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2a7cf5d2b06a94a7a710a1292f81c92f653e2787562c7f5cf4d3ec83ee8ec198

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 19 Oct 2023 05:39:47 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2a7cf5d2b06a94a7a710a1292f81c92f653e2787562c7f5cf4d3ec83ee8ec198

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 19 Oct 2023 05:39:47 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2a7cf5d2b06a94a7a710a1292f81c92f653e2787562c7f5cf4d3ec83ee8ec198

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 19 Oct 2023 05:39:47 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fastlane.json
fastlane.rubiconproject.com/a/api/ 		380 B
721 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=27183062-bbd0-4c0d-ad1a-580c47bf007a&l_pb_bid_id=60231fc8f5fa43b&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=30cad95a-20e4-4231-a400-aee8d7ad984d&rp_hard_floor=0.025&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&slots=1&rand=0.5484455520265135
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
043979c5580f9b411479ce74f44630b4b3f0d5e7bfedf2d4e08b43f7ae0ec403

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:47 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
380
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		377 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Ftop_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=27183062-bbd0-4c0d-ad1a-580c47bf007a&l_pb_bid_id=6137043e7a8a673&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=e338e1af-f720-4532-b8ab-08ef46bb4b2e&rp_hard_floor=0.025&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Ftop_desktop&slots=1&rand=0.3854521838193534
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e80d56f276414fd28ba61bcbd08cb5f16dd75fb62c100e07ab35cb01836baaf3

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:47 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
377
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		365 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Frectangle_hp3_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=27183062-bbd0-4c0d-ad1a-580c47bf007a&l_pb_bid_id=627e88cad5266cb&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=b0122a36-3923-4250-acd5-58a96229ee21&rp_hard_floor=0.025&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Frectangle_hp3_desktop&slots=1&rand=0.27476568921235756
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0aec8afaa57a000c04b3af9ffec9da575f0dd68ddc9bf0e108d6e35ce3b0767d

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:47 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
365
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		370 B
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fpremium_rectangle1_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=27183062-bbd0-4c0d-ad1a-580c47bf007a&l_pb_bid_id=63f246d1779402&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=764e7678-57fa-414c-9cad-a5cf33f75789&rp_hard_floor=0.025&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fpremium_rectangle1_desktop&slots=1&rand=0.4752960639723869
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e0d6d8940e00d99ac6c56c82173f764d9d317e5fa7f1f28394d017940fd925a0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:47 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
370
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		366 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=27183062-bbd0-4c0d-ad1a-580c47bf007a&l_pb_bid_id=64eb58cecf2d266&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=1af5fb88-4896-464c-bbf5-3fbc8f1eec8c&rp_hard_floor=0.025&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&slots=1&rand=0.2715415332816844
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f1a26c725ae51e83c7c2211cdd75d0ea7b7b4d95cd57b3628e93fd5ee2267518

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:47 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
366
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:47 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:46 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.32.210.226 , France, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-178-32-210.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:46 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Thu, 19 Oct 2023 05:39:47 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
2214040
bs.yandex.ru/prebid/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:47 GMT
last-modified
Thu, 19 Oct 2023 05:39:47 GMT
x-yandex-req-id
1697693987580592-371043797164785861400197-production-app-host-sas-pcode-81
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Thu, 19 Oct 2023 05:39:47 GMT
2214040
bs.yandex.ru/prebid/ 		0
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:47 GMT
last-modified
Thu, 19 Oct 2023 05:39:47 GMT
x-yandex-req-id
1697693987535419-552101434252632101300327-production-app-host-vla-pcode-50
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Thu, 19 Oct 2023 05:39:47 GMT
2214040
bs.yandex.ru/prebid/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:47 GMT
last-modified
Thu, 19 Oct 2023 05:39:47 GMT
x-yandex-req-id
1697693987536025-1099264596145170597100261-production-app-host-vla-pcode-273
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Thu, 19 Oct 2023 05:39:47 GMT
2214040
bs.yandex.ru/prebid/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:47 GMT
last-modified
Thu, 19 Oct 2023 05:39:47 GMT
x-yandex-req-id
1697693987531311-552785609371812852800450-production-app-host-vla-pcode-109
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Thu, 19 Oct 2023 05:39:47 GMT
2214040
bs.yandex.ru/prebid/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:47 GMT
last-modified
Thu, 19 Oct 2023 05:39:47 GMT
x-yandex-req-id
1697693987586630-36294048716390747200243-production-app-host-sas-pcode-140
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Thu, 19 Oct 2023 05:39:47 GMT
cdb
bidder.criteo.com/ 		10 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.5.0&cb=1049855287&lsavail=1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
465446bded3b57e00e76070634ac2059153700320f2dd3e19a9efc4535d12f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 19 Oct 2023 05:39:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
translator
hbopenbid.pubmatic.com/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Thu, 19 Oct 2023 05:39:47 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=715831
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c6af15bb861e35fdcaf08f2d55c3a16222114d36839b21384583ab435f863d1

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkLX1QhXVrlZu7WzNBMhFKRCeg%2BxC8XNSLkBUqGqgrmkr0Wz1%2BYybkWzVxY4qF3sG1dGPhiKhmnm3EDFH%2F8U0SqGzV11M%2BvEhNqTFiXPY3KJEQz%2Btjgx1T%2FtgfXe07Cah9SjYmaI"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8186aebdafe29232-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebidjs
rtb.openx.net/openrtbb/ 		53 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
6ef782f41b44533266a3b8f7b34e3f169e0ebc03820a693c6b75920cdf3f3597

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 19 Oct 2023 05:39:47 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
/
prebid.smilewanted.com/ 		0
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 19 Oct 2023 05:39:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8186aebd5ec72bb6-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 19 Oct 2023 05:39:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8186aebd5ebe2bb6-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 19 Oct 2023 05:39:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8186aebd5ec12bb6-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 19 Oct 2023 05:39:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8186aebd5ec52bb6-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 19 Oct 2023 05:39:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8186aebd5ec32bb6-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		1 KB
855 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.walla.co.il%2F&PageUrl=https%3A%2F%2Fwww.walla.co.il%2F&PageReferrer=https%3A%2F%2Fwww.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.78.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-78-166.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e9f9e2f8c42fe9cc2ce1871b27d7cf8a0a407048ac80a32f7051ae2dc56fc8ff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 19 Oct 2023 05:39:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
kong/2.8.4
x-kong-proxy-latency
2
x-kong-upstream-latency
275
content-length
431
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		721 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2948625437707032&correlator=1003773313394941&eid=31078751%2C31078933&output=ldjh&gdfp_req=1&vrg=202310090203&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cnickbar_desktop%2Cdontmiss_strip_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4&prev_iu_szs=1200x40%2C320x50%7C865x190&fluid=0%2Cheight&ifi=16&didk=1193244743~1193245117&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De1fcb63712108fcb%3AT%3D1697693985%3ART%3D1697693985%3AS%3DALNI_MZdASWBO4ILBABsD27NJ8267GYc6Q&gpic=UID%3D00000c9c6bddb841%3AT%3D1697693985%3ART%3D1697693985%3AS%3DALNI_MZeGc9vLHPQSDSptz-aGVnpgIaWGA&abxe=1&dt=1697693987456&lmt=1697686787&adxs=200%2C535&adys=1200%2C2723&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=16%7C17&ucis=g%7Ch&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.walla.co.il%2F&vis=1&psz=0x-1%7C864x0&msz=1200x-1%7C865x0&fws=644%2C132&ohw=0%2C864&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1335889755.1697693985&ga_sid=1697693985&ga_hid=108702921&ga_fc=true&ga_cid=760173411.1697693985&dlt=1697693983693&idt=1160&prev_scp=slot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Ddontmiss_strip_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&cust_params=dxseg%3D&adks=1750305995%2C3185403617&frm=20&is_cau=%2C
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090203/pubads_impl.js?cb=31078751
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5a37b92573c2c258573cc13cb1b96b59ba0f7d90ffb99bf75c21c5f862c7929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:47 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
google-lineitem-id
-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 0979 		361 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player_ec0e692c68bd258e6d75_ec0e692c68bd258e6d75_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6939afaeb559a7dd48bf40e39170c0f5ca2125984aeaca978d9491801f717bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126235
x-xss-protection
0
expires
Thu, 19 Oct 2023 05:39:47 GMT
debug
trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/wallail-walla/log/2/debug?tim=07%3A39%3A47.546&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=6360&cv=20231017-7-RELEASE&lt=deflated&pct=1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:47 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13629
supply-feature
trc-events.taboola.com/wallail-walla/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/wallail-walla/log/3/supply-feature?lti=deflated&ri=2c308ad58285ee1d66f6bf8cef9b3a2c&sd=v2_a70570b2f49fab5674ce66ab2532c003_c0db7440-44cc-43c1-a8cb-5bfb6be1d5ee-tuctc2a46a2_1697693986_1697693986_CIi3jgYQk-FcGNzbybO0MSABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABo6M-UzoD43eJUcAA&ui=c0db7440-44cc-43c1-a8cb-5bfb6be1d5ee-tuctc2a46a2&pi=/&pt=home&vi=1697693986268&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22114.28125%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=07%3A39%3A47.591&id=7217&llvl=2&cv=20231017-7-RELEASE&
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 19 Oct 2023 05:39:47 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
truncated
/ Frame 0979 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
st
imprammp.taboola.com/ Frame 67FA 		422 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8DWsCLAa0W_a5n_v2bhBot-xzP_ft3SgAAABgYID-AIlMHIONy2NaCzfGyVq0HA7WCsto5BbuRpvVardxznwrIyCRiWOwcXlMa-HGOFmLlsPBWmEZjdzC3WizWu02zplvZQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDhvxNR5fd4rr8DHqLQeSyHEQP18Vl-QcAAAAAEAAAAAAkABDEf0sAxOBOnvj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hvC-vDIrSAUQEikILMIIAAAAgKRRndORSTpBxaLK__9_vxWAKwAAAYtGcm4UWXQHJd7CAAAAAIxZoIfF7zc77Bq_22X-_________838n_lHI1TElZImSIRiT80vIADAml9AAAA24wYA4I0AnKCTEKvFZDKYTBaroxC74Wyxmy0Wk9kBAAAAuPP___-vByR8g9VuMLHMTMuZw-Ka7UYbl222sFhWm8nGMNhsTxtWYrA7ntVSnwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFsMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGMYWXyj0WAtGm08btFm41grjBuLWzWxWWwTl2PkWrncotfH9LEsTLOFZYsEA0L2InlapBPJxjMYLkyu4WS4WrkcI9tsZpvYjBuXzTnxLCwbi1iiOVmkE9ll3_ANVrvBxDIzLWcOi2u2G21cttnCYlltJhvDYLPvGEYW32g0WItGG49btNk41grjxuJWTWwW28TlGLlWLrfo9TF9LAvTbGHZN2bL3Wy5WQ5n-8ZsuZstN8vhbN9hMj1Tn7PRdcs4Pjr14rz4CWtOg8JlsHh_EtNi2p0dPL_f0alTv5RFndHv9_v9fr_f7_f7DVrPwWxQ-LY1W1X9m0iblZXVcTAoYongIp3oHmazw2l26x5ms8MilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpiNJvrBnPFYjfXDVcJAAAAAAAAAMASTDPdBAAAAMDJoIaTzWa1TgczWQ1Xi9VyAVzATOr6gd1bw2roc9yVEqjEt12HLVGsscca7mE2O5xmt-5hNjusDODC5ZvZZp8RxFqtljUAAAABbAAAAAHcdONNQJgV9____z8OAACAjBx6AAAA9PuApCj1wo9cKfgVxGIxGO0fgAqxVqvV7cZarVbAglktdqsJ_P___wc!&cmcv=&pix=undefined&cb=1697693987668&uv=3348&tms=1697693987668&abt=adxsub-out_vA!adxsub-out_vB!lvlstst-in2_vB!lvlstst1_vB!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=2b10cec4-8c82-4980-a24d-8743557c9f7e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
465e561fd024b563f4e09afc28040a6b90b9048624f9f9189a45948724632179

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 19 Oct 2023 05:39:47 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230080-FRA
x-timer
S1697693988.944115,VS0,VE9
sync
am-match.taboola.com/ Frame 8780 		439 B
524 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8DWsCLAa0W_a5n_v2bhBot-xzP_ft3SgAAABgYID-AIlMHIONy2NaCzfGyVq0HA7WCsto5BbuRpvVardxznwrIyCRiWOwcXlMa-HGOFmLlsPBWmEZjdzC3WizWu02zplvZQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDhvxNR5fd4rr8DHqLQeSyHEQP18Vl-QcAAAAAEAAAAAAkABDEf0sAxOBOnvj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hvC-vDIrSAUQEikILMIIAAAAgKRRndORSTpBxaLK__9_vxWAKwAAAYtGcm4UWXQHJd7CAAAAAIxZoIfF7zc77Bq_22X-_________838n_lHI1TElZImSIRiT80vIADAml9AAAA24wYA4I0AnKCTEKvFZDKYTBaroxC74Wyxmy0Wk9kBAAAAuPP___-vByR8g9VuMLHMTMuZw-Ka7UYbl222sFhWm8nGMNhsTxtWYrA7ntVSnwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFsMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGMYWXyj0WAtGm08btFm41grjBuLWzWxWWwTl2PkWrncotfH9LEsTLOFZYsEA0L2InlapBPJxjMYLkyu4WS4WrkcI9tsZpvYjBuXzTnxLCwbi1iiOVmkE9ll3_ANVrvBxDIzLWcOi2u2G21cttnCYlltJhvDYLPvGEYW32g0WItGG49btNk41grjxuJWTWwW28TlGLlWLrfo9TF9LAvTbGHZN2bL3Wy5WQ5n-8ZsuZstN8vhbN9hMj1Tn7PRdcs4Pjr14rz4CWtOg8JlsHh_EtNi2p0dPL_f0alTv5RFndHv9_v9fr_f7_f7DVrPwWxQ-LY1W1X9m0iblZXVcTAoYongIp3oHmazw2l26x5ms8MilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpiNJvrBnPFYjfXDVcJAAAAAAAAAMASTDPdBAAAAMDJoIaTzWa1TgczWQ1Xi9VyAVzATOr6gd1bw2roc9yVEqjEt12HLVGsscca7mE2O5xmt-5hNjusDODC5ZvZZp8RxFqtljUAAAABbAAAAAHcdONNQJgV9____z8OAACAjBx6AAAA9PuApCj1wo9cKfgVxGIxGO0fgAqxVqvV7cZarVbAglktdqsJ_P___wc!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
d5a36a46f47f4f4a4b3a437e9cdbeeee8524afcdf3c10e1be0db88085443c56a

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 19 Oct 2023 05:39:47 GMT
machineid
3408
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8DWsCLAa0W_a5n_v2bhBot-xzP_ft3SgAAABgYID-AIlMHIONy2NaCzfGyVq0HA7WCsto5BbuRpvVardxznwrIyCRiWOwcXlMa-HGOFmLlsPBWmEZjdzC3WizWu02zplvZQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDhvxNR5fd4rr8DHqLQeSyHEQP18Vl-QcAAAAAEAAAAAAkABDEf0sAxOBOnvj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hvC-vDIrSAUQEikILMIIAAAAgKRRndORSTpBxaLK__9_vxWAKwAAAYtGcm4UWXQHJd7CAAAAAIxZoIfF7zc77Bq_22X-_________838n_lHI1TElZImSIRiT80vIADAml9AAAA24wYA4I0AnKCTEKvFZDKYTBaroxC74Wyxmy0Wk9kBAAAAuPP___-vByR8g9VuMLHMTMuZw-Ka7UYbl222sFhWm8nGMNhsTxtWYrA7ntVSnwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFsMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGMYWXyj0WAtGm08btFm41grjBuLWzWxWWwTl2PkWrncotfH9LEsTLOFZYsEA0L2InlapBPJxjMYLkyu4WS4WrkcI9tsZpvYjBuXzTnxLCwbi1iiOVmkE9ll3_ANVrvBxDIzLWcOi2u2G21cttnCYlltJhvDYLPvGEYW32g0WItGG49btNk41grjxuJWTWwW28TlGLlWLrfo9TF9LAvTbGHZN2bL3Wy5WQ5n-8ZsuZstN8vhbN9hMj1Tn7PRdcs4Pjr14rz4CWtOg8JlsHh_EtNi2p0dPL_f0alTv5RFndHv9_v9fr_f7_f7DVrPwWxQ-LY1W1X9m0iblZXVcTAoYongIp3oHmazw2l26x5ms8MilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpiNJvrBnPFYjfXDVcJAAAAAAAAAMASTDPdBAAAAMDJoIaTzWa1TgczWQ1Xi9VyAVzATOr6gd1bw2roc9yVEqjEt12HLVGsscca7mE2O5xmt-5hNjusDODC5ZvZZp8RxFqtljUAAAABbAAAAAHcdONNQJgV9____z8OAACAjBx6AAAA9PuApCj1wo9cKfgVxGIxGO0fgAqxVqvV7cZarVbAglktdqsJ_P___wc!&cmcv=&pix=31589837&cb=1697693987668&uv=3348&tms=1697693987668&abt=adxsub-out_vA!adxsub-out_vB!lvlstst-in2_vB!lvlstst1_vB!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1697693983560.5!ts:1697693987668&mntl=1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:47 GMT
content-length
0
server
nginx
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		131 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
955010c817411105778a738f61a625182690fd098b1d2fa1d48bb766e35c4a41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:47 GMT
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 20:00:53 GMT
server
cloudflare
age
0
etag
W/"d1e8b0c1836dd18f38c331647b7deb61dd68365d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
8186aec0e95765c2-FRA
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 05:39:47 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1433822
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 02 Oct 2023 15:19:33 GMT
Server
cloudflare
ETag
W/"0680a0a53dae661d4707e1cc0f6bc95a"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PABdAGUtqM6a0PTFYbhHs15B6nL2mzKgZo2idzvLJIuOqPKiU4s2V934sSQ%2FqUh7YiHOl%2FMUzh3pxzL9AJxYaWeEeU6BWNQSwnBzQPuAzfUXjXbpNWTk9boWXdHPfuNi%2BD5LHhLKGhMCw34M"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
8186aebfda50383e-FRA
bulk
trc.taboola.com/wallail-walla/log/3/ 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/wallail-walla/log/3/bulk?tvi48=10638&tvi50=11104&route=AM%3AAM%3AV&lti=deflated&bulkSize=6
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231017-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
date
Thu, 19 Oct 2023 05:39:47 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7418
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230080-FRA
pragma
no-cache
server
nginx
x-timer
S1697693988.801771,VS0,VE10
content-type
image/gif
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
generic
match.adsrvr.org/track/cmf/ Frame 67FA 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8DWsCLAa0W_a5n_v2bhBot-xzP_ft3SgAAABgYID-AIlMHIONy2NaCzfGyVq0HA7WCsto5BbuRpvVardxznwrIyCRiWOwcXlMa-HGOFmLlsPBWmEZjdzC3WizWu02zplvZQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDhvxNR5fd4rr8DHqLQeSyHEQP18Vl-QcAAAAAEAAAAAAkABDEf0sAxOBOnvj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hvC-vDIrSAUQEikILMIIAAAAgKRRndORSTpBxaLK__9_vxWAKwAAAYtGcm4UWXQHJd7CAAAAAIxZoIfF7zc77Bq_22X-_________838n_lHI1TElZImSIRiT80vIADAml9AAAA24wYA4I0AnKCTEKvFZDKYTBaroxC74Wyxmy0Wk9kBAAAAuPP___-vByR8g9VuMLHMTMuZw-Ka7UYbl222sFhWm8nGMNhsTxtWYrA7ntVSnwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFsMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGMYWXyj0WAtGm08btFm41grjBuLWzWxWWwTl2PkWrncotfH9LEsTLOFZYsEA0L2InlapBPJxjMYLkyu4WS4WrkcI9tsZpvYjBuXzTnxLCwbi1iiOVmkE9ll3_ANVrvBxDIzLWcOi2u2G21cttnCYlltJhvDYLPvGEYW32g0WItGG49btNk41grjxuJWTWwW28TlGLlWLrfo9TF9LAvTbGHZN2bL3Wy5WQ5n-8ZsuZstN8vhbN9hMj1Tn7PRdcs4Pjr14rz4CWtOg8JlsHh_EtNi2p0dPL_f0alTv5RFndHv9_v9fr_f7_f7DVrPwWxQ-LY1W1X9m0iblZXVcTAoYongIp3oHmazw2l26x5ms8MilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpiNJvrBnPFYjfXDVcJAAAAAAAAAMASTDPdBAAAAMDJoIaTzWa1TgczWQ1Xi9VyAVzATOr6gd1bw2roc9yVEqjEt12HLVGsscca7mE2O5xmt-5hNjusDODC5ZvZZp8RxFqtljUAAAABbAAAAAHcdONNQJgV9____z8OAACAjBx6AAAA9PuApCj1wo9cKfgVxGIxGO0fgAqxVqvV7cZarVbAglktdqsJ_P___wc!&cmcv=&pix=undefined&cb=1697693987668&uv=3348&tms=1697693987668&abt=adxsub-out_vA!adxsub-out_vB!lvlstst-in2_vB!lvlstst1_vB!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=2b10cec4-8c82-4980-a24d-8743557c9f7e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:48 GMT
server
Kestrel
content-length
70
content-type
image/gif
c0db7440-44cc-43c1-a8cb-5bfb6be1d5ee-tuctc2a46a2
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 67FA 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/c0db7440-44cc-43c1-a8cb-5bfb6be1d5ee-tuctc2a46a2?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8DWsCLAa0W_a5n_v2bhBot-xzP_ft3SgAAABgYID-AIlMHIONy2NaCzfGyVq0HA7WCsto5BbuRpvVardxznwrIyCRiWOwcXlMa-HGOFmLlsPBWmEZjdzC3WizWu02zplvZQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDhvxNR5fd4rr8DHqLQeSyHEQP18Vl-QcAAAAAEAAAAAAkABDEf0sAxOBOnvj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hvC-vDIrSAUQEikILMIIAAAAgKRRndORSTpBxaLK__9_vxWAKwAAAYtGcm4UWXQHJd7CAAAAAIxZoIfF7zc77Bq_22X-_________838n_lHI1TElZImSIRiT80vIADAml9AAAA24wYA4I0AnKCTEKvFZDKYTBaroxC74Wyxmy0Wk9kBAAAAuPP___-vByR8g9VuMLHMTMuZw-Ka7UYbl222sFhWm8nGMNhsTxtWYrA7ntVSnwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFsMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGMYWXyj0WAtGm08btFm41grjBuLWzWxWWwTl2PkWrncotfH9LEsTLOFZYsEA0L2InlapBPJxjMYLkyu4WS4WrkcI9tsZpvYjBuXzTnxLCwbi1iiOVmkE9ll3_ANVrvBxDIzLWcOi2u2G21cttnCYlltJhvDYLPvGEYW32g0WItGG49btNk41grjxuJWTWwW28TlGLlWLrfo9TF9LAvTbGHZN2bL3Wy5WQ5n-8ZsuZstN8vhbN9hMj1Tn7PRdcs4Pjr14rz4CWtOg8JlsHh_EtNi2p0dPL_f0alTv5RFndHv9_v9fr_f7_f7DVrPwWxQ-LY1W1X9m0iblZXVcTAoYongIp3oHmazw2l26x5ms8MilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpiNJvrBnPFYjfXDVcJAAAAAAAAAMASTDPdBAAAAMDJoIaTzWa1TgczWQ1Xi9VyAVzATOr6gd1bw2roc9yVEqjEt12HLVGsscca7mE2O5xmt-5hNjusDODC5ZvZZp8RxFqtljUAAAABbAAAAAHcdONNQJgV9____z8OAACAjBx6AAAA9PuApCj1wo9cKfgVxGIxGO0fgAqxVqvV7cZarVbAglktdqsJ_P___wc!&cmcv=&pix=undefined&cb=1697693987668&uv=3348&tms=1697693987668&abt=adxsub-out_vA!adxsub-out_vB!lvlstst-in2_vB!lvlstst1_vB!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=2b10cec4-8c82-4980-a24d-8743557c9f7e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:c184:4582:9358:8e30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame 67FA 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8DWsCLAa0W_a5n_v2bhBot-xzP_ft3SgAAABgYID-AIlMHIONy2NaCzfGyVq0HA7WCsto5BbuRpvVardxznwrIyCRiWOwcXlMa-HGOFmLlsPBWmEZjdzC3WizWu02zplvZQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDhvxNR5fd4rr8DHqLQeSyHEQP18Vl-QcAAAAAEAAAAAAkABDEf0sAxOBOnvj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hvC-vDIrSAUQEikILMIIAAAAgKRRndORSTpBxaLK__9_vxWAKwAAAYtGcm4UWXQHJd7CAAAAAIxZoIfF7zc77Bq_22X-_________838n_lHI1TElZImSIRiT80vIADAml9AAAA24wYA4I0AnKCTEKvFZDKYTBaroxC74Wyxmy0Wk9kBAAAAuPP___-vByR8g9VuMLHMTMuZw-Ka7UYbl222sFhWm8nGMNhsTxtWYrA7ntVSnwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFsMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGMYWXyj0WAtGm08btFm41grjBuLWzWxWWwTl2PkWrncotfH9LEsTLOFZYsEA0L2InlapBPJxjMYLkyu4WS4WrkcI9tsZpvYjBuXzTnxLCwbi1iiOVmkE9ll3_ANVrvBxDIzLWcOi2u2G21cttnCYlltJhvDYLPvGEYW32g0WItGG49btNk41grjxuJWTWwW28TlGLlWLrfo9TF9LAvTbGHZN2bL3Wy5WQ5n-8ZsuZstN8vhbN9hMj1Tn7PRdcs4Pjr14rz4CWtOg8JlsHh_EtNi2p0dPL_f0alTv5RFndHv9_v9fr_f7_f7DVrPwWxQ-LY1W1X9m0iblZXVcTAoYongIp3oHmazw2l26x5ms8MilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpiNJvrBnPFYjfXDVcJAAAAAAAAAMASTDPdBAAAAMDJoIaTzWa1TgczWQ1Xi9VyAVzATOr6gd1bw2roc9yVEqjEt12HLVGsscca7mE2O5xmt-5hNjusDODC5ZvZZp8RxFqtljUAAAABbAAAAAHcdONNQJgV9____z8OAACAjBx6AAAA9PuApCj1wo9cKfgVxGIxGO0fgAqxVqvV7cZarVbAglktdqsJ_P___wc!&cmcv=&pix=undefined&cb=1697693987668&uv=3348&tms=1697693987668&abt=adxsub-out_vA!adxsub-out_vB!lvlstst-in2_vB!lvlstst1_vB!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=2b10cec4-8c82-4980-a24d-8743557c9f7e&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.71.157.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-157-32.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 8780 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8DWsCLAa0W_a5n_v2bhBot-xzP_ft3SgAAABgYID-AIlMHIONy2NaCzfGyVq0HA7WCsto5BbuRpvVardxznwrIyCRiWOwcXlMa-HGOFmLlsPBWmEZjdzC3WizWu02zplvZQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDhvxNR5fd4rr8DHqLQeSyHEQP18Vl-QcAAAAAEAAAAAAkABDEf0sAxOBOnvj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hvC-vDIrSAUQEikILMIIAAAAgKRRndORSTpBxaLK__9_vxWAKwAAAYtGcm4UWXQHJd7CAAAAAIxZoIfF7zc77Bq_22X-_________838n_lHI1TElZImSIRiT80vIADAml9AAAA24wYA4I0AnKCTEKvFZDKYTBaroxC74Wyxmy0Wk9kBAAAAuPP___-vByR8g9VuMLHMTMuZw-Ka7UYbl222sFhWm8nGMNhsTxtWYrA7ntVSnwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFsMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGMYWXyj0WAtGm08btFm41grjBuLWzWxWWwTl2PkWrncotfH9LEsTLOFZYsEA0L2InlapBPJxjMYLkyu4WS4WrkcI9tsZpvYjBuXzTnxLCwbi1iiOVmkE9ll3_ANVrvBxDIzLWcOi2u2G21cttnCYlltJhvDYLPvGEYW32g0WItGG49btNk41grjxuJWTWwW28TlGLlWLrfo9TF9LAvTbGHZN2bL3Wy5WQ5n-8ZsuZstN8vhbN9hMj1Tn7PRdcs4Pjr14rz4CWtOg8JlsHh_EtNi2p0dPL_f0alTv5RFndHv9_v9fr_f7_f7DVrPwWxQ-LY1W1X9m0iblZXVcTAoYongIp3oHmazw2l26x5ms8MilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpiNJvrBnPFYjfXDVcJAAAAAAAAAMASTDPdBAAAAMDJoIaTzWa1TgczWQ1Xi9VyAVzATOr6gd1bw2roc9yVEqjEt12HLVGsscca7mE2O5xmt-5hNjusDODC5ZvZZp8RxFqtljUAAAABbAAAAAHcdONNQJgV9____z8OAACAjBx6AAAA9PuApCj1wo9cKfgVxGIxGO0fgAqxVqvV7cZarVbAglktdqsJ_P___wc!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:48 GMT
server
Kestrel
content-length
70
content-type
image/gif
c0db7440-44cc-43c1-a8cb-5bfb6be1d5ee-tuctc2a46a2
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 8780 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/c0db7440-44cc-43c1-a8cb-5bfb6be1d5ee-tuctc2a46a2?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8DWsCLAa0W_a5n_v2bhBot-xzP_ft3SgAAABgYID-AIlMHIONy2NaCzfGyVq0HA7WCsto5BbuRpvVardxznwrIyCRiWOwcXlMa-HGOFmLlsPBWmEZjdzC3WizWu02zplvZQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDhvxNR5fd4rr8DHqLQeSyHEQP18Vl-QcAAAAAEAAAAAAkABDEf0sAxOBOnvj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hvC-vDIrSAUQEikILMIIAAAAgKRRndORSTpBxaLK__9_vxWAKwAAAYtGcm4UWXQHJd7CAAAAAIxZoIfF7zc77Bq_22X-_________838n_lHI1TElZImSIRiT80vIADAml9AAAA24wYA4I0AnKCTEKvFZDKYTBaroxC74Wyxmy0Wk9kBAAAAuPP___-vByR8g9VuMLHMTMuZw-Ka7UYbl222sFhWm8nGMNhsTxtWYrA7ntVSnwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFsMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGMYWXyj0WAtGm08btFm41grjBuLWzWxWWwTl2PkWrncotfH9LEsTLOFZYsEA0L2InlapBPJxjMYLkyu4WS4WrkcI9tsZpvYjBuXzTnxLCwbi1iiOVmkE9ll3_ANVrvBxDIzLWcOi2u2G21cttnCYlltJhvDYLPvGEYW32g0WItGG49btNk41grjxuJWTWwW28TlGLlWLrfo9TF9LAvTbGHZN2bL3Wy5WQ5n-8ZsuZstN8vhbN9hMj1Tn7PRdcs4Pjr14rz4CWtOg8JlsHh_EtNi2p0dPL_f0alTv5RFndHv9_v9fr_f7_f7DVrPwWxQ-LY1W1X9m0iblZXVcTAoYongIp3oHmazw2l26x5ms8MilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpiNJvrBnPFYjfXDVcJAAAAAAAAAMASTDPdBAAAAMDJoIaTzWa1TgczWQ1Xi9VyAVzATOr6gd1bw2roc9yVEqjEt12HLVGsscca7mE2O5xmt-5hNjusDODC5ZvZZp8RxFqtljUAAAABbAAAAAHcdONNQJgV9____z8OAACAjBx6AAAA9PuApCj1wo9cKfgVxGIxGO0fgAqxVqvV7cZarVbAglktdqsJ_P___wc!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:c184:4582:9358:8e30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame 8780 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8DWsCLAa0W_a5n_v2bhBot-xzP_ft3SgAAABgYID-AIlMHIONy2NaCzfGyVq0HA7WCsto5BbuRpvVardxznwrIyCRiWOwcXlMa-HGOFmLlsPBWmEZjdzC3WizWu02zplvZQUXxnKZDGqBkO92GR4-l0FFN5ldns8bYKDpdPhc93rd73fXPcxmh13jtyvNfjkAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAIoDhvxNR5fd4rr8DHqLQeSyHEQP18Vl-QcAAAAAEAAAAAAkABDEf0sAxOBOnvj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hvC-vDIrSAUQEikILMIIAAAAgKRRndORSTpBxaLK__9_vxWAKwAAAYtGcm4UWXQHJd7CAAAAAIxZoIfF7zc77Bq_22X-_________838n_lHI1TElZImSIRiT80vIADAml9AAAA24wYA4I0AnKCTEKvFZDKYTBaroxC74Wyxmy0Wk9kBAAAAuPP___-vByR8g9VuMLHMTMuZw-Ka7UYbl222sFhWm8nGMNhsTxtWYrA7ntVSnwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFsMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGMYWXyj0WAtGm08btFm41grjBuLWzWxWWwTl2PkWrncotfH9LEsTLOFZYsEA0L2InlapBPJxjMYLkyu4WS4WrkcI9tsZpvYjBuXzTnxLCwbi1iiOVmkE9ll3_ANVrvBxDIzLWcOi2u2G21cttnCYlltJhvDYLPvGEYW32g0WItGG49btNk41grjxuJWTWwW28TlGLlWLrfo9TF9LAvTbGHZN2bL3Wy5WQ5n-8ZsuZstN8vhbN9hMj1Tn7PRdcs4Pjr14rz4CWtOg8JlsHh_EtNi2p0dPL_f0alTv5RFndHv9_v9fr_f7_f7DVrPwWxQ-LY1W1X9m0iblZXVcTAoYongIp3oHmazw2l26x5ms8MilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpiNJvrBnPFYjfXDVcJAAAAAAAAAMASTDPdBAAAAMDJoIaTzWa1TgczWQ1Xi9VyAVzATOr6gd1bw2roc9yVEqjEt12HLVGsscca7mE2O5xmt-5hNjusDODC5ZvZZp8RxFqtljUAAAABbAAAAAHcdONNQJgV9____z8OAACAjBx6AAAA9PuApCj1wo9cKfgVxGIxGO0fgAqxVqvV7cZarVbAglktdqsJ_P___wc!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 19 Oct 2023 05:39:48 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 19 Oct 2023 05:39:48 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310090203&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090203/pubads_impl.js?cb=31078751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
471a4b3379ecba7450a1c1e57e2871948ff34b063ce00bdd841417223fb6cd1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12231
x-xss-protection
0
playlist.m3u8
amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/ Frame 0979
Redirect Chain
  • https://cdn-uw2-prod.tsv2.amagi.tv/linear/amg01742-walla-wallanews-ono/playlist.m3u8
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
Protocol
H2
Server
99.86.4.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-49.fra6.r.cloudfront.net
Software
/
Resource Hash
5e9ffb2321245d977f958671d970ef352f5aeacbe7836d30650ce9b07940f6c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:48 GMT
via
1.1 google, 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
null
x-cache
Miss from cloudfront
cache-control
max-age=0
access-control-allow-credentials
true
x-amz-cf-id
hlMpyYHcXR2No-Dx1PN2evZbIlptnfphEviGXWd8xEqsDCQJuDbVww==

Redirect headers

date
Thu, 19 Oct 2023 05:39:48 GMT
via
1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
vary
origin
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
access-control-allow-origin
https://www.walla.co.il
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
GlP5zKp-3ZqmoD3AcaDcTnIGTWoAiah317Ezze1td2TvGXDuGzETQw==
88bb20b9-9864-4c33-ba56-b044e1d2ef19
https://www.walla.co.il/ Frame 0979 		6 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/88bb20b9-9864-4c33-ba56-b044e1d2ef19
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b94a77fa0aa100733aaea38ce611cc70fd81ebf17c1727a8511cb2bde47e2106

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Length
5872
Content-Type
application/javascript
12e05f15-27fb-4160-bd04-559ca1b8e158
https://www.walla.co.il/ Frame 0979 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/12e05f15-27fb-4160-bd04-559ca1b8e158
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bbe9554acdc9fc122c3aad62ead41c1a503320adc8b145e67b1f37de5740db8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Length
80351
Content-Type
application/javascript
2c0bf4ad-1eb7-4483-a1ae-d698bbc5fd3c
https://www.walla.co.il/ Frame 0979 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/2c0bf4ad-1eb7-4483-a1ae-d698bbc5fd3c
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bbe9554acdc9fc122c3aad62ead41c1a503320adc8b145e67b1f37de5740db8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Length
80351
Content-Type
application/javascript
bridge3.595.0_en.html
imasdk.googleapis.com/js/core/ Frame 224D 		726 KB
233 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9de6cf1275e2335cae4231d25e6119cd5bb53cfadd831de5cdfc411de862c6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
168083
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
238136
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 06:58:25 GMT
expires
Wed, 16 Oct 2024 06:58:25 GMT
last-modified
Tue, 10 Oct 2023 20:31:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 0979 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Oct 2023 05:39:48 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1AC0 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:01:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2269
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 19 Oct 2023 06:01:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0979 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D43010785%252Fwallanews%252Fmain%252Fpre_desktop%26sz%3D635x360%257C640x480%257C640x480%257C640x360%257C635x360%26url%3Dhttps%253A%252F%252Fwww.walla.co.il%252F%26description_url%3Dhttps%253A%252F%252Fwww.walla.co.il%252F%26cust_params%3Dapp_name%253Dfalse%2526providerId%253D0%2526item_id%253D0%2526vertical_id%253D173%2526vertical_name%253D%25D7%2595%25D7%2595%25D7%2590%25D7%259C%25D7%2594%2526category_id%253D0%2526item_type%253D%2526exclusive%253Dnot%2526login%253Dno%2526isMobileApp%253Dfalse%26output%3Dxml_vmap1_vast4%26vpi%3D1%26impl%3Ds%26gdfp_req%3D1%26env%3Dvp%26unviewed_position_start%3D1&customPlayback=f&customClick=f&lid=8&sdkv=h.3.595.0&e=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797156%2C44797965%2C44801604&id=ima_html5&c=2808957072533813&domain=www.walla.co.il
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090203/pubads_impl.js?cb=31078751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 05:39:48 GMT
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 19 Oct 2023 05:39:48 GMT
server
Google Frontend
x-cloud-trace-context
af194bb34b7746eb14ca343ceee5be7b
x-request-id
undefined
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
x-request-id
5fbe6def-b7c3-469d-a38e-3bda97d8081d
x-vad-version
0.14.20

Response headers

date
Thu, 19 Oct 2023 05:39:48 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
25b249d688cb8203ace2435804e28a03
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
x-request-id
undefined
ads
securepubads.g.doubleclick.net/gampad/ 		308 KB
85 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2948625437707032&correlator=2923472505724236&eid=31078751%2C31078933&output=ldjh&gdfp_req=1&vrg=202310090203&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cskyscraper_desktop%2Ctop_desktop%2Crectangle_hp3_desktop%2Cpremium_rectangle1_desktop%2Cyad2_rectangle_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7&prev_iu_szs=120x600%7C160x600%2C1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%7C1200x1%7C1200x90%7C1200x250%7C1200x330%7C1200x350%7C1200x550%2C300x250%2C300x250%2C300x250&ifi=18&didk=1193244742~1193245113~1193245112~1193245115~1193245114&sfv=1-0-40&eri=1&sc=1&cookie=ID%3De1fcb63712108fcb%3AT%3D1697693985%3ART%3D1697693985%3AS%3DALNI_MZdASWBO4ILBABsD27NJ8267GYc6Q&gpic=UID%3D00000c9c6bddb841%3AT%3D1697693985%3ART%3D1697693985%3AS%3DALNI_MZeGc9vLHPQSDSptz-aGVnpgIaWGA&abxe=1&dt=1697693988347&lmt=1697686788&adxs=1480%2C920%2C516%2C200%2C516&adys=160%2C173%2C839%2C839%2C1105&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0&ucis=i%7Cj%7Ck%7Cl%7Cm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.walla.co.il%2F&vis=1&psz=120x0%7C1200x0%7C300x0%7C300x0%7C300x0&msz=120x0%7C1200x0%7C300x0%7C300x0%7C300x0&fws=4%2C4%2C4%2C4%2C4&ohw=120%2C1200%2C300%2C300%2C300&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1335889755.1697693985&ga_sid=1697693985&ga_hid=108702921&ga_fc=true&ga_cid=760173411.1697693985&dlt=1697693983693&idt=1160&prev_scp=slot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.12%26vad_adid%3D136d07cc535c841d%7Cslot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.16%26vad_adid%3D137c5c9bde6c2c3%7Cslot_name%3Drectangle_hp3_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.20%26vad_adid%3D1335396bf4893955%7Cslot_name%3Dpremium_rectangle1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.20%26vad_adid%3D134ac4cc29a13aff%7Cslot_name%3Dyad2_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.20%26vad_adid%3D135e6d402321c004&cust_params=dxseg%3D&adks=2273020715%2C885339186%2C1717219177%2C1472875564%2C2299111211&frm=20&is_cau=%2C%2C%2C%2C
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090203/pubads_impl.js?cb=31078751
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c64b6fb71f957144407fe71635136887344cb90617028f0ebe8ccd33e80ace04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:48 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87212
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 08EC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
47856
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 16:22:12 GMT
expires
Thu, 17 Oct 2024 16:22:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 52C9 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
524e0c22d20f64b524a21605a8d77ef864c837a2c00ba0d0719359d3923e97a5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Xb9Y9vaSTQ1YpXndhV9SOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Xb9Y9vaSTQ1YpXndhV9SOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:39:48 GMT
expires
Thu, 19 Oct 2023 05:39:48 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Thu, 19 Oct 2023 05:39:48 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
25920
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230080-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1697693989.551664,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
94
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
5213
ads
pubads.g.doubleclick.net/gampad/ Frame 224D 		475 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=43010785%2Fwallanews%2Fmain%2Fpre_desktop&sz=635x360%7C640x480%7C640x480%7C640x360%7C635x360&url=https%3A%2F%2Fwww.walla.co.il%2F&description_url=https%3A%2F%2Fwww.walla.co.il%2F&cust_params=app_name%3Dfalse%26providerId%3D0%26item_id%3D0%26vertical_id%3D173%26vertical_name%3D%D7%95%D7%95%D7%90%D7%9C%D7%94%26category_id%3D0%26item_type%3D%26exclusive%3Dnot%26login%3Dno%26isMobileApp%3Dfalse&output=xml_vmap1&vpi=1&gdfp_req=1&env=vp&unviewed_position_start=1&vpa=click&vpmute=1&sdkv=h.3.595.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=2591723296&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.595.0&media_url=blob%3Ahttps%253a%2F%2Fwww.walla.co.il%2F925d31d5-e1db-4efc-ae55-065f16d093c3&sid=CC164C1B-20BF-4254-9137-53B86647EB15&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797156%2C44797965%2C44801604&ref=https%3A%2F%2Fwww.walla.co.il%2F&top=https%3A%2F%2Fwww.walla.co.il%2F&loc=https%3A%2F%2Fwww.walla.co.il%2Fpublic%2Fplayer.html%3FimaAdUnit%3D43010785%252Fwallanews%252Fmain%252Fpre_desktop%26imaKeyValues%3D%257B%2522app_name%2522%253Afalse%252C%2522providerId%2522%253A0%252C%2522item_id%2522%253A0%252C%2522vertical_id%2522%253A173%252C%2522vertical_name%2522%253A%2522%25D7%2595%25D7%2595%25D7%2590%25D7%259C%25D7%2594%2522%252C%2522category_id%2522%253A0%252C%2522item_type%2522%253A%2522%2522%252C%2522exclusive%2522%253A%2522not%2522%252C%2522login%2522%253A%2522no%2522%252C%2522isMobileApp%2522%253Afalse%257D%26muted%3Dtrue%26player%3Dwalla%26stream%3Dhttps%253A%252F%252Fcdn-uw2-prod.tsv2.amagi.tv%252Flinear%252Famg01742-walla-wallanews-ono%252Fplaylist.m3u8%26url%3Dhttps%253A%252F%252Fwww.walla.co.il%252F%26ver%3D2023&dt=1697693988554&cookie=ID%3De1fcb63712108fcb%3AT%3D1697693985%3ART%3D1697693985%3AS%3DALNI_MZdASWBO4ILBABsD27NJ8267GYc6Q&gpic=UID%3D00000c9c6bddb841%3AT%3D1697693985%3ART%3D1697693985%3AS%3DALNI_MZeGc9vLHPQSDSptz-aGVnpgIaWGA&correlator=2522753518341001&scor=2176783951210185&ged=ve4_td3_tt0_pd3_la3000_er1700.200.1700.200_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.595.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c304344eff955b3da1e3ab3ffc88dea0fe128903e53895978136eb4f431abfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:48 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.m3u8
amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb573d1a7d6c628e84cb3e61cef64882987b3dcb0e6c886470af4a9765d97800dbe8ae84ae5b910c4c9e1fc061017d360439cd1dd56c49c1da6... Frame 0979 		12 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb573d1a7d6c628e84cb3e61cef64882987b3dcb0e6c886470af4a9765d97800dbe8ae84ae5b910c4c9e1fc061017d360439cd1dd56c49c1da63b820743c4b21fdcde00080dd0d0cb1df11292ca36265299a7369cc350f7bd2ec5a2f803ebe764c53cb017c593f88f258ac7e4cc59e0f82762a95a5d5715a2c0c0edd0442e0a359bdfce74f518d3df2e51d499d2d58e1d746c8c91dbad5814697158120ec16c8c3a4d8d618848e9737a035d75e7a3097c3c9f018e9ab6f9998fd5b369170264f1f2797c9f1db7b4c4ac3de3e8299eeaa77f003cbf345cb0065fc68302ef5dfb97feefe38c76ed961c7e5461aa6fce4111102b5f7af9afe7a11a865f3a3fbd86068a327751254e462c22b273491b29e5ad4835da1bf2d81bb7e0e78eea505cacdfcd3b4f0ba4392739e9cb4806b16072325129651a7ad68d902d46ce79b4076121e12edd27eecb2f4727c22438f8b5b94341ebad084ca9f2d33d86f165fa73188034b3c82613525b663a1c27c5f88200b973c72ae0b62ce11aaca599fcdecec083fbac9d402ae3f9dd224e6b653f9236c2341d9940b504a4b71d594162e386bcc48e19387a140000ee8f8daed82341c022a1c46039be88528c396a1b41ff4ec0f33b366c40567a1a8eec1ae/88/640x360_642400/index.m3u8
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/3589_551e330fe89884ee4a2d_551e330fe89884ee4a2d_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-49.fra6.r.cloudfront.net
Software
/
Resource Hash
b2a26b8e354a31328f64279f6a5f4383730f0d26b8ebac44679e26c6f61ea0f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:48 GMT
via
1.1 google, 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
content-encoding
br
last-modified
Thu, 19 Oct 2023 05:39:44 GMT
x-amz-cf-pop
FRA6-C1
x-cache-status
FRA-1209ea83, miss
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
https://www.walla.co.il
x-cache
Miss from cloudfront
cache-control
max-age=1
access-control-allow-credentials
true
accept-ranges
none
x-amz-cf-id
z0XfN5V2vmvIk_kQPQ3yYl3waU6QBp3fzUWIHqabMa_37nl3HN38fw==
sodar
pagead2.googlesyndication.com/pagead/ Frame 52C9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310090203&jk=2948625437707032&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame 08EC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:03:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
41790
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 18:03:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0979 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?valid=t&lid=174&sdkv=h.3.595.0&e=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44797156%2C44797965%2C44801604&id=ima_html5&c=2808957072533813&domain=www.walla.co.il
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C82D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090203/pubads_impl.js?cb=31078751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:39:45 GMT
expires
Fri, 18 Oct 2024 05:39:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3085 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090203/pubads_impl.js?cb=31078751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:39:45 GMT
expires
Fri, 18 Oct 2024 05:39:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 42AB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090203/pubads_impl.js?cb=31078751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:39:45 GMT
expires
Fri, 18 Oct 2024 05:39:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 22D7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090203/pubads_impl.js?cb=31078751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:39:45 GMT
expires
Fri, 18 Oct 2024 05:39:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7D26 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310090203/pubads_impl.js?cb=31078751
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:39:45 GMT
expires
Fri, 18 Oct 2024 05:39:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=108702921&t=event&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=IMAPluginLoaded&el=&_u=aHDAAEABEAAAACAUI~&jid=&gjid=&cid=1335889755.1697693985&tid=UA-4780630-1&_gid=760173411.1697693985&gtm=45He3ai0n71T728TH&cd1=1335889755.1697693985&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=0&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&cd122=GTM%20video%20event%20To%20GA&cd123=https%3A%2F%2Fwww.walla.co.il%2F&cd124=&cd35=editorial&cd38=Live&cd39=Live&cd44=false&cd47=Live&cd49=&cd50=Live&cd72=false&z=1643975196
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Oct 2023 18:38:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
39673
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 42C8 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQYjLCD-gEwAQ&v=APEucNVzBLHVmaJ0OegILze0kwBcvP-S2t7MCdFsoicGBSsR8Qp8Z5Dz-bm1ApvQaT6MS_GKIj8k1te7pFE_y9JK0cL5wzw0zvzPZpba_8nhaOeFBzHFsUpvN3Iz7jFx_AJ8kW1iwprCMeIt_nonShljf1qc4gmrXp1nRtZJIBTq63bYDp3AVUg
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:39:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C82D 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 05:39:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C82D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bz1ZxQu6xqqx9QQiy3gg-6bpH6SrDDFMK5W2H46KWyIQRTDRWdrm-JJ4s3SptE18Gvod_1tbTL9Hz1GpvDT7n_bBEH4ijKA06_t-iln3AoldBdutI
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C82D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9802728053773183573&x=1&ct=77
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfscript/ Frame C82D 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=68648309;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=20567029375&extPm=20567029375&extCr=524343308&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CmnehJMEwZdPEGc6_9u8PlpGj-AqegLTUc_PanpacEpizlZhDEAEg0ZPDKmCV4pCCoAegAYbHmLcpyAEJqQIepVwe1KyxPqgDAcgDmwSqBKQCT9BPyiTdIzbjmhdAs1lgKnjZvHjbQgLgaTkvi6-L-Trm4Yjg_iRTNSgtjnJePEoem1LO4neCd_s3L8r0sIKnd-QeqZcUdeKwkLnQeW-Os2rlG1Nxiu6LfIKPBk9IcKluNxdpTwxXu0JhP2tIhxTKLJB11_b0xDJwauE6ADgHl4UiSk3bPthwt3jNRzwv3lW3IQIner-iRnKsKBExbonpOeQffGASp7LGZSy_-kQ5Lucw_XE9smy9A5BzMmMsTi4OCAHR7cWlUtySRJ-aunbiB0OxFzCmi740DtRKYYCdtLc0TNqtHaELR0YMjzEHyT3zMZZQCyPxTB9PoeynpYUJaL5sw4T-afX3k-rExgbK6pjSe6YMiO2bJTu2PhK627zv6mL_BsAE2czu7sYE4AQDiAX_7I_PTJAGAaAGTYAHhv_olgSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0B4g0TCOzI9fiygYIDFc6f_QcdlsgIr7ATn_2VFdATANgTDdgUAdAVAfgWAYAXAQ&ae=1&gclid=EAIaIQobChMI0-b3-LKBggMVzp_9Bx2WyAivEAEYASAAEgJXu_D_BwE&num=1&cid=CAQSPADICaaNftj1cfeiQqrmNCzUpCkbhjAOzKOg2aDrHlNKYlV1SfKeYTU6cvkO0oPXHTogRR3hYiB_tI-cRxgB&sig=AOD64_2niRJ5SEkqIKtInNEmcMxm7RFOgg&client=ca-pub-4491659496372172&dbm_c=AKAmf-BQbNW2sGre_GuQL1WrBsJPRkwOtSBjlY6GDboRSxl0RJK5CCl27RrMQU1YJJou1UgHAZpbxcXVNA9FcNy21RHxx1avPOCCZWjUIfauZ3O8TxW6_gZ3YtKgHl9MoHz8ufaq-GJv9QTvBzLKr2jNnUZXCIJGKrNtv6dMQJaOHe24939kLNQ&cry=1&dbm_d=AKAmf-Bbs0o7NdlAd_DslDeiNVowVnUpokK45pnGvWUORxLnKD72gdXScMVyzLI9WaCqL6TUBOOU9mOUdKHYS8ajyPj56x5v3k43jBGryojjE9gvUCLSL7QagdFZ4Jve5SG_C8_4ZZ8KlG0zSq7lKmx1oCSO6rvvCFg2YvkyQuT03V4areZvCgeIBaF0ZJXZ2Eg85R2ZMVcl_R9HRliABLJ8Gzp53KMG7ZEynGm1fBxK6SaZK1Toa8YMMglVlGeX1M889QGFSUIZq3lsoxRfJ0cT626q-JcZWwBulTVXuC5k-TaqdjKuwkxpvMhiRwCXJwp86i7ulFeKBzxLqFpiw5lor6HS6Ier8Ve75VQodSLhxa5aRuAi5rOC3-eJudq5npZIHHb4056PpZBRhfFzudvWnDAXJbbxR84N0PytiDQWosdVk01Yyr3-F30BazTxYH0XHgjpbMU4wGwWjS6CPsalrLJRvDYJHkjpDLnl-II6oIKZmxmPO78Xtfcksw5gNbJEoBfFXOyxV9hCbnQ-RxCOilpbLSD6Iyw062hFZR0qLHN2Fcm7_fs&adurl=
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cafef9f600456f862855cf007e1c89f0e0a13e73d374b776451bd67bb9829d8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3045
expires
-1
ai.aspx
m.exactag.com/ Frame C82D 		43 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=20567029375&extPm=20567029375&extCr=524343308&rnd=1697693988418387
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.72 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Thu, 19 Oct 2023 05:39:48 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Do, 19 Okt 2023 05:39:49 GMT
X-ET-Code
0
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1756
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame C82D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:21:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
47872
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 16:21:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame C82D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:21:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
47872
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 16:21:57 GMT
l
www.google.com/ads/measurement/ Frame C82D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1kMmws7hO4qKgJIAZChfpXgViGMhjUQJ-__LXVQJ_vFemP2j7v15LqJmYMnZ7yz6tC5ii_jaTHPRYkSM6EDOJwySGZw
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C82D 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 05:39:49 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2D97 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQYss6D-gEwAQ&v=APEucNWwZOlObb7_TKcVji2jyv2AKGr39XPfYq9lJoXlW0vwnGpC1IcxyIZFLX4K6-TQeZHDMYoYSdahIHzzA_fo2EVLw2tXQZPKGyWa1ABRYmfdYhTsPK9EBLCnPbA8E3dF8u4HNQ96KuKLKlu93Zo5rFW6_pO3YptZI3sbt1aqYc4DOdlYzko
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:39:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 3085 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 05:39:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3085 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CirNbIwmhr8bjD41gAmh2EH98LhIaX5DDdaO-FbeuEhysJxsjKJWLkJ5OODz3hXUbcnu_4WSzBGLWzqCH1iPeIjlGRxnZvnXztqQd8HFTmRbQRXTY
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3085 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14034837085916471775&x=1&ct=77
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfscript/ Frame 3085 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=68648317;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=20567029375&extPm=20567029375&extCr=524347186&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CgVAOJMEwZdTEGc6_9u8PlpGj-AqegLTUc5PcnpacEpizlZhDEAEg0ZPDKmCV4pCCoAegAYbHmLcpyAEJqQIepVwe1KyxPqgDAcgDmwSqBKgCT9CHfPNHaLmUclXS6Ksz1kfUC6DjEFf7ormcRrLmoHFWGolkwvHNUT-HT7goQ0j9EJy21daGYlkpKNeI0ftcYm7Vymtg_lfpZz9oc1ZTnVYIMD01JN9luOHQDc4XKjgCX500mjq3WccvdgvvRpUfoNgjjO-36hEsYY8U7OiTM1qFP9j60EvCrxvDK7gb3bo8NjqMA1sR-ECy_DmnwuKLt2_Y13mNKpX_pcFfuOqDdWvXm9oRC8V3ql69nRqbU_0VtH60yWKE2-cxNS6cwvq1Eqh20nfnUaWGtZ7e_To8k9ZdQA23TEt89V3rues-HEppaw5fwV42suHuvHCy93ICC9nPtiOEsFXpwI-GgjaP_phIbuJ4Et1-pL8SQBrbvHJyovQT6OE6KELABNnM7u7GBOAEA4gF_-yPz0yQBgGgBk2AB4b_6JYEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAeINEwjtyPX4soGCAxXOn_0HHZbICK-wE5_9lRXQEwDYEw3YFAHQFQH4FgGAFwE&ae=1&gclid=EAIaIQobChMI1Ob3-LKBggMVzp_9Bx2WyAivEAEYASAAEgIusvD_BwE&num=1&cid=CAQSPADICaaNftj1cfeiQqrmNCzUpCkbhjAOzKOg2aDrHlNKYlV1SfKeYTU6cvkO0oPXHTogRR3hYiB_tI-cRxgB&sig=AOD64_3lNJQ7yH7ZPght9vPPJPqXru2_5Q&client=ca-pub-4491659496372172&dbm_c=AKAmf-A8vLQG3fqlhkA6KUBUIML2dlNaHiaUgpy1swSZP-elJMSPuDZqfAfkdeF22OcfbOsfP6Cu4Sz-W2vYNljBYRHvTelZcczcv7c0rqs0Y3aXTLujr28rDiC38qnQztToUgpLeceCmA3DJ2xgAYGUdkxb0ESqJEKTawg4uF_055LON7TlGrw&cry=1&dbm_d=AKAmf-C09DetuHPpcs1vL4-bkb_1Bn1cVO-mshKdCdsmeuqD2W__ZW74_r_4AQAE5iNnqIfE8857NaCvOAYQebiDEVdu4ILc5kq0IC21Vmco2WfTcNPZKWtQvuCpOluZkF-ek0kaX8cndAi5Kza0bUL98qLajkUu1EnJ8nrTmZH7b1moo6LN1pj1tXDth_Im15zdl8vDlWN5Y6ZbE62xO-dOR8l8cZK18O4VZQjNLxcFUAIA1E3YmvO-SkukEMfgl93KzUHOuXDIiYjMpUtFzJeHrgU1_ToPJwoA5_gr645u4PjPVoyc8fCqFfojlOBPtLjZVSyHW5XaxYF5zJ7q9xTZOTkQd2GdIAYt4x0BRxDjOhAYrsxFji3mJtGWuI95DVglf8VNR619kS9sskpMuzCd46vuaWl8ro0lHnT2daW8F0fRPxZYelSFn7qeaeIyDdRzkEQTEKiFZXTKS-Thb4XMih-WtDmVTP0pY5jVslf9AZcUKkeV88T9ex_YK8LxiscQIv4v6jjJYsQKvMF7P2meeQ8MG21APoOg3GMx3ryzfOCXsJRLi2E&adurl=
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ab693e1db4fe4f5679fd145ba46d80db2208ab8c203769471bd04b83a4637f02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
3046
expires
-1
ai.aspx
m.exactag.com/ Frame 3085 		43 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=20567029375&extPm=20567029375&extCr=524347186&rnd=1697693988418388
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.72 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Thu, 19 Oct 2023 05:39:48 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Do, 19 Okt 2023 05:39:49 GMT
X-ET-Code
0
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1756
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 3085 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:21:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
47872
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 16:21:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 3085 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:21:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
47872
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 16:21:57 GMT
l
www.google.com/ads/measurement/ Frame 3085 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQYCN8igZeRU-anfI0TjBrKfELB95AwvYJ3mPgzrLetn6Vjx3MaZeODpWHNGRrCtrMU7AibvukLifvITICsymAMBk95eQ
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3085 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 05:39:49 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5D7D 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGND95voBMAE&v=APEucNU9GkIrGQkKrrOjfUh0aVFErSkb--_lXkBOcPXYU76IpfUqgO9bakFTO8KlfvIHXqyFUuQoe5v-8bs6NyJKhBlKyT8OkPUH7zoRWCGlsJPlWEChBp_VdRbhoROZrb8K-Z4vpLEO4UcGWlOzplZ61gdF0mU17xQUfHtBPpjOxRqDaz6zcEw
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:39:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 42AB 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 19 Oct 2023 05:39:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 42AB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CueLGKLu4WefqjGR9L1SnEqdfA5RcdzA6oLRfdJFiG-BKeWorvkOiELlhf7c4MWzZqezfI6L9VhqI7T8Z9byArwbkULu1hqkViSJ2iXp5d6cYaOkw
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 42AB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9672159996367939715&x=1&ct=119
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 42AB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:21:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
47872
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 16:21:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 42AB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:21:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
47872
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 16:21:57 GMT
l
www.google.com/ads/measurement/ Frame 42AB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSO-zh8kTT56E5nsZFZIRiAY2ytDva9JJDu3hBHnXVfE2Y7-6TqVHCxOyoQxtA4-bMwzvUGdFSmkqVUuLLCXEoiqMDSqg
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 42AB 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 05:39:49 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame BC49 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjYn9btATAB&v=APEucNWH2_KfW--Vf_MgPfGZSCo0fRqTZosWwjDq_IsAPB3ksWq3RhyQiEab0tdL96zd6kd8fifcv6lq_It_HUlBOr6HU8-f0U1W-hVL-Y-2HQYpqtnyIy2P_R2brlSkPvvQwfrz9ROOH_EZ7VTNF_isQ2RgZlwAsIrKx5ED_maywdZ2Bs81QbM
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:39:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 22D7 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
Origin
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 12:29:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61838
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Oct 2023 12:29:11 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/ Frame 22D7 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:19:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
22794
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 23:19:55 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 22D7 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 22:38:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
25274
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9145
x-xss-protection
0
server
cafe
etag
13066256994748809036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 22:38:35 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 22D7 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:39:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
21637
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 23:39:12 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 22D7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:21:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
47872
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 16:21:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CD14 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72585
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 09:30:04 GMT
etag
48472445140208031
expires
Thu, 19 Oct 2023 09:30:04 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 22D7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:21:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
47872
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 16:21:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 22D7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BtsA2LE58Voz5TXJwiYG6LRvhMCpPTvic4MzvRWM5CsZdvbXQCQeMyknMG9xuqp16PpNTfK2njO0ZkEkR7KmKnniOnB1CUHo1nRrlIHkLhLhem-uc
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 22D7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQqeaeG5fDvCntuXvTCXI0T9SjDjFsuAawGYQ2Lfr-S77Bcf2hdYluHTI9eOr_ZV4eKitxij9eqbMSPfULF1ytKWsKAag
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 22D7 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 05:39:49 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C15F 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjYn9btATAB&v=APEucNWl7dJO5nvSfAtA8ZGmm_11dbpVreR2f4wC_Os1KNr62tiPk1SWKlMRVmJP67SGuBI7QWajtmim1NEZHwHMgwi0ko46C9fD-8x-TiNciWXe-lGzt3vSlgGoqcozfWmFbHzMJtW-phZ5KuyZfYhAeHBSS5S7n_4Syyvt6a-Kuq5lEIUhRvQ
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:39:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 7D26 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
Origin
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 12:29:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61838
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Oct 2023 12:29:11 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/ Frame 7D26 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:19:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
22794
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 23:19:55 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 7D26 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 22:38:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
25274
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9145
x-xss-protection
0
server
cafe
etag
13066256994748809036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 22:38:35 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 7D26 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:39:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
21637
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 23:39:12 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 7D26 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:21:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
47872
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 16:21:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 169E 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72585
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 09:30:04 GMT
etag
48472445140208031
expires
Thu, 19 Oct 2023 09:30:04 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 7D26 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:21:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
47872
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8337
x-xss-protection
0
server
cafe
etag
13483435759450910196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 16:21:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D26 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DDns8qxLkve6NpFJIibSAO5ZiJxypcolxaoNgWDifU9YStAM7R1aLBIXHTXV99ykHlANen6VhXvLY-JGSzBsZlsytqCjUnf8a54CatTifSX8ihQ8Q
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7D26 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60178
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697628223465749"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 05:39:49 GMT
rum
dsum-sec.casalemedia.com/ Frame 42C8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0hYTIDlVitxWOukROYue0&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0hYTIDlVitxWOukROYue0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQYjLCD-gEwAQ&v=APEucNVzBLHVmaJ0OegILze0kwBcvP-S2t7MCdFsoicGBSsR8Qp8Z5Dz-bm1ApvQaT6MS_GKIj8k1te7pFE_y9JK0cL5wzw0zvzPZpba_8nhaOeFBzHFsUpvN3Iz7jFx_AJ8kW1iwprCMeIt_nonShljf1qc4gmrXp1nRtZJIBTq63bYDp3AVUg
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1u2HskO1Uvz9zBtDoFgZrsTqdkpZAzPVTSbbG%2B5zHSPnAx94yY2HtSIahWxqeB1Omk93PolEcPDkd%2FpAgkBh9VYYY4lonfd0fSoxA8SkSZqyRebvZTL6YLTLknGv8S14FDNmj3kFalllQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8186aeca8c9d35f0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0hYTIDlVitxWOukROYue0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 42C8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTDBJYSuXZ0b0UlPSVd.0QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0hYTIDlVitxWOukROYue0&google_cver=1&google_hm=2
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0hYTIDlVitxWOukROYue0&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQYjLCD-gEwAQ&v=APEucNVzBLHVmaJ0OegILze0kwBcvP-S2t7MCdFsoicGBSsR8Qp8Z5Dz-bm1ApvQaT6MS_GKIj8k1te7pFE_y9JK0cL5wzw0zvzPZpba_8nhaOeFBzHFsUpvN3Iz7jFx_AJ8kW1iwprCMeIt_nonShljf1qc4gmrXp1nRtZJIBTq63bYDp3AVUg
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zK48AE0ypDsSgkMDh2SzqdHdcy%2FzzkFv2Ei0gdT8N3f0Yas6UW8drUiJhk7ZuTZLnNvJQ9mIwy68E92ogEqw4elwI%2BlZPyAdisOKSWef9Dk31TSNhyFOKnNnf9Q5cZ5abkpcW4FRwxN%2Fgw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8186aecb0d2035f0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0hYTIDlVitxWOukROYue0&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 42C8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHw2yQAlH4-twzpBu2g3iyI&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEHw2yQAlH4-twzpBu2g3iyI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQYjLCD-gEwAQ&v=APEucNVzBLHVmaJ0OegILze0kwBcvP-S2t7MCdFsoicGBSsR8Qp8Z5Dz-bm1ApvQaT6MS_GKIj8k1te7pFE_y9JK0cL5wzw0zvzPZpba_8nhaOeFBzHFsUpvN3Iz7jFx_AJ8kW1iwprCMeIt_nonShljf1qc4gmrXp1nRtZJIBTq63bYDp3AVUg
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
an-x-request-uuid
a2aa9ffe-b685-48c6-b43a-24489df35d18
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.117.78; 146.70.117.78; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEHw2yQAlH4-twzpBu2g3iyI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 42C8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA3Nzg0MzE3Mjg4OTU4MjEwNw%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA3Nzg0MzE3Mjg4OTU4MjEwNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQYjLCD-gEwAQ&v=APEucNVzBLHVmaJ0OegILze0kwBcvP-S2t7MCdFsoicGBSsR8Qp8Z5Dz-bm1ApvQaT6MS_GKIj8k1te7pFE_y9JK0cL5wzw0zvzPZpba_8nhaOeFBzHFsUpvN3Iz7jFx_AJ8kW1iwprCMeIt_nonShljf1qc4gmrXp1nRtZJIBTq63bYDp3AVUg
Protocol
H2
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
an-x-request-uuid
aa921300-ffea-4e39-8f51-ee5359b15a4d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA3Nzg0MzE3Mjg4OTU4MjEwNw%3D%3D
x-proxy-origin
146.70.117.78; 146.70.117.78; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2D97
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0hYTIDlVitxWOukROYue0&google_cver=1
43 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0hYTIDlVitxWOukROYue0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQYss6D-gEwAQ&v=APEucNWwZOlObb7_TKcVji2jyv2AKGr39XPfYq9lJoXlW0vwnGpC1IcxyIZFLX4K6-TQeZHDMYoYSdahIHzzA_fo2EVLw2tXQZPKGyWa1ABRYmfdYhTsPK9EBLCnPbA8E3dF8u4HNQ96KuKLKlu93Zo5rFW6_pO3YptZI3sbt1aqYc4DOdlYzko
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3fbw5S8LxUiDaidP4gjmvYGSrFNTEd1e7UrRQ59JMqYZSTYY7tmc6HBVwWIVoCNSylvhrGc0LPrWfmOHSTrB0B%2FwoPuR1limA193o5BBRjNGe3IUjZOzmwU6fDdhBbdA2odxYj%2BW%2FKKrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8186aeca8c9935f0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0hYTIDlVitxWOukROYue0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2D97
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTDBJYSuXZ0b0UlPSVd.0QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0hYTIDlVitxWOukROYue0&google_cver=1&google_hm=2
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0hYTIDlVitxWOukROYue0&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQYss6D-gEwAQ&v=APEucNWwZOlObb7_TKcVji2jyv2AKGr39XPfYq9lJoXlW0vwnGpC1IcxyIZFLX4K6-TQeZHDMYoYSdahIHzzA_fo2EVLw2tXQZPKGyWa1ABRYmfdYhTsPK9EBLCnPbA8E3dF8u4HNQ96KuKLKlu93Zo5rFW6_pO3YptZI3sbt1aqYc4DOdlYzko
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmGMPj2mLZgtOGSpv74cvrLlbjoR820XSTxYySkbu6rAgrfU%2FpXUyutwNQdeC7o%2FTZOflvhqOpVZmgLihLnc3YrdGOpUCUbk4Dg7xRl9b90As02iPTDlTWg5dFSCGYzEoLSC3r1DkO3v8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8186aecb0d2235f0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0hYTIDlVitxWOukROYue0&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2D97
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHw2yQAlH4-twzpBu2g3iyI&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEHw2yQAlH4-twzpBu2g3iyI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQYss6D-gEwAQ&v=APEucNWwZOlObb7_TKcVji2jyv2AKGr39XPfYq9lJoXlW0vwnGpC1IcxyIZFLX4K6-TQeZHDMYoYSdahIHzzA_fo2EVLw2tXQZPKGyWa1ABRYmfdYhTsPK9EBLCnPbA8E3dF8u4HNQ96KuKLKlu93Zo5rFW6_pO3YptZI3sbt1aqYc4DOdlYzko
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
an-x-request-uuid
6573fd1b-8510-4a9f-847d-912eabbdd0c7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.117.78; 146.70.117.78; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEHw2yQAlH4-twzpBu2g3iyI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2D97
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA3Nzg0MzE3Mjg4OTU4MjEwNw%3D%3D
170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA3Nzg0MzE3Mjg4OTU4MjEwNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMbfsgIQx7C0wQQYss6D-gEwAQ&v=APEucNWwZOlObb7_TKcVji2jyv2AKGr39XPfYq9lJoXlW0vwnGpC1IcxyIZFLX4K6-TQeZHDMYoYSdahIHzzA_fo2EVLw2tXQZPKGyWa1ABRYmfdYhTsPK9EBLCnPbA8E3dF8u4HNQ96KuKLKlu93Zo5rFW6_pO3YptZI3sbt1aqYc4DOdlYzko
Protocol
H2
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
an-x-request-uuid
2cd0e305-1735-4fab-a5d5-46131790eccc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA3Nzg0MzE3Mjg4OTU4MjEwNw%3D%3D
x-proxy-origin
146.70.117.78; 146.70.117.78; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5D7D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENVKWh9nSQaG2JW7nwa_foM&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENVKWh9nSQaG2JW7nwa_foM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGND95voBMAE&v=APEucNU9GkIrGQkKrrOjfUh0aVFErSkb--_lXkBOcPXYU76IpfUqgO9bakFTO8KlfvIHXqyFUuQoe5v-8bs6NyJKhBlKyT8OkPUH7zoRWCGlsJPlWEChBp_VdRbhoROZrb8K-Z4vpLEO4UcGWlOzplZ61gdF0mU17xQUfHtBPpjOxRqDaz6zcEw
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENVKWh9nSQaG2JW7nwa_foM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 5D7D 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGND95voBMAE&v=APEucNU9GkIrGQkKrrOjfUh0aVFErSkb--_lXkBOcPXYU76IpfUqgO9bakFTO8KlfvIHXqyFUuQoe5v-8bs6NyJKhBlKyT8OkPUH7zoRWCGlsJPlWEChBp_VdRbhoROZrb8K-Z4vpLEO4UcGWlOzplZ61gdF0mU17xQUfHtBPpjOxRqDaz6zcEw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 5D7D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEB7toIH7R1KUiacNxA2ayCE&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEB7toIH7R1KUiacNxA2ayCE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGND95voBMAE&v=APEucNU9GkIrGQkKrrOjfUh0aVFErSkb--_lXkBOcPXYU76IpfUqgO9bakFTO8KlfvIHXqyFUuQoe5v-8bs6NyJKhBlKyT8OkPUH7zoRWCGlsJPlWEChBp_VdRbhoROZrb8K-Z4vpLEO4UcGWlOzplZ61gdF0mU17xQUfHtBPpjOxRqDaz6zcEw
Protocol
H2
Server
23.211.8.12 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-8-12.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Thu, 19 Oct 2023 05:39:49 GMT
pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEB7toIH7R1KUiacNxA2ayCE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 5D7D 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGND95voBMAE&v=APEucNU9GkIrGQkKrrOjfUh0aVFErSkb--_lXkBOcPXYU76IpfUqgO9bakFTO8KlfvIHXqyFUuQoe5v-8bs6NyJKhBlKyT8OkPUH7zoRWCGlsJPlWEChBp_VdRbhoROZrb8K-Z4vpLEO4UcGWlOzplZ61gdF0mU17xQUfHtBPpjOxRqDaz6zcEw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.211.8.12 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-8-12.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Thu, 19 Oct 2023 05:39:49 GMT
pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
generate_204
tpc.googlesyndication.com/ Frame 08EC 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?huBIfQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:49 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sd
us-u.openx.net/w/1.0/ Frame BC49
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENVKWh9nSQaG2JW7nwa_foM&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENVKWh9nSQaG2JW7nwa_foM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjYn9btATAB&v=APEucNWH2_KfW--Vf_MgPfGZSCo0fRqTZosWwjDq_IsAPB3ksWq3RhyQiEab0tdL96zd6kd8fifcv6lq_It_HUlBOr6HU8-f0U1W-hVL-Y-2HQYpqtnyIy2P_R2brlSkPvvQwfrz9ROOH_EZ7VTNF_isQ2RgZlwAsIrKx5ED_maywdZ2Bs81QbM
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENVKWh9nSQaG2JW7nwa_foM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame BC49 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjYn9btATAB&v=APEucNWH2_KfW--Vf_MgPfGZSCo0fRqTZosWwjDq_IsAPB3ksWq3RhyQiEab0tdL96zd6kd8fifcv6lq_It_HUlBOr6HU8-f0U1W-hVL-Y-2HQYpqtnyIy2P_R2brlSkPvvQwfrz9ROOH_EZ7VTNF_isQ2RgZlwAsIrKx5ED_maywdZ2Bs81QbM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame BC49
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEB7toIH7R1KUiacNxA2ayCE&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEB7toIH7R1KUiacNxA2ayCE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjYn9btATAB&v=APEucNWH2_KfW--Vf_MgPfGZSCo0fRqTZosWwjDq_IsAPB3ksWq3RhyQiEab0tdL96zd6kd8fifcv6lq_It_HUlBOr6HU8-f0U1W-hVL-Y-2HQYpqtnyIy2P_R2brlSkPvvQwfrz9ROOH_EZ7VTNF_isQ2RgZlwAsIrKx5ED_maywdZ2Bs81QbM
Protocol
H2
Server
23.211.8.12 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-8-12.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Thu, 19 Oct 2023 05:39:49 GMT
pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEB7toIH7R1KUiacNxA2ayCE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame BC49 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjYn9btATAB&v=APEucNWH2_KfW--Vf_MgPfGZSCo0fRqTZosWwjDq_IsAPB3ksWq3RhyQiEab0tdL96zd6kd8fifcv6lq_It_HUlBOr6HU8-f0U1W-hVL-Y-2HQYpqtnyIy2P_R2brlSkPvvQwfrz9ROOH_EZ7VTNF_isQ2RgZlwAsIrKx5ED_maywdZ2Bs81QbM
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.211.8.12 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-8-12.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Thu, 19 Oct 2023 05:39:49 GMT
pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame C82D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9952286458414&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C82D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9952286458414&version=m202309260101&ct=77&x=1&cor=9802728053773183000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C82D 		30 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYZM5JgLTamhGGFSG_9hYEvqm8JqTXWjbBPJ5wHij1Spv4BAmJ7_T_wT-XzsjTJbWVAN61weOvEJhwhQ1rqSCdYg0LAkaEI3ZfS4VuyDfJh9d38R71eEqbNUuo2EAEOZCOoIVqfHRCnvkMjwH29UMi7U8UeSbO5pw8CBRLHbw-84FBPio&cry=1&dbm_d=AKAmf-AnseuOhXXAxPAdmOHX-C9ixG2mVl05lC_hZV6s_56OIu8iEnwewFJTLm8SM5bAHdVhQ16lZuED_WAj8N_FgUxdBm-d7sqbzzxlC3DgxQ1dggPm_esz4VUMF7RCb3VllDi47Czpcq-nVcY2c8IJlPAa_gs-M66E-21qeMwxNR_uHdfIb98x7jJD-LjtcHFlkEbrvyla3a8pZGkR-BC-mE_JrBA8s1cClqaUnmsw6xxzSLPcG37AgxW79preHSo5dYhXTikLfFaGxeG949ielGf68iVKJChpdpqtYwgNNAgQvzVS-gO_jChmJZfJiCmEvvTftBL8HTHuEZlMwy6esxIknWSnneypcjr46fKheOSe2TJp1eiUf1iSyA-EYHDtEFeziFg7KiUNuxDL0t6Rz1FlK8q_BBF-Uzw7Ni1f3W9yqsSABigs8kGaJS92d_QodjUXHwdMTQsCDJRt3MNpQ5HkfbOHWdTorVQadNOzUo0aP8WP-jguaMAzXCie-bUgA2nYLmICBE0xza-CkFuirym0LGbXfr6ZQWUn8m62iE3pF4opK4lLV4t3svedBO5SaS0xADx0_lJ9SashTbvvn01OTpN_Qqq5X3UIXfu8wicDCAOhFZs44mZKhHwa9h47IQEIDnp4dmO-ooQC-C_CguAY-oL9BYcd6osl6QQv7zGJaKl9C5NiwzkFMuQQOGQX5tHuOyM4tBZ6XWUjNgp2RLKux_OUdbLsKGzpzSHGzSK1AlNGYwNqif8SN6fztnNwIhkMEGFoENfVeDVjYSGcYVqPp_itAwZP7KJ07ifMFumI9w1jcbrXk-DEorFK8DZT_aKEDJlDXO97BV2U4l1g_OpZJZpALCiDidRxhwo1whdjoXBEo6uD4lVc6GTTWenVoqyBKPn96eu6AzkdmHoKmFZhQD3YPQ0UfpIwRO-sHYBcGOKANkIvauUOPVrEGdZh5v0uT7cs6D768Zx0LQ-jTfSQoE2xdghsp2mJIl0ZCrgeY4YNFyRV9-takeXaI1TLlJ1-Kq1AXe0p0sSYOQu6VOrD6ui4MUHq2dbxdvcUUnGPKpdXovZFumvYx_KOb4e7jdUDoZDjZsYbO44BcIcz7hJt4uQvLFZSILP-QGot0HToUOeOb04Vjzu4yjfEsR_91Ab8adl6XXCs4qkK7zmcXV7UB1_mvMUB25msf_3xRcFiERws51-mYbBmRfLJJA5AUgetKj3fRfqXcPhTTLDaTIhVUW2CqhlJeZplYl-ckSSIXCBktE7iaMcveNxNAoQI11vNXYvFxnFpgcKhzavIHpGbn6BWoO_TYdsvWEfBYv_yGRWK9WJjGcnYkk1TX5L54AEXW6pN_uZOpkyRSHQwwXp87aPTkDx5NlxscTIl3uXiY7QRYSUwHE0EYWZL1ZiipFJCVTUAipL-B-_jyi6TeU6gHXXLOHCnHtNWkBr7X6VR1IlYoQWarjakWmXmyM6D5AzO-_c1rXLl2L3-rMqPOicqafEvNGCG9alJoH6uyXvGzUS_ANMa8bHoJnGyL5FRZiasYOBtVkDRPTVTtS3c4Eu9AyYhGd98dIOVYiESTU3QdIEaLeRFaYOdWwOQiKYXaAvybZ28UvslFQx6cRkRNKVHjNSASH8EDGbVnhbT_7Fzw7ypbZ1KA2wRcZlW8kaIT6EHsVxAphrFdRKIJR3QaNBIstJdozkXG8dDrXoN2BaNhxH88v-Zb66LAn8BRPH_5h5YjhK_FTkZ3WYnq044uPHNm6Kv5bQNk8YLubzyf6e37vJ8f9FNU8nmLHrkS4ZfCuHJ-wPETMTw01NeokeHogzyq56b3CFy_E29bT3jQ-O21ZmKozc0ozUwhLjQmSANxZVTMVSpnyMzmLAK0avku3VY1v174NRoKAyr-5i4SxntJWr-6uffxhx-K4pu-MyeiBbd5mhT230c6KsV1ie_WtQIAd7fzhnhSWnuUXH4-weci8NE4yILgWLYZNjx8o0AqrG3-TPA_lzk35qBtLcmlg5o6BfUWPaypULjlOHyRTrFtrZojrjS4THq2zRulu9w8qUAXaxCGLS4_o4X5cV18ueBs4igMHjrPbFqGDJlu7F_1LshSmM8KvG3z3uUEtzVpFIQgJiLi0lP9NnbG9grzBAGZfqVLG1GXh2jHSTRduv-U415nOXN_3V_jZoY7KiRfksU2hbMzeohu1FQoDv45vmlRrDVOjDlfZCuWgKV2XDxUEmSW-1C_nL_a5T89_wsfRPoHD3snKKEmApOacLo03GBTC4cAJG77Jje1tLjryaBT_Id2h-yV5-X_9BRpaqZViRqHAEAZ6XPYebp45EzL4fOGGBkp0H66v9MwzHq4WSciq7WzLOXwSBDWHOXOtcHYaSuKD_eGMPT-QWWprWV66RlcYwN-CRkL5rs4glQSXtbWRd0k8NaeawMFETtKGetMffZbwUJZXIBtScik6QWq5B0jaCyx-4A3qqOhJ-yVF8c6tuTLagr5iDH9vI6y8SyldIJN-eaQzT2z_yeWknOlfzyri3s15cervu0miSLkpwC2VqIi0rmKcpB1YmSBqYauFo1rOHzWLDHHuNmzqByzBuDsL-Ba1MEOxdEC9Z8VaEHqskEHUMAX3la5v4o7IiveNgLoMHQ1HQMVQjiU79OQ515a9ria933tBR-gN0JVOUytFfmtNarlbMQ3wizDoOx8xmHAOnnHqdAsg0HjMnmijmOtTZfYACqK8JWvmimQX6tVgzr2gG9WS5K9r5pO6rSm1blED_rYiHALgUWUjcuSbeBX30nHi8z3HhB9p_cqEUZXPJY1MZw8n5AXy2-Kw3AsqolJmR_dHyo6Xc3zugz3IhvaGxP4zsMSMy4vml7H-BmH7XTJnhld8MJBWR-T6qv18C3w7X0h7q-sW4B42AK05V8l59BHZiidkNXylxBPXqwgGLjQzGEL-hdNSZXV3I1bp7QXk78hwOzXIMznIhtmEYR8WGi2ZVQ-FCiqYlCxyKC-oGQEycy6q37yOcc7lDMK6qEXvGg1s6z39xGA75L3jj83QDfBLsY_vBjVUlqJ_VNU2VscG84znd79rjwpTrawaQ7mjF4qAaFXtbPzkGbkfhnJF-AQta7S9yH9Wjw5sUu4mveB-cSDaNopzVKKevOabTs0nW8Dkia_iejKrV6xcqbOdsXNY0-HxlBbCXMYE8NmF60L_q6IZnUn7x_ngwCcg5Aq60ODyR1LL0-YLrLTzTKzFWvoaSisUVKgTCLXxoRINlyDrjUa2dBbS2zeO3Ng2DBCYW1Fbs-gcO3PzKI7eUDNxN_uzV1szaZrrPi-1rRrao9Pc2L9omo1QdpX8OXRYO-sB0344bAJ9RRpWEfhJu-btSi3b_7lFlToFGy_rHv61kX4KX-MYs2ponzvk3oyGLlJi3dna62fxFqvdHPzielvpQgb8LgrC5qD__R1Xg_-1P5VcqlQLtWah0I-pkxfGVGmkrEdeetjw8cy61z4B5P0nPTZUrdINoaKJtP5ajkQWr_5pdk1DRRT8iuAnV0-3cYOCT6Q8f_XefeUDtMuKCKrK1KRAPHHMvfzjHT2VGv5WWPYYM4zQDgabpznp219UDd26zyefCPDAR968u5EWPEWeRm4Y6b1BbWjByVxRT4J0B664IFYvgV6341uLIuihmqTnP7dzfiR0d8EnpyCTz73IxuZJdD3AKK0Y-01Vk1VawMiMQVHJhe7j1zHM-aai9Dpwr5XdVoOMKcF7xX4x3-XI3ZpxpQLrh6m5VzuCNWvoMTgdnYgNUkeiTkUmvXjRyqxtoLKW16svQ8FOfmmpTb2HfmeUwp-Cn9jMyVMzLC9gWOTowrm5OukfWFkUU2SzGO4nFqKuezFVptHi-SX6Hm5G_lGZIlaNpfTZzJUVGMLt0eUlFcUOJtsNskT-vFe4HwAB9AHSl5l-bgbtZjH81ILzePF8qOyP4MLdF-XuEu39TMgKFYh-XHlyMSXXcqspYhcD6b3yZsvIPe31Hfbk_aUtr4LPnQ7rpIVAvETG99yiMOVU2FUSzp13cGzyKDpOLiLsER&cid=CAQSPADICaaNftj1cfeiQqrmNCzUpCkbhjAOzKOg2aDrHlNKYlV1SfKeYTU6cvkO0oPXHTogRR3hYiB_tI-cRxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=9802728053773183000&adk=4020099329&idt=144&cac=0&dtd=125
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ebd6431503ff08fd6b81d56355f5353ec0dd4896234b299ece6253ed6b75f752
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame C15F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEG9UuMYqDA-7rjRHjjQ4nv4&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame C15F 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame C15F 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhjYn9btATAB&v=APEucNWl7dJO5nvSfAtA8ZGmm_11dbpVreR2f4wC_Os1KNr62tiPk1SWKlMRVmJP67SGuBI7QWajtmim1NEZHwHMgwi0ko46C9fD-8x-TiNciWXe-lGzt3vSlgGoqcozfWmFbHzMJtW-phZ5KuyZfYhAeHBSS5S7n_4Syyvt6a-Kuq5lEIUhRvQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:49 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 2DB2 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
527570
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 03:06:59 GMT
expires
Sat, 12 Oct 2024 03:06:59 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 22D7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=44&d=1&s=1&f=0.01&bgai=Bw31gJMEwZdbEGc6_9u8PlpGj-AoAAAAAOAHgBAI
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 22D7 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ebb4aae391250149e49b55a8896e334feb5984e7311f7b7684234456ad7827f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		53 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d01ac26c5959ba14ab488f5fbec45d15679a0a81152bef49144200d52b9ae895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:39:49 GMT
expires
Fri, 18 Oct 2024 05:39:49 GMT
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 22D7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsskRqwEOTAIzDJNP78D_-0RCh7A7aCNXYQeWoQtQN8LXKI6pOF6eHTSv6nOCp_4FAUNHsVL8O_9Deoyo6ZxJ3XoxP_vugTDvmqG6IOd6iZ_shcFW5l7HF0-UrYbiaW6JkGLsWFvGQhM2yPOzvh1lw0s28W8Po65xvZjDXIs8T8epJbeGm4GkjfjkdEagdyL1MyyRI__tdTlTADlyn9-tuG40dZtM5QEAD6iEuV4XMMte80s62OrjH78F730i6iYfuDwLZF_jpvdeFgYVqimZdqCNXgoJXsYuE15tMGiz3JH1-AE_a2XNpl3L4hUroeamdAl5Lkr_XpqOswZ_T08t1e6hqiHYhsYkrMo0Z1KnbkIAZXy1nSHpIYAKeUwL9ovpe-WUjz30MI_AD5pwJ7hkPPGan8_CXi6ezSqUEUWC1EKziUQsfT3Cys4p6j5u0e5ya701dLDX2-idOMv8Xcr67AqtXwd3hhE2qq9iCN5sUL2wBOHROYzESRAiOyo5clkoFz96YPFgcWBnfz9SP8NugSHyIdx_SHYchRvYJgClpp8zYjE-XnnQKSEzfmfvi_2nLro2AeJPT2cRYyZWf7FcZ5GYN2nWGr2C3sQGmpDeHdhuTgAVzg_d2IMtmBzCEwGoP2-aAaxBZKn-bbp6G82kI1MTEcGFyRRStSdLpuUqPVn-3MButQtiQF1sq3cUqx_3sVrAEzVnjOPvukmoOXq3SS97EwlUKBwuEupKmHySp_hGERyYQfdGx0gprXwGlKwd9Orcso0j2Y9-XQnpYgr9MN8rHgRKUqQ5URBjaSN-vWLoKWsHKSHLVMVRi_vsMbksEiA04AA7ydMAinJint8rhXO5TgDuTw1xo8T7nWQRndToO1d8DIGmHufd5ivEJGSbkt87ValTCXAbuaa_5_wniIP-Do1M-OgER13ESjt1mp1m3TIhb6kKsgJ1FuTjtr4uMiaXFfuTV3OaxMm8rpM2fjHvNt_sOt9E0Nm8K_rcpotiil5w7s0p2EGYSWxv_VM0ENviQCR8Vbx2ayv3MuTnz0ZGCJ91Z86jZx5J9uXiieTwFGrvwkY4muan4GGw00EakXYdqheQam9iPJvSgetpPKfnC-5lTuBloI3z6TFWCUlNF8hbsg-6dsRZTV_h7ga_mVQ_qs4WeHJ8KS2dEYivvU_Q53E6MNnB3nhDR6Ixho9updiITilUmiQP9fLbW4USg1gk7AdXslnve3bd8CK5wf64c-wm9iOYPRsbUiixXv-yUaylrb8Gj9uEj5Y9Rw5ncZA4UBUb-QrmeCEA2yvrUi3psBIyPFEucytp8OZhiA6gjzSgjdJoBwsxWgvmVFmeruTm4uMPD0qYhQdJa4zWheX97wjn3oOImURbSFC4lQHPj4acFd2kSkyluj8HZCYN_iEVtyp7xtEHDfTQNOnVlvrWpfdielHr6k1FF3EsBc8GRpJsi6C74jzVuVGQJEPreWGZu-zu7Oclw&sai=AMfl-YTWFiVfDVp9hTj9CdWiA3pDS15FqX8DhcGjWUpj-OjbkwcqkfDUhPOgSTy7Cr7tCchzpzGBGCuAzX7B-cXHBZH4G_6jF5Ug2ORyGt5VxZj-1IGRYsXbWjpXVhc5AkuDqNauzJTKWKXGhDDbsC6bE8oCF6RYUrBd_2aW_ERB99XY9JD9vwzXpFqPOhsh16L4i2bue46m_XC43PutkYOwbD8YpNjyYZ9I50V6X9GpN56U325d2K9URjYmXgzvN36_-JCg075x6Z-vEbzO7PcsWFV9sdJy1J_mJF9Ae3sRu2c_jhs5rOg4datlKmmliAcJA0Khn3r6RIBpUp1T0_-x6PEGDdFApwOz0AEyPfb4y2hHUTEad4-swrgbU9Jt0JdsBmB5sNrO7ntsn-9A_rw_aybqFgeXJBcvPgTZbFLEOtnFWW_u925b2g&sig=Cg0ArKJSzFjsVdb8JYOEEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=616&cbvp=1&cstd=596&cisv=r20231011.29355&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 19 Oct 2023 05:39:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3085 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5639712005735&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3085 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5639712005735&version=m202309260101&ct=77&x=1&cor=14034837085916471000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3085 		30 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AqDmv5oKBX6PFPIDMXUfHfmGnzx_YHbc-q4f4MI5BpdZGHcQLQ328WpyjgANd7IebYe3WtEibqHW8vSTaeij0v_TGYRzs54_ZrS6ner0TkB0WTidMjuVFSvNe5MiDDAewNlLiA9cONKeQGUnbnD6tiEcajcNa5X6BKNMolZedzkCwqlDk&cry=1&dbm_d=AKAmf-BA8FFfUGlZVvo1mkBacYXsgkv91ChfzfPA_n38aA5YQtV8lvTuMZhUlTkFZ5vXrnDYP6OVegN0ckUtH86cq1-QeWVtszweDht1x8EqUc0BTqANyJP4omeZgP0IaPcrfAonegrr6yD95b2IZkGeaZWZ4Ogj6SUd1yNoiGklkgcGwdebKDZ149KVITuVtZavLMGaFaRCxNBwL2wRt0HX_XS9ZxW26kbc50T7pLs1t4d2FVtOHV5pNmegL0AT4Ozi924DYESHIIulxflEtLaczWgvgsC0wgwxwn4s_2C9NYosB17BJ_U6Fc7Dyvi0yOlVwoLyPLUwnzmtVXlFIN5SW2HN6lN46PvZgCTOnUHooQSVYqISEcqoIYt41unYOtmVCunrnoAY7CrmGa32vg6tG0x9rtxWaa_b-0stjUzJaETsuCzvKWntJJFEG64ZdfxmFlHbFI6cCaJr7lw-sYcQNq2O0ygSTKcB7wp74Yarl76R1D9qB4T_9Fsv1SnNzFUbFJqFP2jMD9FVR5L5aqMukM8POx-9dRoEqH-ic9eX4_aZ9LvRgcZQqSX4Zct8kna5OuegNosmVYyKx9h0FAUmVux-pWj1zzdLbDawxPKej8pNV5VWFd38Aa_nnmUc9UcwljWCsgI1i2GalNKZ9uxERE0RCDc6Wlj4iFpcw-EXX5yTvZ1tIAH4dowY7wumMhsI1GsDXxfL1CbeCgRXMmznJZwzdsRcdpt1NuVDSK-icjOAk6k7Rxsdofqk7KlPQ2AUb55eiFpg8dO3G6AD9sEd_WeZEt3UnTTQwTR5eLkgIDbAvIAutpzrlncP2AvUHpYrYrvBPY2TgV0ViNmxnv-FCDUHEZszi7P-46gzjmKmJK396UePDvODO-xglyfEnfRRyo1Vo0fiJIUQqaHjateDFoGeu8QZcF92CENKX1pHF7KN1B8HpCZPFk8ghejCjqMb94QuBc7ZXaI_lNfZkxg5t7YtGFJ6kGIMO_bxPu7JXopDVxr7o7FzGP5srOsbR6CaTf8JHFiRIEDByQaXz0qMHLnCFLd_-RX0FPH5Gn4IiOziTRtWIk7nVgB5Bve6nSKTNyS3gYtFe_r8d-m33pn1fKAtK4zK8AUJmPaUbtXxpZg1x3Zjbhap2Ua5ImLMNQpNLfvXyHXnAcU0AmigK2hLWkbD47zgxGpxJwHAElRGB92uL8MasRS-ELg0fRnvJRd1oHXuvkOphrBYpSEDyrCg6xvqeUH_OBSjGjTT3M9VcQdQDpOYqeewnMVx2D8Ja0ClFLYdfK8rtPkE-9BO6ecrWsOidjRbaHMl6ZaE_nmxFHncxUNPdZg-5P-9sssmWBwpsS-pt4jQkAHkWp2s-ST_GAZardWQBRM5JapzwK-A0gHx7huNShPpNyeK1tYFDAN2ZSpk7jEILVpiUUVdBOJELv3DIizGx9oFvGSnUJKBDBpWTzwwucpVGE8FJOhqbgY1fBd27nthdZ9xZRGTWj2Af81na4Sal6ocSx4UpzOfN7ZBVi8zOzfc5hMqAE7AVvoQgXFx5VrjXcionncni1NDEBhEofui0MMIwmYVvjm7Ir23Qs0MYmp1qan-oywKTfAqC86zTszo7wIBga3aL5xlH6tVUfadh6JjtHQCBTawJKfEJFO0i-CGCpiVZ4KfjeyOUzaKsgPAJjVNC68yQcD46T7WHfMOCmbhA-RuBGH23XPOBJqQpXuEfhgY99qiHOAWpKRt4Rw17Ai1lGPOywth6Dqvi-CkJNBhiNf5B2zE9-acFwPNqHzTAkVoD7TdcyqhRElljwuKb7zaY-ZJznXW4MD2Md-nTJFNavYvHSxlKD4QB1QrqU4nQVK9vn787sc9jk884PpTAPhOZ8keczMVL2seYCseiVL0-lRQ3CETL9RvFQr3L82r3HjF4EgQeE9LwdkbnfSc5SLm03OqKO28BMZZ9QR2OKUaE4AscblK9DvTePjtET0jINXJALeczn-fbvKTOxAk5ad77lkFMDC3P4cHGT9eBk_JIMhJ5D8ONHgcPd8EasH19D1WYE6wbsSMA0QkYvsXAQ-5Ik5IJ7-xx1d84NelgaP7l4E9pUeSTXM9mIkIFT8z5s5T0QwDWKaxNwGVVOQuTePUbt_LJ6Ue10DKCl58xYERRKN6E2t5mYYwDCYTO2iY5jd_QXbjqtNcJSVMTx-Zpj9w0N-e9Ylkf2fc13p7W5SD2nCmw2lrayJP59G67MdzSBlDf1Hl6OlS0rJhqDdo5KWN3hEvuYV-cey24n5aAyHQf17E6vqGiTYeuwx4PBpxO6cqhDsskN1sC2s37BAERig1PkaP5pKct2hRQyj4oWbMjR8F17phpY8b79sFwJQScMwg3sQzFKJ1QgJPECPejoS4MrcXS9mSn9uOm4V3oMCspGBcWWvOMv9-N6RzEhbYtZYQFHQdis5Yx5ldnOjjKc-LLb4F7eXfybGTp4VZZPCAFzmzQBUzU9Zf54xGyfWR58s2DnD0LuT9Qmcpm_xbjobcv6KbGkMont1ze6CnnoGzmDqR3_rLATCrtCV7qWvnEphx1DRTfdzeGo7pqrnAwXOiPIrn2geIUu1BfzEQ7Q1_j6Zj68kjGlc1V0RGeLE82iyTAUsQnACcCIAjnk6fwjlWlKhDtjINcngBFVTFVNKz55MGadrh1T9bGqgfHy2ir04duDofGLcml2Hr0dn92bJPZfyYSZz3hBcqu9PF9jF-70txBDF08KPzn0232zkJnfAR6lSu8F1xYUMq7VfKHv-2UevdiQskSz2f-730_g1qH6PGtafgSkrjWNREBIrtQMj_AJixfOZYrETC2_jIbvAhuCMun7g0dekv4YJOHttrALUI449-jYnUO_Occf9QJH93FVWKl-7IHHa13MXL239RFYy4Mb9dX-s3TQUmESgIZ2bZ1SH5cA3Ucyw9LiePwsrXYyT5wSqfdLe-gnwUpNEMNVbvoENHS_ooVNYw1wEidcnynweGv6IeuMfE5MzWsTySXHyr9LPE9zGlVtoUMKKBLEASIo72VIRFriTDaE7FCzVKUVdvpZp_vJPGAdzcBFU9OIDpWZWqJYXX4DA9FXTYkZPOkHq3eWE2dwfpiwhkh5aWkX5m91rwwd5DX7heTTD7WMiObZpZm9MRaY9LAtlmJEKc4SwBtqSLbjyZ-y3nJ80Q8l1Eu2ZtilYjKs9o1wFIrdjlTiUJB1YKqvOBomewrZdrfOijnZSkIfLHcm-jPTcvKyALc47RICWXcN86s4RP7rxdr2HFxY8n17NVbhhKGdkE-iliLhfino-G5bA9V6t3Cjcln0OEW_pTnRs_Cp3GBe_Ufsk13J7HGYiFO21UJQhhcptMj6bRTd3_BA0I1PSYqFIvyugPMlAWWioJrALC__FsJ6fDTGnMrrihSbAZcicXgqdP1FppivFnZQJbTyLScBO-6CaXF-GLh5yQf3SA_kuVbfs4seGnLU-s7P9v6BoSzEv1FYUcWo8pArwVdJ20g0PLD3g6a-LZjhb59lPoh2vibE4OY8MiEHh8wLf9WfPTgvF6aeybiPSFkNIcxmMWwnceux6ql4xFCt9APd6DvjoZEthEDcTHLKZcxolELOie56Vwf9hxbDXR-G5RUW9kntWbTrAhQnyfLYzvG-IlzQH4Rl0YmLvuMlm_f9FqTvjiI45KP407S-1B93PcIoW6L3VqlcAxQTAXeREC3l3dTqmHiAiy4tk6bEo2w2cOfpjctsTgSm4E57jQQ9gCEdPK_7P_iu3gj8ft_O20pFlGaVehyV5v7zt9iPiOa9iaTqJqhC-vggXqvMs5zeSiEi9cRf74y10rywiM72a9-CNHf9fdTe8XniT6l74IvKUOGn0WtYFDnDcg5UtYyZs0zoIWMvl6xMlUC15-1YvcB1InFq9YEIXhi2kJRvyGjw-GilszPMRYAxtETzxIfipqHc-u2FzZKBQwbH_KFcGX4_Z-CmaUYc21qXvKiEF2-wim5fzV0dCOxUj8BdCcVfbqT8Yc6YeBQ86pcAI_Rb4tYfgrkTMPIzhJwGuEdygyAPTA0alrjwZ0TmfLiR-fpQ&cid=CAQSPADICaaNftj1cfeiQqrmNCzUpCkbhjAOzKOg2aDrHlNKYlV1SfKeYTU6cvkO0oPXHTogRR3hYiB_tI-cRxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=14034837085916471000&adk=548554675&idt=228&cac=0&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2557b9aea41072407e5ae2e9d2c82df882bfccd3a52c3b9befca6206fa483589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18488
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 42AB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5337946251093&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 42AB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5337946251093&version=m202309260101&ct=119&x=1&cor=9672159996367940000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 42AB 		89 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dypnb_z3u-OaQ-dPs2c1unnRFNwdQBa1jFwakmivYQYdnMrLcsxUxpS2cIdqCQQL_Ay6iBV_15RnE2jgTzNSge0SPU9sGeOtbqGIdVGkRG4szI3c7rGJQLm7hUS-h7-jbA-pCHhNMaN97pttyvg4yVJGlvwvMy52DPf86zyORNQ4z7CSk&cry=1&dbm_d=AKAmf-AT_sCY0BZIzQ1oaYRDwMRo0-0E9tBDIoHba8iId6NiY2T-FAczyq5DY3R0IIN1k6cRsdhbwjqCxtL3jXHzVzhfOpgHNfiyIJOuLRnh_yR6JLhpTaMeVjRnwR7IKL9WQ_79bwKSibBC2TdsAyUv-djDyahDwKcihWoCOtabSCiH47lVAzLLc9sD1dXN3498Ucs9cQu3zWj8eKdgrZWd5Fl55cwCqT9PnTbeg9tZGw_w7H6lcSo9-saN8T5NfAmv6vY4KPv5leULq3yciCFqI1YArpsZdzjthyWgI9hCP9X1hXNFZQY60KtAmLgjFQwn_-vJLlvPeSsaHskhay7eGoqmS1mbzV6_A1rb4c6xXuaAOSHJVJOOKuwcxgGMQFDsxMjj72hfzvvgaT-ellCVrx_gkM-owoY0dfHLpg3w5JA7vvURXz3Hpk0Hp73ewer5-fdHPp_8GJHXgPlXLJ-g6sU2DqPTeEByROtlKRtRxjjj0FKIWYd6tVCdwMZZmvTU6tiPgbRzbAtnseNAHfrhTslwqIuPJS8dr69WaMpL90K9eSHjdzKKo_3IK5vPeIgqBQBQCSl9Uml3wtW0lO1w9MbEedh5EYEncTsUdwmBzhzrwOXZtExDk3bs7xwXyIQM_LgWK4XEUjrCHX6wfpjmeByNQFBF2lHDGwL1sRLJZ6f33BqEZ03u9bmcmn66BOE5gf3awTctFsdSoqBq5tC1UXBg1CI3AiRaSkh2tZsh-Vm8u_ThoavCaIhqbU0VOn9v_tceXtIEW5eNcat4GnJAbyxgBbYEy6cDzcnSZtdKdW7DrAYcDO5axYEZUg9IbDJrN31s2_kDlqtfaPIxfJzUeveLWtRTkC0ycR7asa2hL_FvBqxtMqLZo_KzLm5YHIcZ_wSePM3hKTYU-Kl6l1HBfTvk6tJJJR0l8mA7gTgS9dcG3207PYuDGuxuvSFVb-HxxpYdxJptxehpGGTTEg5bQtQ887chktrGNgbyjgxoTRuZPdDXeALrAJjNYIPncEm2mZF1FaVQoKQJUDa6CyXhIlCARIFJUym9V-DhwhRCyVsDufg2lcuXXvc-v9_0uCLJs6iqmF4uTeRR6hilXCbYHJpbIUu6xGjlGXu6NtwSYGV2XLpQARF81OplUxa9fmTX98iP6gsSuso6NWXZOIrEg-zS004L_Kor8W_5MgAHnokm3MHPp2fZjKd3Y-LWwo8LE535vCGfmy7bsKt3QAqq7ilEm4fiEVdoF3SMOi6vXuWriCWFp1_Jda_gmcUj_A6tBBoslC5piJoI8syb4Ef1A9E-yghaKm_OIyAr4qunRaANq7Y8QohDtscVmprN1OogWJHukZROVfEClmJq9JNFc-vJbNesGNqqtYAWTAdpwYonNThCXMFrUEWcgD3j8_fmH0leF_TRAkLSn6iu2DeZr0jsi6c4sTXrej1UtMuftINVtU_ENCoqNBtCTyAANK_Y2_0H-SNVcT7fW1opQMzMVBviW06fuF6LPPT1QzNh5P68UN6lJL_ypMFsVfmOSt4cWBASepji_JjkaBAK9a4m40NVfM-HvUMCSSZl5bfzVKRo3YN1bMzchOV149rZXHbfpvYpx7jq31Mjrrd-o5foID6mR8mYwtzZ4uE4OFaGdTj0hHXnIv32OUE9GM-7nO089ptEUy0euOLtnd6Mfd128ezeSagTKMFqaxuYRb-aXzY7UKTVjy2cVc9ZGaEw9xzbBMX5y1gHoEA3SJRo2qilkwVP3B1hWKewZSg3wflLPk216n8km44GWlZc28NdDEmgdym0u2njYinA8N4v8Aqf4RvUaGSgbz8zhSNAg0FS3VVtMjDuicyLRTW8x0h4zqljG4GDtqsbHGsirJ9Grm7KqS8N_sKzQVTycqdOkrCkSyorjzjTrWdC0Q0FOZ6xPg27vASb7uzNB-lx0bkcsKyXtDw0NcOZEMiAnEIVC4qE1YZxqWkzB5a83danYEq-yg7MWzFHObgWZkbzMBjBC8Jzfu0CLNKlJagL71mO1wpoSCcfdBXk-cpd0_-_oJFn49bNbAB5SAOQ_0qj2r_hCwnsKVCfpbegOZtv2tjCOe_SFwD5qKRLkesenuZvXctB-_AKGd0V3wN_oycTzmzHXkEB4N5tm-TIt-cRhtpGjkprCGXBrro1pyJ8wXY9zYfDCc6QnuQZP16gSI6t_gaCWlGvxUCdkNpLXnnmkMnjKoQH3ea6KjOHI31BHFX3MEf5_uwQ0X5BPQKASWljmYjRZlBaUwzUiVYrDz2lwkyXi9leuwwGzc9jmk3vfT0CQXz_X3DfejUuObisRpIfvIESpEvgB68BHy3qiB8hoJcczWPJFmBxTMjM7qZvu8nJxvviOy8XmDLpu9tKaYof-HAUo56ROCCXQqRaxjN38OQKAS4RuJ6Iw7Xn-9qafIWoQPS09Zby2xKR49Ii6gt7110Wr5mZQHfC0-rSvwXCd6yHkfzVpNwPbj5EQWAvQ-24U4hDKP54UPec_Daa_ayBOfmAAUkwI7JvYQzwJwB-nY6_FXRGrMBZqKSXGW8VaYK8Yj02khoeQtWiweTIF_5UbXBcagktVAt9eQL5RkLutx4wsJfCmUAqKo3BzHoo_qJPRHg2YIHpdRDd1oHfZW_XsaEyTqqOps5ezFDk78KexAsN5B1mTVF9WinFGMtJZ3rUKDe4UFEwl4lEiDFMBO0NtRYFCsHTeXmDD7c_b_V-WDleyzlCDd2v7BoInEyCzKIPlBrrzT4dahvHk3PcaQm0u4kKWhrOQrXrM2Ij7_M0QnCb3v0lbDbY6RLfIOsyMPK2WeGV4E7wKReflwPnBdxHzaI7D5Odb4JXD9qyCKGNqF0PMJspXUiaXPpFsvZOX3DIciHmLf9HE6jpfHBdG3sHyC0c0hJMkEh0IE7HeOrpl4pC02q7pn9euvuNmBhygBBARiw7xeht0i1ozQZJbf3av-Y1AFzypzJbVUDZvqPOdX3V4UbuDLHcxLh58nXsn8XD2ZxOJ3sPw82AkmG-_3cVfBjfWs8NWzawxZFwW1R6EkTEmZJjqXFfKWUNv3-2N6-yIz4x5cKBS2me5odxGMRDxnUF5pCNOgWXxdpCXc5yMaxJ6wrQvW-55Y4mwIF1moaFa40kmwwQjTkP53UVv9ChEiOlUzX9Xxz1LcdKIyVzj8730ufw8wwXxrGwCHfsDkmw6sIiV5A90w8KLFmGhTI7AghF4KNH5r8enDP-fH7-S6nEHhDBTFiA8Ob4VejkAB2m1P6J_ssYNLjwDgmEK7pqGDvL48fe_cpof6T3J21SUYsvWl6fhWSq3y_DfylFscHqNwvttpt2vnGRZeOwa4qykKdbfy4nmos62YUt9NfQ-7BWiW_29IPPkiDxD8TEe0Xj6CHTgpS-UyAN9eRuBDPYj_1B-__Z5QSBXdcO5QSO499ZQ8TCGtXxvdKYI7A7WUKPxcZzqamYkvunoCDRYCYkrCnv1UH6vBWXJmbODKOz-I_Tn-nfXp1tCV6pb2W96oOR9yT883AfGQmsatTrQdtajK8ZKOkubnFBmbKn3I-Dg6PXTZZRxyWMoGkMRDizs3gnctHu2IMlcPlqHgazFw_fubRal-82dExI3ilEQdN-xFqLASsSrYyVOVGhAHu3I7V8R6-BPhAQ5JRT_QK0UIxVNKrIgJgO3DGhPyfY9otbWdZH3hdj56a_TyK5oVu9fXcsquOrJX4cy9Hr-foTynEuzIKnZG0dg9h4lyNQG6oQdOZh0N2QlWoAzNXwDdmdiqRBjqY6UTwzaKM2_byRpb93KzJ3KfwR5M-YJQFTnv6B43m2F6G0Utu_QVX1rscbIEZ-CozNSLSYOjXuUOs-YUu7uPVwYUTK4xPlTruiyp077ISIdPIMXnjSM83Y8dOTwAJ655_Pic-mjdVadZbFWc5WiV9Zz0k153z2J_plak0BIcDFOFwtPBMWDYoXucT5GFzn4WoMmrLlcxsNzSxBlfMJPvGFhleXMeidbacPiVAGnzsOl0y4ZscArzpiYlr4c1rc_QT5B98VV0zNKVtEXBThpa2Bf0w5OdUZkFLSczEDeNVY7hs7IlRM6AvWRZ3LY_n_YQU6-inerz7tts1tniOu-2FyHXIBPh2-bH6Z7DQXHZwqeP8bsoo_IrEe0Mcphkz8uEnrT_dEP3tIDqdsZZJj9JR-DunhChCBRN0pF6izRLnCpppQJJ6Rcdgt_ZYtYZxn_IgOREzpqszMKDGsdv5bRI747HBZYqj7KVg4OrUUT22unNkmcsVs8cqMAwXfgrDboDBeDYwXtc4wlfRRBtfc3y8RySa028mBsmNEYG7TLlcW3CE5m9iSGMVGEPuolTRFo8DMTEoByuDQKhFuE1ILvHBlh00Mm-EQpn2mQ6N3zJ1FuXk0w4k0gHIzmMA_-_5gTTIOKlZNKbw8bMMFuNrnjhxD460eHUPg8Nk-FY2SGCkE619_AVb06Cq42Gc&cid=CAQSPADICaaNftj1cfeiQqrmNCzUpCkbhjAOzKOg2aDrHlNKYlV1SfKeYTU6cvkO0oPXHTogRR3hYiB_tI-cRxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=9672159996367940000&adk=531095043&idt=198&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92e5d47a946e3e58233d0329913eea936c96817715ee39e9378ad0434a508c6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38239
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 2CB9 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
527570
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 03:06:59 GMT
expires
Sat, 12 Oct 2024 03:06:59 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame CD14
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAvvOApc0JL23NUIcjLEGf8&google_cver=1&google_push=AXcoOmSqK0rU9pqP7fog-290aU8Cu6iv2PqfJZNmTM77YsBzSqk_WV61bnyO2TQh6FtU-vLIQJQe7bxOQgOgLa...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MTU0MDE2MTM5MDk2NjkzNQ%3D%3D&google_push=AXcoOmSqK0rU9pqP7fog-290aU8Cu6iv2PqfJZNmTM77YsBzSqk_WV61bnyO2TQh6FtU-vLIQJQe7bxOQgOgLaqaGq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MTU0MDE2MTM5MDk2NjkzNQ%3D%3D&google_push=AXcoOmSqK0rU9pqP7fog-290aU8Cu6iv2PqfJZNmTM77YsBzSqk_WV61bnyO2TQh6FtU-vLIQJQe7bxOQgOgLaqaGqQq48gc-Kc
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MTU0MDE2MTM5MDk2NjkzNQ%3D%3D&google_push=AXcoOmSqK0rU9pqP7fog-290aU8Cu6iv2PqfJZNmTM77YsBzSqk_WV61bnyO2TQh6FtU-vLIQJQe7bxOQgOgLaqaGqQq48gc-Kc
Date
Thu, 19 Oct 2023 05:39:49 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame CD14
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR22F...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Id91eLDnhvanlR5U6QZ7dim-am1YAmV__SryYQ&google_push=AXcoOmR22F1OUFx_wjHlEFTuRjh-0nMaKuGf3RiGiUxaEdQa4_UWMvr2De1NEGzYHmmtDryx9wAOXpnNFD-H...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
99346
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
274
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CD14
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEK0Xbdr5r73m3QJ4DWVpVtI&google_cver=1&google_push=AXcoOmSsHs5FrctF-zl-aZlJeTJRz0RlottTEGglmXhCzXIwJ8C6eFXS93rDbGrSy9Oh_lqQBW8...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5XUjYwRFUtVi1GTDlL&google_push=AXcoOmSsHs5FrctF-zl-aZlJeTJRz0RlottTEGglmXhCzXIwJ8C6eFXS93rDbGrSy9Oh_lqQBW8GuYeu2IG-0Eq0SN-4nzEu5Nc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5XUjYwRFUtVi1GTDlL&google_push=AXcoOmSsHs5FrctF-zl-aZlJeTJRz0RlottTEGglmXhCzXIwJ8C6eFXS93rDbGrSy9Oh_lqQBW8GuYeu2IG-0Eq0SN-4nzEu5Nc
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5XUjYwRFUtVi1GTDlL&google_push=AXcoOmSsHs5FrctF-zl-aZlJeTJRz0RlottTEGglmXhCzXIwJ8C6eFXS93rDbGrSy9Oh_lqQBW8GuYeu2IG-0Eq0SN-4nzEu5Nc
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
pixel
cm.g.doubleclick.net/ Frame CD14
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEgH3yyYtiDML8uvBUCXe0Q&google_cver=1&google_push=AXcoOmRasl4BVRwuKPMxIBAqSpwNfe_XqJEyH1dli8gCF8rTLz_bbX8UioBt9Y5IKsKmoD5CY3DI9ghc3RjTIlViK...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEgH3yyYtiDML8uvBUCXe0Q&google_cver=1&google_push=AXcoOmRasl4BVRwuKPMxIBAqSpwNfe_XqJEyH1dli8gCF8rTLz_bbX8UioBt9Y5IKsKmoD5CY3DI9ghc3RjTIlViK...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRasl4BVRwuKPMxIBAqSpwNfe_XqJEyH1dli8gCF8rTLz_bbX8UioBt9Y5IKsKmoD5CY3DI9ghc3RjTIlViK1ZaoKlx0Sw&google_hm=HgqzvGZHol_dljjUQc29kQQs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRasl4BVRwuKPMxIBAqSpwNfe_XqJEyH1dli8gCF8rTLz_bbX8UioBt9Y5IKsKmoD5CY3DI9ghc3RjTIlViK1ZaoKlx0Sw&google_hm=HgqzvGZHol_dljjUQc29kQQs
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 19 Oct 2023 05:39:49 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRasl4BVRwuKPMxIBAqSpwNfe_XqJEyH1dli8gCF8rTLz_bbX8UioBt9Y5IKsKmoD5CY3DI9ghc3RjTIlViK1ZaoKlx0Sw&google_hm=HgqzvGZHol_dljjUQc29kQQs
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
-
s.ad.smaato.net/c/n/// Frame CD14 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOL3OiFrxHb4vgziDgUtiBk&google_cver=1&google_push=AXcoOmSCaSV3J_UC8FSgqhW3TBw5poli3z16_EpGxCP6sYJ4Y2DDFjL4QtHG4v5nSlRi_58Pd4aLVw4auXK3TacMpAhkhu2aZcg
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3e00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:49 GMT
cache-control
no-cache, must-revalidate
via
1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
oguQxq1-AODkdNrrxXAYuOq0p2HZiaoS2qoMomia9POhnG56jBNsoQ==
x-cache
Miss from cloudfront
/
onetag-sys.com/match/ Frame CD14
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEH5LpO7Sy8k8Xb8_vkXbziY&google_cver=1&google_push=AXcoOmSOZ3knaQu_M_BDuwTpecY1zNg9B3f95TFugv3Pu61mPVoUElXuQgAsNAgsSUq2DXdTz7RsdjuRin1_...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSOZ3knaQu_M_BDuwTpecY1zNg9B3f95TFugv3Pu61mPVoUElXuQgAsNAgsSUq2DXdTz7RsdjuRin1_JNL_0caby64gTG8
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame CD14
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEH5LpO7Sy8k8Xb8_vkXbziY&google_cver=1&google_push=AXcoOmT9BpmYp_BPO1wwdP5O6dx_iBpjnH0Z4B_9wMoWu3EEmaqx9JrQO_f57gWWEcVsl6U9ItRhf_2MYzt...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT9BpmYp_BPO1wwdP5O6dx_iBpjnH0Z4B_9wMoWu3EEmaqx9JrQO_f57gWWEcVsl6U9ItRhf_2MYzt664W2eDnMUID3SCY
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame CD14 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LCJnsslz5It6wdFboYYYuoQs-Q9UlKbl06nTQ-fTPR0du3hZdWCDycAQ1deRfXDc9Rn65vqA
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 7D26 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b395eadc6e2dc23e148b07e9b5b503543f99644fec840ca2dcd6aea912a451cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 140E 		53 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d01ac26c5959ba14ab488f5fbec45d15679a0a81152bef49144200d52b9ae895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:39:49 GMT
expires
Fri, 18 Oct 2024 05:39:49 GMT
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7D26 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssdhkAineWanHIQST_yUMZSfT-XWdFPAxH5ko2gAnltw94czd0B7N7DEFbpqaOnLRi0IICtA3Q0VVSFtDg85q6itUsQgNtCNW5Q7Umz1uZRW4lntn6Dung2MJBbdVvmvRJ4M_9k1pYQftdNwSnTuagazoOiGf5Niqa7VapmknS4T7iQq3D7HM7i2sPOzePd8Z4JaIiJf-C4agp28PulvUTAx3ONlNykOrHJk649TvNo4lHLjsMCsQ1UMTi-r3XyXhfe60-DiGpsONFDrW67TplSXmOrdWXFPuemeC8wKhdD4nScblirxW2_zRlBSiTBYZ9sVdvQhAXkGO2gefNZo381d2CD1SVczbZsV2O_QZQYb6GqLz76WYwZdnB0QrhXm6Wvl9vPS85wBbKnmzA6APiyo2uARKnHElINaffr-P4-5BN5vZL9F5JSJIMjKQGyyhIUvsh4md79Xiad4EM9PLOBMMlH-YK0Rx1CDwFhIk-ia3TVuu7K1I-ISnjgzT9eWv-WaxoZ0lUkDdXQ83-rY_dpjW6Bo2PjbgjnXl5RyQek-sj3Ar1Tt29W4GLPRNQM9nkbzGEySrX862kKxkzQUk7YfKJxqcEfU_l0EHSzP3U-N_Zz4TAuVvNT0FlLdIuHn-ZOBSJWP0T691TyF6HszX01f4aXkQfc2O6gGgIaOvt3liFwPhTaT5VY73Tz1ZKRbNsCXWXLa0htxLuwnw0TrEc9VPdntKZo206eGXgpqExHihzKYaiRNku53OmpbFgYFUb7pf5TZIAjbpXIyr9TUAF_76c5tOkGQuib2Bo_OqlJ-lswCtf-QqhSNn0Da38urht68d6k5YqfIIjwoOhaBxGbnC30K4W3W7fzJPcpbiDzhtDH0f2ZJZUI0qlvxcxrGrv0KsInbCoLncYjGRDig_q7yq-lU2RvSx1mr79Oxr8uwhrY4xDsWXpOvuSpEiw7Zx7arikm19EWfzX_GzPt-NqWy-bz-5aLCJOXcQF5SQqo3pxKNf66-ihODlMafExQme6bKMMekBU0DdWTLXFh_Kem7-0zcDZrLmEWPRDluWAhZrSApQy7dZevBqm40zbg0c-lNSJkJ8HViRMVXDJcFz2V79y4hi3gJ3O5r311DZWvVlafih6ykebsUDN6KlyUR63RL7kmKhdIaJpI7GSept1AoGuV40JTgbxwqPREdXPWmdrqDB4tq7AHZOM7nIWuXvNognnCfO1-JHWDsa29a1PLyaYklLdBbYSFZ7-iY_RdGM2tfjpxTAjUZDVtkTArzW3iajpRJ3FDHSGlk831O_UH9FwGrVnSGV8_-SJT6M_5NdLpo7ZrQUAlB25rVUp-ITQ9iUxjEqvAVhsXvGQbvwWASIxRJ4l2RRXPjqhDHEk1XlG1XMasjofQPej2jKuoDSEAew-zzeYdrWh4HqMBXZgtaJyUbXE3VmGu_o9roqPC9l2d7huzEG77HiXIA8maE0nJHnsFm7KvOQ&sai=AMfl-YRbKhaiMbPz0WWMLjT34BRXza1iVQh4vaiZ_rEj5a0AG7mz-HcMlP0NBXUoSs2mWst60DGtbNDIimkYklU5VQlz6VsXxwRaClwNVrcB2aKQBMnBKExccu0I46dyodVgT3oe2GL5p6GUvG8YjyezZknjDJwyDrIdoI73BfzFSY0m1UGpQ2VJn6AyUQHNdkrAyEUFlVPNJnpPkMfGLXkzSSt4kRaOnxXRIy9JY_QGNJEldW-cQaPTuep7fVq0BI3Qsfsms0ahUvv04EdDDK11ZeAwn-E3eeAlJzLrju-M1b3zOBsKJfqSLjSQvEF47aMHEppJ4V3s5P3dL-o8KQ4Pr_RZ7E9QsrsKTsLhpc1EUoiqkm3JWV-u1YuW6hKG9zcTeJrS4ZqO_8SzEY-E1hlwjpKrmMax3Ig2QkUVbhyGpAYUTcXtLH6EBg&sig=Cg0ArKJSzKDOxOW7zlc_EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=702&cbvp=1&cstd=683&cisv=r20231011.80658&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 19 Oct 2023 05:39:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 169E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMEffKYTQ_V2ku2vA8re78I&google_push=AXcoOmR9gjhoKSncKCsGUeikRWIE2Q08doDlukwME5CAhivn6TvHU2qpR3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMEffKYTQ_V2ku2vA8re78I&google_push=AXcoOmR9gjhoKSncKCsGUeikRWIE2Q08doDlukwME5CAhivn6TvHU2qpR315eVvKmQN6VTa83RmSx7XxhGx_DldtZaIKzQOiwshBjw
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230067-FRA
pragma
no-cache
date
Thu, 19 Oct 2023 05:39:50 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1697693990.995372,VS0,VE94
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMEffKYTQ_V2ku2vA8re78I&google_push=AXcoOmR9gjhoKSncKCsGUeikRWIE2Q08doDlukwME5CAhivn6TvHU2qpR315eVvKmQN6VTa83RmSx7XxhGx_DldtZaIKzQOiwshBjw
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 169E
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESECEYVP4qDACEl8YawvXnVDs&google_cver=1&google_push=AXcoOmTppNkN5Vra5ipoKHIX7y9Tpd-8wbcNXXOBnXq9nc2omiJ8GxX18W33EUihhykX7rzOL_obnVRaRtR...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTppNkN5Vra5ipoKHIX7y9Tpd-8wbcNXXOBnXq9nc2omiJ8GxX18W33EUihhykX7rzOL_obnVRaRtRrbi_UBuuZGE-HMFW8lA&google_hm=wDxNkS3RTZOBrECTqV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTppNkN5Vra5ipoKHIX7y9Tpd-8wbcNXXOBnXq9nc2omiJ8GxX18W33EUihhykX7rzOL_obnVRaRtRrbi_UBuuZGE-HMFW8lA&google_hm=wDxNkS3RTZOBrECTqV65nk4
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTppNkN5Vra5ipoKHIX7y9Tpd-8wbcNXXOBnXq9nc2omiJ8GxX18W33EUihhykX7rzOL_obnVRaRtRrbi_UBuuZGE-HMFW8lA&google_hm=wDxNkS3RTZOBrECTqV65nk4
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 169E
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAvvOApc0JL23NUIcjLEGf8&google_cver=1&google_push=AXcoOmQKeIB8rEFlaL_CdtvGmJF58mfKQG_ZWx3M7UxChFaC9xsWQc9Fq88Q3fg6F6Z80w4LhBPZk1-T7lCaxL...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MTU0MDE2MTM5MDk2NjkzNQ%3D%3D&google_push=AXcoOmQKeIB8rEFlaL_CdtvGmJF58mfKQG_ZWx3M7UxChFaC9xsWQc9Fq88Q3fg6F6Z80w4LhBPZk1-T7lCaxLx-9L...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MTU0MDE2MTM5MDk2NjkzNQ%3D%3D&google_push=AXcoOmQKeIB8rEFlaL_CdtvGmJF58mfKQG_ZWx3M7UxChFaC9xsWQc9Fq88Q3fg6F6Z80w4LhBPZk1-T7lCaxLx-9LwYfWV0rPtD
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MTU0MDE2MTM5MDk2NjkzNQ%3D%3D&google_push=AXcoOmQKeIB8rEFlaL_CdtvGmJF58mfKQG_ZWx3M7UxChFaC9xsWQc9Fq88Q3fg6F6Z80w4LhBPZk1-T7lCaxLx-9LwYfWV0rPtD
Date
Thu, 19 Oct 2023 05:39:49 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
google_match.ashx
ads.travelaudience.com/ Frame 169E
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEPw04OeR4KLuAMP7qGtosI0&google_cver=1&google_push=AXcoOmR9T5Oz13rgppS8akkdl1RVu4iaOozfoClfppvMAK0_s53mWm0mAqkC-S_Qn6RH-pcYhAO9DT94vzY01tmM...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Z_G2Y-XsTl4iX9BSZi6puw&google_push=AXcoOmR9T5Oz13rgppS8akkdl1RVu4iaOozfoClfppvMAK0_s53mWm0mAqkC-S_Qn6RH-pcYhAO9DT94vzY01tmMGiW7s-GcaK9p
  • https://ads.travelaudience.com/google_match.ashx?google_error=5
35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.travelaudience.com/google_match.ashx?google_error=5
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.0.190.35.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:50 GMT
content-encoding
gzip
x-engine-version
0.0.0
via
1.1 google
server
nginx/1.21.6
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
content-type
image/gif
x-host
tde-deliveryengine-production-7595df5684-bv8d5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.travelaudience.com/google_match.ashx?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 169E
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEgH3yyYtiDML8uvBUCXe0Q&google_cver=1&google_push=AXcoOmRnJ6AuDDb7qPlMZ7-njvclYiaZvrRb6xPU9a9J8GPy8rxamTwOkIe03S96HxGzAdVK9IE0bEF8_y-vID5pp...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRnJ6AuDDb7qPlMZ7-njvclYiaZvrRb6xPU9a9J8GPy8rxamTwOkIe03S96HxGzAdVK9IE0bEF8_y-vID5pp97toS88gHmNZg&google_hm=HgqzvGZHol_dljjUQc29...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRnJ6AuDDb7qPlMZ7-njvclYiaZvrRb6xPU9a9J8GPy8rxamTwOkIe03S96HxGzAdVK9IE0bEF8_y-vID5pp97toS88gHmNZg&google_hm=HgqzvGZHol_dljjUQc29kQQs
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 19 Oct 2023 05:39:49 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRnJ6AuDDb7qPlMZ7-njvclYiaZvrRb6xPU9a9J8GPy8rxamTwOkIe03S96HxGzAdVK9IE0bEF8_y-vID5pp97toS88gHmNZg&google_hm=HgqzvGZHol_dljjUQc29kQQs
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
rmpssp
sync.1rx.io/syncpixel/ Frame 169E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF...
  • https://sync.targeting.unrulymedia.com/csync/RX-436bbb5d-f7ce-45e0-8fae-3b29e0b3abc4-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQuCgfX7BZ5gwGidlC0G...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQuCgfX7BZ5gwGidlC0GhJQzlHP_dPdVl0qWnwVpyEeljHMNkrFJmN1tSiSFg5aWyJu51c8IBoO9CzcxCi38eTe24T6vOsX&google_hm=A0Nru133zkXgj647KeCzq8Q
  • https://sync.1rx.io/syncpixel/rmpssp?sub=google&google_error=5
43 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/syncpixel/rmpssp?sub=google&google_error=5
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:50 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.1rx.io/syncpixel/rmpssp?sub=google&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
263
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 169E
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEH5LpO7Sy8k8Xb8_vkXbziY&google_cver=1&google_push=AXcoOmS_-YgzyJpBpTu2nKHw70DADjlCj1dz1Y-TXkBULoId0qhzlCZkQ_WG46wZKeCH5KlA2WPDucY9Y_q...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS_-YgzyJpBpTu2nKHw70DADjlCj1dz1Y-TXkBULoId0qhzlCZkQ_WG46wZKeCH5KlA2WPDucY9Y_qg7bsauuTiY26ztu6jMhc
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 169E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JnU7JNvbPtnaFAAmhdF_vVuBAk008yt4nbOq07wIvdFxD5ftRQwtxHgvFOsDGEvctg2N_ZAw
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame C82D 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYZM5JgLTamhGGFSG_9hYEvqm8JqTXWjbBPJ5wHij1Spv4BAmJ7_T_wT-XzsjTJbWVAN61weOvEJhwhQ1rqSCdYg0LAkaEI3ZfS4VuyDfJh9d38R71eEqbNUuo2EAEOZCOoIVqfHRCnvkMjwH29UMi7U8UeSbO5pw8CBRLHbw-84FBPio&cry=1&dbm_d=AKAmf-AnseuOhXXAxPAdmOHX-C9ixG2mVl05lC_hZV6s_56OIu8iEnwewFJTLm8SM5bAHdVhQ16lZuED_WAj8N_FgUxdBm-d7sqbzzxlC3DgxQ1dggPm_esz4VUMF7RCb3VllDi47Czpcq-nVcY2c8IJlPAa_gs-M66E-21qeMwxNR_uHdfIb98x7jJD-LjtcHFlkEbrvyla3a8pZGkR-BC-mE_JrBA8s1cClqaUnmsw6xxzSLPcG37AgxW79preHSo5dYhXTikLfFaGxeG949ielGf68iVKJChpdpqtYwgNNAgQvzVS-gO_jChmJZfJiCmEvvTftBL8HTHuEZlMwy6esxIknWSnneypcjr46fKheOSe2TJp1eiUf1iSyA-EYHDtEFeziFg7KiUNuxDL0t6Rz1FlK8q_BBF-Uzw7Ni1f3W9yqsSABigs8kGaJS92d_QodjUXHwdMTQsCDJRt3MNpQ5HkfbOHWdTorVQadNOzUo0aP8WP-jguaMAzXCie-bUgA2nYLmICBE0xza-CkFuirym0LGbXfr6ZQWUn8m62iE3pF4opK4lLV4t3svedBO5SaS0xADx0_lJ9SashTbvvn01OTpN_Qqq5X3UIXfu8wicDCAOhFZs44mZKhHwa9h47IQEIDnp4dmO-ooQC-C_CguAY-oL9BYcd6osl6QQv7zGJaKl9C5NiwzkFMuQQOGQX5tHuOyM4tBZ6XWUjNgp2RLKux_OUdbLsKGzpzSHGzSK1AlNGYwNqif8SN6fztnNwIhkMEGFoENfVeDVjYSGcYVqPp_itAwZP7KJ07ifMFumI9w1jcbrXk-DEorFK8DZT_aKEDJlDXO97BV2U4l1g_OpZJZpALCiDidRxhwo1whdjoXBEo6uD4lVc6GTTWenVoqyBKPn96eu6AzkdmHoKmFZhQD3YPQ0UfpIwRO-sHYBcGOKANkIvauUOPVrEGdZh5v0uT7cs6D768Zx0LQ-jTfSQoE2xdghsp2mJIl0ZCrgeY4YNFyRV9-takeXaI1TLlJ1-Kq1AXe0p0sSYOQu6VOrD6ui4MUHq2dbxdvcUUnGPKpdXovZFumvYx_KOb4e7jdUDoZDjZsYbO44BcIcz7hJt4uQvLFZSILP-QGot0HToUOeOb04Vjzu4yjfEsR_91Ab8adl6XXCs4qkK7zmcXV7UB1_mvMUB25msf_3xRcFiERws51-mYbBmRfLJJA5AUgetKj3fRfqXcPhTTLDaTIhVUW2CqhlJeZplYl-ckSSIXCBktE7iaMcveNxNAoQI11vNXYvFxnFpgcKhzavIHpGbn6BWoO_TYdsvWEfBYv_yGRWK9WJjGcnYkk1TX5L54AEXW6pN_uZOpkyRSHQwwXp87aPTkDx5NlxscTIl3uXiY7QRYSUwHE0EYWZL1ZiipFJCVTUAipL-B-_jyi6TeU6gHXXLOHCnHtNWkBr7X6VR1IlYoQWarjakWmXmyM6D5AzO-_c1rXLl2L3-rMqPOicqafEvNGCG9alJoH6uyXvGzUS_ANMa8bHoJnGyL5FRZiasYOBtVkDRPTVTtS3c4Eu9AyYhGd98dIOVYiESTU3QdIEaLeRFaYOdWwOQiKYXaAvybZ28UvslFQx6cRkRNKVHjNSASH8EDGbVnhbT_7Fzw7ypbZ1KA2wRcZlW8kaIT6EHsVxAphrFdRKIJR3QaNBIstJdozkXG8dDrXoN2BaNhxH88v-Zb66LAn8BRPH_5h5YjhK_FTkZ3WYnq044uPHNm6Kv5bQNk8YLubzyf6e37vJ8f9FNU8nmLHrkS4ZfCuHJ-wPETMTw01NeokeHogzyq56b3CFy_E29bT3jQ-O21ZmKozc0ozUwhLjQmSANxZVTMVSpnyMzmLAK0avku3VY1v174NRoKAyr-5i4SxntJWr-6uffxhx-K4pu-MyeiBbd5mhT230c6KsV1ie_WtQIAd7fzhnhSWnuUXH4-weci8NE4yILgWLYZNjx8o0AqrG3-TPA_lzk35qBtLcmlg5o6BfUWPaypULjlOHyRTrFtrZojrjS4THq2zRulu9w8qUAXaxCGLS4_o4X5cV18ueBs4igMHjrPbFqGDJlu7F_1LshSmM8KvG3z3uUEtzVpFIQgJiLi0lP9NnbG9grzBAGZfqVLG1GXh2jHSTRduv-U415nOXN_3V_jZoY7KiRfksU2hbMzeohu1FQoDv45vmlRrDVOjDlfZCuWgKV2XDxUEmSW-1C_nL_a5T89_wsfRPoHD3snKKEmApOacLo03GBTC4cAJG77Jje1tLjryaBT_Id2h-yV5-X_9BRpaqZViRqHAEAZ6XPYebp45EzL4fOGGBkp0H66v9MwzHq4WSciq7WzLOXwSBDWHOXOtcHYaSuKD_eGMPT-QWWprWV66RlcYwN-CRkL5rs4glQSXtbWRd0k8NaeawMFETtKGetMffZbwUJZXIBtScik6QWq5B0jaCyx-4A3qqOhJ-yVF8c6tuTLagr5iDH9vI6y8SyldIJN-eaQzT2z_yeWknOlfzyri3s15cervu0miSLkpwC2VqIi0rmKcpB1YmSBqYauFo1rOHzWLDHHuNmzqByzBuDsL-Ba1MEOxdEC9Z8VaEHqskEHUMAX3la5v4o7IiveNgLoMHQ1HQMVQjiU79OQ515a9ria933tBR-gN0JVOUytFfmtNarlbMQ3wizDoOx8xmHAOnnHqdAsg0HjMnmijmOtTZfYACqK8JWvmimQX6tVgzr2gG9WS5K9r5pO6rSm1blED_rYiHALgUWUjcuSbeBX30nHi8z3HhB9p_cqEUZXPJY1MZw8n5AXy2-Kw3AsqolJmR_dHyo6Xc3zugz3IhvaGxP4zsMSMy4vml7H-BmH7XTJnhld8MJBWR-T6qv18C3w7X0h7q-sW4B42AK05V8l59BHZiidkNXylxBPXqwgGLjQzGEL-hdNSZXV3I1bp7QXk78hwOzXIMznIhtmEYR8WGi2ZVQ-FCiqYlCxyKC-oGQEycy6q37yOcc7lDMK6qEXvGg1s6z39xGA75L3jj83QDfBLsY_vBjVUlqJ_VNU2VscG84znd79rjwpTrawaQ7mjF4qAaFXtbPzkGbkfhnJF-AQta7S9yH9Wjw5sUu4mveB-cSDaNopzVKKevOabTs0nW8Dkia_iejKrV6xcqbOdsXNY0-HxlBbCXMYE8NmF60L_q6IZnUn7x_ngwCcg5Aq60ODyR1LL0-YLrLTzTKzFWvoaSisUVKgTCLXxoRINlyDrjUa2dBbS2zeO3Ng2DBCYW1Fbs-gcO3PzKI7eUDNxN_uzV1szaZrrPi-1rRrao9Pc2L9omo1QdpX8OXRYO-sB0344bAJ9RRpWEfhJu-btSi3b_7lFlToFGy_rHv61kX4KX-MYs2ponzvk3oyGLlJi3dna62fxFqvdHPzielvpQgb8LgrC5qD__R1Xg_-1P5VcqlQLtWah0I-pkxfGVGmkrEdeetjw8cy61z4B5P0nPTZUrdINoaKJtP5ajkQWr_5pdk1DRRT8iuAnV0-3cYOCT6Q8f_XefeUDtMuKCKrK1KRAPHHMvfzjHT2VGv5WWPYYM4zQDgabpznp219UDd26zyefCPDAR968u5EWPEWeRm4Y6b1BbWjByVxRT4J0B664IFYvgV6341uLIuihmqTnP7dzfiR0d8EnpyCTz73IxuZJdD3AKK0Y-01Vk1VawMiMQVHJhe7j1zHM-aai9Dpwr5XdVoOMKcF7xX4x3-XI3ZpxpQLrh6m5VzuCNWvoMTgdnYgNUkeiTkUmvXjRyqxtoLKW16svQ8FOfmmpTb2HfmeUwp-Cn9jMyVMzLC9gWOTowrm5OukfWFkUU2SzGO4nFqKuezFVptHi-SX6Hm5G_lGZIlaNpfTZzJUVGMLt0eUlFcUOJtsNskT-vFe4HwAB9AHSl5l-bgbtZjH81ILzePF8qOyP4MLdF-XuEu39TMgKFYh-XHlyMSXXcqspYhcD6b3yZsvIPe31Hfbk_aUtr4LPnQ7rpIVAvETG99yiMOVU2FUSzp13cGzyKDpOLiLsER&cid=CAQSPADICaaNftj1cfeiQqrmNCzUpCkbhjAOzKOg2aDrHlNKYlV1SfKeYTU6cvkO0oPXHTogRR3hYiB_tI-cRxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=9802728053773183000&adk=4020099329&idt=144&cac=0&dtd=125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
57664
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 13:38:45 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C82D 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYZM5JgLTamhGGFSG_9hYEvqm8JqTXWjbBPJ5wHij1Spv4BAmJ7_T_wT-XzsjTJbWVAN61weOvEJhwhQ1rqSCdYg0LAkaEI3ZfS4VuyDfJh9d38R71eEqbNUuo2EAEOZCOoIVqfHRCnvkMjwH29UMi7U8UeSbO5pw8CBRLHbw-84FBPio&cry=1&dbm_d=AKAmf-AnseuOhXXAxPAdmOHX-C9ixG2mVl05lC_hZV6s_56OIu8iEnwewFJTLm8SM5bAHdVhQ16lZuED_WAj8N_FgUxdBm-d7sqbzzxlC3DgxQ1dggPm_esz4VUMF7RCb3VllDi47Czpcq-nVcY2c8IJlPAa_gs-M66E-21qeMwxNR_uHdfIb98x7jJD-LjtcHFlkEbrvyla3a8pZGkR-BC-mE_JrBA8s1cClqaUnmsw6xxzSLPcG37AgxW79preHSo5dYhXTikLfFaGxeG949ielGf68iVKJChpdpqtYwgNNAgQvzVS-gO_jChmJZfJiCmEvvTftBL8HTHuEZlMwy6esxIknWSnneypcjr46fKheOSe2TJp1eiUf1iSyA-EYHDtEFeziFg7KiUNuxDL0t6Rz1FlK8q_BBF-Uzw7Ni1f3W9yqsSABigs8kGaJS92d_QodjUXHwdMTQsCDJRt3MNpQ5HkfbOHWdTorVQadNOzUo0aP8WP-jguaMAzXCie-bUgA2nYLmICBE0xza-CkFuirym0LGbXfr6ZQWUn8m62iE3pF4opK4lLV4t3svedBO5SaS0xADx0_lJ9SashTbvvn01OTpN_Qqq5X3UIXfu8wicDCAOhFZs44mZKhHwa9h47IQEIDnp4dmO-ooQC-C_CguAY-oL9BYcd6osl6QQv7zGJaKl9C5NiwzkFMuQQOGQX5tHuOyM4tBZ6XWUjNgp2RLKux_OUdbLsKGzpzSHGzSK1AlNGYwNqif8SN6fztnNwIhkMEGFoENfVeDVjYSGcYVqPp_itAwZP7KJ07ifMFumI9w1jcbrXk-DEorFK8DZT_aKEDJlDXO97BV2U4l1g_OpZJZpALCiDidRxhwo1whdjoXBEo6uD4lVc6GTTWenVoqyBKPn96eu6AzkdmHoKmFZhQD3YPQ0UfpIwRO-sHYBcGOKANkIvauUOPVrEGdZh5v0uT7cs6D768Zx0LQ-jTfSQoE2xdghsp2mJIl0ZCrgeY4YNFyRV9-takeXaI1TLlJ1-Kq1AXe0p0sSYOQu6VOrD6ui4MUHq2dbxdvcUUnGPKpdXovZFumvYx_KOb4e7jdUDoZDjZsYbO44BcIcz7hJt4uQvLFZSILP-QGot0HToUOeOb04Vjzu4yjfEsR_91Ab8adl6XXCs4qkK7zmcXV7UB1_mvMUB25msf_3xRcFiERws51-mYbBmRfLJJA5AUgetKj3fRfqXcPhTTLDaTIhVUW2CqhlJeZplYl-ckSSIXCBktE7iaMcveNxNAoQI11vNXYvFxnFpgcKhzavIHpGbn6BWoO_TYdsvWEfBYv_yGRWK9WJjGcnYkk1TX5L54AEXW6pN_uZOpkyRSHQwwXp87aPTkDx5NlxscTIl3uXiY7QRYSUwHE0EYWZL1ZiipFJCVTUAipL-B-_jyi6TeU6gHXXLOHCnHtNWkBr7X6VR1IlYoQWarjakWmXmyM6D5AzO-_c1rXLl2L3-rMqPOicqafEvNGCG9alJoH6uyXvGzUS_ANMa8bHoJnGyL5FRZiasYOBtVkDRPTVTtS3c4Eu9AyYhGd98dIOVYiESTU3QdIEaLeRFaYOdWwOQiKYXaAvybZ28UvslFQx6cRkRNKVHjNSASH8EDGbVnhbT_7Fzw7ypbZ1KA2wRcZlW8kaIT6EHsVxAphrFdRKIJR3QaNBIstJdozkXG8dDrXoN2BaNhxH88v-Zb66LAn8BRPH_5h5YjhK_FTkZ3WYnq044uPHNm6Kv5bQNk8YLubzyf6e37vJ8f9FNU8nmLHrkS4ZfCuHJ-wPETMTw01NeokeHogzyq56b3CFy_E29bT3jQ-O21ZmKozc0ozUwhLjQmSANxZVTMVSpnyMzmLAK0avku3VY1v174NRoKAyr-5i4SxntJWr-6uffxhx-K4pu-MyeiBbd5mhT230c6KsV1ie_WtQIAd7fzhnhSWnuUXH4-weci8NE4yILgWLYZNjx8o0AqrG3-TPA_lzk35qBtLcmlg5o6BfUWPaypULjlOHyRTrFtrZojrjS4THq2zRulu9w8qUAXaxCGLS4_o4X5cV18ueBs4igMHjrPbFqGDJlu7F_1LshSmM8KvG3z3uUEtzVpFIQgJiLi0lP9NnbG9grzBAGZfqVLG1GXh2jHSTRduv-U415nOXN_3V_jZoY7KiRfksU2hbMzeohu1FQoDv45vmlRrDVOjDlfZCuWgKV2XDxUEmSW-1C_nL_a5T89_wsfRPoHD3snKKEmApOacLo03GBTC4cAJG77Jje1tLjryaBT_Id2h-yV5-X_9BRpaqZViRqHAEAZ6XPYebp45EzL4fOGGBkp0H66v9MwzHq4WSciq7WzLOXwSBDWHOXOtcHYaSuKD_eGMPT-QWWprWV66RlcYwN-CRkL5rs4glQSXtbWRd0k8NaeawMFETtKGetMffZbwUJZXIBtScik6QWq5B0jaCyx-4A3qqOhJ-yVF8c6tuTLagr5iDH9vI6y8SyldIJN-eaQzT2z_yeWknOlfzyri3s15cervu0miSLkpwC2VqIi0rmKcpB1YmSBqYauFo1rOHzWLDHHuNmzqByzBuDsL-Ba1MEOxdEC9Z8VaEHqskEHUMAX3la5v4o7IiveNgLoMHQ1HQMVQjiU79OQ515a9ria933tBR-gN0JVOUytFfmtNarlbMQ3wizDoOx8xmHAOnnHqdAsg0HjMnmijmOtTZfYACqK8JWvmimQX6tVgzr2gG9WS5K9r5pO6rSm1blED_rYiHALgUWUjcuSbeBX30nHi8z3HhB9p_cqEUZXPJY1MZw8n5AXy2-Kw3AsqolJmR_dHyo6Xc3zugz3IhvaGxP4zsMSMy4vml7H-BmH7XTJnhld8MJBWR-T6qv18C3w7X0h7q-sW4B42AK05V8l59BHZiidkNXylxBPXqwgGLjQzGEL-hdNSZXV3I1bp7QXk78hwOzXIMznIhtmEYR8WGi2ZVQ-FCiqYlCxyKC-oGQEycy6q37yOcc7lDMK6qEXvGg1s6z39xGA75L3jj83QDfBLsY_vBjVUlqJ_VNU2VscG84znd79rjwpTrawaQ7mjF4qAaFXtbPzkGbkfhnJF-AQta7S9yH9Wjw5sUu4mveB-cSDaNopzVKKevOabTs0nW8Dkia_iejKrV6xcqbOdsXNY0-HxlBbCXMYE8NmF60L_q6IZnUn7x_ngwCcg5Aq60ODyR1LL0-YLrLTzTKzFWvoaSisUVKgTCLXxoRINlyDrjUa2dBbS2zeO3Ng2DBCYW1Fbs-gcO3PzKI7eUDNxN_uzV1szaZrrPi-1rRrao9Pc2L9omo1QdpX8OXRYO-sB0344bAJ9RRpWEfhJu-btSi3b_7lFlToFGy_rHv61kX4KX-MYs2ponzvk3oyGLlJi3dna62fxFqvdHPzielvpQgb8LgrC5qD__R1Xg_-1P5VcqlQLtWah0I-pkxfGVGmkrEdeetjw8cy61z4B5P0nPTZUrdINoaKJtP5ajkQWr_5pdk1DRRT8iuAnV0-3cYOCT6Q8f_XefeUDtMuKCKrK1KRAPHHMvfzjHT2VGv5WWPYYM4zQDgabpznp219UDd26zyefCPDAR968u5EWPEWeRm4Y6b1BbWjByVxRT4J0B664IFYvgV6341uLIuihmqTnP7dzfiR0d8EnpyCTz73IxuZJdD3AKK0Y-01Vk1VawMiMQVHJhe7j1zHM-aai9Dpwr5XdVoOMKcF7xX4x3-XI3ZpxpQLrh6m5VzuCNWvoMTgdnYgNUkeiTkUmvXjRyqxtoLKW16svQ8FOfmmpTb2HfmeUwp-Cn9jMyVMzLC9gWOTowrm5OukfWFkUU2SzGO4nFqKuezFVptHi-SX6Hm5G_lGZIlaNpfTZzJUVGMLt0eUlFcUOJtsNskT-vFe4HwAB9AHSl5l-bgbtZjH81ILzePF8qOyP4MLdF-XuEu39TMgKFYh-XHlyMSXXcqspYhcD6b3yZsvIPe31Hfbk_aUtr4LPnQ7rpIVAvETG99yiMOVU2FUSzp13cGzyKDpOLiLsER&cid=CAQSPADICaaNftj1cfeiQqrmNCzUpCkbhjAOzKOg2aDrHlNKYlV1SfKeYTU6cvkO0oPXHTogRR3hYiB_tI-cRxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=9802728053773183000&adk=4020099329&idt=144&cac=0&dtd=125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:21:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
47872
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 16:21:57 GMT
gwdpage_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		55 B
103 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 20:38:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205265
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 20:38:44 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		731 B
263 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249777
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 08:16:52 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		24 B
72 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 19:46:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
554021
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Oct 2024 19:46:08 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		303 B
202 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 19:46:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
554022
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
173
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Oct 2024 19:46:08 GMT
gwdattached_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		26 B
74 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdattached_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4150
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:30:39 GMT
gwdtaparea_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		157 B
144 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:44:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
215732
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 17:44:18 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10cde3f051ab9eefa8676bee667fd65705c5fcf1d0544f9acffe7caa224d14b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
197230
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6266
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 22:52:40 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 11:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236684
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1308
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 11:55:06 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:47:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
197560
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3136
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 22:47:10 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 096D 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 08:25:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76486
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Oct 2023 08:25:03 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 03:05:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182039
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4427
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Oct 2024 03:05:51 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 09:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
244749
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2014
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 09:40:41 GMT
gwdattached_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		1 KB
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdattached_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 03:19:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181238
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
590
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Oct 2024 03:19:12 GMT
gwdtexthelper_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdtexthelper_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 16:13:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
221191
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1725
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 16:13:19 GMT
gwdtaparea_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 15:19:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224435
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1355
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 15:19:15 GMT
gwdgpadataprovider_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdgpadataprovider_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd213446287693e851042a2e326cfbf2268a0075cd7db0552c9448733c31d4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218272
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1485
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 17:01:58 GMT
gwddatabinder_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwddatabinder_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4338434527c2703a0630c6d5561653bc2790abd608cfe5f83fb200ff20bbdc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 09:35:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
590637
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2351
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Oct 2024 09:35:53 GMT
gwd-text-fitting.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwd-text-fitting.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 16:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219764
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2038
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 16:37:06 GMT
gwd-dynamic-binders.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwd-dynamic-binders.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e8192b8273cf0f846c3c9365b3aa10305dffd49c8b219628b31430db949f230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:13:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242764
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9209
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 10:13:46 GMT
gwdpage_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 140E 		55 B
115 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 20:38:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205266
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 20:38:44 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 140E 		731 B
272 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 08:16:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249778
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 08:16:52 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 140E 		24 B
72 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 19:46:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
554022
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Oct 2024 19:46:08 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 140E 		303 B
202 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 19:46:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
554022
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
173
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Oct 2024 19:46:08 GMT
gwdattached_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 140E 		26 B
86 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdattached_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:30:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:30:39 GMT
gwdtaparea_style.css
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 140E 		157 B
144 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:44:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
215732
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 17:44:18 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 140E 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10cde3f051ab9eefa8676bee667fd65705c5fcf1d0544f9acffe7caa224d14b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:52:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
197230
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6266
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 22:52:40 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 140E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 11:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236684
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1308
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 11:55:06 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 140E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 22:47:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
197560
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3136
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 22:47:10 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 140E 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 08:25:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76487
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Oct 2023 08:25:03 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 140E 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 03:05:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182039
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4427
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Oct 2024 03:05:51 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 140E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 09:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
244749
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2014
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 09:40:41 GMT
gwdattached_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 140E 		1 KB
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdattached_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 03:19:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181238
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
590
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Oct 2024 03:19:12 GMT
gwdtexthelper_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 140E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdtexthelper_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 16:13:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
221191
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1725
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 16:13:19 GMT
gwdtaparea_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 140E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 15:19:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224435
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1355
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 15:19:15 GMT
gwdgpadataprovider_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 140E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwdgpadataprovider_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd213446287693e851042a2e326cfbf2268a0075cd7db0552c9448733c31d4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218272
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1485
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 17:01:58 GMT
gwddatabinder_min.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 140E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwddatabinder_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4338434527c2703a0630c6d5561653bc2790abd608cfe5f83fb200ff20bbdc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 09:35:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
590637
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2351
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Oct 2024 09:35:53 GMT
gwd-text-fitting.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 140E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwd-text-fitting.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 16:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
219764
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2038
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 16:37:06 GMT
gwd-dynamic-binders.js
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 140E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/gwd-dynamic-binders.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e8192b8273cf0f846c3c9365b3aa10305dffd49c8b219628b31430db949f230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 10:13:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242764
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9209
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 10:13:46 GMT
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame C82D 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=68648309;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=20567029375&extPm=20567029375&extCr=524343308&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CmnehJMEwZdPEGc6_9u8PlpGj-AqegLTUc_PanpacEpizlZhDEAEg0ZPDKmCV4pCCoAegAYbHmLcpyAEJqQIepVwe1KyxPqgDAcgDmwSqBKQCT9BPyiTdIzbjmhdAs1lgKnjZvHjbQgLgaTkvi6-L-Trm4Yjg_iRTNSgtjnJePEoem1LO4neCd_s3L8r0sIKnd-QeqZcUdeKwkLnQeW-Os2rlG1Nxiu6LfIKPBk9IcKluNxdpTwxXu0JhP2tIhxTKLJB11_b0xDJwauE6ADgHl4UiSk3bPthwt3jNRzwv3lW3IQIner-iRnKsKBExbonpOeQffGASp7LGZSy_-kQ5Lucw_XE9smy9A5BzMmMsTi4OCAHR7cWlUtySRJ-aunbiB0OxFzCmi740DtRKYYCdtLc0TNqtHaELR0YMjzEHyT3zMZZQCyPxTB9PoeynpYUJaL5sw4T-afX3k-rExgbK6pjSe6YMiO2bJTu2PhK627zv6mL_BsAE2czu7sYE4AQDiAX_7I_PTJAGAaAGTYAHhv_olgSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0B4g0TCOzI9fiygYIDFc6f_QcdlsgIr7ATn_2VFdATANgTDdgUAdAVAfgWAYAXAQ&ae=1&gclid=EAIaIQobChMI0-b3-LKBggMVzp_9Bx2WyAivEAEYASAAEgJXu_D_BwE&num=1&cid=CAQSPADICaaNftj1cfeiQqrmNCzUpCkbhjAOzKOg2aDrHlNKYlV1SfKeYTU6cvkO0oPXHTogRR3hYiB_tI-cRxgB&sig=AOD64_2niRJ5SEkqIKtInNEmcMxm7RFOgg&client=ca-pub-4491659496372172&dbm_c=AKAmf-BQbNW2sGre_GuQL1WrBsJPRkwOtSBjlY6GDboRSxl0RJK5CCl27RrMQU1YJJou1UgHAZpbxcXVNA9FcNy21RHxx1avPOCCZWjUIfauZ3O8TxW6_gZ3YtKgHl9MoHz8ufaq-GJv9QTvBzLKr2jNnUZXCIJGKrNtv6dMQJaOHe24939kLNQ&cry=1&dbm_d=AKAmf-Bbs0o7NdlAd_DslDeiNVowVnUpokK45pnGvWUORxLnKD72gdXScMVyzLI9WaCqL6TUBOOU9mOUdKHYS8ajyPj56x5v3k43jBGryojjE9gvUCLSL7QagdFZ4Jve5SG_C8_4ZZ8KlG0zSq7lKmx1oCSO6rvvCFg2YvkyQuT03V4areZvCgeIBaF0ZJXZ2Eg85R2ZMVcl_R9HRliABLJ8Gzp53KMG7ZEynGm1fBxK6SaZK1Toa8YMMglVlGeX1M889QGFSUIZq3lsoxRfJ0cT626q-JcZWwBulTVXuC5k-TaqdjKuwkxpvMhiRwCXJwp86i7ulFeKBzxLqFpiw5lor6HS6Ier8Ve75VQodSLhxa5aRuAi5rOC3-eJudq5npZIHHb4056PpZBRhfFzudvWnDAXJbbxR84N0PytiDQWosdVk01Yyr3-F30BazTxYH0XHgjpbMU4wGwWjS6CPsalrLJRvDYJHkjpDLnl-II6oIKZmxmPO78Xtfcksw5gNbJEoBfFXOyxV9hCbnQ-RxCOilpbLSD6Iyw062hFZR0qLHN2Fcm7_fs&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
577bbeb02edadd6a6119ee367adac8fd8b43b40a3763939f1d01e3cb9dd9a9a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:50 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:27:00 GMT
server
nginx
x-cache-status
UPDATING
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 17 Oct 2023 16:09:59 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 3085 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AqDmv5oKBX6PFPIDMXUfHfmGnzx_YHbc-q4f4MI5BpdZGHcQLQ328WpyjgANd7IebYe3WtEibqHW8vSTaeij0v_TGYRzs54_ZrS6ner0TkB0WTidMjuVFSvNe5MiDDAewNlLiA9cONKeQGUnbnD6tiEcajcNa5X6BKNMolZedzkCwqlDk&cry=1&dbm_d=AKAmf-BA8FFfUGlZVvo1mkBacYXsgkv91ChfzfPA_n38aA5YQtV8lvTuMZhUlTkFZ5vXrnDYP6OVegN0ckUtH86cq1-QeWVtszweDht1x8EqUc0BTqANyJP4omeZgP0IaPcrfAonegrr6yD95b2IZkGeaZWZ4Ogj6SUd1yNoiGklkgcGwdebKDZ149KVITuVtZavLMGaFaRCxNBwL2wRt0HX_XS9ZxW26kbc50T7pLs1t4d2FVtOHV5pNmegL0AT4Ozi924DYESHIIulxflEtLaczWgvgsC0wgwxwn4s_2C9NYosB17BJ_U6Fc7Dyvi0yOlVwoLyPLUwnzmtVXlFIN5SW2HN6lN46PvZgCTOnUHooQSVYqISEcqoIYt41unYOtmVCunrnoAY7CrmGa32vg6tG0x9rtxWaa_b-0stjUzJaETsuCzvKWntJJFEG64ZdfxmFlHbFI6cCaJr7lw-sYcQNq2O0ygSTKcB7wp74Yarl76R1D9qB4T_9Fsv1SnNzFUbFJqFP2jMD9FVR5L5aqMukM8POx-9dRoEqH-ic9eX4_aZ9LvRgcZQqSX4Zct8kna5OuegNosmVYyKx9h0FAUmVux-pWj1zzdLbDawxPKej8pNV5VWFd38Aa_nnmUc9UcwljWCsgI1i2GalNKZ9uxERE0RCDc6Wlj4iFpcw-EXX5yTvZ1tIAH4dowY7wumMhsI1GsDXxfL1CbeCgRXMmznJZwzdsRcdpt1NuVDSK-icjOAk6k7Rxsdofqk7KlPQ2AUb55eiFpg8dO3G6AD9sEd_WeZEt3UnTTQwTR5eLkgIDbAvIAutpzrlncP2AvUHpYrYrvBPY2TgV0ViNmxnv-FCDUHEZszi7P-46gzjmKmJK396UePDvODO-xglyfEnfRRyo1Vo0fiJIUQqaHjateDFoGeu8QZcF92CENKX1pHF7KN1B8HpCZPFk8ghejCjqMb94QuBc7ZXaI_lNfZkxg5t7YtGFJ6kGIMO_bxPu7JXopDVxr7o7FzGP5srOsbR6CaTf8JHFiRIEDByQaXz0qMHLnCFLd_-RX0FPH5Gn4IiOziTRtWIk7nVgB5Bve6nSKTNyS3gYtFe_r8d-m33pn1fKAtK4zK8AUJmPaUbtXxpZg1x3Zjbhap2Ua5ImLMNQpNLfvXyHXnAcU0AmigK2hLWkbD47zgxGpxJwHAElRGB92uL8MasRS-ELg0fRnvJRd1oHXuvkOphrBYpSEDyrCg6xvqeUH_OBSjGjTT3M9VcQdQDpOYqeewnMVx2D8Ja0ClFLYdfK8rtPkE-9BO6ecrWsOidjRbaHMl6ZaE_nmxFHncxUNPdZg-5P-9sssmWBwpsS-pt4jQkAHkWp2s-ST_GAZardWQBRM5JapzwK-A0gHx7huNShPpNyeK1tYFDAN2ZSpk7jEILVpiUUVdBOJELv3DIizGx9oFvGSnUJKBDBpWTzwwucpVGE8FJOhqbgY1fBd27nthdZ9xZRGTWj2Af81na4Sal6ocSx4UpzOfN7ZBVi8zOzfc5hMqAE7AVvoQgXFx5VrjXcionncni1NDEBhEofui0MMIwmYVvjm7Ir23Qs0MYmp1qan-oywKTfAqC86zTszo7wIBga3aL5xlH6tVUfadh6JjtHQCBTawJKfEJFO0i-CGCpiVZ4KfjeyOUzaKsgPAJjVNC68yQcD46T7WHfMOCmbhA-RuBGH23XPOBJqQpXuEfhgY99qiHOAWpKRt4Rw17Ai1lGPOywth6Dqvi-CkJNBhiNf5B2zE9-acFwPNqHzTAkVoD7TdcyqhRElljwuKb7zaY-ZJznXW4MD2Md-nTJFNavYvHSxlKD4QB1QrqU4nQVK9vn787sc9jk884PpTAPhOZ8keczMVL2seYCseiVL0-lRQ3CETL9RvFQr3L82r3HjF4EgQeE9LwdkbnfSc5SLm03OqKO28BMZZ9QR2OKUaE4AscblK9DvTePjtET0jINXJALeczn-fbvKTOxAk5ad77lkFMDC3P4cHGT9eBk_JIMhJ5D8ONHgcPd8EasH19D1WYE6wbsSMA0QkYvsXAQ-5Ik5IJ7-xx1d84NelgaP7l4E9pUeSTXM9mIkIFT8z5s5T0QwDWKaxNwGVVOQuTePUbt_LJ6Ue10DKCl58xYERRKN6E2t5mYYwDCYTO2iY5jd_QXbjqtNcJSVMTx-Zpj9w0N-e9Ylkf2fc13p7W5SD2nCmw2lrayJP59G67MdzSBlDf1Hl6OlS0rJhqDdo5KWN3hEvuYV-cey24n5aAyHQf17E6vqGiTYeuwx4PBpxO6cqhDsskN1sC2s37BAERig1PkaP5pKct2hRQyj4oWbMjR8F17phpY8b79sFwJQScMwg3sQzFKJ1QgJPECPejoS4MrcXS9mSn9uOm4V3oMCspGBcWWvOMv9-N6RzEhbYtZYQFHQdis5Yx5ldnOjjKc-LLb4F7eXfybGTp4VZZPCAFzmzQBUzU9Zf54xGyfWR58s2DnD0LuT9Qmcpm_xbjobcv6KbGkMont1ze6CnnoGzmDqR3_rLATCrtCV7qWvnEphx1DRTfdzeGo7pqrnAwXOiPIrn2geIUu1BfzEQ7Q1_j6Zj68kjGlc1V0RGeLE82iyTAUsQnACcCIAjnk6fwjlWlKhDtjINcngBFVTFVNKz55MGadrh1T9bGqgfHy2ir04duDofGLcml2Hr0dn92bJPZfyYSZz3hBcqu9PF9jF-70txBDF08KPzn0232zkJnfAR6lSu8F1xYUMq7VfKHv-2UevdiQskSz2f-730_g1qH6PGtafgSkrjWNREBIrtQMj_AJixfOZYrETC2_jIbvAhuCMun7g0dekv4YJOHttrALUI449-jYnUO_Occf9QJH93FVWKl-7IHHa13MXL239RFYy4Mb9dX-s3TQUmESgIZ2bZ1SH5cA3Ucyw9LiePwsrXYyT5wSqfdLe-gnwUpNEMNVbvoENHS_ooVNYw1wEidcnynweGv6IeuMfE5MzWsTySXHyr9LPE9zGlVtoUMKKBLEASIo72VIRFriTDaE7FCzVKUVdvpZp_vJPGAdzcBFU9OIDpWZWqJYXX4DA9FXTYkZPOkHq3eWE2dwfpiwhkh5aWkX5m91rwwd5DX7heTTD7WMiObZpZm9MRaY9LAtlmJEKc4SwBtqSLbjyZ-y3nJ80Q8l1Eu2ZtilYjKs9o1wFIrdjlTiUJB1YKqvOBomewrZdrfOijnZSkIfLHcm-jPTcvKyALc47RICWXcN86s4RP7rxdr2HFxY8n17NVbhhKGdkE-iliLhfino-G5bA9V6t3Cjcln0OEW_pTnRs_Cp3GBe_Ufsk13J7HGYiFO21UJQhhcptMj6bRTd3_BA0I1PSYqFIvyugPMlAWWioJrALC__FsJ6fDTGnMrrihSbAZcicXgqdP1FppivFnZQJbTyLScBO-6CaXF-GLh5yQf3SA_kuVbfs4seGnLU-s7P9v6BoSzEv1FYUcWo8pArwVdJ20g0PLD3g6a-LZjhb59lPoh2vibE4OY8MiEHh8wLf9WfPTgvF6aeybiPSFkNIcxmMWwnceux6ql4xFCt9APd6DvjoZEthEDcTHLKZcxolELOie56Vwf9hxbDXR-G5RUW9kntWbTrAhQnyfLYzvG-IlzQH4Rl0YmLvuMlm_f9FqTvjiI45KP407S-1B93PcIoW6L3VqlcAxQTAXeREC3l3dTqmHiAiy4tk6bEo2w2cOfpjctsTgSm4E57jQQ9gCEdPK_7P_iu3gj8ft_O20pFlGaVehyV5v7zt9iPiOa9iaTqJqhC-vggXqvMs5zeSiEi9cRf74y10rywiM72a9-CNHf9fdTe8XniT6l74IvKUOGn0WtYFDnDcg5UtYyZs0zoIWMvl6xMlUC15-1YvcB1InFq9YEIXhi2kJRvyGjw-GilszPMRYAxtETzxIfipqHc-u2FzZKBQwbH_KFcGX4_Z-CmaUYc21qXvKiEF2-wim5fzV0dCOxUj8BdCcVfbqT8Yc6YeBQ86pcAI_Rb4tYfgrkTMPIzhJwGuEdygyAPTA0alrjwZ0TmfLiR-fpQ&cid=CAQSPADICaaNftj1cfeiQqrmNCzUpCkbhjAOzKOg2aDrHlNKYlV1SfKeYTU6cvkO0oPXHTogRR3hYiB_tI-cRxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=14034837085916471000&adk=548554675&idt=228&cac=0&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
57665
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 13:38:45 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3085 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AqDmv5oKBX6PFPIDMXUfHfmGnzx_YHbc-q4f4MI5BpdZGHcQLQ328WpyjgANd7IebYe3WtEibqHW8vSTaeij0v_TGYRzs54_ZrS6ner0TkB0WTidMjuVFSvNe5MiDDAewNlLiA9cONKeQGUnbnD6tiEcajcNa5X6BKNMolZedzkCwqlDk&cry=1&dbm_d=AKAmf-BA8FFfUGlZVvo1mkBacYXsgkv91ChfzfPA_n38aA5YQtV8lvTuMZhUlTkFZ5vXrnDYP6OVegN0ckUtH86cq1-QeWVtszweDht1x8EqUc0BTqANyJP4omeZgP0IaPcrfAonegrr6yD95b2IZkGeaZWZ4Ogj6SUd1yNoiGklkgcGwdebKDZ149KVITuVtZavLMGaFaRCxNBwL2wRt0HX_XS9ZxW26kbc50T7pLs1t4d2FVtOHV5pNmegL0AT4Ozi924DYESHIIulxflEtLaczWgvgsC0wgwxwn4s_2C9NYosB17BJ_U6Fc7Dyvi0yOlVwoLyPLUwnzmtVXlFIN5SW2HN6lN46PvZgCTOnUHooQSVYqISEcqoIYt41unYOtmVCunrnoAY7CrmGa32vg6tG0x9rtxWaa_b-0stjUzJaETsuCzvKWntJJFEG64ZdfxmFlHbFI6cCaJr7lw-sYcQNq2O0ygSTKcB7wp74Yarl76R1D9qB4T_9Fsv1SnNzFUbFJqFP2jMD9FVR5L5aqMukM8POx-9dRoEqH-ic9eX4_aZ9LvRgcZQqSX4Zct8kna5OuegNosmVYyKx9h0FAUmVux-pWj1zzdLbDawxPKej8pNV5VWFd38Aa_nnmUc9UcwljWCsgI1i2GalNKZ9uxERE0RCDc6Wlj4iFpcw-EXX5yTvZ1tIAH4dowY7wumMhsI1GsDXxfL1CbeCgRXMmznJZwzdsRcdpt1NuVDSK-icjOAk6k7Rxsdofqk7KlPQ2AUb55eiFpg8dO3G6AD9sEd_WeZEt3UnTTQwTR5eLkgIDbAvIAutpzrlncP2AvUHpYrYrvBPY2TgV0ViNmxnv-FCDUHEZszi7P-46gzjmKmJK396UePDvODO-xglyfEnfRRyo1Vo0fiJIUQqaHjateDFoGeu8QZcF92CENKX1pHF7KN1B8HpCZPFk8ghejCjqMb94QuBc7ZXaI_lNfZkxg5t7YtGFJ6kGIMO_bxPu7JXopDVxr7o7FzGP5srOsbR6CaTf8JHFiRIEDByQaXz0qMHLnCFLd_-RX0FPH5Gn4IiOziTRtWIk7nVgB5Bve6nSKTNyS3gYtFe_r8d-m33pn1fKAtK4zK8AUJmPaUbtXxpZg1x3Zjbhap2Ua5ImLMNQpNLfvXyHXnAcU0AmigK2hLWkbD47zgxGpxJwHAElRGB92uL8MasRS-ELg0fRnvJRd1oHXuvkOphrBYpSEDyrCg6xvqeUH_OBSjGjTT3M9VcQdQDpOYqeewnMVx2D8Ja0ClFLYdfK8rtPkE-9BO6ecrWsOidjRbaHMl6ZaE_nmxFHncxUNPdZg-5P-9sssmWBwpsS-pt4jQkAHkWp2s-ST_GAZardWQBRM5JapzwK-A0gHx7huNShPpNyeK1tYFDAN2ZSpk7jEILVpiUUVdBOJELv3DIizGx9oFvGSnUJKBDBpWTzwwucpVGE8FJOhqbgY1fBd27nthdZ9xZRGTWj2Af81na4Sal6ocSx4UpzOfN7ZBVi8zOzfc5hMqAE7AVvoQgXFx5VrjXcionncni1NDEBhEofui0MMIwmYVvjm7Ir23Qs0MYmp1qan-oywKTfAqC86zTszo7wIBga3aL5xlH6tVUfadh6JjtHQCBTawJKfEJFO0i-CGCpiVZ4KfjeyOUzaKsgPAJjVNC68yQcD46T7WHfMOCmbhA-RuBGH23XPOBJqQpXuEfhgY99qiHOAWpKRt4Rw17Ai1lGPOywth6Dqvi-CkJNBhiNf5B2zE9-acFwPNqHzTAkVoD7TdcyqhRElljwuKb7zaY-ZJznXW4MD2Md-nTJFNavYvHSxlKD4QB1QrqU4nQVK9vn787sc9jk884PpTAPhOZ8keczMVL2seYCseiVL0-lRQ3CETL9RvFQr3L82r3HjF4EgQeE9LwdkbnfSc5SLm03OqKO28BMZZ9QR2OKUaE4AscblK9DvTePjtET0jINXJALeczn-fbvKTOxAk5ad77lkFMDC3P4cHGT9eBk_JIMhJ5D8ONHgcPd8EasH19D1WYE6wbsSMA0QkYvsXAQ-5Ik5IJ7-xx1d84NelgaP7l4E9pUeSTXM9mIkIFT8z5s5T0QwDWKaxNwGVVOQuTePUbt_LJ6Ue10DKCl58xYERRKN6E2t5mYYwDCYTO2iY5jd_QXbjqtNcJSVMTx-Zpj9w0N-e9Ylkf2fc13p7W5SD2nCmw2lrayJP59G67MdzSBlDf1Hl6OlS0rJhqDdo5KWN3hEvuYV-cey24n5aAyHQf17E6vqGiTYeuwx4PBpxO6cqhDsskN1sC2s37BAERig1PkaP5pKct2hRQyj4oWbMjR8F17phpY8b79sFwJQScMwg3sQzFKJ1QgJPECPejoS4MrcXS9mSn9uOm4V3oMCspGBcWWvOMv9-N6RzEhbYtZYQFHQdis5Yx5ldnOjjKc-LLb4F7eXfybGTp4VZZPCAFzmzQBUzU9Zf54xGyfWR58s2DnD0LuT9Qmcpm_xbjobcv6KbGkMont1ze6CnnoGzmDqR3_rLATCrtCV7qWvnEphx1DRTfdzeGo7pqrnAwXOiPIrn2geIUu1BfzEQ7Q1_j6Zj68kjGlc1V0RGeLE82iyTAUsQnACcCIAjnk6fwjlWlKhDtjINcngBFVTFVNKz55MGadrh1T9bGqgfHy2ir04duDofGLcml2Hr0dn92bJPZfyYSZz3hBcqu9PF9jF-70txBDF08KPzn0232zkJnfAR6lSu8F1xYUMq7VfKHv-2UevdiQskSz2f-730_g1qH6PGtafgSkrjWNREBIrtQMj_AJixfOZYrETC2_jIbvAhuCMun7g0dekv4YJOHttrALUI449-jYnUO_Occf9QJH93FVWKl-7IHHa13MXL239RFYy4Mb9dX-s3TQUmESgIZ2bZ1SH5cA3Ucyw9LiePwsrXYyT5wSqfdLe-gnwUpNEMNVbvoENHS_ooVNYw1wEidcnynweGv6IeuMfE5MzWsTySXHyr9LPE9zGlVtoUMKKBLEASIo72VIRFriTDaE7FCzVKUVdvpZp_vJPGAdzcBFU9OIDpWZWqJYXX4DA9FXTYkZPOkHq3eWE2dwfpiwhkh5aWkX5m91rwwd5DX7heTTD7WMiObZpZm9MRaY9LAtlmJEKc4SwBtqSLbjyZ-y3nJ80Q8l1Eu2ZtilYjKs9o1wFIrdjlTiUJB1YKqvOBomewrZdrfOijnZSkIfLHcm-jPTcvKyALc47RICWXcN86s4RP7rxdr2HFxY8n17NVbhhKGdkE-iliLhfino-G5bA9V6t3Cjcln0OEW_pTnRs_Cp3GBe_Ufsk13J7HGYiFO21UJQhhcptMj6bRTd3_BA0I1PSYqFIvyugPMlAWWioJrALC__FsJ6fDTGnMrrihSbAZcicXgqdP1FppivFnZQJbTyLScBO-6CaXF-GLh5yQf3SA_kuVbfs4seGnLU-s7P9v6BoSzEv1FYUcWo8pArwVdJ20g0PLD3g6a-LZjhb59lPoh2vibE4OY8MiEHh8wLf9WfPTgvF6aeybiPSFkNIcxmMWwnceux6ql4xFCt9APd6DvjoZEthEDcTHLKZcxolELOie56Vwf9hxbDXR-G5RUW9kntWbTrAhQnyfLYzvG-IlzQH4Rl0YmLvuMlm_f9FqTvjiI45KP407S-1B93PcIoW6L3VqlcAxQTAXeREC3l3dTqmHiAiy4tk6bEo2w2cOfpjctsTgSm4E57jQQ9gCEdPK_7P_iu3gj8ft_O20pFlGaVehyV5v7zt9iPiOa9iaTqJqhC-vggXqvMs5zeSiEi9cRf74y10rywiM72a9-CNHf9fdTe8XniT6l74IvKUOGn0WtYFDnDcg5UtYyZs0zoIWMvl6xMlUC15-1YvcB1InFq9YEIXhi2kJRvyGjw-GilszPMRYAxtETzxIfipqHc-u2FzZKBQwbH_KFcGX4_Z-CmaUYc21qXvKiEF2-wim5fzV0dCOxUj8BdCcVfbqT8Yc6YeBQ86pcAI_Rb4tYfgrkTMPIzhJwGuEdygyAPTA0alrjwZ0TmfLiR-fpQ&cid=CAQSPADICaaNftj1cfeiQqrmNCzUpCkbhjAOzKOg2aDrHlNKYlV1SfKeYTU6cvkO0oPXHTogRR3hYiB_tI-cRxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=14034837085916471000&adk=548554675&idt=228&cac=0&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 16:21:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
47873
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 16:21:57 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 42AB 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
Origin
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 20:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34655
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Oct 2023 20:02:15 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 42AB 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dypnb_z3u-OaQ-dPs2c1unnRFNwdQBa1jFwakmivYQYdnMrLcsxUxpS2cIdqCQQL_Ay6iBV_15RnE2jgTzNSge0SPU9sGeOtbqGIdVGkRG4szI3c7rGJQLm7hUS-h7-jbA-pCHhNMaN97pttyvg4yVJGlvwvMy52DPf86zyORNQ4z7CSk&cry=1&dbm_d=AKAmf-AT_sCY0BZIzQ1oaYRDwMRo0-0E9tBDIoHba8iId6NiY2T-FAczyq5DY3R0IIN1k6cRsdhbwjqCxtL3jXHzVzhfOpgHNfiyIJOuLRnh_yR6JLhpTaMeVjRnwR7IKL9WQ_79bwKSibBC2TdsAyUv-djDyahDwKcihWoCOtabSCiH47lVAzLLc9sD1dXN3498Ucs9cQu3zWj8eKdgrZWd5Fl55cwCqT9PnTbeg9tZGw_w7H6lcSo9-saN8T5NfAmv6vY4KPv5leULq3yciCFqI1YArpsZdzjthyWgI9hCP9X1hXNFZQY60KtAmLgjFQwn_-vJLlvPeSsaHskhay7eGoqmS1mbzV6_A1rb4c6xXuaAOSHJVJOOKuwcxgGMQFDsxMjj72hfzvvgaT-ellCVrx_gkM-owoY0dfHLpg3w5JA7vvURXz3Hpk0Hp73ewer5-fdHPp_8GJHXgPlXLJ-g6sU2DqPTeEByROtlKRtRxjjj0FKIWYd6tVCdwMZZmvTU6tiPgbRzbAtnseNAHfrhTslwqIuPJS8dr69WaMpL90K9eSHjdzKKo_3IK5vPeIgqBQBQCSl9Uml3wtW0lO1w9MbEedh5EYEncTsUdwmBzhzrwOXZtExDk3bs7xwXyIQM_LgWK4XEUjrCHX6wfpjmeByNQFBF2lHDGwL1sRLJZ6f33BqEZ03u9bmcmn66BOE5gf3awTctFsdSoqBq5tC1UXBg1CI3AiRaSkh2tZsh-Vm8u_ThoavCaIhqbU0VOn9v_tceXtIEW5eNcat4GnJAbyxgBbYEy6cDzcnSZtdKdW7DrAYcDO5axYEZUg9IbDJrN31s2_kDlqtfaPIxfJzUeveLWtRTkC0ycR7asa2hL_FvBqxtMqLZo_KzLm5YHIcZ_wSePM3hKTYU-Kl6l1HBfTvk6tJJJR0l8mA7gTgS9dcG3207PYuDGuxuvSFVb-HxxpYdxJptxehpGGTTEg5bQtQ887chktrGNgbyjgxoTRuZPdDXeALrAJjNYIPncEm2mZF1FaVQoKQJUDa6CyXhIlCARIFJUym9V-DhwhRCyVsDufg2lcuXXvc-v9_0uCLJs6iqmF4uTeRR6hilXCbYHJpbIUu6xGjlGXu6NtwSYGV2XLpQARF81OplUxa9fmTX98iP6gsSuso6NWXZOIrEg-zS004L_Kor8W_5MgAHnokm3MHPp2fZjKd3Y-LWwo8LE535vCGfmy7bsKt3QAqq7ilEm4fiEVdoF3SMOi6vXuWriCWFp1_Jda_gmcUj_A6tBBoslC5piJoI8syb4Ef1A9E-yghaKm_OIyAr4qunRaANq7Y8QohDtscVmprN1OogWJHukZROVfEClmJq9JNFc-vJbNesGNqqtYAWTAdpwYonNThCXMFrUEWcgD3j8_fmH0leF_TRAkLSn6iu2DeZr0jsi6c4sTXrej1UtMuftINVtU_ENCoqNBtCTyAANK_Y2_0H-SNVcT7fW1opQMzMVBviW06fuF6LPPT1QzNh5P68UN6lJL_ypMFsVfmOSt4cWBASepji_JjkaBAK9a4m40NVfM-HvUMCSSZl5bfzVKRo3YN1bMzchOV149rZXHbfpvYpx7jq31Mjrrd-o5foID6mR8mYwtzZ4uE4OFaGdTj0hHXnIv32OUE9GM-7nO089ptEUy0euOLtnd6Mfd128ezeSagTKMFqaxuYRb-aXzY7UKTVjy2cVc9ZGaEw9xzbBMX5y1gHoEA3SJRo2qilkwVP3B1hWKewZSg3wflLPk216n8km44GWlZc28NdDEmgdym0u2njYinA8N4v8Aqf4RvUaGSgbz8zhSNAg0FS3VVtMjDuicyLRTW8x0h4zqljG4GDtqsbHGsirJ9Grm7KqS8N_sKzQVTycqdOkrCkSyorjzjTrWdC0Q0FOZ6xPg27vASb7uzNB-lx0bkcsKyXtDw0NcOZEMiAnEIVC4qE1YZxqWkzB5a83danYEq-yg7MWzFHObgWZkbzMBjBC8Jzfu0CLNKlJagL71mO1wpoSCcfdBXk-cpd0_-_oJFn49bNbAB5SAOQ_0qj2r_hCwnsKVCfpbegOZtv2tjCOe_SFwD5qKRLkesenuZvXctB-_AKGd0V3wN_oycTzmzHXkEB4N5tm-TIt-cRhtpGjkprCGXBrro1pyJ8wXY9zYfDCc6QnuQZP16gSI6t_gaCWlGvxUCdkNpLXnnmkMnjKoQH3ea6KjOHI31BHFX3MEf5_uwQ0X5BPQKASWljmYjRZlBaUwzUiVYrDz2lwkyXi9leuwwGzc9jmk3vfT0CQXz_X3DfejUuObisRpIfvIESpEvgB68BHy3qiB8hoJcczWPJFmBxTMjM7qZvu8nJxvviOy8XmDLpu9tKaYof-HAUo56ROCCXQqRaxjN38OQKAS4RuJ6Iw7Xn-9qafIWoQPS09Zby2xKR49Ii6gt7110Wr5mZQHfC0-rSvwXCd6yHkfzVpNwPbj5EQWAvQ-24U4hDKP54UPec_Daa_ayBOfmAAUkwI7JvYQzwJwB-nY6_FXRGrMBZqKSXGW8VaYK8Yj02khoeQtWiweTIF_5UbXBcagktVAt9eQL5RkLutx4wsJfCmUAqKo3BzHoo_qJPRHg2YIHpdRDd1oHfZW_XsaEyTqqOps5ezFDk78KexAsN5B1mTVF9WinFGMtJZ3rUKDe4UFEwl4lEiDFMBO0NtRYFCsHTeXmDD7c_b_V-WDleyzlCDd2v7BoInEyCzKIPlBrrzT4dahvHk3PcaQm0u4kKWhrOQrXrM2Ij7_M0QnCb3v0lbDbY6RLfIOsyMPK2WeGV4E7wKReflwPnBdxHzaI7D5Odb4JXD9qyCKGNqF0PMJspXUiaXPpFsvZOX3DIciHmLf9HE6jpfHBdG3sHyC0c0hJMkEh0IE7HeOrpl4pC02q7pn9euvuNmBhygBBARiw7xeht0i1ozQZJbf3av-Y1AFzypzJbVUDZvqPOdX3V4UbuDLHcxLh58nXsn8XD2ZxOJ3sPw82AkmG-_3cVfBjfWs8NWzawxZFwW1R6EkTEmZJjqXFfKWUNv3-2N6-yIz4x5cKBS2me5odxGMRDxnUF5pCNOgWXxdpCXc5yMaxJ6wrQvW-55Y4mwIF1moaFa40kmwwQjTkP53UVv9ChEiOlUzX9Xxz1LcdKIyVzj8730ufw8wwXxrGwCHfsDkmw6sIiV5A90w8KLFmGhTI7AghF4KNH5r8enDP-fH7-S6nEHhDBTFiA8Ob4VejkAB2m1P6J_ssYNLjwDgmEK7pqGDvL48fe_cpof6T3J21SUYsvWl6fhWSq3y_DfylFscHqNwvttpt2vnGRZeOwa4qykKdbfy4nmos62YUt9NfQ-7BWiW_29IPPkiDxD8TEe0Xj6CHTgpS-UyAN9eRuBDPYj_1B-__Z5QSBXdcO5QSO499ZQ8TCGtXxvdKYI7A7WUKPxcZzqamYkvunoCDRYCYkrCnv1UH6vBWXJmbODKOz-I_Tn-nfXp1tCV6pb2W96oOR9yT883AfGQmsatTrQdtajK8ZKOkubnFBmbKn3I-Dg6PXTZZRxyWMoGkMRDizs3gnctHu2IMlcPlqHgazFw_fubRal-82dExI3ilEQdN-xFqLASsSrYyVOVGhAHu3I7V8R6-BPhAQ5JRT_QK0UIxVNKrIgJgO3DGhPyfY9otbWdZH3hdj56a_TyK5oVu9fXcsquOrJX4cy9Hr-foTynEuzIKnZG0dg9h4lyNQG6oQdOZh0N2QlWoAzNXwDdmdiqRBjqY6UTwzaKM2_byRpb93KzJ3KfwR5M-YJQFTnv6B43m2F6G0Utu_QVX1rscbIEZ-CozNSLSYOjXuUOs-YUu7uPVwYUTK4xPlTruiyp077ISIdPIMXnjSM83Y8dOTwAJ655_Pic-mjdVadZbFWc5WiV9Zz0k153z2J_plak0BIcDFOFwtPBMWDYoXucT5GFzn4WoMmrLlcxsNzSxBlfMJPvGFhleXMeidbacPiVAGnzsOl0y4ZscArzpiYlr4c1rc_QT5B98VV0zNKVtEXBThpa2Bf0w5OdUZkFLSczEDeNVY7hs7IlRM6AvWRZ3LY_n_YQU6-inerz7tts1tniOu-2FyHXIBPh2-bH6Z7DQXHZwqeP8bsoo_IrEe0Mcphkz8uEnrT_dEP3tIDqdsZZJj9JR-DunhChCBRN0pF6izRLnCpppQJJ6Rcdgt_ZYtYZxn_IgOREzpqszMKDGsdv5bRI747HBZYqj7KVg4OrUUT22unNkmcsVs8cqMAwXfgrDboDBeDYwXtc4wlfRRBtfc3y8RySa028mBsmNEYG7TLlcW3CE5m9iSGMVGEPuolTRFo8DMTEoByuDQKhFuE1ILvHBlh00Mm-EQpn2mQ6N3zJ1FuXk0w4k0gHIzmMA_-_5gTTIOKlZNKbw8bMMFuNrnjhxD460eHUPg8Nk-FY2SGCkE619_AVb06Cq42Gc&cid=CAQSPADICaaNftj1cfeiQqrmNCzUpCkbhjAOzKOg2aDrHlNKYlV1SfKeYTU6cvkO0oPXHTogRR3hYiB_tI-cRxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=9672159996367940000&adk=531095043&idt=198&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
57665
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 13:38:45 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 42AB 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dypnb_z3u-OaQ-dPs2c1unnRFNwdQBa1jFwakmivYQYdnMrLcsxUxpS2cIdqCQQL_Ay6iBV_15RnE2jgTzNSge0SPU9sGeOtbqGIdVGkRG4szI3c7rGJQLm7hUS-h7-jbA-pCHhNMaN97pttyvg4yVJGlvwvMy52DPf86zyORNQ4z7CSk&cry=1&dbm_d=AKAmf-AT_sCY0BZIzQ1oaYRDwMRo0-0E9tBDIoHba8iId6NiY2T-FAczyq5DY3R0IIN1k6cRsdhbwjqCxtL3jXHzVzhfOpgHNfiyIJOuLRnh_yR6JLhpTaMeVjRnwR7IKL9WQ_79bwKSibBC2TdsAyUv-djDyahDwKcihWoCOtabSCiH47lVAzLLc9sD1dXN3498Ucs9cQu3zWj8eKdgrZWd5Fl55cwCqT9PnTbeg9tZGw_w7H6lcSo9-saN8T5NfAmv6vY4KPv5leULq3yciCFqI1YArpsZdzjthyWgI9hCP9X1hXNFZQY60KtAmLgjFQwn_-vJLlvPeSsaHskhay7eGoqmS1mbzV6_A1rb4c6xXuaAOSHJVJOOKuwcxgGMQFDsxMjj72hfzvvgaT-ellCVrx_gkM-owoY0dfHLpg3w5JA7vvURXz3Hpk0Hp73ewer5-fdHPp_8GJHXgPlXLJ-g6sU2DqPTeEByROtlKRtRxjjj0FKIWYd6tVCdwMZZmvTU6tiPgbRzbAtnseNAHfrhTslwqIuPJS8dr69WaMpL90K9eSHjdzKKo_3IK5vPeIgqBQBQCSl9Uml3wtW0lO1w9MbEedh5EYEncTsUdwmBzhzrwOXZtExDk3bs7xwXyIQM_LgWK4XEUjrCHX6wfpjmeByNQFBF2lHDGwL1sRLJZ6f33BqEZ03u9bmcmn66BOE5gf3awTctFsdSoqBq5tC1UXBg1CI3AiRaSkh2tZsh-Vm8u_ThoavCaIhqbU0VOn9v_tceXtIEW5eNcat4GnJAbyxgBbYEy6cDzcnSZtdKdW7DrAYcDO5axYEZUg9IbDJrN31s2_kDlqtfaPIxfJzUeveLWtRTkC0ycR7asa2hL_FvBqxtMqLZo_KzLm5YHIcZ_wSePM3hKTYU-Kl6l1HBfTvk6tJJJR0l8mA7gTgS9dcG3207PYuDGuxuvSFVb-HxxpYdxJptxehpGGTTEg5bQtQ887chktrGNgbyjgxoTRuZPdDXeALrAJjNYIPncEm2mZF1FaVQoKQJUDa6CyXhIlCARIFJUym9V-DhwhRCyVsDufg2lcuXXvc-v9_0uCLJs6iqmF4uTeRR6hilXCbYHJpbIUu6xGjlGXu6NtwSYGV2XLpQARF81OplUxa9fmTX98iP6gsSuso6NWXZOIrEg-zS004L_Kor8W_5MgAHnokm3MHPp2fZjKd3Y-LWwo8LE535vCGfmy7bsKt3QAqq7ilEm4fiEVdoF3SMOi6vXuWriCWFp1_Jda_gmcUj_A6tBBoslC5piJoI8syb4Ef1A9E-yghaKm_OIyAr4qunRaANq7Y8QohDtscVmprN1OogWJHukZROVfEClmJq9JNFc-vJbNesGNqqtYAWTAdpwYonNThCXMFrUEWcgD3j8_fmH0leF_TRAkLSn6iu2DeZr0jsi6c4sTXrej1UtMuftINVtU_ENCoqNBtCTyAANK_Y2_0H-SNVcT7fW1opQMzMVBviW06fuF6LPPT1QzNh5P68UN6lJL_ypMFsVfmOSt4cWBASepji_JjkaBAK9a4m40NVfM-HvUMCSSZl5bfzVKRo3YN1bMzchOV149rZXHbfpvYpx7jq31Mjrrd-o5foID6mR8mYwtzZ4uE4OFaGdTj0hHXnIv32OUE9GM-7nO089ptEUy0euOLtnd6Mfd128ezeSagTKMFqaxuYRb-aXzY7UKTVjy2cVc9ZGaEw9xzbBMX5y1gHoEA3SJRo2qilkwVP3B1hWKewZSg3wflLPk216n8km44GWlZc28NdDEmgdym0u2njYinA8N4v8Aqf4RvUaGSgbz8zhSNAg0FS3VVtMjDuicyLRTW8x0h4zqljG4GDtqsbHGsirJ9Grm7KqS8N_sKzQVTycqdOkrCkSyorjzjTrWdC0Q0FOZ6xPg27vASb7uzNB-lx0bkcsKyXtDw0NcOZEMiAnEIVC4qE1YZxqWkzB5a83danYEq-yg7MWzFHObgWZkbzMBjBC8Jzfu0CLNKlJagL71mO1wpoSCcfdBXk-cpd0_-_oJFn49bNbAB5SAOQ_0qj2r_hCwnsKVCfpbegOZtv2tjCOe_SFwD5qKRLkesenuZvXctB-_AKGd0V3wN_oycTzmzHXkEB4N5tm-TIt-cRhtpGjkprCGXBrro1pyJ8wXY9zYfDCc6QnuQZP16gSI6t_gaCWlGvxUCdkNpLXnnmkMnjKoQH3ea6KjOHI31BHFX3MEf5_uwQ0X5BPQKASWljmYjRZlBaUwzUiVYrDz2lwkyXi9leuwwGzc9jmk3vfT0CQXz_X3DfejUuObisRpIfvIESpEvgB68BHy3qiB8hoJcczWPJFmBxTMjM7qZvu8nJxvviOy8XmDLpu9tKaYof-HAUo56ROCCXQqRaxjN38OQKAS4RuJ6Iw7Xn-9qafIWoQPS09Zby2xKR49Ii6gt7110Wr5mZQHfC0-rSvwXCd6yHkfzVpNwPbj5EQWAvQ-24U4hDKP54UPec_Daa_ayBOfmAAUkwI7JvYQzwJwB-nY6_FXRGrMBZqKSXGW8VaYK8Yj02khoeQtWiweTIF_5UbXBcagktVAt9eQL5RkLutx4wsJfCmUAqKo3BzHoo_qJPRHg2YIHpdRDd1oHfZW_XsaEyTqqOps5ezFDk78KexAsN5B1mTVF9WinFGMtJZ3rUKDe4UFEwl4lEiDFMBO0NtRYFCsHTeXmDD7c_b_V-WDleyzlCDd2v7BoInEyCzKIPlBrrzT4dahvHk3PcaQm0u4kKWhrOQrXrM2Ij7_M0QnCb3v0lbDbY6RLfIOsyMPK2WeGV4E7wKReflwPnBdxHzaI7D5Odb4JXD9qyCKGNqF0PMJspXUiaXPpFsvZOX3DIciHmLf9HE6jpfHBdG3sHyC0c0hJMkEh0IE7HeOrpl4pC02q7pn9euvuNmBhygBBARiw7xeht0i1ozQZJbf3av-Y1AFzypzJbVUDZvqPOdX3V4UbuDLHcxLh58nXsn8XD2ZxOJ3sPw82AkmG-_3cVfBjfWs8NWzawxZFwW1R6EkTEmZJjqXFfKWUNv3-2N6-yIz4x5cKBS2me5odxGMRDxnUF5pCNOgWXxdpCXc5yMaxJ6wrQvW-55Y4mwIF1moaFa40kmwwQjTkP53UVv9ChEiOlUzX9Xxz1LcdKIyVzj8730ufw8wwXxrGwCHfsDkmw6sIiV5A90w8KLFmGhTI7AghF4KNH5r8enDP-fH7-S6nEHhDBTFiA8Ob4VejkAB2m1P6J_ssYNLjwDgmEK7pqGDvL48fe_cpof6T3J21SUYsvWl6fhWSq3y_DfylFscHqNwvttpt2vnGRZeOwa4qykKdbfy4nmos62YUt9NfQ-7BWiW_29IPPkiDxD8TEe0Xj6CHTgpS-UyAN9eRuBDPYj_1B-__Z5QSBXdcO5QSO499ZQ8TCGtXxvdKYI7A7WUKPxcZzqamYkvunoCDRYCYkrCnv1UH6vBWXJmbODKOz-I_Tn-nfXp1tCV6pb2W96oOR9yT883AfGQmsatTrQdtajK8ZKOkubnFBmbKn3I-Dg6PXTZZRxyWMoGkMRDizs3gnctHu2IMlcPlqHgazFw_fubRal-82dExI3ilEQdN-xFqLASsSrYyVOVGhAHu3I7V8R6-BPhAQ5JRT_QK0UIxVNKrIgJgO3DGhPyfY9otbWdZH3hdj56a_TyK5oVu9fXcsquOrJX4cy9Hr-foTynEuzIKnZG0dg9h4lyNQG6oQdOZh0N2QlWoAzNXwDdmdiqRBjqY6UTwzaKM2_byRpb93KzJ3KfwR5M-YJQFTnv6B43m2F6G0Utu_QVX1rscbIEZ-CozNSLSYOjXuUOs-YUu7uPVwYUTK4xPlTruiyp077ISIdPIMXnjSM83Y8dOTwAJ655_Pic-mjdVadZbFWc5WiV9Zz0k153z2J_plak0BIcDFOFwtPBMWDYoXucT5GFzn4WoMmrLlcxsNzSxBlfMJPvGFhleXMeidbacPiVAGnzsOl0y4ZscArzpiYlr4c1rc_QT5B98VV0zNKVtEXBThpa2Bf0w5OdUZkFLSczEDeNVY7hs7IlRM6AvWRZ3LY_n_YQU6-inerz7tts1tniOu-2FyHXIBPh2-bH6Z7DQXHZwqeP8bsoo_IrEe0Mcphkz8uEnrT_dEP3tIDqdsZZJj9JR-DunhChCBRN0pF6izRLnCpppQJJ6Rcdgt_ZYtYZxn_IgOREzpqszMKDGsdv5bRI747HBZYqj7KVg4OrUUT22unNkmcsVs8cqMAwXfgrDboDBeDYwXtc4wlfRRBtfc3y8RySa028mBsmNEYG7TLlcW3CE5m9iSGMVGEPuolTRFo8DMTEoByuDQKhFuE1ILvHBlh00Mm-EQpn2mQ6N3zJ1FuXk0w4k0gHIzmMA_-_5gTTIOKlZNKbw8bMMFuNrnjhxD460eHUPg8Nk-FY2SGCkE619_AVb06Cq42Gc&cid=CAQSPADICaaNftj1cfeiQqrmNCzUpCkbhjAOzKOg2aDrHlNKYlV1SfKeYTU6cvkO0oPXHTogRR3hYiB_tI-cRxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=9672159996367940000&adk=531095043&idt=198&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
57665
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Nov 2023 13:38:45 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 42AB 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:39:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
21638
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 23:39:12 GMT
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame 3085 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=68648317;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=20567029375&extPm=20567029375&extCr=524347186&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CgVAOJMEwZdTEGc6_9u8PlpGj-AqegLTUc5PcnpacEpizlZhDEAEg0ZPDKmCV4pCCoAegAYbHmLcpyAEJqQIepVwe1KyxPqgDAcgDmwSqBKgCT9CHfPNHaLmUclXS6Ksz1kfUC6DjEFf7ormcRrLmoHFWGolkwvHNUT-HT7goQ0j9EJy21daGYlkpKNeI0ftcYm7Vymtg_lfpZz9oc1ZTnVYIMD01JN9luOHQDc4XKjgCX500mjq3WccvdgvvRpUfoNgjjO-36hEsYY8U7OiTM1qFP9j60EvCrxvDK7gb3bo8NjqMA1sR-ECy_DmnwuKLt2_Y13mNKpX_pcFfuOqDdWvXm9oRC8V3ql69nRqbU_0VtH60yWKE2-cxNS6cwvq1Eqh20nfnUaWGtZ7e_To8k9ZdQA23TEt89V3rues-HEppaw5fwV42suHuvHCy93ICC9nPtiOEsFXpwI-GgjaP_phIbuJ4Et1-pL8SQBrbvHJyovQT6OE6KELABNnM7u7GBOAEA4gF_-yPz0yQBgGgBk2AB4b_6JYEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAeINEwjtyPX4soGCAxXOn_0HHZbICK-wE5_9lRXQEwDYEw3YFAHQFQH4FgGAFwE&ae=1&gclid=EAIaIQobChMI1Ob3-LKBggMVzp_9Bx2WyAivEAEYASAAEgIusvD_BwE&num=1&cid=CAQSPADICaaNftj1cfeiQqrmNCzUpCkbhjAOzKOg2aDrHlNKYlV1SfKeYTU6cvkO0oPXHTogRR3hYiB_tI-cRxgB&sig=AOD64_3lNJQ7yH7ZPght9vPPJPqXru2_5Q&client=ca-pub-4491659496372172&dbm_c=AKAmf-A8vLQG3fqlhkA6KUBUIML2dlNaHiaUgpy1swSZP-elJMSPuDZqfAfkdeF22OcfbOsfP6Cu4Sz-W2vYNljBYRHvTelZcczcv7c0rqs0Y3aXTLujr28rDiC38qnQztToUgpLeceCmA3DJ2xgAYGUdkxb0ESqJEKTawg4uF_055LON7TlGrw&cry=1&dbm_d=AKAmf-C09DetuHPpcs1vL4-bkb_1Bn1cVO-mshKdCdsmeuqD2W__ZW74_r_4AQAE5iNnqIfE8857NaCvOAYQebiDEVdu4ILc5kq0IC21Vmco2WfTcNPZKWtQvuCpOluZkF-ek0kaX8cndAi5Kza0bUL98qLajkUu1EnJ8nrTmZH7b1moo6LN1pj1tXDth_Im15zdl8vDlWN5Y6ZbE62xO-dOR8l8cZK18O4VZQjNLxcFUAIA1E3YmvO-SkukEMfgl93KzUHOuXDIiYjMpUtFzJeHrgU1_ToPJwoA5_gr645u4PjPVoyc8fCqFfojlOBPtLjZVSyHW5XaxYF5zJ7q9xTZOTkQd2GdIAYt4x0BRxDjOhAYrsxFji3mJtGWuI95DVglf8VNR619kS9sskpMuzCd46vuaWl8ro0lHnT2daW8F0fRPxZYelSFn7qeaeIyDdRzkEQTEKiFZXTKS-Thb4XMih-WtDmVTP0pY5jVslf9AZcUKkeV88T9ex_YK8LxiscQIv4v6jjJYsQKvMF7P2meeQ8MG21APoOg3GMx3ryzfOCXsJRLi2E&adurl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
577bbeb02edadd6a6119ee367adac8fd8b43b40a3763939f1d01e3cb9dd9a9a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:50 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:27:00 GMT
server
nginx
x-cache-status
UPDATING
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 17 Oct 2023 16:09:59 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 757A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72586
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 09:30:04 GMT
etag
48472445140208031
expires
Thu, 19 Oct 2023 09:30:04 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 42AB 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78bcbc9cd7471423240560071de83ce9cc03f92629d5e8a63b8f026de0b80154

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
pagead2.googlesyndication.com/bg/ Frame 2DB2 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 22:10:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
26975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14821
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 22:10:15 GMT
zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
pagead2.googlesyndication.com/bg/ Frame 2CB9 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 22:10:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
26975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14821
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 22:10:15 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E20A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
47872
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 16:21:58 GMT
expires
Thu, 17 Oct 2024 16:21:58 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C82D 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=30&d=1&s=1&f=0.01&bgai=BhhiIJcEwZeH1H8Oc9u8PuYKUmAsAAAAAOAHgBAI
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/9015645056701891402/ Frame F7FC 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9015645056701891402/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32a6f1ee1e7049f83403ea2fc9f3e2418ba09594b9a2cd34c726440d7a45170a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
127260
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2897
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Oct 2023 18:18:50 GMT
expires
Wed, 16 Oct 2024 18:18:50 GMT
last-modified
Tue, 17 Oct 2023 14:20:43 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 42AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstNOlnyeLn0W1vF-zQqmqKF3cPA0SVcp6nFSLHVL0EkoUwKcqOseOMcfhyOoKB49bQGdoh652SVUthvJcmtuUbmltadd0AIa7oLkNgCga2sjvECW7JWUl1pX6ocSKl6tAcaYaIUeFbbO_hLvUCAHYSOwBwFJN0P6ZishNhUqFvFnMiJ7Al9d2VI50XyJUEw-XxB5Ch65bltDTK2Co63zTpUQxqQ8vTShfMCNe9qNhi2XUMhkUVjC6ZsLvkY4X7nQhXFcstqwn3_8h5dvytmb8uN569OOO_6UscNrvFeWUSo0PUsI3BsttZ8BHqQd4ze3vNecIldxRz6gto0j3BijCezZQXyzxggAQKyaUrRpOz56aT9-6Qb_xtxYdhmZz_cpEk9SlFCfIEe0COA4VkmXXkr7FFVOAXs9XPsh3hpb-IeZp9h8iwL2IJeuEwBDZKhbO7As6eR3n0TBPs60oxuiK1uiT75Fwh4sqilDNKzy6D0ivebEi9k33JIGIeENedlFT3SJU1uNQDA4HzOa6qam8vwlFnubGAlnFVyUWU8U0JMpvfcLdVxhyROwmrdTCI1nkNpWPdtE_IP_vEmuTnTLb87ia5OBUrhe18UW9AZPFvKPAydYsX-shp-fQ2Nuz4Vz9T-mAMlDow0_uwMCNLQosDXMdq7PFZCoH3qaT5RX12CI589bwH2qjYCsm3pPeHQ_-qNEtyjsf2_-y_bFhNIMzcDjqJQOpi-xA9AO241oxuhGpXrSSkWR19BnMXqrmM1GX0zOq_SxWnRocVgJ97D9VBPHLhYliCA-L7ZpiJXwoq7NKPQPQF-DAiFcbrjF0J7_cVCljmk93NBWYJ1_fECAELnw2IRZkJrRKCHN5kigoTTrmKhuoXRHprJCmj66iXigCye_l4xZxZguRVY_Fh7ey6upXVL18A3tURxpKSLfBXcFe2w-HpjOoAUb6gMcmFQM0mxrP6rVA0Jr3kyhDMKDZmJmVND59o4Ma3P-DFOHDXoHZYf6PXjhgl-DCt6R-F5dTuCgvmp44tzXbm3IeBcW5tzJ281lfTRrYWz4UQO058-5azyiTvbMnnVsHNs6_MnGDnXoS7M4P-IlbOVqyt29_ATHgQKyCvObDiL67G6D-gh3tpkX0dxqvKH7cJIQSHzwNApejVN6zo73ud6YEwNaoiMfC11R7qJ5bzkboCFjI4SXxbL5yC-kL1Lq4BJbTSgha7FG90uZ_8YYSzRalv2iZHFpAAhKWkVjhvRLpodhE-oSEbIWoQxJNyZQlVhS5PRGe0CgzGAOQaCWkShRzc0Qs7MBY3QztoNOnPHA22eStZc4rYpyiiyq0gXx5iX0iQpCwgutKVxUJeIGbtFsYp8-zRuVOROwNmwWTqXRUsEqexgddK1Go_e3md52szOf1QlRGFnK_yBAl6zR18bY1fvwo_eWKg&sai=AMfl-YRFFBiI8lIVRbUf7zqD1JchY_aa0GizWCE167GLy4D9jjCzdKDOHCqI9uuXLgHaeNSz78w_T8hfes2Vg0DoUIdyOMNq1C9GuddjE2e2okqq8obPPA74oeFJBvU70ydK7hkZUC37LafWtgchyG1FLArEs4jDvDDVfExFhEoIuvAn9p4mp9A15iafsg-vWhPLkCrGlJxKWnSCQMVeGBd1eAx7hmspxHz4vKn0FZZX2K-O4IxMwW0SSBwq13hCbTrJdH8aggQ&sig=Cg0ArKJSzAySMkjV0LU9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=179&cbvp=1&cstd=175&cisv=r20231004.68188&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 19 Oct 2023 05:39:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Gotham-Black.otf
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		22 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/Gotham-Black.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b525f27e66476e4c748759921adc9558735824036d2a58c2f44d3e9d74b83d98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 16:08:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
221462
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15870
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 16:08:48 GMT
Gotham-Book.otf
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		21 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/Gotham-Book.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b159412c44873b8d07ddac50294bd538e742294318614fa796e89f0d1f7f956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 07:42:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251815
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15380
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 07:42:55 GMT
Gotham-Bold.otf
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		21 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/Gotham-Bold.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae447c4a73b83bca7650a9732f61d84bb34904956099d0d38185b923e2642020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 10:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
500771
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15057
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 10:33:39 GMT
NotoSans-Regular.otf
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		1 MB
424 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/NotoSans-Regular.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c5c417da9de9e3b94f1b060d7ef137e4cb26f26e8d157966e7c80c2e9001fe0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 03:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181270
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Oct 2024 03:18:40 GMT
Gotham-Black.otf
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 140E 		22 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/Gotham-Black.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b525f27e66476e4c748759921adc9558735824036d2a58c2f44d3e9d74b83d98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 16:08:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
221462
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15870
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 16:08:48 GMT
Gotham-Book.otf
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 140E 		21 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/Gotham-Book.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b159412c44873b8d07ddac50294bd538e742294318614fa796e89f0d1f7f956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 07:42:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251815
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15380
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 07:42:55 GMT
Gotham-Bold.otf
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 140E 		21 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/Gotham-Bold.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae447c4a73b83bca7650a9732f61d84bb34904956099d0d38185b923e2642020
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 10:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
500771
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15057
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Oct 2024 10:33:39 GMT
NotoSans-Regular.otf
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 140E 		1 MB
424 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/NotoSans-Regular.otf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c5c417da9de9e3b94f1b060d7ef137e4cb26f26e8d157966e7c80c2e9001fe0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=mY2CqP7pjp&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 03:18:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181270
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
434259
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/otf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Oct 2024 03:18:40 GMT
i.match
s.tribalfusion.com/z/ Frame 757A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFiO9XEJOW8IBi8kpAvlCFI&google_cver=1&google_push=AXcoOmQNWWIoxabTiY-pPkAfRE9EUsvRq1KTEkv8uqgmLqhCfsJc7XxjjajT8H4ah67LM32LPWc_9y_0E5qsGzTtomdVod7DxrUU&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFiO9XEJOW8IBi8kpAvlCFI&google_cver=1&google_push=AXcoOmQNWWIoxabTiY-pPkAfRE9EUsvRq1KTEkv8uqgmLqhCfsJc7XxjjajT8H4ah67LM32LPWc_9y_0E5qsGzTtomdVod7DxrU...
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFiO9XEJOW8IBi8kpAvlCFI&google_cver=1&google_push=AXcoOmQNWWIoxabTiY-pPkAfRE9EUsvRq1KTEkv8uqgmLqhCfsJc7XxjjajT8H4ah67LM32LPWc_9y_0E5qsGzTtomdVod7DxrUU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQNWWIoxabTiY-pPkAfRE9EUsvRq1KTEkv8uqgmLqhCfsJc7XxjjajT8H4ah67LM32LPWc_9y_0E5qsGzTtomdVod7DxrUU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:50 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8186aed0f8f3916b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:50 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
37
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFiO9XEJOW8IBi8kpAvlCFI&google_cver=1&google_push=AXcoOmQNWWIoxabTiY-pPkAfRE9EUsvRq1KTEkv8uqgmLqhCfsJc7XxjjajT8H4ah67LM32LPWc_9y_0E5qsGzTtomdVod7DxrUU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQNWWIoxabTiY-pPkAfRE9EUsvRq1KTEkv8uqgmLqhCfsJc7XxjjajT8H4ah67LM32LPWc_9y_0E5qsGzTtomdVod7DxrUU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8186aecf9fcf916b-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 757A 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDufmzhs4cWRUhlPxVS3VLg&google_cver=1&google_push=AXcoOmRiBp9ttkjXe4NRVDXK9UtB6xVIzgFSAWGUAvODfRJC4nh3Ph6dLQOtMvic3mBmgFIKwi2FWtQIMHjdypFj2e-oUUkHnwO4
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:50 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync
x.bidswitch.net/ Frame 757A 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGt1ZZDIW7CjIbIM4GWYiYg&google_cver=1&google_push=AXcoOmR0RElJpPRKZbkfjsRKMXtBU-bAIb135WeJrdapxbZBvLJ3Rzd0WoPnJhE2TbgSCBTbRWiJmMuYWV1bSjDT0znwB6YVd9sj
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.71.157.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-157-32.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 757A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPkv5fgQ6iIHZUs9anSyGzA&google_cver=1&google_push=AXcoOmTJF7rlCcHiNB0Z4lQBaj1wnia_Pc2SuM-qgl2n3ei_LcbLOwuqxm47EKf7L8Cbx7ulutwRj8lS...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk2NDAzMzYwNTA1OTg0MzEyMw&google_push=AXcoOmTJF7rlCcHiNB0Z4lQBaj1wnia_Pc2SuM-qgl2n3ei_LcbLOwuqxm47EKf7L8Cbx7ulutwRj8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk2NDAzMzYwNTA1OTg0MzEyMw&google_push=AXcoOmTJF7rlCcHiNB0Z4lQBaj1wnia_Pc2SuM-qgl2n3ei_LcbLOwuqxm47EKf7L8Cbx7ulutwRj8lSAjMdJhGxUvIpxxfqQyhc
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk2NDAzMzYwNTA1OTg0MzEyMw&google_push=AXcoOmTJF7rlCcHiNB0Z4lQBaj1wnia_Pc2SuM-qgl2n3ei_LcbLOwuqxm47EKf7L8Cbx7ulutwRj8lSAjMdJhGxUvIpxxfqQyhc
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ebda
match.360yield.com/match/ Frame 757A 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEB5ZiHUbnYeiaC_ZXSmGvRg&google_cver=1&google_push=AXcoOmQzleguh8t5WX0p4y21N97zypts8uoqmCr7bFEzaLMIADL8ZK0AQ4ti581Ku9JiwJIqakVsHgFalX1UM4DydjHwaXLfR3cr
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.18.227.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-227-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 19 Oct 2023 05:39:50 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
report
sync.teads.tv/um/ Frame 757A
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBuJfkpNwSPf...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQOfsyM_Wg9bxIGOBCbLxH8szWM5Ez9rSRkMlbKbU82puZpzqqKQ05dxJJorCqZkYM07eMX6y5k1TLYV2zeISKN4JDIxh4k
  • https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&google_error=5
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&google_error=5
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
23.211.8.12 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-8-12.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Thu, 19 Oct 2023 05:39:50 GMT
pragma
no-cache
date
Thu, 19 Oct 2023 05:39:50 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame 757A
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBkoKJwwpMgfjGZUOmznFKo&google_cver=1&google_push=AXcoOmRrtxWlOQUpG...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODA3Nzg0MzE3Mjg4OTU4MjEwNw%3D%3D&google_gid=CAESEBkoKJwwpMgfjGZUOmznFKo&google_cver=1&google_push=AXcoOmRrtxWlOQUpGkITC6xOMe0f3o2phR...
  • https://s0.2mdn.net/dot.gif?google_error=5
43 B
73 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_error=5
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:33:39 GMT
x-content-type-options
nosniff
age
29171
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Oct 2023 21:33:39 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s0.2mdn.net/dot.gif?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
239
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 757A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K0zWRMTIUKDATRsKlr9g2vzpGorCSsIeKIc5ANIiTcaiHkD9QFuWPior2r__0pTGswlK_JrXs
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:50 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dvbs_src.js
cdn.doubleverify.com/ Frame C82D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=1623176&plc=68648309&sid=1366186&dvregion=0&unit=160x600&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=1623176&auorder=2010169&aucrtv=60898800&auadid=1366186&c6=1447160&c8=&auplc=6994694&turl=&c1=VF-DE+Deutschland&c2=DE_23_AO_P_M_G_F_cic-215-fix----per-fng-dive-DSL_all_funnel_Tracking_PER&c3=RT_PD_F-215-dsl-all-PRE-Tracking&c4=dsl250_gesamtersparnis_231005_tf177a_320x1200&c5=Doubleclick+DBM&c7=Doubleclick+DBM+(Media)&c9=&c10=DV360_AO_AL_1st_BNR_CM_dsl-100-tracking
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 05:39:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2023 09:51:44 GMT
Server
UploadServer
ETag
"56f95dec40f6402642b5537aa29ad91c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
932
Expires
Fri, 20 Oct 2023 05:39:50 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame F7FC 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9015645056701891402/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9015645056701891402/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Oct 2023 05:39:50 GMT
css2
fonts.googleapis.com/ Frame F7FC 		2 KB
996 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300&display=swap
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9015645056701891402/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2e32c476f8c66151541b113edf89560601e02f8b21d559bd1ee880e8337c57d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 19 Oct 2023 05:39:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 19 Oct 2023 05:01:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 19 Oct 2023 05:39:50 GMT
avoury-300x250.js
s0.2mdn.net/sadbundle/9015645056701891402/ Frame F7FC 		36 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9015645056701891402/avoury-300x250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9015645056701891402/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
224d2428e935b85caf4d08d1a9c234464f0a1cde80923751591435cb126e57fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9015645056701891402/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 18:18:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127259
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6687
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 14:20:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Oct 2024 18:18:51 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame D46F 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
527571
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 03:06:59 GMT
expires
Sat, 12 Oct 2024 03:06:59 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E5F5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
47872
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 16:21:58 GMT
expires
Thu, 17 Oct 2024 16:21:58 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dvbs_src.js
cdn.doubleverify.com/ Frame 3085 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=1623176&plc=68648317&sid=1366186&dvregion=0&unit=970x250&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=1623176&auorder=2010169&aucrtv=60898808&auadid=1366186&c6=1447160&c8=&auplc=6994694&turl=&c1=VF-DE+Deutschland&c2=DE_23_AO_P_M_G_F_cic-215-fix----per-fng-dive-DSL_all_funnel_Tracking_PER&c3=RT_PD_F-215-dsl-all-PRE-Tracking&c4=dsl250_gesamtersparnis_231005_tf177a_1940x500&c5=Doubleclick+DBM&c7=Doubleclick+DBM+(Media)&c9=&c10=DV360_AO_AL_1st_BNR_CM_dsl-100-tracking
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 05:39:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2023 09:51:44 GMT
Server
UploadServer
ETag
"56f95dec40f6402642b5537aa29ad91c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
932
Expires
Fri, 20 Oct 2023 05:39:50 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 20 Oct 2023 05:39:50 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 22D7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsskRqwEOTAIzDJNP78D_-0RCh7A7aCNXYQeWoQtQN8LXKI6pOF6eHTSv6nOCp_4FAUNHsVL8O_9Deoyo6ZxJ3XoxP_vugTDvmqG6IOd6iZ_shcFW5l7HF0-UrYbiaW6JkGLsWFvGQhM2yPOzvh1lw0s28W8Po65xvZjDXIs8T8epJbeGm4GkjfjkdEagdyL1MyyRI__tdTlTADlyn9-tuG40dZtM5QEAD6iEuV4XMMte80s62OrjH78F730i6iYfuDwLZF_jpvdeFgYVqimZdqCNXgoJXsYuE15tMGiz3JH1-AE_a2XNpl3L4hUroeamdAl5Lkr_XpqOswZ_T08t1e6hqiHYhsYkrMo0Z1KnbkIAZXy1nSHpIYAKeUwL9ovpe-WUjz30MI_AD5pwJ7hkPPGan8_CXi6ezSqUEUWC1EKziUQsfT3Cys4p6j5u0e5ya701dLDX2-idOMv8Xcr67AqtXwd3hhE2qq9iCN5sUL2wBOHROYzESRAiOyo5clkoFz96YPFgcWBnfz9SP8NugSHyIdx_SHYchRvYJgClpp8zYjE-XnnQKSEzfmfvi_2nLro2AeJPT2cRYyZWf7FcZ5GYN2nWGr2C3sQGmpDeHdhuTgAVzg_d2IMtmBzCEwGoP2-aAaxBZKn-bbp6G82kI1MTEcGFyRRStSdLpuUqPVn-3MButQtiQF1sq3cUqx_3sVrAEzVnjOPvukmoOXq3SS97EwlUKBwuEupKmHySp_hGERyYQfdGx0gprXwGlKwd9Orcso0j2Y9-XQnpYgr9MN8rHgRKUqQ5URBjaSN-vWLoKWsHKSHLVMVRi_vsMbksEiA04AA7ydMAinJint8rhXO5TgDuTw1xo8T7nWQRndToO1d8DIGmHufd5ivEJGSbkt87ValTCXAbuaa_5_wniIP-Do1M-OgER13ESjt1mp1m3TIhb6kKsgJ1FuTjtr4uMiaXFfuTV3OaxMm8rpM2fjHvNt_sOt9E0Nm8K_rcpotiil5w7s0p2EGYSWxv_VM0ENviQCR8Vbx2ayv3MuTnz0ZGCJ91Z86jZx5J9uXiieTwFGrvwkY4muan4GGw00EakXYdqheQam9iPJvSgetpPKfnC-5lTuBloI3z6TFWCUlNF8hbsg-6dsRZTV_h7ga_mVQ_qs4WeHJ8KS2dEYivvU_Q53E6MNnB3nhDR6Ixho9updiITilUmiQP9fLbW4USg1gk7AdXslnve3bd8CK5wf64c-wm9iOYPRsbUiixXv-yUaylrb8Gj9uEj5Y9Rw5ncZA4UBUb-QrmeCEA2yvrUi3psBIyPFEucytp8OZhiA6gjzSgjdJoBwsxWgvmVFmeruTm4uMPD0qYhQdJa4zWheX97wjn3oOImURbSFC4lQHPj4acFd2kSkyluj8HZCYN_iEVtyp7xtEHDfTQNOnVlvrWpfdielHr6k1FF3EsBc8GRpJsi6C74jzVuVGQJEPreWGZu-zu7Oclw&sai=AMfl-YTWFiVfDVp9hTj9CdWiA3pDS15FqX8DhcGjWUpj-OjbkwcqkfDUhPOgSTy7Cr7tCchzpzGBGCuAzX7B-cXHBZH4G_6jF5Ug2ORyGt5VxZj-1IGRYsXbWjpXVhc5AkuDqNauzJTKWKXGhDDbsC6bE8oCF6RYUrBd_2aW_ERB99XY9JD9vwzXpFqPOhsh16L4i2bue46m_XC43PutkYOwbD8YpNjyYZ9I50V6X9GpN56U325d2K9URjYmXgzvN36_-JCg075x6Z-vEbzO7PcsWFV9sdJy1J_mJF9Ae3sRu2c_jhs5rOg4datlKmmliAcJA0Khn3r6RIBpUp1T0_-x6PEGDdFApwOz0AEyPfb4y2hHUTEad4-swrgbU9Jt0JdsBmB5sNrO7ntsn-9A_rw_aybqFgeXJBcvPgTZbFLEOtnFWW_u925b2g&sig=Cg0ArKJSzFjsVdb8JYOEEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1367&vt=11&dtpt=751&dett=3&cstd=596&cisv=r20231011.29355&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 7D26 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssdhkAineWanHIQST_yUMZSfT-XWdFPAxH5ko2gAnltw94czd0B7N7DEFbpqaOnLRi0IICtA3Q0VVSFtDg85q6itUsQgNtCNW5Q7Umz1uZRW4lntn6Dung2MJBbdVvmvRJ4M_9k1pYQftdNwSnTuagazoOiGf5Niqa7VapmknS4T7iQq3D7HM7i2sPOzePd8Z4JaIiJf-C4agp28PulvUTAx3ONlNykOrHJk649TvNo4lHLjsMCsQ1UMTi-r3XyXhfe60-DiGpsONFDrW67TplSXmOrdWXFPuemeC8wKhdD4nScblirxW2_zRlBSiTBYZ9sVdvQhAXkGO2gefNZo381d2CD1SVczbZsV2O_QZQYb6GqLz76WYwZdnB0QrhXm6Wvl9vPS85wBbKnmzA6APiyo2uARKnHElINaffr-P4-5BN5vZL9F5JSJIMjKQGyyhIUvsh4md79Xiad4EM9PLOBMMlH-YK0Rx1CDwFhIk-ia3TVuu7K1I-ISnjgzT9eWv-WaxoZ0lUkDdXQ83-rY_dpjW6Bo2PjbgjnXl5RyQek-sj3Ar1Tt29W4GLPRNQM9nkbzGEySrX862kKxkzQUk7YfKJxqcEfU_l0EHSzP3U-N_Zz4TAuVvNT0FlLdIuHn-ZOBSJWP0T691TyF6HszX01f4aXkQfc2O6gGgIaOvt3liFwPhTaT5VY73Tz1ZKRbNsCXWXLa0htxLuwnw0TrEc9VPdntKZo206eGXgpqExHihzKYaiRNku53OmpbFgYFUb7pf5TZIAjbpXIyr9TUAF_76c5tOkGQuib2Bo_OqlJ-lswCtf-QqhSNn0Da38urht68d6k5YqfIIjwoOhaBxGbnC30K4W3W7fzJPcpbiDzhtDH0f2ZJZUI0qlvxcxrGrv0KsInbCoLncYjGRDig_q7yq-lU2RvSx1mr79Oxr8uwhrY4xDsWXpOvuSpEiw7Zx7arikm19EWfzX_GzPt-NqWy-bz-5aLCJOXcQF5SQqo3pxKNf66-ihODlMafExQme6bKMMekBU0DdWTLXFh_Kem7-0zcDZrLmEWPRDluWAhZrSApQy7dZevBqm40zbg0c-lNSJkJ8HViRMVXDJcFz2V79y4hi3gJ3O5r311DZWvVlafih6ykebsUDN6KlyUR63RL7kmKhdIaJpI7GSept1AoGuV40JTgbxwqPREdXPWmdrqDB4tq7AHZOM7nIWuXvNognnCfO1-JHWDsa29a1PLyaYklLdBbYSFZ7-iY_RdGM2tfjpxTAjUZDVtkTArzW3iajpRJ3FDHSGlk831O_UH9FwGrVnSGV8_-SJT6M_5NdLpo7ZrQUAlB25rVUp-ITQ9iUxjEqvAVhsXvGQbvwWASIxRJ4l2RRXPjqhDHEk1XlG1XMasjofQPej2jKuoDSEAew-zzeYdrWh4HqMBXZgtaJyUbXE3VmGu_o9roqPC9l2d7huzEG77HiXIA8maE0nJHnsFm7KvOQ&sai=AMfl-YRbKhaiMbPz0WWMLjT34BRXza1iVQh4vaiZ_rEj5a0AG7mz-HcMlP0NBXUoSs2mWst60DGtbNDIimkYklU5VQlz6VsXxwRaClwNVrcB2aKQBMnBKExccu0I46dyodVgT3oe2GL5p6GUvG8YjyezZknjDJwyDrIdoI73BfzFSY0m1UGpQ2VJn6AyUQHNdkrAyEUFlVPNJnpPkMfGLXkzSSt4kRaOnxXRIy9JY_QGNJEldW-cQaPTuep7fVq0BI3Qsfsms0ahUvv04EdDDK11ZeAwn-E3eeAlJzLrju-M1b3zOBsKJfqSLjSQvEF47aMHEppJ4V3s5P3dL-o8KQ4Pr_RZ7E9QsrsKTsLhpc1EUoiqkm3JWV-u1YuW6hKG9zcTeJrS4ZqO_8SzEY-E1hlwjpKrmMax3Ig2QkUVbhyGpAYUTcXtLH6EBg&sig=Cg0ArKJSzKDOxOW7zlc_EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1372&vt=11&dtpt=670&dett=3&cstd=683&cisv=r20231011.80658&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 096D 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4353657b50f8755a0ca1d61fbba5df31b0ba19c5e783e9025ba82c31ad87ca7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5838
x-xss-protection
0
zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
pagead2.googlesyndication.com/bg/ Frame E20A 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 22:10:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
26975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14821
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 22:10:15 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 140E 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a544ba2a6e6ed50ee0d444cbe0a498931c388b7b14e310abccb3f53102a497f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5727
x-xss-protection
0
dvbs_src_internal122.js
cdn.doubleverify.com/ Frame C82D 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal122.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=1623176&plc=68648309&sid=1366186&dvregion=0&unit=160x600&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=1623176&auorder=2010169&aucrtv=60898800&auadid=1366186&c6=1447160&c8=&auplc=6994694&turl=&c1=VF-DE+Deutschland&c2=DE_23_AO_P_M_G_F_cic-215-fix----per-fng-dive-DSL_all_funnel_Tracking_PER&c3=RT_PD_F-215-dsl-all-PRE-Tracking&c4=dsl250_gesamtersparnis_231005_tf177a_320x1200&c5=Doubleclick+DBM&c7=Doubleclick+DBM+(Media)&c9=&c10=DV360_AO_AL_1st_BNR_CM_dsl-100-tracking
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b59e0c0d1cf93db01c65f1357aedb1b27cf41998f06af03d1039bb18e83b5f86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 05:39:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2023 09:51:46 GMT
Server
UploadServer
ETag
"676309fe6e3823d28d9b38e6462bb025"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19669
Expires
Fri, 18 Oct 2024 05:39:50 GMT
dvbs_src_internal122.js
cdn.doubleverify.com/ Frame 3085 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal122.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=1623176&plc=68648317&sid=1366186&dvregion=0&unit=970x250&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=1623176&auorder=2010169&aucrtv=60898808&auadid=1366186&c6=1447160&c8=&auplc=6994694&turl=&c1=VF-DE+Deutschland&c2=DE_23_AO_P_M_G_F_cic-215-fix----per-fng-dive-DSL_all_funnel_Tracking_PER&c3=RT_PD_F-215-dsl-all-PRE-Tracking&c4=dsl250_gesamtersparnis_231005_tf177a_1940x500&c5=Doubleclick+DBM&c7=Doubleclick+DBM+(Media)&c9=&c10=DV360_AO_AL_1st_BNR_CM_dsl-100-tracking
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b59e0c0d1cf93db01c65f1357aedb1b27cf41998f06af03d1039bb18e83b5f86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 05:39:50 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Oct 2023 09:51:46 GMT
Server
UploadServer
ETag
"676309fe6e3823d28d9b38e6462bb025"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19669
Expires
Fri, 18 Oct 2024 05:39:50 GMT
button.png
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		304 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/button.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6466c1ac875b1a43bd018a2c74ec4e95f6db7dcc86d282a836881cc6080c07c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 23:28:25 GMT
x-content-type-options
nosniff
age
540685
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
304
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Oct 2024 23:28:25 GMT
updatedlogos_300x250.png
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/updatedlogos_300x250.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36d65338739fc514e64beb4f96cee7da92ae1617ff10a1da27377874f4df9751
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:51:43 GMT
x-content-type-options
nosniff
age
215287
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11637
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 17:51:43 GMT
43882346_20230605040720440_113_Berlin_Destination_300x250.jpg
s0.2mdn.net/ads/richmedia/studio/43882346/ Frame 096D 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/43882346/43882346_20230605040720440_113_Berlin_Destination_300x250.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6f0465224d3875f51c7a77ecaa748aa72fefe427fa7483cc70e3b209a982e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 22:10:56 GMT
x-content-type-options
nosniff
age
26934
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86756
x-xss-protection
0
last-modified
Mon, 05 Jun 2023 11:07:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Oct 2023 22:10:56 GMT
1200x628_RH-Radisson-Hotels_RGB-GREY.png
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/1200x628_RH-Radisson-Hotels_RGB-GREY.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d5985fb411aa49165043a6b8ce26f5a7d761f7720f318f23f3de173ed8b0e33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 14:34:54 GMT
x-content-type-options
nosniff
age
227096
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30313
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 14:34:54 GMT
zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
pagead2.googlesyndication.com/bg/ Frame D46F 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 22:10:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
26975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14821
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 22:10:15 GMT
zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
pagead2.googlesyndication.com/bg/ Frame E5F5 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 22:10:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
26975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14821
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 22:10:15 GMT
syncframe
gum.criteo.com/ Frame 1BD2 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:39:50 GMT
server
Kestrel
server-processing-duration-in-ticks
698551
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 20 Oct 2023 05:39:50 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310090203&jk=2948625437707032&bg=!dXaldjnNAAbFpEfJ5aQ7ADQBe5WfOAjc9QcDTRuxtCn1Q7Rx7UmKcRFpiDjYgIGA_sRxGon6x_cZPeLyE_hiP4YPoT1RAgAABJpSAAAACmgBB5kC_82QbJESlLZVxNEpU04uMm2fKfFstEJVwkRQ3zwO3EtASO75uK_U6DkRPHuH683q21MUrHCTygAtL4O2GJYAGWIwhQUWdFMaJzOZqzMCtuv1FpZ_9wxzpbFKS37lI8JwSkxK99Kx2_FOYzjAW-_HC9R-0ajKbQzXz1t4YfPsLPI8bIBz_Y1VUV6dTwR9rrzOlYz_W5yszaJo3vTkJl7t820Lj7r0WAZPfxSWCRHAgQmdBsX1TbxkTIR36ayXZqgjQhU525vImdcCmAOFdXls7-IpR6YtqZLb0WCTP11oQuRnmcX6_WKCq0tRQQ2cnN-XrhllV8sivlQWP9bVNsLelwym5gjnq-7M5FS4s_CRdwUEbEbi26yohnZWkB67R7iQe9pkvx7ai1QCCtGAvMFj8aTu9xZUGFVtLX4Jl6i3ZL5j9SSmQtCwEN89PexUswEl5sDjnkMuOgTmEfC_9B1wuFsnLiA5LQE4fdH0-RWnpcttLyt-fRFYGaw2-3r6IhO9V9FShO_Tln0c0EQYU5-qLmXvdnA0vbwvG4XC2NlmyLIYc-zx_2TtLUUFJ3_-cNTHdBg3Iv61Hn09x4X2jiueUmbzU11-zu1gcA0LtGGKN_uBYXYMxsxf3yYsfuAlhNI7DzSVykQhjD142w7fxSIGtFxTKS1XXOFqNfm3Pla1sguSiR75Mrl93cCkWDVe3_3e0He0B9PCHSXjlhxBxqt8-G0WkTbK69FBnumyLeq-fPBw7ZbnUGsRXoWZMox32FkiiMtJUgSOav_YOB2PXkJXDJjr9ujHSkcQCTOlOZKgCV2p_Sq9TkobCQjTagxvGw2H9wwUzKfzVy2rrkZiJlUi4PEreWe1ENBswhgs0P2MHrdZl28si4sS9efqxLBsF5XVkx_6ITtVdYHUJLyTX3U74R9OX16lMaaM7TRqUIyyeOVvsLF3CaKYhzxuDS31fir2OTCa5DJMzGvVqky96cjaeKM8IWMnx89iZ8SmQ53iz3LbUM27lEj27JtMbtL4-4cD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
truncated
/ Frame 096D 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
updatedlogos_300x250.png
s0.2mdn.net/sadbundle/17797151709728982503/ Frame 096D 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/17797151709728982503/updatedlogos_300x250.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36d65338739fc514e64beb4f96cee7da92ae1617ff10a1da27377874f4df9751
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17797151709728982503/index.html?e=69&leftOffset=0&topOffset=0&c=TM3CrPwGxx&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 17:51:43 GMT
x-content-type-options
nosniff
age
215287
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11637
x-xss-protection
0
last-modified
Thu, 07 Sep 2023 09:35:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 15 Oct 2024 17:51:43 GMT
avoury_300x250_atlas_1.png
s0.2mdn.net/sadbundle/9015645056701891402/images/ Frame F7FC 		169 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9015645056701891402/images/avoury_300x250_atlas_1.png
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b322062a0e338f2b8e6158d31854350d6022367cff16bcbb2599a97b7ea0713
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9015645056701891402/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 18:18:46 GMT
x-content-type-options
nosniff
age
127264
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
173324
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 14:20:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Oct 2024 18:18:46 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 42AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstNOlnyeLn0W1vF-zQqmqKF3cPA0SVcp6nFSLHVL0EkoUwKcqOseOMcfhyOoKB49bQGdoh652SVUthvJcmtuUbmltadd0AIa7oLkNgCga2sjvECW7JWUl1pX6ocSKl6tAcaYaIUeFbbO_hLvUCAHYSOwBwFJN0P6ZishNhUqFvFnMiJ7Al9d2VI50XyJUEw-XxB5Ch65bltDTK2Co63zTpUQxqQ8vTShfMCNe9qNhi2XUMhkUVjC6ZsLvkY4X7nQhXFcstqwn3_8h5dvytmb8uN569OOO_6UscNrvFeWUSo0PUsI3BsttZ8BHqQd4ze3vNecIldxRz6gto0j3BijCezZQXyzxggAQKyaUrRpOz56aT9-6Qb_xtxYdhmZz_cpEk9SlFCfIEe0COA4VkmXXkr7FFVOAXs9XPsh3hpb-IeZp9h8iwL2IJeuEwBDZKhbO7As6eR3n0TBPs60oxuiK1uiT75Fwh4sqilDNKzy6D0ivebEi9k33JIGIeENedlFT3SJU1uNQDA4HzOa6qam8vwlFnubGAlnFVyUWU8U0JMpvfcLdVxhyROwmrdTCI1nkNpWPdtE_IP_vEmuTnTLb87ia5OBUrhe18UW9AZPFvKPAydYsX-shp-fQ2Nuz4Vz9T-mAMlDow0_uwMCNLQosDXMdq7PFZCoH3qaT5RX12CI589bwH2qjYCsm3pPeHQ_-qNEtyjsf2_-y_bFhNIMzcDjqJQOpi-xA9AO241oxuhGpXrSSkWR19BnMXqrmM1GX0zOq_SxWnRocVgJ97D9VBPHLhYliCA-L7ZpiJXwoq7NKPQPQF-DAiFcbrjF0J7_cVCljmk93NBWYJ1_fECAELnw2IRZkJrRKCHN5kigoTTrmKhuoXRHprJCmj66iXigCye_l4xZxZguRVY_Fh7ey6upXVL18A3tURxpKSLfBXcFe2w-HpjOoAUb6gMcmFQM0mxrP6rVA0Jr3kyhDMKDZmJmVND59o4Ma3P-DFOHDXoHZYf6PXjhgl-DCt6R-F5dTuCgvmp44tzXbm3IeBcW5tzJ281lfTRrYWz4UQO058-5azyiTvbMnnVsHNs6_MnGDnXoS7M4P-IlbOVqyt29_ATHgQKyCvObDiL67G6D-gh3tpkX0dxqvKH7cJIQSHzwNApejVN6zo73ud6YEwNaoiMfC11R7qJ5bzkboCFjI4SXxbL5yC-kL1Lq4BJbTSgha7FG90uZ_8YYSzRalv2iZHFpAAhKWkVjhvRLpodhE-oSEbIWoQxJNyZQlVhS5PRGe0CgzGAOQaCWkShRzc0Qs7MBY3QztoNOnPHA22eStZc4rYpyiiyq0gXx5iX0iQpCwgutKVxUJeIGbtFsYp8-zRuVOROwNmwWTqXRUsEqexgddK1Go_e3md52szOf1QlRGFnK_yBAl6zR18bY1fvwo_eWKg&sai=AMfl-YRFFBiI8lIVRbUf7zqD1JchY_aa0GizWCE167GLy4D9jjCzdKDOHCqI9uuXLgHaeNSz78w_T8hfes2Vg0DoUIdyOMNq1C9GuddjE2e2okqq8obPPA74oeFJBvU70ydK7hkZUC37LafWtgchyG1FLArEs4jDvDDVfExFhEoIuvAn9p4mp9A15iafsg-vWhPLkCrGlJxKWnSCQMVeGBd1eAx7hmspxHz4vKn0FZZX2K-O4IxMwW0SSBwq13hCbTrJdH8aggQ&sig=Cg0ArKJSzAySMkjV0LU9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=713&vt=11&dtpt=534&dett=3&cstd=175&cisv=r20231004.68188&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 22D7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuaDWplIUj7xOLkkjk-HAE8HKTtTpfgxNnCFZh564Evjyhezyj3lK-SPNEr-AuX-azp63lKV1Zu_O9uUogvRglduajyGA0xavbc-roei4awq4sox0uJbMYevzaygHWJ0_5WHa53_WFbl0C8&sai=AMfl-YTRtxjF4fAm-wZsqukVv9UWwfeHwIhUiJXhVC39SOLjRF5sMm7rgtxs-zAF4Hmex4vydOPFJGTl6FfF4BY38YaBxMjx97fU8s6-vza_lg_OL6GKKfnYyXy4BQi-&sig=Cg0ArKJSzOImV6tcSrxHEAE&cid=CAQSPADICaaNftj1cfeiQqrmNCzUpCkbhjAOzKOg2aDrHlNKYlV1SfKeYTU6cvkO0oPXHTogRR3hYiB_tI-cRxgB&id=lidar2&mcvt=1040&p=1000,199,1250,499&mtos=0,1040,1040,1040,1040&tos=0,1040,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=0.79&if=1&vu=1&app=0&itpl=20&adk=1472875564&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697693988928&rpt=841&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2CB9 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BTJKzJMEwZdfEGc6_9u8PlpGj-AoAAAAAOAHgBAI&bg=!fX6lfjHNAAZy-tsgUvo7ADQBe5WfOD-ExqY4786c8_J7Nf1voHHelGoB7jx9onuTyYL-UVKokD6nmDtYsZ2USilO7Wl2AgAAAiBSAAAACWgBB5kDU7qCdJW0arqHmRWYXhIM8T4yAZFqcmv2IxsTpcXF-m9UMcNq0qA6_r9pSXbCyJMiTbymZBtZd60y-tPWC0f_Imd1vc9FxMbziyyHPmOUpt5I74viZR78s-NmzJgW6vo3e9-4Wr9yPQT0tx_dWbRvHSSGGFJ04Ns6XXhA9em7bUis1d8sG8WRMEBQdKIPvvYMVe0Cm-8rKpyR3esLX2vbgY8XhfJbtxONRx40Aoj9CS_HZdOPlOETGDxasQwJjrGuzMwfcdxwqRhLj61LmlM7dXSdEaPgA_YCURk5aGoe_U9rR6Qulqwq5lm0o2Np6vkmn-YHAatRzMqfSbmM0FactYKG6F34oxRCUaEQfurNlM2guweHa7t1TwobGdd_WiIUnRhYxNFelk8NgXWdRwkpoH4Ngt80RccmKrtWYFmdMNws5J6sMGhPYNUMle1_UWfAAA6Y9oJ1Wn5g7jh_F-M-FV-hNhZ4-XECChPiaDvFT1_TP5pyWOQXb4g2i6dQohZToTixFjFQWl6wzIHiWBsQb_pbFyJlSW_4msjTFyY0FTvDe88s_5JUetaq_vT_5Utk6kcXMT3prvw9lM2JtskNVCN80VdCGWEV6va1TBzmtTBWBCtqPy2xzUravRqapfMFcqekHwWzjmNEE_BUmFKpa_DWT_SOXpy91Py6RZW-IbD7JDiM1g44g7h7PXeoYiq07GcyD8Nb9Jz-lTNSFqhJxtn_PFkozuycgT8s3JKy7--AraIFcjGPFUIJvIWmEoAWkfTTw1w0RsRS81Qf8fjo_YOiD9i5yJ8QriYgFVD9RCyoVUZG0xRCabLlpPYxFdvebGFEI0cWe-VQt_oSOfSauOnJvNFNgTzW6QldbNhVGPZWlZeKaooXVsS-LufpjQQ0Ixcb1enVrL8FIOjCzU2MuYK8LI7Z7rvk9-WlI60wDrJWPvoB-AEbbWAL6k7jmt0BBVDoTsBJCaJ488UmMnj_BadVpkvXtjMdE8MQRSaRUOHKCxVlHuzTAVKF0nrt49A1_nIJpWpuemU2zacNzc7cJNw1_qHv9sfCOFNjgdfNs6ptZ1i6okd7FLoiC7Q5QrlijyLO8nyveA2SjP8X_Xgp3WzQgeu3uyHs9nOrwuVztE41iEil
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2DB2 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bw31gJMEwZdbEGc6_9u8PlpGj-AoAAAAAOAHgBAI&bg=!BgWlBUrNAAZy-tsgUvo7ADQBe5WfOOgQjUzIZ3jBBIM92HcDdj2o-r01FkG4IZybeiTdEzNW8rbK4QS9Q5OQK3YGF2yiAgAAAopSAAAACWgBB5kDVNmYpgKmKKgGAUW6bUrJ-3ukqPklwyIcCpteT1wkV1PDHZOxGe2JEM2qZqskwXlYKnvlEbGtpGYvCKhFEhP3cl6KOZHE7JS6tlywAYjws7E_DLtbXdfSUoBP_m8bTgzU6ivUymkvhuwBFM-GDG7HRGyAoc9iBoA3JvgZMXgqHYDQhlMdZhUeLDrLmBI2Fh24xe_NDAb7Jy5y4lINb23M_ax7VcInCFOAeC0tfnvQeKvaPtSNLtz2LxdhCGk_PxMSyhOGPK0iT13XIxl62LlVschJG0fRIzkgY39Q42u84WYpD4Zj4CSpkTqwhm81gDj0U7_xVU0qUR2PX-vxRE7hCQ1dOO5xqseHe__ahMHXPu9R6UePgtpmXOOCVTO30nF4jx3cVQeQKKpp3gdrsW98gVz-KvsrNM29RSgP9KYxPKepNPbrCALvrZBnPGmj8do8oi_xw6LAQ2STHrdlnYPxmL_fuVZRYYpiwP_GtWBPIkxsvqKDCwDlEqSgwKI7wA-bKVKXboYyEJyLu_8gQJ9acbZbpoaIFo47alMCBbY0YBDBaOX8yfZkMuDsO9sQKdbRFTAtIZ8bxSGed8BcFHXfLUPxnDyewyXNb2uGZyQqU0O17yV6mr8oy5jbb093O5dwnH2Nf5XxsoWF1CvCPsTBNXCYm-0BBzX-xQMfcUi9g_voKgUo97JAbj6ny9Ce0MJsWdPPL7GT1eZdMgHQw0l4Ps_uo2Hv4BnPtHTZ4QTIEDVV3FukfMums8cMuB4AInDsATOlVljLxVDNuHqiD2BZnRWjdZb1B0iwWf72cFC0BQOai1PPDlaaHLYQWJRwn4MCtiacg4Zd2pAdyQ5HGaDA70EdHpOJIRzEhUZaOGP1NHkaoRksW0pd5TAFQENF7Eth4GI-UJ-PkeUWs7lbvk1auQUgL8al1k3Me-WxlXlG2kdQERmTHz_C4TIAUabvSqZ35-0AOw1Tv4dYqF3hhcj4tiVXpnY57B_Cqz9rkVlapTRHZJzLmSbGi9gOBsnKMghiGuuzm3ASakoZyMSd9Ae7IMCGJ_Xa2s44eC1P--D8K60AdbCgZbe-MwXsDZ-zD4Hma68QjGmb8f8mJb0WJlPTmUgzwC4mYuo5RsyFlhQZxbMEUl2kfg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 096D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 05:39:51 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 140E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 05:39:51 GMT
verify.js
rtb0.doubleverify.com/ Frame C82D 		441 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_85475422578&jsTagObjCallback=__tagObject_callback_85475422578&num=6&ctx=11655933&cmp=1623176&plc=68648309&sid=1366186&advid=&adsrv=&unit=160x600&isdvvid=&uid=85475422578&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=118&bridua=3&dup=null&ppid=111&auevent=0&auadv=165376&aucmp=1623176&aucrtv=60898800&auorder=2010169&auplc=6994694&auadid=1366186&aufilter1=165376&autt=1&c1=VF-DE+Deutschland&c2=DE_23_AO_P_M_G_F_cic-215-fix----per-fng-dive-DSL_all_funnel_Tracking_PER&c3=RT_PD_F-215-dsl-all-PRE-Tracking&c4=dsl250_gesamtersparnis_231005_tf177a_320x1200&c5=Doubleclick+DBM&c6=1447160&c7=Doubleclick+DBM+(Media)&c10=DV360_AO_AL_1st_BNR_CM_dsl-100-tracking&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&prr=1&m1=13&noc=4&fcifrms=26&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=169&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DH2%3D%3D2%5D4%40%5D%3A%3DTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DH2%3D%3D2%5D4%40%5D%3A%3DTar9EEADTbpTauTauf26gg32h4434_b2_d7dg572ga5dc4gc4%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=7.30&aubndl=&audeal=&c8=&turl=&c9=&callbackName=__verify_callback_85475422578
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
f3843eb7f05722457207c69c42503cdc327f8bb20e4a077c5910f7df6316ccb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 05:39:51 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
10/18/2023 05:39:51
verify.js
rtb0.doubleverify.com/ Frame 3085 		441 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_71100339276&jsTagObjCallback=__tagObject_callback_71100339276&num=6&ctx=11655933&cmp=1623176&plc=68648317&sid=1366186&advid=&adsrv=&unit=970x250&isdvvid=&uid=71100339276&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.10&dvpx_strhd=0.10&brid=3&brver=118&bridua=3&dup=null&ppid=111&auevent=0&auadv=165376&aucmp=1623176&aucrtv=60898808&auorder=2010169&auplc=6994694&auadid=1366186&aufilter1=165376&autt=1&c1=VF-DE+Deutschland&c2=DE_23_AO_P_M_G_F_cic-215-fix----per-fng-dive-DSL_all_funnel_Tracking_PER&c3=RT_PD_F-215-dsl-all-PRE-Tracking&c4=dsl250_gesamtersparnis_231005_tf177a_1940x500&c5=Doubleclick+DBM&c6=1447160&c7=Doubleclick+DBM+(Media)&c10=DV360_AO_AL_1st_BNR_CM_dsl-100-tracking&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&prr=1&m1=13&noc=4&fcifrms=26&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=169&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DH2%3D%3D2%5D4%40%5D%3A%3DTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DH2%3D%3D2%5D4%40%5D%3A%3DTar9EEADTbpTauTauf26gg32h4434_b2_d7dg572ga5dc4gc4%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=3.80&aubndl=&audeal=&c8=&turl=&c9=&callbackName=__verify_callback_71100339276
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
6228d4273501c79b8dc6b1fb238bc93ab5e151992b656234a733d9819d334855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 05:39:51 GMT
Content-Encoding
br
X-DV-Response
0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
10/18/2023 05:39:51
sid
mug.criteo.com/ Frame 1BD2
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=t2RYC3w1SDVvNDNUdkNBcGFVaGN0QmV1cFMvekI3VzBBUStsMHBkYmtiR2JQL2xFbFpZK3g4dkxJOUwzVHU0M2FBSGtwZm5zdWxMcGl2eXNZSHBMbFZYR1RWSE5IQXNrQmthMWxFd2I4ZU5vd1NRMG56MjNJY1drVVBQd2...
430 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=t2RYC3w1SDVvNDNUdkNBcGFVaGN0QmV1cFMvekI3VzBBUStsMHBkYmtiR2JQL2xFbFpZK3g4dkxJOUwzVHU0M2FBSGtwZm5zdWxMcGl2eXNZSHBMbFZYR1RWSE5IQXNrQmthMWxFd2I4ZU5vd1NRMG56MjNJY1drVVBQd29zclBVK0FYUTN0RDFKclFtU3JXZ3N0ZTFHOGJEMFlTL2lYOXV1NUk5MFpDcnpWMjQ0QlRRd3FrQWwzakJDTXErVjVCcnFtaDJCeDFLWXRoTFlHSmFWZTlna29vbjFvNXZYVGdOZmo4MEJ5RnZrdUlqTVFISWloZXVaNWZ6MVMyVVp1NHN3MHRKYmM2VXNVVmVrb0xJUWJqMXUrWEhzUT09fA&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
777e307410bee98b008a939a77f05b5d6f15d9087455c09fc900aee9e700e4dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:50 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
856476
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=t2RYC3w1SDVvNDNUdkNBcGFVaGN0QmV1cFMvekI3VzBBUStsMHBkYmtiR2JQL2xFbFpZK3g4dkxJOUwzVHU0M2FBSGtwZm5zdWxMcGl2eXNZSHBMbFZYR1RWSE5IQXNrQmthMWxFd2I4ZU5vd1NRMG56MjNJY1drVVBQd29zclBVK0FYUTN0RDFKclFtU3JXZ3N0ZTFHOGJEMFlTL2lYOXV1NUk5MFpDcnpWMjQ0QlRRd3FrQWwzakJDTXErVjVCcnFtaDJCeDFLWXRoTFlHSmFWZTlna29vbjFvNXZYVGdOZmo4MEJ5RnZrdUlqTVFISWloZXVaNWZ6MVMyVVp1NHN3MHRKYmM2VXNVVmVrb0xJUWJqMXUrWEhzUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
244570
content-length
0
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 42AB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv86jtjH1jjriSP9I_cRpt1Uf1OzkEYzZyHc-IGG428JC3yd3XkN5IDUurJ11LPMRPuSx63P_ppWUnOglW_Ao6eYSfIB-q3nymb3Na4qI9OfP0dC3PRhzme01jy1TrHG31z_WAABih70y9L&sai=AMfl-YQz7aZtICsOt423EUb-llfP7LPesTmTJ7YcNVQA50sxA5pl5FKO8HHEvp2NyJFZ92k_xpdnu9ONy-E0mnKcByN6i8Ro46icfbSrm4ZdZAg9Tkv3IzGYIl94HtQB&sig=Cg0ArKJSzI2wQe4bcjSQEAE&cid=CAQSPADICaaNftj1cfeiQqrmNCzUpCkbhjAOzKOg2aDrHlNKYlV1SfKeYTU6cvkO0oPXHTogRR3hYiB_tI-cRxgB&id=lidar2&mcvt=1074&p=1000,515,1250,815&mtos=0,1074,1074,1074,1074&tos=0,1074,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=0.79&if=1&vu=1&app=0&itpl=20&adk=1717219177&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697693988881&rpt=1278&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame 5958 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:03:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
41793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 18:03:18 GMT
3615485-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/3/6/1/5/ 		220 KB
220 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/3/6/1/5/3615485-46.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
3cfff8f06a3958e9a07be1a433dd5093773d814d58ed819104eeb167ed4b0521

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:35:17 GMT
via
1.1 google
age
274
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
225164
3613138-46.png
images.wcdn.co.il/f_auto,q_auto,w_800,t_18/3/6/1/3/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_800,t_18/3/6/1/3/3613138-46.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8d5243bf693f78b16447afb204d38ba6bc49a664f650f81efb74e88dc39f0566

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 03:36:32 GMT
via
1.1 google
age
7399
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38432
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame DA27 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 18:03:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
41793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 18:03:18 GMT
json
gum.criteo.com/sid/ 		2 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:50 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
200416
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 19 Oct 2023 05:39:50 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
185488
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame FD28 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cR0USG9OKr6ykwaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP019 /
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 19 Oct 2023 05:39:50 GMT
server
33XP019
x-33x-status
2000208
/
onetag-sys.com/usync/ Frame 2CC2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1697693987786
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame C478 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 19 Oct 2023 05:39:51 GMT
ETag
"623de86a-cf34"
Expires
Fri, 20 Oct 2023 05:39:53 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1DEF 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=32768
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 19 Oct 2023 05:39:51 GMT
expires
Thu, 19 Oct 2023 14:45:59 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
csync.smilewanted.com/ Frame 88FF 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd1e9edd3c829dc764f14e0dfe22e77bce84d68bd39beb88fafda014aedbebfd

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8186aed66eb72bb6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 05:39:51 GMT
server
cloudflare
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 07AE 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
685
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8186aed6ba971e56-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 05:39:51 GMT
expires
Thu, 19 Oct 2023 09:39:51 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pd
pixelgroup-d.openx.net/w/1.0/ Frame 3E57 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixelgroup-d.openx.net/w/1.0/pd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 19 Oct 2023 05:39:51 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 07D9 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.125.233 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-125-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 19 Oct 2023 05:39:51 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 7F57 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1697673600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 19 Oct 2023 05:39:51 GMT
bsevent.gif
rtbc-ew1.doubleverify.com/ Frame C82D 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=087b65536fe745a1b3efbbae8d019c3f&vfdur=149&cbust=1697693991432822
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
Pragma
no-cache
Date
Thu, 19 Oct 2023 05:39:51 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-10-18T05:39:51
/
track.adform.net/adfserve/ Frame C82D 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=68648309;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=20567029375&extPm=20567029375&extCr=524343308&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CmnehJMEwZdPEGc6_9u8PlpGj-AqegLTUc_PanpacEpizlZhDEAEg0ZPDKmCV4pCCoAegAYbHmLcpyAEJqQIepVwe1KyxPqgDAcgDmwSqBKQCT9BPyiTdIzbjmhdAs1lgKnjZvHjbQgLgaTkvi6-L-Trm4Yjg_iRTNSgtjnJePEoem1LO4neCd_s3L8r0sIKnd-QeqZcUdeKwkLnQeW-Os2rlG1Nxiu6LfIKPBk9IcKluNxdpTwxXu0JhP2tIhxTKLJB11_b0xDJwauE6ADgHl4UiSk3bPthwt3jNRzwv3lW3IQIner-iRnKsKBExbonpOeQffGASp7LGZSy_-kQ5Lucw_XE9smy9A5BzMmMsTi4OCAHR7cWlUtySRJ-aunbiB0OxFzCmi740DtRKYYCdtLc0TNqtHaELR0YMjzEHyT3zMZZQCyPxTB9PoeynpYUJaL5sw4T-afX3k-rExgbK6pjSe6YMiO2bJTu2PhK627zv6mL_BsAE2czu7sYE4AQDiAX_7I_PTJAGAaAGTYAHhv_olgSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAaoNAkRFyA0B4g0TCOzI9fiygYIDFc6f_QcdlsgIr7ATn_2VFdATANgTDdgUAdAVAfgWAYAXAQ&ae=1&gclid=EAIaIQobChMI0-b3-LKBggMVzp_9Bx2WyAivEAEYASAAEgJXu_D_BwE&num=1&cid=CAQSPADICaaNftj1cfeiQqrmNCzUpCkbhjAOzKOg2aDrHlNKYlV1SfKeYTU6cvkO0oPXHTogRR3hYiB_tI-cRxgB&sig=AOD64_2niRJ5SEkqIKtInNEmcMxm7RFOgg&client=ca-pub-4491659496372172&dbm_c=AKAmf-BQbNW2sGre_GuQL1WrBsJPRkwOtSBjlY6GDboRSxl0RJK5CCl27RrMQU1YJJou1UgHAZpbxcXVNA9FcNy21RHxx1avPOCCZWjUIfauZ3O8TxW6_gZ3YtKgHl9MoHz8ufaq-GJv9QTvBzLKr2jNnUZXCIJGKrNtv6dMQJaOHe24939kLNQ&cry=1&dbm_d=AKAmf-Bbs0o7NdlAd_DslDeiNVowVnUpokK45pnGvWUORxLnKD72gdXScMVyzLI9WaCqL6TUBOOU9mOUdKHYS8ajyPj56x5v3k43jBGryojjE9gvUCLSL7QagdFZ4Jve5SG_C8_4ZZ8KlG0zSq7lKmx1oCSO6rvvCFg2YvkyQuT03V4areZvCgeIBaF0ZJXZ2Eg85R2ZMVcl_R9HRliABLJ8Gzp53KMG7ZEynGm1fBxK6SaZK1Toa8YMMglVlGeX1M889QGFSUIZq3lsoxRfJ0cT626q-JcZWwBulTVXuC5k-TaqdjKuwkxpvMhiRwCXJwp86i7ulFeKBzxLqFpiw5lor6HS6Ier8Ve75VQodSLhxa5aRuAi5rOC3-eJudq5npZIHHb4056PpZBRhfFzudvWnDAXJbbxR84N0PytiDQWosdVk01Yyr3-F30BazTxYH0XHgjpbMU4wGwWjS6CPsalrLJRvDYJHkjpDLnl-II6oIKZmxmPO78Xtfcksw5gNbJEoBfFXOyxV9hCbnQ-RxCOilpbLSD6Iyw062hFZR0qLHN2Fcm7_fs&adurl=;js=1;adfxid=1x;616;set=en-US|en-US|1600X1200|0|150|600|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0&CREFURL=https%3A%2F%2Fwww.walla.co.il
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c2fb25a89c86a2ad66418bffa25454d051deea5ef9871370619c825e89ae1f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
4351
expires
-1
bsevent.gif
rtbc-ew1.doubleverify.com/ Frame 3085 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=f10af230f3c8492089cc68160203aef3&vfdur=144&cbust=1697693991434751
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal122.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
Pragma
no-cache
Date
Thu, 19 Oct 2023 05:39:51 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-10-18T05:39:51
/
track.adform.net/adfserve/ Frame 3085 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=68648317;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=20567029375&extPm=20567029375&extCr=524347186&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CgVAOJMEwZdTEGc6_9u8PlpGj-AqegLTUc5PcnpacEpizlZhDEAEg0ZPDKmCV4pCCoAegAYbHmLcpyAEJqQIepVwe1KyxPqgDAcgDmwSqBKgCT9CHfPNHaLmUclXS6Ksz1kfUC6DjEFf7ormcRrLmoHFWGolkwvHNUT-HT7goQ0j9EJy21daGYlkpKNeI0ftcYm7Vymtg_lfpZz9oc1ZTnVYIMD01JN9luOHQDc4XKjgCX500mjq3WccvdgvvRpUfoNgjjO-36hEsYY8U7OiTM1qFP9j60EvCrxvDK7gb3bo8NjqMA1sR-ECy_DmnwuKLt2_Y13mNKpX_pcFfuOqDdWvXm9oRC8V3ql69nRqbU_0VtH60yWKE2-cxNS6cwvq1Eqh20nfnUaWGtZ7e_To8k9ZdQA23TEt89V3rues-HEppaw5fwV42suHuvHCy93ICC9nPtiOEsFXpwI-GgjaP_phIbuJ4Et1-pL8SQBrbvHJyovQT6OE6KELABNnM7u7GBOAEA4gF_-yPz0yQBgGgBk2AB4b_6JYEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAeINEwjtyPX4soGCAxXOn_0HHZbICK-wE5_9lRXQEwDYEw3YFAHQFQH4FgGAFwE&ae=1&gclid=EAIaIQobChMI1Ob3-LKBggMVzp_9Bx2WyAivEAEYASAAEgIusvD_BwE&num=1&cid=CAQSPADICaaNftj1cfeiQqrmNCzUpCkbhjAOzKOg2aDrHlNKYlV1SfKeYTU6cvkO0oPXHTogRR3hYiB_tI-cRxgB&sig=AOD64_3lNJQ7yH7ZPght9vPPJPqXru2_5Q&client=ca-pub-4491659496372172&dbm_c=AKAmf-A8vLQG3fqlhkA6KUBUIML2dlNaHiaUgpy1swSZP-elJMSPuDZqfAfkdeF22OcfbOsfP6Cu4Sz-W2vYNljBYRHvTelZcczcv7c0rqs0Y3aXTLujr28rDiC38qnQztToUgpLeceCmA3DJ2xgAYGUdkxb0ESqJEKTawg4uF_055LON7TlGrw&cry=1&dbm_d=AKAmf-C09DetuHPpcs1vL4-bkb_1Bn1cVO-mshKdCdsmeuqD2W__ZW74_r_4AQAE5iNnqIfE8857NaCvOAYQebiDEVdu4ILc5kq0IC21Vmco2WfTcNPZKWtQvuCpOluZkF-ek0kaX8cndAi5Kza0bUL98qLajkUu1EnJ8nrTmZH7b1moo6LN1pj1tXDth_Im15zdl8vDlWN5Y6ZbE62xO-dOR8l8cZK18O4VZQjNLxcFUAIA1E3YmvO-SkukEMfgl93KzUHOuXDIiYjMpUtFzJeHrgU1_ToPJwoA5_gr645u4PjPVoyc8fCqFfojlOBPtLjZVSyHW5XaxYF5zJ7q9xTZOTkQd2GdIAYt4x0BRxDjOhAYrsxFji3mJtGWuI95DVglf8VNR619kS9sskpMuzCd46vuaWl8ro0lHnT2daW8F0fRPxZYelSFn7qeaeIyDdRzkEQTEKiFZXTKS-Thb4XMih-WtDmVTP0pY5jVslf9AZcUKkeV88T9ex_YK8LxiscQIv4v6jjJYsQKvMF7P2meeQ8MG21APoOg3GMx3ryzfOCXsJRLi2E&adurl=;js=1;adfxid=2x;10848;set=en-US|en-US|1600X1200|0|950|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0&CREFURL=https%3A%2F%2Fwww.walla.co.il
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
dd83d427f5dab59eb3cf8e541cb699a4f12865b43867419727a168661272d987
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
4362
expires
-1
PugMaster
image6.pubmatic.com/AdServer/ Frame 1DEF 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=28217219&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
15fb2e29fb82ac82ebe43962d083ae2775e0f456eb63f0bda0a90c2e707f727a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 05:39:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 07D9 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.125.233 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-125-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a786eedcf83a698e8b0db6119c78106b8c8f5bce44ffdae8f65c6b60b3cbf20d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 05:39:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Oct 2023 17:35:22 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42957
Connection
keep-alive
Content-Length
11124
Expires
Thu, 19 Oct 2023 17:35:48 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame C82D 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=11655933&cmp=1623176&sid=1366186&plc=68648309&advid=165376&app=&sup=&adsrv=178&region=40&btreg=68648309&btadserv=adform&crt=60898800&crtname=dsl250_gesamtersparnis_231005_tf177a_320x1200&dvtagver=6.1.src&turl=&DVP_ADTYPE=Image&DVP_LINE=6994694&DVPX_IMPID=788979781835454648&DVPX_GUID=6964033605059843123&DVPX_CDID=&DVPX_LAT=49.3805&DVPX_LONG=10.17853&DVPX_PAGE=https%3a%2f%2fwww.walla.co.il%2f
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b1a22bca2e94ac819868674685b19dacadb2888e6099876d6e101ccaf2b17993

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 05:39:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Oct 2023 12:35:35 GMT
Server
UploadServer
ETag
"feed0819b127152e53765dac6c4fa8da"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3638
Expires
Thu, 19 Oct 2023 05:54:51 GMT
csp.php
vfd2dyn.vodafone.de/csp/ Frame C82D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vfd2dyn.vodafone.de/csp/csp.php?b_id=1779&r_id=htlp&rnd=86666
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.233.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-233-134.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
dvtp_src.js
cdn.doubleverify.com/ Frame 3085 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=11655933&cmp=1623176&sid=1366186&plc=68648317&advid=165376&app=&sup=&adsrv=178&region=40&btreg=68648317&btadserv=adform&crt=60898808&crtname=dsl250_gesamtersparnis_231005_tf177a_1940x500&dvtagver=6.1.src&turl=&DVP_ADTYPE=Image&DVP_LINE=6994694&DVPX_IMPID=8582488625571265978&DVPX_GUID=6964033605059843123&DVPX_CDID=&DVPX_LAT=49.3805&DVPX_LONG=10.17853&DVPX_PAGE=https%3a%2f%2fwww.walla.co.il%2f
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b1a22bca2e94ac819868674685b19dacadb2888e6099876d6e101ccaf2b17993

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 05:39:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Oct 2023 12:35:35 GMT
Server
UploadServer
ETag
"feed0819b127152e53765dac6c4fa8da"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3638
Expires
Thu, 19 Oct 2023 05:54:51 GMT
csp.php
vfd2dyn.vodafone.de/csp/ Frame 3085 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vfd2dyn.vodafone.de/csp/csp.php?b_id=1779&r_id=htlp&rnd=97421
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.233.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-233-134.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame C478 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:51 GMT
an-x-request-uuid
c0c0c673-1e58-4490-a931-e90d53ddec64
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.117.78; 146.70.117.78; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 7297 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cabde8d11beb58288140384f920916529a73196edded95774f80415238a7805a

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8186aed858199232-FRA
content-encoding
br
content-type
text/html
date
Thu, 19 Oct 2023 05:39:51 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4fWkygy%2BaJCcDgVB0ms%2BeIkKAOM%2BfMBN%2FBvnHH0HJP7ei2uw4Ury79LuNoEQaksA5QDU93jtZl12vDFDxzewD78lCHofz9r0HD%2FUtqbLyM86K7ClIvSOljzQp7QPjaP7dZ3X0bg9ZO6ig%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 88FF 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
512308
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
8186aed8689b2bb6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
khaos.json
token.rubiconproject.com/ Frame 07D9 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
Standard
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame C82D 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6a7cb0658f337f9336a51e5429d5bf42e112f550f4562cedc0ce2053f0b1b9bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:51 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:27:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 17 Oct 2023 16:09:59 GMT
Standard
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 3085 		85 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6a7cb0658f337f9336a51e5429d5bf42e112f550f4562cedc0ce2053f0b1b9bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:51 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:27:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 17 Oct 2023 16:09:59 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 7297
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTDBJYSuXZ0b0UlPSVd-0QAAFFMAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOzkahyAOeSmm5vUc2zglh0&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOzkahyAOeSmm5vUc2zglh0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rFv%2FaiVkMAxvB03cTSIwoVLlRmBUA3t2q0gJCnFJUeich5KJ6e0bghshZG9Ic3SW3ovX%2B5PGFHLDh0exCAYt8pTyLDt9CdTD1k0uTYOWNbeK0WzqXeeTEEAWY2TT5uj%2F1i0YHbSUXxodw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8186aed909fd35f0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOzkahyAOeSmm5vUc2zglh0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 7297
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTDBJYSuXZ0b0UlPSVd-0QAAFFMAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTDBJYSuXZ0b0UlPSVd-0QAAFFMAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTDBJYSuXZ0b0UlPSVd-0QAAFFMAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 05:39:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M9KF94EF9K57PPKM3TGS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 05:39:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YZ89H5161GBD8BKK6QNS
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTDBJYSuXZ0b0UlPSVd-0QAAFFMAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 7297 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:51 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 7297
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8077843172889582107
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8077843172889582107
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43sHyTQHZ6sw0uoCjuexstK7%2FA3AsgJAgO6LWs9rorSuEUv5X332z9H3V7xAgofnObM4bsqNIMNZy9Yb9e5P2QOJSwXEReIV4gzksxOtKI1knccx%2FUIVXWLZs%2BUea3sPrIXomsdpGaDYaA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8186aed9cabb35f0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:51 GMT
an-x-request-uuid
ca51d9ce-933f-4e40-b420-da76b58c87b4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8077843172889582107
x-proxy-origin
146.70.117.78; 146.70.117.78; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7297
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=4EB861DAAE7B42B8B43C8819195C7E0A
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=4EB861DAAE7B42B8B43C8819195C7E0A
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwbHqlqFxxHVwVpFw80fWwRO18UPpeq6WHql3wLPNhgQidnXvpAO5gTrzIMoXpbmSkCJaHM9kfy%2ByS4KQT5HUntobLkFvGv6Vnnz%2B5XDQEUiuDVK2FOvK9e8WADSyofwSsNpTEsE33y92A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8186aed9fae635f0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 19 Oct 2023 05:39:51 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=4EB861DAAE7B42B8B43C8819195C7E0A
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 18 Oct 2023 05:39:51 GMT
rum
dsum.casalemedia.com/ Frame 7297
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1697780392
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1697780392
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRGwcl%2F26kYkvfHKL3G%2BQn%2B%2BWt7f45YuCkidV95n0J1ZZRvQ4ikKAhl8grI80aO9ve1PhumM2WENX9hrJ7JM6b6YzZ%2BdwPDYhwxcTeIldKQcNR1ZPjvdmph9iEXaQsFapKiVTFZc"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8186aeda796f9232-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1697780392
pragma
no-cache
date
Thu, 19 Oct 2023 05:39:52 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 7297
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=PNCGG2nUhxwngNcTMtyYGjzUhRgnh9FNOtWbs1e-
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=PNCGG2nUhxwngNcTMtyYGjzUhRgnh9FNOtWbs1e-
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6TjkrCtXnS5QNATMNh9j9Y0oEKuukkKV8CzoSz0H0F7FT9IdpeKuwkvGQR%2FGYMbcXd5utTY6ttg841JubtKDp3WAfqsM0JOBy2SEfido20aPxpyc4CXtUgP42vAENLiSf4QbpEFRCJOmgw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8186aed9fae535f0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=PNCGG2nUhxwngNcTMtyYGjzUhRgnh9FNOtWbs1e-
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 7297 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 19 Oct 2023 05:39:51 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 7297 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZTDBJYSuXZ0b0UlPSVd.0QAA%265203
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:51 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
43238
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8186aed99dc41e56-FRA
content-length
43
expires
Fri, 20 Oct 2023 05:39:51 GMT
dv-measurements4826.js
cdn.doubleverify.com/ Frame 5962 		420 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements4826.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
a5e299a85a9b163a13f8922e875d903e3886d98af3007f64e3b106b0fd4486c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 05:39:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Oct 2023 07:56:38 GMT
Server
UploadServer
ETag
"a1cf6f2436096e7eb8c6981432e7fc1c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
101065
Expires
Fri, 18 Oct 2024 05:39:51 GMT
dv-measurements4826.js
cdn.doubleverify.com/ Frame 7D79 		420 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements4826.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
a5e299a85a9b163a13f8922e875d903e3886d98af3007f64e3b106b0fd4486c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 05:39:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Oct 2023 07:56:38 GMT
Server
UploadServer
ETag
"a1cf6f2436096e7eb8c6981432e7fc1c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
101065
Expires
Fri, 18 Oct 2024 05:39:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 42AB 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5337946251093&version=m202309260101&ct=119&x=1&cor=9672159996367940000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 40A2
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 19 Oct 2023 05:39:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:39:51 GMT
expires
Thu, 19 Oct 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1017381
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 5516
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=98B12778-86D1-46D7-9B76-57EC3E77AA22&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=98B12778-86D1-46D7-9B76-57EC3E77AA22&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=98B12778-86D1-46D7-9B76-57EC3E77AA22&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 19 Oct 2023 05:39:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
NTK4JSY18G96EDSQ80GS

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 19 Oct 2023 05:39:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=98B12778-86D1-46D7-9B76-57EC3E77AA22&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ATKHFJEANM35X5ZFZGKE
Pug
image2.pubmatic.com/AdServer/ Frame E0FB
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=IWywvnRosbk6POG2JDquuS8_4Lg6O7W_L2laPhz-
42 B
419 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=IWywvnRosbk6POG2JDquuS8_4Lg6O7W_L2laPhz-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 19 Oct 2023 05:39:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 19 Oct 2023 05:39:51 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=IWywvnRosbk6POG2JDquuS8_4Lg6O7W_L2laPhz-
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1DEF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mLEneIbRRtebdlfsPneqIg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:51 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=32768
accept-ranges
bytes
content-length
5606
expires
Thu, 19 Oct 2023 14:45:59 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 1DEF 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=98B12778-86D1-46D7-9B76-57EC3E77AA22&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.195.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-195-217.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:52 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.18.91
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 1DEF
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=939809072
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=98B12778-86D1-46D7-9B76-57EC3E77AA22
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=98B12778-86D1-46D7-9B76-57EC3E77AA22
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:51 GMT
via
1.1 google
last-modified
Thu, 19 Oct 2023 05:39:52 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=98B12778-86D1-46D7-9B76-57EC3E77AA22
date
Thu, 19 Oct 2023 05:39:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 1DEF
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=98B12778-86D1-46D7-9B76-57EC3E77AA22
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NGQyY0lyTXhDeU5UOEtaUnJnTURtTkZKdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=6964033605059843123&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Server
52.214.195.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-195-193.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Thu, 19 Oct 2023 05:39:53 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 19 Oct 2023 05:39:53 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 1DEF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OThCMTI3NzgtODZEMS00NkQ3LTlCNzYtNTdFQzNFNzdBQTIy&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 19 Oct 2023 05:39:52 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1DEF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPKwCA_RJ9z-bX1kNfVms18&google_cver=1
42 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPKwCA_RJ9z-bX1kNfVms18&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 19 Oct 2023 05:39:52 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPKwCA_RJ9z-bX1kNfVms18&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 1DEF 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:51 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 18 Oct 2023 05:39:51 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1DEF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6964033605059843123
42 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6964033605059843123
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 19 Oct 2023 05:39:51 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6964033605059843123
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 1DEF 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:51 GMT
server
Kestrel
content-length
70
content-type
image/gif
98B12778-86D1-46D7-9B76-57EC3E77AA22
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1DEF 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/98B12778-86D1-46D7-9B76-57EC3E77AA22?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:c184:4582:9358:8e30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame 1DEF 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=98B12778-86D1-46D7-9B76-57EC3E77AA22&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2042 		1 KB
645 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72587
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 09:30:04 GMT
etag
48472445140208031
expires
Thu, 19 Oct 2023 09:30:04 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C82D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
655b4a3ffc494917a9f6211588414d4945b0dd5960d56959d6764671a467fa99

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5510 		1 KB
645 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
72587
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Oct 2023 09:30:04 GMT
etag
48472445140208031
expires
Thu, 19 Oct 2023 09:30:04 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3085 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaaa905013593b2f16a20ec416600696eb431faa30a5fb26eddf0fe4003612ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
/
track.adform.net/csimpr/ Frame C82D 		35 B
626 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=68648309&csi=DsxD8wD5I0Ldxa0sC4KkZian3oNKD7bUSHmvKE6cyxYJDwKV3Zer3BswLCFDWxibGNu33e08N4lj2bYLtwiq496vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
60898800.gif
s1.adform.net/Banners/60898800/ Frame C82D 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/60898800/60898800.gif?bv=3
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1a767c478d42ae05cb2e51638c0c45c0dd763e10c234b64e772b898498340d82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:52 GMT
last-modified
Mon, 09 Oct 2023 13:53:22 GMT
server
nginx
x-amz-request-id
tx00000e5d6bfd3544029e1-006530a9c7-3295cc06-default
etag
"6ed459ca99ba13fcdf144dceedf55c1a"
x-cache-status
HIT
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
58715
drop_cookie_sw.php
csync.smilewanted.com/ Frame 53F4 		0
541 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8186aedacae42bb6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 05:39:52 GMT
server
cloudflare
vary
Accept-Encoding
/
track.adform.net/csimpr/ Frame 3085 		35 B
626 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=68648317&csi=xaJkIlRq9_YdrqA2X9TVPoL4ak1BwhICSHmvKE6cyxYJDwKV3Zer3BswLCFDWxibQDUC3v0qX9hgzfywyIKdkd6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
60898808.gif
s1.adform.net/Banners/60898808/ Frame 3085 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/60898808/60898808.gif?bv=3
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
367e775f24af0e4c27e10da6675c3fe1e434a602b15cee78cf1d5e2c409ce641

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:52 GMT
last-modified
Mon, 09 Oct 2023 13:53:23 GMT
server
nginx
x-amz-request-id
tx0000022de6dc7e679793a-006530a9c3-3295f919-default
etag
"da595c66808e89874d09e5a01437ff89"
x-cache-status
HIT
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
66487
visit.js
tps.doubleverify.com/ Frame 5962 		694 B
734 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=337&ttfrms=29&brid=3&brver=118.0.5993.88&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DH2%3D%3D2%5D4%40%5D%3A%3DTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DH2%3D%3D2%5D4%40%5D%3A%3DTar9EEADTbpTauTauf26gg32h4434_b2_d7dg572ga5dc4gc4%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=2802&ddur=15&uid=1697693992174290&jsCallback=dvCallback_1697693992174607&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=160&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4826&tgjsver=4826&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=35&brh=2&dvp_epl=227&noc=4&nav_pltfrm=Win32&ctx=11655933&cmp=1623176&sid=1366186&plc=68648309&crt=60898800&btreg=68648309&adsrv=178&advid=165376&crtname=dsl250_gesamtersparnis_231005_tf177a_320x1200&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&region=40&btadserv=adform&DVP_ADTYPE=Image&DVP_LINE=6994694&DVPX_IMPID=788979781835454648&DVPX_GUID=6964033605059843123&DVPX_LAT=49.3805&DVPX_LONG=10.17853&DVPX_PAGE=https%253a%252f%252fwww.walla.co.il%252f&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=49935565968.34121&ee_dp_sukv=49935565968.34121&dvp_tukv=164552308375.81335&ee_dp_tukv=164552308375.81335&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_tuid=63470462751&jurtd=3709389695
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4826.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
8bee87c4a46551bd6bafebe418dae0cef6c347a7f558fea151ad74b3537e4479

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 05:39:52 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
10/18/2023 05:39:52
visit.js
tps.doubleverify.com/ Frame 7D79 		694 B
730 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=366&ttfrms=6&brid=3&brver=118.0.5993.88&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DH2%3D%3D2%5D4%40%5D%3A%3DTauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DH2%3D%3D2%5D4%40%5D%3A%3DTar9EEADTbpTauTauf26gg32h4434_b2_d7dg572ga5dc4gc4%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=2785&ddur=15&uid=1697693992211796&jsCallback=dvCallback_1697693992211633&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=970&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4826&tgjsver=4826&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=35&brh=2&dvp_epl=227&noc=4&nav_pltfrm=Win32&ctx=11655933&cmp=1623176&sid=1366186&plc=68648317&crt=60898808&btreg=68648317&adsrv=178&advid=165376&crtname=dsl250_gesamtersparnis_231005_tf177a_1940x500&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&region=40&btadserv=adform&DVP_ADTYPE=Image&DVP_LINE=6994694&DVPX_IMPID=8582488625571265978&DVPX_GUID=6964033605059843123&DVPX_LAT=49.3805&DVPX_LONG=10.17853&DVPX_PAGE=https%253a%252f%252fwww.walla.co.il%252f&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=557879361494.6051&ee_dp_sukv=557879361494.6051&dvp_tukv=182793432.41946816&ee_dp_tukv=182793432.41946816&dvp_strhd=0.10000228881835938&dvpx_strhd=0.10000228881835938&dvp_tuid=986923383301&jurtd=4183151196
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4826.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
20242c7709ca797605916d52b3e1cc2be26feeab98ba44d18ad975942a98f6f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 05:39:52 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
10/18/2023 05:39:52
/
onetag-sys.com/usync/ Frame A416 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pixel
cm.g.doubleclick.net/ Frame 2042
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDKE3GwKsYDmD1v0KnJBp8M&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDKE3GwKsYDmD1v0KnJBp8M&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bkV5S01vR3YxUVRsTGE1&google_gid=CAESEDKE3GwKsYDmD1v0KnJBp8M&google_cver=1&google_push=AXcoOmQclir2xPswu_hBaXmtgc9RSVQOXLN3V1qcTXZMhNP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bkV5S01vR3YxUVRsTGE1&google_gid=CAESEDKE3GwKsYDmD1v0KnJBp8M&google_cver=1&google_push=AXcoOmQclir2xPswu_hBaXmtgc9RSVQOXLN3V1qcTXZMhNPDhG3QStLn6gGO9pDoInYEf1e1NPpEzZbp97K7QgkM3UPcIcG1Cbpl
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 19 Oct 2023 05:39:51 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-0e647d20a74bb4317@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bkV5S01vR3YxUVRsTGE1&google_gid=CAESEDKE3GwKsYDmD1v0KnJBp8M&google_cver=1&google_push=AXcoOmQclir2xPswu_hBaXmtgc9RSVQOXLN3V1qcTXZMhNPDhG3QStLn6gGO9pDoInYEf1e1NPpEzZbp97K7QgkM3UPcIcG1Cbpl
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 2042 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGt1ZZDIW7CjIbIM4GWYiYg&google_cver=1&google_push=AXcoOmS4Spd13Hnn-PNJpKQyt-c0y3Bj4qjaWWvrfJ5I9dNEvlYKnP9dH8uyculj9l55ax17a-3saifT4bL-3imOxqEbRTuHqCo
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.71.157.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-157-32.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 2042
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEK0Xbdr5r73m3QJ4DWVpVtI&google_cver=1&google_push=AXcoOmRR54hrHyjfLb1gUrwNg9r9qWu87SeBvV62PSuLx6ogqsmzD6BeSa7ZHvuuBj9iQ1E4IQT...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5XUjYwRFUtVi1GTDlL&google_push=AXcoOmRR54hrHyjfLb1gUrwNg9r9qWu87SeBvV62PSuLx6ogqsmzD6BeSa7ZHvuuBj9iQ1E4IQTmHhCJAMGKkRUVDVRELIdX-VlI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5XUjYwRFUtVi1GTDlL&google_push=AXcoOmRR54hrHyjfLb1gUrwNg9r9qWu87SeBvV62PSuLx6ogqsmzD6BeSa7ZHvuuBj9iQ1E4IQTmHhCJAMGKkRUVDVRELIdX-VlI
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5XUjYwRFUtVi1GTDlL&google_push=AXcoOmRR54hrHyjfLb1gUrwNg9r9qWu87SeBvV62PSuLx6ogqsmzD6BeSa7ZHvuuBj9iQ1E4IQTmHhCJAMGKkRUVDVRELIdX-VlI
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
pixel
cm.g.doubleclick.net/ Frame 2042
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEEgH3yyYtiDML8uvBUCXe0Q&google_cver=1&google_push=AXcoOmRuccKg4PNQPyrzQR0B1KS3ihDwBMo-Qkbg0dK-cXLYN853d2-1gnJhl6UbZPZAnK7lpyeFZwOzBmdvzxGnS...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRuccKg4PNQPyrzQR0B1KS3ihDwBMo-Qkbg0dK-cXLYN853d2-1gnJhl6UbZPZAnK7lpyeFZwOzBmdvzxGnSqlyFpvxaYI&google_hm=HgqzvGZHol_dljjUQc29kQQs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRuccKg4PNQPyrzQR0B1KS3ihDwBMo-Qkbg0dK-cXLYN853d2-1gnJhl6UbZPZAnK7lpyeFZwOzBmdvzxGnSqlyFpvxaYI&google_hm=HgqzvGZHol_dljjUQc29kQQs
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 19 Oct 2023 05:39:52 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRuccKg4PNQPyrzQR0B1KS3ihDwBMo-Qkbg0dK-cXLYN853d2-1gnJhl6UbZPZAnK7lpyeFZwOzBmdvzxGnSqlyFpvxaYI&google_hm=HgqzvGZHol_dljjUQc29kQQs
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 2042
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEC5kiafLFzJcXjhAhNyWBpI&google_cver=1&google_push=AXcoOmTvPzNIEljkOCDHGHNLdwAIw0Egfecor81p-vKoFrwcz2Ui4j_tRPdWenjy-Di2i79it5AUPqyVVz_gBTXLOttL6OXw5WJ_
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTvPzNIEljkOCDHGHNLdwAIw0Egfecor81p-vKoFrwcz2Ui4j_tRPdWenjy-Di2i79it5AUPqyVVz_gBTXLOttL6OXw5WJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY0MTk4NzcxMDE5NTA0NDg0Mzk0MQ%3D%3D&google_push=AXcoOmTvPzNIEljkOCDHGHNLdwAIw0Egfecor81p-vKoFrwcz2Ui4j_t...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY0MTk4NzcxMDE5NTA0NDg0Mzk0MQ%3D%3D&google_push=AXcoOmTvPzNIEljkOCDHGHNLdwAIw0Egfecor81p-vKoFrwcz2Ui4j_tRPdWenjy-Di2i79it5AUPqyVVz_gBTXLOttL6OXw5WJ_
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY0MTk4NzcxMDE5NTA0NDg0Mzk0MQ%3D%3D&google_push=AXcoOmTvPzNIEljkOCDHGHNLdwAIw0Egfecor81p-vKoFrwcz2Ui4j_tRPdWenjy-Di2i79it5AUPqyVVz_gBTXLOttL6OXw5WJ_
date
Thu, 19 Oct 2023 05:39:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame 2042 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEAIKWXCXvIhcjbxA4xPd3B8&google_cver=1&google_push=AXcoOmQRdTYMj8jNIlCO1abjp-BlLnyR_rvIHqwbMa77QoGcBkucXl59qA1ARaX09mLFOtbSprL-CXjemk01NuZcPDmGNMJEaGo
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.196 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:51 GMT
content-length
0
dot.gif
s0.2mdn.net/ Frame 2042
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=11eea70d-3040-4751-b673-a211c27d2403&google_cver=1&google_gid=CAESEEz2EmV-RUnt8MBESfFwEnA&gdpr_consent=${GDPR_CONSENT_109}&google_...
  • https://s0.2mdn.net/dot.gif?gdpr_consent=${GDPR_CONSENT_109}&gdpr=${GDPR}&google_error=5
43 B
73 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?gdpr_consent=${GDPR_CONSENT_109}&gdpr=${GDPR}&google_error=5
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 08:05:11 GMT
x-content-type-options
nosniff
age
77681
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Oct 2023 08:05:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s0.2mdn.net/dot.gif?gdpr_consent=${GDPR_CONSENT_109}&gdpr=${GDPR}&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
293
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 2042 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IsK9hWQgMa8mokbKnR9zfabQYWd02hSKK24LKocpCcaIZPecleR8TM_PprKgpSoClUNuhN8w
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
ap.lijit.com/ Frame 2162 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Thu, 19 Oct 2023 05:39:52 GMT
X-Sovrn-Pod
ad_ap7ams1
google
match.adsrvr.org/track/cmf/ Frame 5510 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESED9AokCm2W6lXpzlRqZCcdo&google_cver=1&google_push=AXcoOmSC8EVZ4KxCuhlPp6Xk-BmFL3r0wniU990s7uYtxBfTlSTijiBOlXcJNm7rBkqFXUvAxiM_qkJCWkJehQMkv2cK3o5I29-AKw
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:52 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 5510
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAvvOApc0JL23NUIcjLEGf8&google_cver=1&google_push=AXcoOmSrtsytXRMwXyXhaGlTVZ9ZZHFkFANAdGqOpLbTAKybeRrzhkPmgBHUuA3FsHvto_spaKw3egCkHXrT7g...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MTU0MDE2MTM5MDk2NjkzNQ%3D%3D&google_push=AXcoOmSrtsytXRMwXyXhaGlTVZ9ZZHFkFANAdGqOpLbTAKybeRrzhkPmgBHUuA3FsHvto_spaKw3egCkHXrT7gtBfq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MTU0MDE2MTM5MDk2NjkzNQ%3D%3D&google_push=AXcoOmSrtsytXRMwXyXhaGlTVZ9ZZHFkFANAdGqOpLbTAKybeRrzhkPmgBHUuA3FsHvto_spaKw3egCkHXrT7gtBfqGZWAsU_XAU
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5MTU0MDE2MTM5MDk2NjkzNQ%3D%3D&google_push=AXcoOmSrtsytXRMwXyXhaGlTVZ9ZZHFkFANAdGqOpLbTAKybeRrzhkPmgBHUuA3FsHvto_spaKw3egCkHXrT7gtBfqGZWAsU_XAU
Date
Thu, 19 Oct 2023 05:39:52 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
google_match.ashx
ads.travelaudience.com/ Frame 5510
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEPw04OeR4KLuAMP7qGtosI0&google_cver=1&google_push=AXcoOmSGgdClXvEgbcECZ8JPTgMEc8GGflf1CmstHDpJV9FidLMmc_jJAkCn4-es4YK4oxeDCribaDAMX9l9aw6Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Z_G2Y-XsTl4iX9BSZi6puw&google_push=AXcoOmSGgdClXvEgbcECZ8JPTgMEc8GGflf1CmstHDpJV9FidLMmc_jJAkCn4-es4YK4oxeDCribaDAMX9l9aw6QwGWqyBIT_VjS
  • https://ads.travelaudience.com/google_match.ashx?google_error=5
35 B
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.travelaudience.com/google_match.ashx?google_error=5
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.0.190.35.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:52 GMT
content-encoding
gzip
x-engine-version
0.0.0
via
1.1 google
server
nginx/1.21.6
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
content-type
image/gif
x-host
tde-deliveryengine-production-7595df5684-bv8d5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.travelaudience.com/google_match.ashx?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 5510 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGt1ZZDIW7CjIbIM4GWYiYg&google_cver=1&google_push=AXcoOmRHld2ur1TUj5SJyzdaFZ8ZLsLv5hmTIAqwDUtV4CAKQgD-O9nFtZC90PqRE_vNZJ7TF9OwEzoB_CILmWaXjYggAPaHfjxXsg
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.71.157.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-157-32.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 5510
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mLEneIbRRtebdlfsPneqIg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&p=156578&mpc=4&fp=1&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156578%26sc%3D1&google_error=5
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=-1&gdpr_consent=
0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=-1&gdpr_consent=
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 19 Oct 2023 05:39:51 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=-1&gdpr_consent=
date
Thu, 19 Oct 2023 05:39:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
105
content-type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 5510
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEK0Xbdr5r73m3QJ4DWVpVtI&google_cver=1&google_push=AXcoOmSwdPK0QMq6i4uH7_N1qVkR452oLF5q8eOjIuFX25tg751AGyiH1CubOBeQ9bFZZHoLClV...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5XUjYwRFUtVi1GTDlL&google_push=AXcoOmSwdPK0QMq6i4uH7_N1qVkR452oLF5q8eOjIuFX25tg751AGyiH1CubOBeQ9bFZZHoLClV4nhP94TqLUpkA-NtuIrD5uxQgTw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5XUjYwRFUtVi1GTDlL&google_push=AXcoOmSwdPK0QMq6i4uH7_N1qVkR452oLF5q8eOjIuFX25tg751AGyiH1CubOBeQ9bFZZHoLClV4nhP94TqLUpkA-NtuIrD5uxQgTw
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5XUjYwRFUtVi1GTDlL&google_push=AXcoOmSwdPK0QMq6i4uH7_N1qVkR452oLF5q8eOjIuFX25tg751AGyiH1CubOBeQ9bFZZHoLClV4nhP94TqLUpkA-NtuIrD5uxQgTw
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
ebda
match.360yield.com/match/ Frame 5510 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEB5ZiHUbnYeiaC_ZXSmGvRg&google_cver=1&google_push=AXcoOmQfuTDM53UVLCCGd2ZOOHctlz8H1IElcZwbEdcVu-c4XbnTjEhYprKLV60QeEzt0jmV4rFSqZtqQRsaqkFexTJSH1KHLmoyXw
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.18.227.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-227-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 19 Oct 2023 05:39:52 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
attr
cm.g.doubleclick.net/pixel/ Frame 5510 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LL6Ki8Ne6L2EDxCxxXflEgpr99UpAZT_hrvdI_hNU-1trzAn_y4Ro2yiruqYYfyQjWLv41
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 4FEA
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.146.39 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Thu, 19 Oct 2023 05:39:41 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 05:39:41 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
gen_204
pagead2.googlesyndication.com/pagead/ Frame E20A 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhhiIJcEwZeH1H8Oc9u8PuYKUmAsAAAAAOAHgBAI&bg=!V1SlVBvNAAZy-tsgUvo7ADQBe5WfOMGSSTwOfFaAqQmZZVJLANIlIbr0OGRf13wcSDVJE0gW1y30teggnfM2LtrVkXRUAgAAA5tSAAAACGgBB5kDLjxOZs6cgpp-BZoSQs4u9VgW1Az71thmSRv8_uN02yqqsGzzsZznoiJlPZbUMb7GhJCy9CGojyY_r30e3A9q-DDdyY9jQhN6Ha3-5LY-vAwMaZPsrmU94AJYWRUea2QG2bU699TIwBUTECHlLRfnQbOZ0rndYDbVbFYQWkRxZgQrgj0z81W9cRbz_MVNYcXVRwBKoR7EnQ5odW449JttNUcuGzSfWQAcdY3xqtLcd7GUpBeA_0Hfb-RU9hOjD91sRe4J5Kd089fl4TLkqEZompZDReonqE8M-1nVAYs7TTMCrKM_lpLQpeRhq-wVd2g_WGhjvE9rNj6b3y2cdDP_28Sg0--adLIxbMYDLDcSiDE1UjVlZtX8DCBk9MyJ3gcWyFlUye-N97XltIiiUYlvhKX4l5T8VMDt1TK2QEhCiyLgtae0lNvHI1PZRgGBSmot-smn1tkcFi__7f0WSTiYFzTfiKXEeYRj2DG6RQWXTuaNzcScSh-QOJPrEyaMpYfg7KTtYPBAaUAvauen-ATIeifFAuaU4ntjxsag-STbTWV8mtlzurJBtkD6t6UCkr2oAM3oMVSb8iUVbJIfv35sqklXo5ERhw0-aeCIErPfioL7ZUz-YRE7LoDi-dj-z7fh-7IYUgjP1ZHij5AO-w1jHBeKr5qJO2Xp5VPxcRVOge_Y5_pNxD16EBwbdhtyiJj7uKaDQ2mswTmAD7KF6_VKJmwzEBOJ5KQxKZu8oVdLmkWF7b4t0GcKlGLs8FcrCVq7UaEqFDr6cKd080mI5EzbFUYCaRcg005O4B87Cqa-JVyz7NEw7JEIkbf3hjBFMgvRA6canBW55glq1bIIz_7EgM4HWq-JhjWEHB8RDNUXKXbekLGumBTJWBGIicZlkX1m0_TwusvwshmwnMv6MkbGorec0-xKR4UvvGe4XLk6CqJpZwl9z55nAtUZdA80YqkSGJSZLu9zPSl5gVkfE_C6WRR3UazCWqxuUYWscTQkZzzIkOrVvvr2ITkTnjxWW6je1lU1NzR4E4tL0gV3L9jvyiIzAmQ2QWGjd4zVcMx0UUXM4ylssngnedlfrkHz4J4
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D46F 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BruM7JcEwZYLBNPuTjuwPpNONyAsAAAAAOAHgBAI&bg=!sbKlsv3NAAZy-tsgUvo7ADQBe5WfOIOCUr6GwPSo68-CRSkaoWwzP_suZ1Jcq_SBsLALBHjQo1p6WEjDzaLPg60s2GUdAgAAA0dSAAAAB2gBB5kDKiswp_irW66iWrqi4BE_UN95PEdIbaYeRu1BytMpCTSZ3dlncdrbOL9t9lKkSqHvO3uTU0zwhzPnQIJJS_NksDl9SVUXo91DItLzFm-YisPtVPB1Zt0OfRpAmjpXZSCQq2pzPmwxHzb_FtOWiSpLRxUr5Ry4IJTbxV90ecjEpbXl86OXOzqxpMHB4jYzxtIzJx7P0Ys_9vsAKzQeHX4ToGfqVNachN3FidVQrM6KOFTbDL3cNu0KkqfBBDJxtHzUKMO5Y5LA12Q3VrXlAH-yMYc7H7mHvBMz3wycyxgu7pB2kqAZwOWJ5XabW5nylkqIh0WaHTpF4JkdnN5X1eW7KUoZqgtLozPH3C8C--kMniushpW6TwdWY3AUnRjy7QG31OaRrTbpMkoL-OFLUy0m-kkDTR2CEiZmXOJVhr7lh1CihAOUoSJI9sDa3qM7fUJYCU3r9Xww9XirNBRtl2nOKkUM7EYOy3m99pQ11mO1JH0tkpLJiih5emGk_VdVX7-vP7Wgp7C_UpPOM-tWPVZ0Sfw4Xj5WHe5-y7Wu59-H8AADCTrw-yOzUEbQKrqv57Z6IwY4vg7nOPGCzoICjm3tHBHfiNBR33TxDnQS2rZg1hp0cI2iWIFRpKkUgP2JWR6qGcSIbIhPHlBepTUJLqMsopWMkulj6QNOqHX3SXqGPPCo83ZvOFZroXlLVz8DG4fxNf3cIqv8RY98Xe_xqmw-5gY-x5xg68oNvFRRY88Xd6zn30GPJsQ1Pg5C-MVlyx63vyH50CqtJtB9rP9jHHpAIEBep0FMmGogYXiGYn7LCIrmhgyIg7VevgykYgsbBIS3BpdDgDd60aF0UHL4izRU5tq2uYK4QPfrLYr8HYhC3lWse60eteepPewmaCVBNtluX2t3t4bSRfCbzisU1--YAqmEg-Tbibfmc1JH9Zp1sSglQb8hUEZqEitCcyoF9tVn2FNG8dYdQR0mnEgX-tQxNFgD7OV71rSC9U6geDDN-EfRHHT1Z_ivbfpEPJ1C3BUvL_FYHqfSjP-qL3P5Mw8q4cvqZKZHH_pLcugr4N3oEz4Lx0Z7UGbhDj54Pg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
smwt256.gif
us.ck-ie.com/ Frame 534B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Thu, 19 Oct 2023 05:39:52 GMT
Server
nginx
6964033605059843123
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 960F
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/6964033605059843123
0
520 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/6964033605059843123
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8186aede4e622bb6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 05:39:52 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Thu, 19 Oct 2023 05:39:52 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/6964033605059843123
server
nginx
k-jldD77DnhvanlR5U6QZ7dim-am3G0_bRgGAo1w
csync.smilewanted.com/set_partner_userid_get/criteo/ Frame F09A
Redirect Chain
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230
  • https://csync.smilewanted.com/set_partner_userid_get/criteo/k-jldD77DnhvanlR5U6QZ7dim-am3G0_bRgGAo1w
0
566 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/criteo/k-jldD77DnhvanlR5U6QZ7dim-am3G0_bRgGAo1w
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8186aede2e4c2bb6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 05:39:52 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-store,max-age=0
content-length
0
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:39:51 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/criteo/k-jldD77DnhvanlR5U6QZ7dim-am3G0_bRgGAo1w
server
Kestrel
strict-transport-security
max-age=31536000; preload;
v1
match.sharethrough.com/universal/ Frame 200A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.6.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-6-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 19 Oct 2023 05:39:52 GMT
smw888.gif
us.ck-ie.com/ Frame 8A1B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.175 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Thu, 19 Oct 2023 05:39:52 GMT
Server
nginx
mw2u5KYALJX3fCK21CLl
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 20E7
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/mw2u5KYALJX3fCK21CLl?pi=smilewanted&tc=1
0
784 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/mw2u5KYALJX3fCK21CLl?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8186aede8eac2bb6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 05:39:52 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 19 Oct 2023 05:39:52 GMT Thu, 19 Oct 2023 05:39:52 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/mw2u5KYALJX3fCK21CLl?pi=smilewanted&tc=1
pragma
no-cache
setuid
ib.adnxs.com/prebid/ Frame 7FE5
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=23251c695016eb0e1e014d5766c166f6
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=23251c695016eb0e1e014d5766c166f6
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
an-x-request-uuid
abbb89ed-a663-4ed5-b674-0db9c5b9b232
cache-control
no-store, no-cache, private
content-length
43
content-type
image/gif
date
Thu, 19 Oct 2023 05:39:52 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
146.70.117.78; 146.70.117.78; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8186aede4e652bb6-FRA
content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 05:39:52 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=23251c695016eb0e1e014d5766c166f6
server
cloudflare
async_usersync
ib.adnxs.com/ Frame C478 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:52 GMT
an-x-request-uuid
88996738-b04e-4b17-9724-c3f9eceaa725
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.117.78; 146.70.117.78; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E5F5 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bo6jkJcEwZfC9NLzG7_UPx5G68AwAAAAAOAHgBAI&bg=!FhWlFVrNAAZy-tsgUvo7ADQBe5WfOLqp7QJFJQ6DTDA4bbNdb4lahyYImiLLwfHSGtiFRxuDOA1KG_q_0HsN38o5aQXtAgAABSZSAAAACmgBB5kDTp0nkEww1VO2JSavKLVgYvoJFKM-wGNMvzt8sP2HluaXXcfIvXSJoLVrdEnSP--1iP59nuCHV5qtkRACIT-s2dDQI3yhaCP3XLyqFVd4Ui6QOi7Ja0Yq4o5ZrEHqAQOCu_xZQfPRjhR5uMQcnXfbKJwPWZext9QXHs6GuMhxnwWCnjJLGV5OkYSVG-gb5Zy9v1pnFOpIpP60ht1Fbaj3mB3iZCqzHD5DSXmUfnaEjwKaIdN4WydrKkgEs73T5aBDwp2ZeBi34MjK8zZnbfWnmYoYyyufXcIBsOUcRvPGlL3Rlrg9VfnOvCtstsZYVUrylJHPsGrPiemwuN1JXA1JrgRJSHppJTDKbiTn240gMl7XdDQIXnr_g7YdHIpl72i6IqeK8rEZFFWyk29WhitZgMgYe8SkfVBV85NAs_xpBdnXlkbgDmg3XlmvVc77tfdVB6H-WqT5Z_DwY3AL7bNd7E9g0G9PNH3QrtO4xbbko8napyp7iV45R2sCoVPpJ5NWruKoeuEIdTxWWX66P9ydXfo8wHXxxMkOv3-XiQOHTdiSa0cKAocEaPSuNqbBVpuUb5QVs-hWRC1ER6YdOeuo81IdfoDg2zTdCZS25ut_GtypI9oQQr_NOy666r9Lcl0VA0Ly9-3fyU0fKb4qvZx7AwaIzd5BBaPgSNnBOZF0ih8GeOgjPY-xHCU0IG7op1PZOcA5R9fzeUi54TbRc6CEaEuLmUMBhLIrFC3sBYOhW8tr8Og0JHbl_Fptj0PBRWD12ha6AtezIJxVIfs1_IpX7fqXSHm1OfBlAkWAMVGf_466uqzKfwGiGvTf9KNEyqt9xR7vexL0BtEEfeT90O3BLJi-zcAZutLh2RtMvyM3qMLeSlOklnQxzFtyvCQYOipEtUWvImTu5s0ASCXIhnnr9GBWHTRpTylWr6I_Uvfau--esZCiOULWq6hmIae4We9nc2hCv9am312CgynV8phULhX7SEO__whFeqY54JnkfBW-8dWcfZgGNHQxbRDlKZvDozAWEVk47sY6XpugOmc27YBm_E2A18eqZr8GKwB9W5OYSZ9z80v0WruZqs8J7qxvrsNdV3MSvQA4lvTwgiavaJgYfVjZ-gb91xRZRCVe_A
Requested by
Host: 7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C82D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujmw2TygWvebeJt556svkK_loYjU6IA1Gry-lxOkPHaMOyMZ23HtgmmU1RdedWkjkpGWc79j0FJS5gZvbpTbEmPbGmYoEwVIeWEtKBLYvkeHbs_ndGzTnVsZUN1hHlqYh_PbzSZaw4vIGf&sai=AMfl-YTu75gtSOG_cvqp07XFh-mfm-Ic29JLy-V2DWqZNL7hv7krOjhx0vmltqi5U1CYClxs6HwCCTYXgvrSpvM2gyCWYM3DgOg6hgA7uiJqHc4VZStz_NvKw6bKZhCH&sig=Cg0ArKJSzJQOOmZjSo7pEAE&cid=CAQSPADICaaNftj1cfeiQqrmNCzUpCkbhjAOzKOg2aDrHlNKYlV1SfKeYTU6cvkO0oPXHTogRR3hYiB_tI-cRxgB&id=lidar2&mcvt=1000&p=161,1439,765,1599&mtos=190,1000,1000,1000,1000&tos=190,810,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2273020715&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697693988843&rpt=3108&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3085 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujjhB-4KH1bIHH9w8qOaNd4iVVqBgOuvPHMoCW6g92RLO1bpjCP5OCr0qYDTAJEgTGLyLoWLBeqY_-ZH0L3wia8VlP2o1XkGK-zoj7h8ldu_99GdhssD0lxYHlYIMNkMZEYGqjkVCH7YiC&sai=AMfl-YRopq0E6aIzLQ-b7GzBDdF9EJt0PNXCtwtqJpflsB2jXqnlmMFpPCVzgFVmEK5B5Fxx5O4rDRYBN6uQ5Ye-jAuZoDJ2VBXy3Ihk5kKy_RPyJwGBVk90rmBszjTD&sig=Cg0ArKJSzEqlY3spU5uCEAE&cid=CAQSPADICaaNftj1cfeiQqrmNCzUpCkbhjAOzKOg2aDrHlNKYlV1SfKeYTU6cvkO0oPXHTogRR3hYiB_tI-cRxgB&id=lidar2&mcvt=1004&p=173,315,427,1285&mtos=190,1004,1004,1004,1004&tos=190,814,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=885339186&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697693988865&rpt=3124&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3085 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5639712005735&version=m202309260101&ct=77&x=1&cor=14034837085916471000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C82D 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9952286458414&version=m202309260101&ct=77&x=1&cor=9802728053773183000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/serving/unload/ Frame 3085 		35 B
626 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6964033605059843123@@68648317,8582488625571265978,100|1097|0|0|0|0|0|0|0||138|1|||||1|0|0|nQjMM0irsXLxBx_RTJEBJ905es8dxeHMJjtVg-6eNUKkiwNnAVgnVfL_QlhaeLlf0||1|11||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame C82D 		35 B
626 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6964033605059843123@@68648309,788979781835454648,100|1108|0|0|0|0|0|0|0||55|1|||||1|0|0|FVpjI00JAZzxBx_RTJEBJ905es8dxeHMJjtVg-6eNUIrXHCdaLCAH_L_QlhaeLlf0|||11||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
SPug
simage4.pubmatic.com/AdServer/ Frame 1DEF 		0
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160447&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:53 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
index.m3u8
amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb573d1a7d6c628e84cb3e61cef64882987b3dcb0e6c886470af4a9765d97800dbe8ae84ae5b910c4c9e1fc061017d360439cd1dd56c49c1da6... Frame 0979 		12 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb573d1a7d6c628e84cb3e61cef64882987b3dcb0e6c886470af4a9765d97800dbe8ae84ae5b910c4c9e1fc061017d360439cd1dd56c49c1da63b820743c4b21fdcde00080dd0d0cb1df11292ca36265299a7369cc350f7bd2ec5a2f803ebe764c53cb017c593f88f258ac7e4cc59e0f82762a95a5d5715a2c0c0edd0442e0a359bdfce74f518d3df2e51d499d2d58e1d746c8c91dbad5814697158120ec16c8c3a4d8d618848e9737a035d75e7a3097c3c9f018e9ab6f9998fd5b369170264f1f2797c9f1db7b4c4ac3de3e8299eeaa77f003cbf345cb0065fc68302ef5dfb97feefe38c76ed961c7e5461aa6fce4111102b5f7af9afe7a11a865f3a3fbd86068a327751254e462c22b273491b29e5ad4835da1bf2d81bb7e0e78eea505cacdfcd3b4f0ba4392739e9cb4806b16072325129651a7ad68d902d46ce79b4076121e12edd27eecb2f4727c22438f8b5b94341ebad084ca9f2d33d86f165fa73188034b3c82613525b663a1c27c5f88200b973c72ae0b62ce11aaca599fcdecec083fbac9d402ae3f9dd224e6b653f9236c2341d9940b504a4b71d594162e386bcc48e19387a140000ee8f8daed82341c022a1c46039be88528c396a1b41ff4ec0f33b366c40567a1a8eec1ae/88/640x360_642400/index.m3u8
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/3589_551e330fe89884ee4a2d_551e330fe89884ee4a2d_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-49.fra6.r.cloudfront.net
Software
/
Resource Hash
d435e892837ce713317bc21f3d70fade5035e92a3edf62d74d50f5e390fa17bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:54 GMT
via
1.1 google, 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
content-encoding
br
last-modified
Thu, 19 Oct 2023 05:39:50 GMT
x-amz-cf-pop
FRA6-C1
x-cache-status
FRA-1209ea83, miss
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
https://www.walla.co.il
x-cache
Miss from cloudfront
cache-control
max-age=1
access-control-allow-credentials
true
accept-ranges
none
x-amz-cf-id
iOHDvw8-yl-UEJBqCXLRrgfILI3TLjaMhTP3-ER1tQhIX8DLJ6VANw==
PugMaster
image6.pubmatic.com/AdServer/ Frame 1DEF 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=88132252&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d0bba74a201bd1cebfa014fd64725c2331bd4144add34e7e1ceafeffe5a4f537

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 19 Oct 2023 05:39:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
charter.woff2
s0.2mdn.net/sadbundle/9015645056701891402/ Frame F7FC 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9015645056701891402/charter.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd81384f187e42628894eed4bb384acd8209a3980c45c3ab285ac154f28bf9a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/9015645056701891402/index.html?ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 18:18:49 GMT
x-content-type-options
nosniff
age
127265
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54205
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 14:20:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 16 Oct 2024 18:18:49 GMT
match
c1.adform.net/serving/cookie/ Frame 3607 		35 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=98B12778-86D1-46D7-9B76-57EC3E77AA22&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 19 Oct 2023 05:39:54 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
SPug
image4.pubmatic.com/AdServer/ Frame C5DC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8077843172889582107&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:32032f0d-2dcc-4f99-b2f5-09667af1cc4d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=156578&sc=1&us_privacy=%24%7BUS_PRIVACY%7D
0
48 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=156578&sc=1&us_privacy=%24%7BUS_PRIVACY%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
date
Thu, 19 Oct 2023 05:39:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
private,max-age=86400
content-length
128
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 05:39:55 GMT
location
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=156578&sc=1&us_privacy=%24%7BUS_PRIVACY%7D
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
image4.pubmatic.com/AdServer/ Frame 2392
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7291540161390966935&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6154dd0b-2bde-47ad-9304-053d1c264d69&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=156578&sc=1&us_privacy=%24%7BUS_PRIVACY%7D
0
48 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=156578&sc=1&us_privacy=%24%7BUS_PRIVACY%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
date
Thu, 19 Oct 2023 05:39:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
private,max-age=86400
content-length
128
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 05:39:53 GMT
location
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=156578&sc=1&us_privacy=%24%7BUS_PRIVACY%7D
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
x.bidswitch.net/ Frame B0F1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=79b6a802-6256-4df8-b0fc-8508986a8d6d&gdpr=0&gdpr_consent=
  • https://sync.bumlam.com/?src=bsw2&s_data=CAIQARiqgsOpBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEO6Kd1ZuQRHuhuAAJZDAZHyqAQhwdWJtYXRpY7IBJDc5YjZhODAyLTYyNTYtNGRmOC1iMGZjLTg1MDg5ODZhOGQ2ZA**
  • https://x.bidswitch.net/sync?dsp_id=476&user_id=ee8a7756-6e41-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=79b6a802-6256-4df8-b0fc-8508986a8d6d
43 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.bidswitch.net/sync?dsp_id=476&user_id=ee8a7756-6e41-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=79b6a802-6256-4df8-b0fc-8508986a8d6d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.71.157.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-157-32.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 19 Oct 2023 05:39:54 GMT

Redirect headers

Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 19 Oct 2023 05:39:54 GMT
Location
https://x.bidswitch.net/sync?dsp_id=476&user_id=ee8a7756-6e41-11ee-86e0-002590c0647c&expires=90&ssp=pubmatic&bsw_param=79b6a802-6256-4df8-b0fc-8508986a8d6d
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame B46C
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kXdSCbFXWUd5eCVoF5upWZJGdU4&gdpr=0&gdpr_consent=
42 B
302 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kXdSCbFXWUd5eCVoF5upWZJGdU4&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 19 Oct 2023 05:39:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 19 Oct 2023 05:39:55 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=kXdSCbFXWUd5eCVoF5upWZJGdU4&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 11F0
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
42 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 19 Oct 2023 05:39:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
176
Content-Type
text/html; charset=utf-8
Date
Thu, 19 Oct 2023 05:39:55 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Pragma
no-cache
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 6622 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 19 Oct 2023 05:39:54 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230067-FRA
x-timer
S1697693995.864416,VS0,VE93
Pug
simage2.pubmatic.com/AdServer/ Frame 0139
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 19 Oct 2023 05:39:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 19 Oct 2023 05:39:54 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame A2B0
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFETDdFN0tZWUlBQUJaRkNjM29pdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AADL7E7KYYIAABZFCc3oiw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADL7E7KYYIAABZFCc3oiw&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADL7E7KYYIAABZFCc3oiw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8032806050647978792&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADL7E7KYYIAABZFCc3oiw&gdpr=0&gdpr_consent=
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADL7E7KYYIAABZFCc3oiw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 19 Oct 2023 05:39:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 19 Oct 2023 05:39:55 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADL7E7KYYIAABZFCc3oiw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
mw
mwzeom.zeotap.com/ Frame 1DEF 		95 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=98B12778-86D1-46D7-9B76-57EC3E77AA22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:54 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
8186aeec0d069000-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 1DEF
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=98B12778-86D1-46D7-9B76-57EC3E77AA22&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=98B12778-86D1-46D7-9B76-57EC3E77AA22&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=98B12778-86D1-46D7-9B76-57EC3E77AA22&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:40:00 GMT
frontend-id
11
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:40:00 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=98B12778-86D1-46D7-9B76-57EC3E77AA22&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 1DEF
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=98B12778-86D1-46D7-9B76-57EC3E77AA22&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=008781a40227629c/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:55 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1DEF
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4605418256330473032&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8077843172889582107
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8077843172889582107
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 19 Oct 2023 05:39:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:55 GMT
an-x-request-uuid
a8ed26b3-af3d-42d9-8d6e-6942814323a2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8077843172889582107
x-proxy-origin
146.70.117.78; 146.70.117.78; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame 1DEF 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=98B12778-86D1-46D7-9B76-57EC3E77AA22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:54 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F7FC 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 15:22:55 GMT
x-content-type-options
nosniff
age
483420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 15:22:55 GMT
event.png
tpsc-ew1.doubleverify.com/ Frame 7D79 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ew1.doubleverify.com/event.png?impid=15768bfa005c4b16abbaf427982af310&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_btreg=68648317&ee_dp_btros_64=0&ee_dp_asmm=1&vdur=107&eoid=16&te_exec=0&msrjs=4826&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=15&tetms=10&msltms=27&vltms=107&sei=289&vetms=400&tuviims=373&tuviems=880&engms=1&engisel=1&dvp_dtcov=4&sim=3&msrcanlm=456&msrcannum=3&ee_dp_tmads=2615&ismms=263&isumms=262&nvr=6&isgmmims=263&isgmv4mims=263&elmtp=6&isbxdms=2562&b0=309&b11=2207&adhgt=250&adwdth=970&norwdth=970&norhgt=250&vsos=13&dvp_vsosnmr=16&lftb=2516&sftb=2516&msrdp=3&naral=192&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=970&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1470&isuiabvms=1470&isgmpims=262&isgmv4dpims=1470&ispmxpms=1470&engalms=262&dvp_dpr=1&vstsz=736&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3513&cbust=1697693995719763
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4826.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
Pragma
no-cache
Date
Thu, 19 Oct 2023 05:39:55 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-10-18T05:39:55
event.png
tpsc-ew1.doubleverify.com/ Frame 5962 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ew1.doubleverify.com/event.png?impid=8f8a4411ea3c479d8675d45234d59959&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_btreg=68648309&ee_dp_btros_64=0&ee_dp_asmm=1&vdur=140&eoid=16&te_exec=0&msrjs=4826&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=15&tetms=18&msltms=29&vltms=140&sei=289&vetms=408&tuviims=366&tuviems=914&engms=1&engisel=1&dvp_dtcov=4&sim=3&msrcanlm=456&msrcannum=3&ee_dp_tmads=2678&ismms=124&isumms=123&nvr=6&isgmmims=124&isgmv4mims=124&elmtp=6&isbxdms=2625&b0=100&b11=2666&adhgt=600&adwdth=160&norwdth=160&norhgt=600&vsos=5&dvp_vsosnmr=16&lftb=2766&sftb=2766&msrdp=3&naral=192&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=160&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1124&isuiabvms=1124&isgmpims=501&isgmv4dpims=1124&ispmxpms=1124&engalms=121&dvp_dpr=1&vstsz=740&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3576&cbust=1697693995725429
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4826.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
Pragma
no-cache
Date
Thu, 19 Oct 2023 05:39:55 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2023-10-18T05:39:55
3613138-46.png
images.wcdn.co.il/f_auto,q_auto,w_800,t_18/3/6/1/3/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_800,t_18/3/6/1/3/3613138-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/5785_6990edb44130741d99e1_6990edb44130741d99e1_walla.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
8d5243bf693f78b16447afb204d38ba6bc49a664f650f81efb74e88dc39f0566

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 03:36:32 GMT
via
1.1 google
age
7404
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38432
3613861-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/3/6/1/3/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/3/6/1/3/3613861-46.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
79c7df415e687d9ce87fe58806750adc4aac2c67911b0a914559d9e97e6e09da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:36:28 GMT
via
1.1 google
age
208
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69932
SPug
simage4.pubmatic.com/AdServer/ Frame 1DEF 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160447&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 05:39:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
track.adform.net/serving/unload/ Frame C82D 		35 B
626 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6964033605059843123@@68648309,788979781835454648,100|4376|0|0|0|0|0|0|0||219|1|||||1|0|0|FVpjI00JAZzxBx_RTJEBJ905es8dxeHMJjtVg-6eNUIrXHCdaLCAH_L_QlhaeLlf0|||01||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 3085 		35 B
617 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6964033605059843123@@68648317,8582488625571265978,100|4408|0|0|0|0|0|0|0||556|1|||||1|0|0|nQjMM0irsXLxBx_RTJEBJ905es8dxeHMJjtVg-6eNUKkiwNnAVgnVfL_QlhaeLlf0||1|01||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 19 Oct 2023 05:39:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tr.dxmcdn.com
URL
https://tr.dxmcdn.com/rest/api/v1/survey-executed
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEG9UuMYqDA-7rjRHjjQ4nv4&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Verdicts & Comments Add Verdict or Comment

259 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 function| addScriptPromise object| _0x1a15 function| _0x14cd object| googletag object| WallaTargeting string| _taboolaOS object| twttr string| isAAB string| pageNumberInSession string| fatherSessionInSession object| dataLayer object| wallaGlobalEventData object| wallaEnv object| slotslist function| gtag function| ga object| _sf_async_config function| _typeof object| TRC object| _taboola object| _tblConsole object| __twttrll object| __twttr object| google_tag_data object| gaplugins object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| _cb_shared string| loadDataState object| google_tag_manager function| postscribe object| google_tag_manager_external object| ggeac object| google_js_reporting_queue function| smartlook boolean| isMobile undefined| showInterstitial undefined| interstitialData undefined| timestamp undefined| attempts undefined| served undefined| hourPassed undefined| url undefined| ref undefined| refFits undefined| adunit undefined| getInterstitialData function| _ object| dmp object| IDXSurvey object| _0x27cd function| _0x1e01 object| _vadHb object| vadprebidChunk object| vadprebid object| _pbjsGlobals object| ADAGIO object| GooglebQhCsO function| fbq function| _fbq string| GoogleAnalyticsObject object| gaGlobal object| gaData object| google_conversion_id object| google_custom_params object| google_remarketing_only object| adoric object| _cbm object| __LOADABLE_LOADED_CHUNKS__ function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| __adoric__ boolean| IS_ADORIC_LOADED undefined| google_measure_js_timing function| onYouTubeIframeAPIReady number| google_unique_id object| regeneratorRuntime string| __strip_step__ boolean| WallaA11 string| pm_pgtp undefined| msg object| webpackChunk_smartlook_recorder boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id string| trc_item_url object| TRCImpl number| taboola_view_id function| PlayerSdk object| WallaPlayerApi object| owpbjsChunk object| owpbjs object| PWT object| a function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| Ah object| _pm_mcg object| image object| sw_consent string| nam object| placementData object| cmTag object| Criteo object| _cm_wfCounters object| sas object| apntag object| _ADAGIO number| google_global_correlator object| GoogleGcLKhOms object| closure_lm_315249 object| ONFOCUS object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136 object| google_image_requests

119 Cookies

Domain/Path Name / Value
.walla.co.il/ Name: _cb
Value: BTiKwSCgqHqMBqjcWq
.walla.co.il/ Name: _chartbeat2
Value: .1697693984320.1697693984320.1.DdRCDxD-1NnGeJ2m3gne5pMBGPa.1
.walla.co.il/ Name: _cb_svref
Value: null
.walla.co.il/ Name: _gcl_au
Value: 1.1.1475452520.1697693984
.walla.co.il/ Name: _gid
Value: GA1.3.760173411.1697693985
.walla.co.il/ Name: _gat_UA-4780630-1
Value: 1
.walla.co.il/ Name: _t_tests
Value: eyJkTzVubW03aThzZWRyIjp7ImNob3NlblZhcmlhbnQiOiJCIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJDTXpDNEgiXX0sIndybTFqNEhXTE1zUjciOnsiY2hvc2VuVmFyaWFudCI6IkIiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkJSUkdoViJdfSwiNkt2ODVQMlo0VjFGQyI6eyJjaG9zZW5WYXJpYW50IjoiQSIsInNwZWNpZmljTG9jYXRpb24iOlsiQkdlSXVmIl19LCJacURLd1NuUVJPaU9xIjp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJCZzF0NTEiXX0sIjVROTJnbTE2TGNES0UiOnsiY2hvc2VuVmFyaWFudCI6IkMiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkhWQ1lSIl19LCJlV1pVSTIyTzJhN2tGIjp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJEbGR5Q2YiXX0sIjUzMlRxUkJoZ05oWjgiOnsiY2hvc2VuVmFyaWFudCI6IkIiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkNLbEg0RiJdfSwiOXV4d3NEd0toSkFmOSI6eyJjaG9zZW5WYXJpYW50IjoiQiIsInNwZWNpZmljTG9jYXRpb24iOlsiQk9fV3I0Il19LCJsaWZ0X2V4cCI6Im0ifQ==
.walla.co.il/ Name: vad-loc-code
Value: de
.doubleclick.net/ Name: IDE
Value: AHWqTUn8OgDVl9_YizueukwgXffGTojxqftM1x9r90XTgVqW1cbjptmQn335Zvbm
.walla.co.il/ Name: _ga_TSQY5YTYZ0
Value: GS1.1.1697693984.1.0.1697693984.0.0.0
.walla.co.il/ Name: _ga_RYD7X7E8VN
Value: GS1.1.1697693984.1.0.1697693984.60.0.0
www.walla.co.il/ Name: strip_step
Value: 2
.walla.co.il/ Name: _wpnis
Value: 2
.walla.co.il/ Name: _wfsis
Value: https://www.walla.co.il
.walla.co.il/ Name: __gads
Value: ID=e1fcb63712108fcb:T=1697693985:RT=1697693985:S=ALNI_MZdASWBO4ILBABsD27NJ8267GYc6Q
.walla.co.il/ Name: __gpi
Value: UID=00000c9c6bddb841:T=1697693985:RT=1697693985:S=ALNI_MZeGc9vLHPQSDSptz-aGVnpgIaWGA
.walla.co.il/ Name: _fbp
Value: fb.2.1697693986114.1006748291
.dxmdp.com/ Name: dmpid
Value: a1d20146-1445-49c1-a791-2920fc615324
.walla.co.il/ Name: _ga
Value: GA1.3.1335889755.1697693985
.dxmdp.com/ Name: audids
Value:
www.walla.co.il/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Dc0db7440-44cc-43c1-a8cb-5bfb6be1d5ee-tuctc2a46a2
.getrockerbox.com/ Name: uuid
Value: rbcr-65ef6d17-9ee5-4ab0-8f73-95d39ac4ec79
.ads.stickyadstv.com/ Name: UID
Value: a932122a9745f9661f8467a6fc26d37
.turn.com/ Name: uid
Value: 4605418256330473032
www.walla.co.il/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-436bbb5d-f7ce-45e0-8fae-3b29e0b3abc4-003%22%2C%22nxtrdr%22%3Afalse%7D
.criteo.com/ Name: uid
Value: e5854141-6ab8-4aa5-890b-5034ca225f8d
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-436bbb5d-f7ce-45e0-8fae-3b29e0b3abc4-003%22%7D
.bidswitch.net/ Name: tuuid
Value: 79b6a802-6256-4df8-b0fc-8508986a8d6d
.bidswitch.net/ Name: c
Value: 1697693987
.bidswitch.net/ Name: tuuid_lu
Value: 1697693987
.bidswitch.net/ Name: custom_data
Value: ETatI19nWndQb0JOTyUyQldVV1NRUG56RTRKWGhlMU45T3dUaEZEdW5sOExiWW15b0NOTzMlMkZuT0syTDVHdDhtMFYxS3M4eWxpZ1drNUtlR3JMVWFYTE9qaUN3NVZpalpNYmJmNVclMkJpQ3pQS2E1S0RlSE0yd3dheDdNNVVRMHpoMG9DeWoySnIxNUolMkZXRjBUZHhZWkZSZjZndWxBS2ZZcSUyRno5RTBMWmxTMEdpZlUzNjFIYXBnRUN1S1FMbFI3UFlEME9qTXhI
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 6882523b-dd7f-5324-be12-7e61db22bf42
.betweendigital.com/ Name: ss
Value: 1
.adnxs.com/ Name: icu
Value: ChgIgKNkEAoYASABKAEwo4LDqQY4AUABSAEQo4LDqQYYAA..
.adnxs.com/ Name: uuid2
Value: 8077843172889582107
.betweendigital.com/ Name: ut
Value: ZTDBIwAGUTBlsCMLzKN2MNFaybIsaZAudOLLow==
.rubiconproject.com/ Name: khaos
Value: LNWR60DU-V-FL9K
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrr3n4d8MfpzvsKGGM1eolu5vVtDhgOVUMsxPxU5qr+6LxbBu3AMQRcuOYdOTdJHhkjwJGYVf1/R+BxGCOXoSK1/sl3J0mLRJa+xUA9sgf/4b7FQD2yB//h
.yandex.ru/ Name: yandexuid
Value: 7233405091697693987
.script.ac/ Name: __cf_bm
Value: injzm0DaRLR9Ll6W6w.VzTuZJQRsqlERUM5fTqawm4Q-1697693987-0-AYXj04fQX+Lb520ef1MAxJ0B9w/EyIONA5nXculqRfoJf3XGKj8ZAPbwdEYQAE+37g3+fAhJYe447yHBrTDk34w=
.adform.net/ Name: C
Value: 1
m.exactag.com/ Name: exactag_new_gk
Value: 4bacd92af1354d26841cd801def3f5ee%7C18.12.2023%2005%3A39%3A49
m.exactag.com/ Name: exactag_new_uk
Value: 031b17d84a9541e9a64a5ec7d59efc45%7c
m.exactag.com/ Name: session_session
Value: 7058a1d3d43e48679bd29e03
.casalemedia.com/ Name: CMID
Value: ZTDBJYSuXZ0b0UlPSVd.0QAA
.casalemedia.com/ Name: CMPS
Value: 5203
.casalemedia.com/ Name: CMPRO
Value: 5203
.doubleclick.net/ Name: APC
Value: AfxxVi7cgym1mg3nIDyn9nk1KztBOXZJFL-rDZJmXboOVb4k-gHrxQ
.lijit.com/ Name: ljt_reader
Value: HgqzvGZHol_dljjUQc29kQQs
.adfarm1.adition.com/ Name: UserID1
Value: 7291540161390966935
.ctnsnet.com/ Name: gid_CAESECEYVP4qDACEl8YawvXnVDs
Value: 1
.ctnsnet.com/ Name: cid_c03c4d912dd14d9381ac4093a95eb99e
Value: 1
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2267F1B663-E5EC-4E5E-225F-D052662EA9BB%22%7D
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZTDBJgAABh8n_wAM
.blismedia.com/ Name: b
Value: 6530C126B8BAFEE49F4FE757BLIS
.adform.net/ Name: uid
Value: 6964033605059843123
.tribalfusion.com/ Name: ANON_ID
Value: a9ntuJs2aF8pAJsbX1nRXGWmpL9ZcAHb1DJaCLr2Zb5NLZbLuakXyZcEt1XHmbZdw8YhNVNomghZafvA3rh8TDCOO9ViTL
.adform.net/ Name: TPC
Value: 1697693991452
.walla.co.il/ Name: cto_bundle
Value: V1JhkV9kanhXM0tFbGtMbFgxVnIlMkJtRlpQREFmZGxSJTJGRnVFYUJ1MlVUYVRkZU9IVURJQVVadjNjZ082Zzk3OXlDREJSS1M1QnlTbGY3M2JYbHVQUWRxYWtUTnNjd2F2SXAwY3VociUyQiUyQkdWUmpYNG5vajdqJTJGWTNIcXNFUzNPUUhuU2VZSG40RFphV1I1WmhIUDl1dFpKUUZHTGhBJTNEJTNE
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 98B12778-86D1-46D7-9B76-57EC3E77AA22
.vodafone.de/ Name: oshop
Value: queryparams||b_id||1779||queryparams||shopid||2673
.weborama.fr/ Name: AFFICHE_W
Value: iJJYr2pek5@I55
.quantserve.com/ Name: d
Value: EE0BDQGcKrjvsQA
.quantserve.com/ Name: mc
Value: 6530c127-eb889-16103-bdf00
.simpli.fi/ Name: suid
Value: DFB730DE729F4BF19F70D1FB9F0D791B
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6964033605059843123&KRTB&23263-6964033605059843123&KRTB&23481-6964033605059843123
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEPKwCA_RJ9z-bX1kNfVms18&KRTB&23025-CAESEPKwCA_RJ9z-bX1kNfVms18&KRTB&23386-CAESEPKwCA_RJ9z-bX1kNfVms18
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-IWywvnRosbk6POG2JDquuS8_4Lg6O7W_L2laPhz-&KRTB&19420-IWywvnRosbk6POG2JDquuS8_4Lg6O7W_L2laPhz-&KRTB&22979-IWywvnRosbk6POG2JDquuS8_4Lg6O7W_L2laPhz-&KRTB&23403-IWywvnRosbk6POG2JDquuS8_4Lg6O7W_L2laPhz-
.audrte.com/ Name: arcki2
Value: 4d2cIrMxCyNT8KZRrgMDmNFJw!20220908!1697693992054!ip#146.70.117.78
.audrte.com/ Name: arcki2_pubmatic
Value: 98B12778-86D1-46D7-9B76-57EC3E77AA22!20220908!1697693992054
.amazon-adsystem.com/ Name: ad-id
Value: A_rkBCYx00jaj8JH27Ap0BQ
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.3lift.com/ Name: tluid
Value: 2641987710195044843941
.w55c.net/ Name: wfivefivec
Value: nEyKMoGv1QTlLa5
.csync.loopme.me/ Name: viewer_token
Value: 11eea70d-3040-4751-b673-a211c27d2403
.w55c.net/ Name: matchgoogle
Value: 5
ads.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2267F1B663-E5EC-4E5E-225F-D052662EA9BB%22%7D
.creativecdn.com/ Name: u
Value: mw2u5KYALJX3fCK21CLl
.creativecdn.com/ Name: ts
Value: 1697693992
.adnxs.com/ Name: anj
Value: dTM7k!M40<EVNsVF']wIg2E?#Z@u'!!2(5s(<j<dINiYhTyXnfi8FW/Y^Qj)hs[W^:*<z+[pgYe1/CpmiWoSkj+CV1(j#iP(Md<0-%'cBB%QH*ec_m`fd%o=$+9em<Lz2O[@W+*1Eq9BF%$iBEsgn^1o4>@*g0D(IrKuE
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiIyMzI1MWM2OTUwMTZlYjBlMWUwMTRkNTc2NmMxNjZmNiIsImV4cGlyZXMiOiIyMDI0LTAxLTE3VDA1OjM5OjUyWiJ9fSwiYmlydGhkYXkiOiIyMDIzLTEwLTE5VDA1OjM5OjUyWiJ9
.smilewanted.com/ Name: sw_user_params_infos
Value: GS2LCOmVjCxjeno8N59tJA1UR%2BUInm1sd6%2FiFhy6Q5ELKF2uPa2u3pQHWLqHuqoLMZoJNQUQ1RlvU5dIi1zsAshqMbsQLjoTzYsm78Q0%2FPiL5bXJYLrdHARLj2Hojr2%2FqsjPwqwHHjrBuV7RUvGnGgKJlCkt1NO18T88hSk23BhrTcygEFoMXqrh7BLgAttsIgFqLIFEDk8jC%2BOCuQr3tUQA1FOp4W2kBoIm7J2Mw1%2BfwgjtrBKDO%2BYN1VRNajLdWdcBnrXgQxgafVg1xCPEkNCQdUJiTZ5j%2BxB1MBSzC9G1S3NEDDipUGviudMbYD%2FSNapkB8EMzMmGEtak%2BZKL0Kx8%2BZRFjSi9sLXfQWfxNBJwf3eGgEMkcLykebzbMcmPVRkeluvLRwgY6b5je1HBkzeL2bA6m56Hffom%2BuqD0yZIh%2Bm34C4%2F%2B0PjjEaRcRii
.audrte.com/ Name: arcki2_ddp2
Value: 4d2cIrMxCyNT8KZRrgMDmNFJw!20220908!1697693993132
.audrte.com/ Name: arcki2_adform
Value: 6964033605059843123!20220908!1697693993221
.pubmatic.com/ Name: SPugT
Value: 1697693993
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: DPSync3
Value: 1698883200%3A241_235_201_227_226_219_197_245
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8077843172889582107&KRTB&23339-8077843172889582107
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7291540161390966935&KRTB&23369-7291540161390966935
.pubmatic.com/ Name: pi
Value: 156578:3
.zeotap.com/ Name: zc
Value: 9389bc86-0e12-480b-7e4c-1db486c0a368
.bumlam.com/ Name: suuid3
Value: IiRlZThhNzc1Ni02ZTQxLTExZWUtODZlMC0wMDI1OTBjMDY0N2M*
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4605418256330473032&KRTB&23150-4605418256330473032&KRTB&23527-4605418256330473032
.pubmatic.com/ Name: SyncRTB3
Value: 1698883200%3A54_233_55_166_196_8_220_71_21_56_13_3_204_251_234_22_81%7C1698278400%3A15_2_223%7C1698969600%3A35%7C1700265600%3A203%7C1698537600%3A63
.adsby.bidtheatre.com/ Name: __kuid
Value: 6154dd0b-2bde-47ad-9304-053d1c264d69.466907994
ads.playground.xyz/ Name: connect.sid
Value: s%3AXdnjKj2THQZ2INYHl3ETJ18IVpc8NOpp.DjH8lFan0i5xOFV9H2UBGK%2FrmAI57X4e9Xk42IjGlJQ
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 6
.bidr.io/ Name: bito
Value: AADL7E7KYYIAABZFCc3oiw
.bidr.io/ Name: bitoIsSecure
Value: ok
.semasio.net/ Name: SEUNCY
Value: B93476EBE296FA19
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: de34da4aaafbfb52
.onaudience.com/ Name: cookie
Value: 008781a40227629c
.onaudience.com/ Name: done_redirects104
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-91775209-b157-5947-7978-2568179ba959.Zqwf62MNNl8HwACgX84kBDeL3Tc1jr0B%2Bvsmqr3H5dA
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-91775209-b157-5947-7978-2568179ba959.Zqwf62MNNl8HwACgX84kBDeL3Tc1jr0B%2Bvsmqr3H5dA
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AkXdSCbFXWUd5eCVoF5upWZJGdU4.Cky7%2F4j3qvp3WbS4VKis52sUD77evq9NFAMDtJMGxnI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AkXdSCbFXWUd5eCVoF5upWZJGdU4.Cky7%2F4j3qvp3WbS4VKis52sUD77evq9NFAMDtJMGxnI
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIDl5XJubplU55c43pNMcwSvnMHBHHUYNHVS56jXU3U8zEHwYBCCrgsOpBjABOgTLdGrUQgSZj7he.sAW0UQQjVJF27p%2BzNxnOQ0K0eovQ8sswf1JBuON38n8
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIDl5XJubplU55c43pNMcwSvnMHBHHUYNHVS56jXU3U8zEHwYBCCrgsOpBjABOgTLdGrUQgSZj7he.sAW0UQQjVJF27p%2BzNxnOQ0K0eovQ8sswf1JBuON38n8
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-kXdSCbFXWUd5eCVoF5upWZJGdU4&KRTB&23334-kXdSCbFXWUd5eCVoF5upWZJGdU4&KRTB&23417-kXdSCbFXWUd5eCVoF5upWZJGdU4&KRTB&23426-kXdSCbFXWUd5eCVoF5upWZJGdU4
.smartadserver.com/ Name: pid
Value: 8032806050647978792
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AADL7E7KYYIAABZFCc3oiw
.onaudience.com/ Name: done_redirects147
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADL7E7KYYIAABZFCc3oiw
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:
.pubmatic.com/ Name: PugT
Value: 1697693995

7 Console Messages

Source Level URL
Text
javascript error URL: https://www.walla.co.il/
Message:
Access to fetch at 'https://tr.dxmcdn.com/rest/api/v1/survey-executed' from origin 'https://www.walla.co.il' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://tr.dxmcdn.com/rest/api/v1/survey-executed
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEG9UuMYqDA-7rjRHjjQ4nv4&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Message:
Refused to execute script from 'https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=20567029375&extPm=20567029375&extCr=524343308&rnd=1697693988418387' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.
security error URL: https://7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Message:
Refused to execute script from 'https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=20567029375&extPm=20567029375&extCr=524347186&rnd=1697693988418388' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=98B12778-86D1-46D7-9B76-57EC3E77AA22&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12890047.adoric-om.com
7ae88ba9ccbc03a05f58dfa82d54c84c.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
amg01742-walla-wallanews-ono-btlna.amagi.tv
ap.lijit.com
app.adoric-om.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
bs.yandex.ru
c1.adform.net
cadmus.script.ac
casale-match.dotomi.com
cdn-uw2-prod.tsv2.amagi.tv
cdn.doubleverify.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.valuad.cloud
cf.dxmcdn.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cr.frontend.weborama.fr
creativecdn.com
csync.loopme.me
csync.smilewanted.com
dal.walla.co.il
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
event.dxmdp.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hb-dot-valuad.appspot.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
images.wcdn.co.il
imasdk.googleapis.com
imprammp.taboola.com
js-sec.indexww.com
m.exactag.com
mab.chartbeat.com
mabping.chartbeat.net
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
metrics.getrockerbox.com
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pixelgroup-d.openx.net
platform.twitter.com
pm-widget.taboola.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.smilewanted.com
prg.smartadserver.com
pro.ip-api.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-ew1.doubleverify.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssp-sync.criteo.com
ssum-sec.casalemedia.com
static.adoric.com
static.chartbeat.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.bumlam.com
sync.crwdcntrl.net
sync.richaudience.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
syndication.twitter.com
tags.dxmdp.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
tr.blismedia.com
tr.dxmcdn.com
track.adform.net
trc-events.taboola.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
vfd2dyn.vodafone.de
vidstat.taboola.com
web-sdk.smartlook.com
web.hb.ad.cpe.dotomi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.walla.co.il
x.bidswitch.net
sync.search.spotxchange.com
tr.dxmcdn.com
104.18.25.18
104.18.26.193
104.18.27.193
104.22.69.131
104.244.42.72
108.129.69.108
13.224.189.75
13.248.245.213
130.211.44.5
141.226.228.48
142.250.186.98
146.75.116.157
15.235.15.221
151.101.193.44
151.101.2.49
151.101.65.44
168.119.146.39
172.217.18.98
172.64.205.37
178.250.1.9
178.32.210.226
18.66.112.5
184.30.16.195
185.184.8.90
185.64.189.112
185.64.190.78
185.64.190.79
185.64.191.210
185.86.139.101
188.166.17.21
198.47.127.20
198.47.127.205
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
205.185.216.10
208.93.169.131
216.239.32.21
216.52.2.39
23.21.139.150
23.211.8.12
23.216.77.50
23.32.184.180
2600:9000:2057:1200:18:1fcd:353:c61
2600:9000:20eb:f800:11:da61:a100:93a1
2600:9000:211e:3e00:1b:5138:8a40:93a1
2600:9000:211e:9e00:1a:1d58:31c0:93a1
2602:803:c003:200::21
2606:4700:10::ac43:db6
2606:4700:20::681a:8a9
2606:4700::6810:5614
2606:4700::6812:1791
2606:4700::6812:19ad
2606:4700::6812:272
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:801::200a
2a00:1450:4001:801::2014
2a00:1450:4001:802::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2006
2a00:1450:4001:827::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c07::9a
2a02:2638:3::3
2a02:2638:3::6
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:3500:d::1732:83c8
2a02:6b8::90
2a02:6ea0:c700::19
2a02:fa8:8806:20::2040
2a02:fa8:8806:21::1780
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:200::714
2a05:d018:d29:3601:c184:4582:9358:8e30
2a06:98c1:3121::3
3.122.6.226
3.71.149.231
3.71.157.32
31.172.81.158
34.102.253.54
34.111.129.221
34.111.131.239
34.111.199.139
34.120.218.58
34.149.20.76
34.160.198.118
34.160.236.64
34.95.69.49
34.96.105.8
35.186.193.173
35.186.253.211
35.190.0.66
35.204.74.118
35.214.136.204
35.244.159.8
37.157.2.229
37.157.6.236
37.157.6.237
37.252.171.53
46.228.174.117
51.38.120.206
51.77.64.70
52.18.227.145
52.208.23.16
52.210.78.166
52.214.195.193
52.223.40.198
52.46.151.131
52.54.238.224
52.57.124.150
52.58.233.134
52.59.25.76
52.86.91.163
54.217.195.217
54.239.33.159
64.74.236.95
67.202.105.22
69.173.144.138
69.173.144.165
77.243.51.121
8.2.108.175
85.114.159.118
85.14.248.72
88.221.125.233
89.149.192.196
95.101.149.35
96.46.183.20
98.98.134.243
99.86.4.49
000ecbeecc25ac8c187f58ca0f6447ea795277498b9491c89138ce2536f52d32
02b9a34773ec700d23a92657536ca41b37bdd6012f2604ed935ebc25b5cbccd0
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
043979c5580f9b411479ce74f44630b4b3f0d5e7bfedf2d4e08b43f7ae0ec403
045788a4ccd039949f27b30df710d2aa2776b2c19fa516b76af90c142b6bdd57
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058d19e1adfa67a7f51222010ef1367b48e303e1491fec011ac70fac8028569d
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0849561081bbc490033d91e340952e50ca31812abac49fb9dca6f3ae67732237
0aec8afaa57a000c04b3af9ffec9da575f0dd68ddc9bf0e108d6e35ce3b0767d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
10cde3f051ab9eefa8676bee667fd65705c5fcf1d0544f9acffe7caa224d14b9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14b27f6996322cc01899e1645fe0d308e474faab17f1936e1340753110d40eb9
15a1dda7814bd9cc48f83ff558d928c2f8daadffc6e17ef0df2a34012ecfd427
15fb2e29fb82ac82ebe43962d083ae2775e0f456eb63f0bda0a90c2e707f727a
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
169858fc9a82cce2813d9646e062343c44c9164e73a365645f5e2c6639c0ebce
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a767c478d42ae05cb2e51638c0c45c0dd763e10c234b64e772b898498340d82
1b4057de4b7c5c92216c075662a9c785a3bfe1707ed603220cd62dd3e1b386de
1c4dcf3b62662f4aa2a585956c0a77eb845c6bb99dbc5d71263f742286d79c18
1c90f4fa10a90d240c6dcd2d798e6c528ae91f104d232870fb6f1453967a7066
1d6d6a5ac222219d850c5f24bde755fd3c760beb8b47ea855b307f9eaf77ffcd
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
20242c7709ca797605916d52b3e1cc2be26feeab98ba44d18ad975942a98f6f2
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
224d2428e935b85caf4d08d1a9c234464f0a1cde80923751591435cb126e57fa
229e400458da09038771f0974640be7bc3fb91571e41b8c0af3f323d89bfc3a9
23e2409494818d5a7bbcf232f0818db8599da2d9c3c1856572f95ffc7b4b1d2e
2557b9aea41072407e5ae2e9d2c82df882bfccd3a52c3b9befca6206fa483589
27c15c4bdf3913ca3d6199f8dc7b07b4505f7a6426b99e17266c269e7c47e571
280acbfadf0ad58f81668d680d19ca345797f98f0a36f82d4956f3caceee619c
2a7cf5d2b06a94a7a710a1292f81c92f653e2787562c7f5cf4d3ec83ee8ec198
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2cbea3a3ee1ece1c688b8b0f0227d7d107359816d3a240e3d20b5e92baf3cad7
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
301bf90c72cd880946376981a30c087ebfdb02bf1a96780e311b7c48a0ed03a2
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32a6f1ee1e7049f83403ea2fc9f3e2418ba09594b9a2cd34c726440d7a45170a
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
34cd8495dbb387032d2f5a3ee69ff9e12f08bfcd40ab508d8d34ca028848fcf5
366fc36dd0fc6970fc5e90685e15b442563b2775361b3ac91400bd68112f1d74
367e775f24af0e4c27e10da6675c3fe1e434a602b15cee78cf1d5e2c409ce641
36d65338739fc514e64beb4f96cee7da92ae1617ff10a1da27377874f4df9751
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
38df94ec98f3e97f36a6a80b2e58776f9053ffecf8b140f68e83f3f748918063
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b159412c44873b8d07ddac50294bd538e742294318614fa796e89f0d1f7f956
3b3fa76d94428f2455ce3e6e33aa95ee5131c9a7feb8d0ce5fa0160fe9c071b3
3bcc449ec0b64bbaf2c70eb66be608ea1952e10589ba732f28abf34735a388af
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034
3cfff8f06a3958e9a07be1a433dd5093773d814d58ed819104eeb167ed4b0521
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40083197f6c3fad2ef5d99095c72f3a60072e92bdfcd920dd91299f3679027b7
40282ad50f382b7c5cec29f36e637ce4580cada8e828c7bdf67a69a396e34aac
4353657b50f8755a0ca1d61fbba5df31b0ba19c5e783e9025ba82c31ad87ca7d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43db16924f49e69bb2fe8cb0ec449a93fc19551727ac7d19cd95c88b8c9051d6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
465446bded3b57e00e76070634ac2059153700320f2dd3e19a9efc4535d12f1f
465e561fd024b563f4e09afc28040a6b90b9048624f9f9189a45948724632179
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
471a4b3379ecba7450a1c1e57e2871948ff34b063ce00bdd841417223fb6cd1e
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48dc75f6760a4dd75285e76058d028f96823dbdc9bc11114230d1f305e573b2f
4b322062a0e338f2b8e6158d31854350d6022367cff16bcbb2599a97b7ea0713
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287
4fcbd9b339d1bc8b72c3d698a6c4bb856516c41b52a3be330313cb6a51be99df
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86
500973e71008ffeef9857494a0f42ed59960033cb289572a960fe8af73199302
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47
51d0b711a49f4456e76d5f2093c28536e2c87842b87144c99f9def5604f9fef9
51f3359dfda7f7e3bb7ca5440eba096f6b170c38da65853d53fc56bdd65f396a
524e0c22d20f64b524a21605a8d77ef864c837a2c00ba0d0719359d3923e97a5
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5
5369609877c4554928c1f44d1eec8808cb3492a567c1e6dd7bab04cc916b77b3
546c7bd997cbec5d4847243977d5ed9a02aab85f799965f001cb10eb96eba776
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e1bb5ac96493124163d21acdc1a9e620d826d6654f94a9fab30cd8a648c0b3
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd
577bbeb02edadd6a6119ee367adac8fd8b43b40a3763939f1d01e3cb9dd9a9a8
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a
5943b7e2fb4d67cfa3796992ed3bacd3eb9562caace971c147363a3a1357e8e5
5a95d0861fc3b1f3c39e7bc7cd83f6d83e57376d9596ae5a0b070ae1965cec16
5ab75ec469d45ff6e3bd76fa7add45d61ac157fcc186d18ff15299141ce360df
5ac127188e6475f95cf602b5aeacfaf667081820adc57b78e9d46b9cb9149776
5aceb9edcea34bb69cbce4ff713f96f5d62f70bbd4bf5ef766bf058bed0fa21c
5d12cd3e1d3259d3ac614c58cb3d1bfe3cf0a52a7814a29bd4b847e8d4a3e52a
5d2840fc0bf868ec7e60c9e2f14a0f623b865ee0a7f8459fbfb25881709f7838
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086
5e9ffb2321245d977f958671d970ef352f5aeacbe7836d30650ce9b07940f6c8
5fdc8c621a3774aafc2fe3b72cc38e3e87774d6bd39b9017b18ffe6e2bc62cc7
5ff7d19e051580e27bb94b9eee707b290f9de77f14ed26984102db4806aeaae7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6228d4273501c79b8dc6b1fb238bc93ab5e151992b656234a733d9819d334855
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6466c1ac875b1a43bd018a2c74ec4e95f6db7dcc86d282a836881cc6080c07c5
6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073
655b4a3ffc494917a9f6211588414d4945b0dd5960d56959d6764671a467fa99
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
670234fd0ba4e62fadd081d844c5771195b1eb7393db234dae2ef31a67285fe3
6939afaeb559a7dd48bf40e39170c0f5ca2125984aeaca978d9491801f717bb9
697320190e408fd7c001296ec7d590d125411f536e4b861713de851fd3c133ac
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a7cb0658f337f9336a51e5429d5bf42e112f550f4562cedc0ce2053f0b1b9bb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c
6ba6b18016a3600bd92f6763a81f2038329a30106d7ab93d21cf42ca7e596446
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6c5c417da9de9e3b94f1b060d7ef137e4cb26f26e8d157966e7c80c2e9001fe0
6c68f02bdd94a84856cb5c8305dcdf6911bdb78e6f5706323c31c5e1f49cc885
6cee0a1fd26161d05279092178df3d8243672cccf917c870bb113d992d5de5be
6dba6e329dfb9cefab40d65bd87209b0f98f585e82f455bff4ffb75e99573a23
6ef782f41b44533266a3b8f7b34e3f169e0ebc03820a693c6b75920cdf3f3597
6f0b49f3c115547066ff2f01c5c5f2b5b22c48fb08e23251a1a050637f7ad4dd
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
73b4424d2202e9f35bc51ef07a84e4f2ca17e5c73fb20a25869eb92ae379e2b3
742f69d5a3dc576df86c9845acf047bcd745d266f40900c95706badecfafe2e3
7455f093e10ad855982456bdd10cfcd51d0cff859356cec3ffb5c9317b8294ae
75a0cfc3c7df6ee8695cb6802c2f9b349a3580af9870f6b09b8cd5de7538bc74
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309
76d5f6f98ea8a392367e34d8802844da85ebc4a82df1e1b8ae5b97caa0bf401e
7761b03c4623cd32344b4de53a1243b7fd693fe28147b2eea6e27f995a5b82bb
777e307410bee98b008a939a77f05b5d6f15d9087455c09fc900aee9e700e4dd
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
78bcbc9cd7471423240560071de83ce9cc03f92629d5e8a63b8f026de0b80154
79c7df415e687d9ce87fe58806750adc4aac2c67911b0a914559d9e97e6e09da
7dbe438f15151d26d0af8fc4a6a88a185f3599428a6862a1443c207baf500d30
7e8192b8273cf0f846c3c9365b3aa10305dffd49c8b219628b31430db949f230
7eaf9dbd58033051c38ddae4b8ad507e77041c0cb8e1e1f4de31c1f3d430a792
801d6ff0dd3191cc7e44d8060ed2336706e8301bf4478df935f1ef87a82c11de
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b976b4e0138f7b918382760a95c63f0f6cb058ddfa7ab8e3dfcd70bb6caf33c
8bbe9554acdc9fc122c3aad62ead41c1a503320adc8b145e67b1f37de5740db8
8bee87c4a46551bd6bafebe418dae0cef6c347a7f558fea151ad74b3537e4479
8c6af15bb861e35fdcaf08f2d55c3a16222114d36839b21384583ab435f863d1
8c867cb790473babcc0452c4af3d47188e5dc4c5a2757514620c58c68dd3b4e4
8cce178d2af1945d796fb0f59a956e2d51086ed8d5dd8152efc951c05ecf1f6b
8d5243bf693f78b16447afb204d38ba6bc49a664f650f81efb74e88dc39f0566
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ebb4aae391250149e49b55a8896e334feb5984e7311f7b7684234456ad7827f
910c14a940baed90b77f884650b7363bd688a041a76950247bae44bb1845efe4
91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15
92e5d47a946e3e58233d0329913eea936c96817715ee39e9378ad0434a508c6d
932d9349dd8e3af051f89869f3221e46adb88817dcef5de666b3748b8f44a6a7
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
955010c817411105778a738f61a625182690fd098b1d2fa1d48bb766e35c4a41
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c0d30699abac345d40690a79678462b3b5de6b0325aa4f3370cf2ee8954922f
9c304344eff955b3da1e3ab3ffc88dea0fe128903e53895978136eb4f431abfb
9c96c896d339ecd2412561b1cc04a750ddbb798fe446c7d9c7fa1f44cbec81ee
9d5985fb411aa49165043a6b8ce26f5a7d761f7720f318f23f3de173ed8b0e33
9e3035b7f5b0074bf8401e498b2160a29e3f13741f03e537ad98e9a1836a701f
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a021c4118a8ed18c55e33971fc9eba7bdc07a6c07b43f0c9f421577bf5620acd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a544ba2a6e6ed50ee0d444cbe0a498931c388b7b14e310abccb3f53102a497f3
a5699e864468364620dc85d2115515fa6034fdfee047a570daf1fee99ff7990c
a5a37b92573c2c258573cc13cb1b96b59ba0f7d90ffb99bf75c21c5f862c7929
a5e299a85a9b163a13f8922e875d903e3886d98af3007f64e3b106b0fd4486c6
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a786eedcf83a698e8b0db6119c78106b8c8f5bce44ffdae8f65c6b60b3cbf20d
a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336
aa13c715a970ff152c581c582d0d11959260c439601eef5aca942f3b8b79ae9a
ab693e1db4fe4f5679fd145ba46d80db2208ab8c203769471bd04b83a4637f02
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae447c4a73b83bca7650a9732f61d84bb34904956099d0d38185b923e2642020
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b194ec6f02131053688eee2371fecd9165f8687b55e60a850b357f5cbb30fe24
b1a22bca2e94ac819868674685b19dacadb2888e6099876d6e101ccaf2b17993
b1daa0c24e7c3313982f2357d6f94f2b78c902f2d767e78f018917972833a7c3
b2a26b8e354a31328f64279f6a5f4383730f0d26b8ebac44679e26c6f61ea0f7
b395eadc6e2dc23e148b07e9b5b503543f99644fec840ca2dcd6aea912a451cc
b3eac0550b379114427c1361eccd17319ca02132838d4f93b2d39666c2ba53a4
b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00
b442924aef76ddc0e747bd3f8347f1d2201ce1e9931a3f8c9c52c2a759d3941f
b525f27e66476e4c748759921adc9558735824036d2a58c2f44d3e9d74b83d98
b59e0c0d1cf93db01c65f1357aedb1b27cf41998f06af03d1039bb18e83b5f86
b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817
b94a77fa0aa100733aaea38ce611cc70fd81ebf17c1727a8511cb2bde47e2106
b9501fa666cc30a6e0940095ae8b91524fe2fac46af2d25fe67374b6f5b3324f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc87b0146616265001f3921cdb675857bf1cff0a550ed6d4f8334ee37cc638b4
bd213446287693e851042a2e326cfbf2268a0075cd7db0552c9448733c31d4cf
bd769d1da98da1a60dc08258b017b34d6962b92ec431b17df51c69fbfb2c6abf
bd81384f187e42628894eed4bb384acd8209a3980c45c3ab285ac154f28bf9a0
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1
c1e98ebdee48539fa09e0313ee1fc7cf0ddcde82302297349879ff41a02dd13c
c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2e32c476f8c66151541b113edf89560601e02f8b21d559bd1ee880e8337c57d
c2fb25a89c86a2ad66418bffa25454d051deea5ef9871370619c825e89ae1f48
c32897b9d9b3ce785b48420a83c6e5a2c922ed462fd3ed26f966924b8949fd00
c4338434527c2703a0630c6d5561653bc2790abd608cfe5f83fb200ff20bbdc2
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c64b6fb71f957144407fe71635136887344cb90617028f0ebe8ccd33e80ace04
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cabde8d11beb58288140384f920916529a73196edded95774f80415238a7805a
cafc15d62bcd7743712d138cce8f2581fc208ea2653a5bc8c4865933fb0fd8df
cafef9f600456f862855cf007e1c89f0e0a13e73d374b776451bd67bb9829d8f
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cd1e9edd3c829dc764f14e0dfe22e77bce84d68bd39beb88fafda014aedbebfd
cdbdd773bb4c7c16c3033cd972211e3fc35467a7b3ad50353ac34ac3ba187624
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8
cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401
d01ac26c5959ba14ab488f5fbec45d15679a0a81152bef49144200d52b9ae895
d0bba74a201bd1cebfa014fd64725c2331bd4144add34e7e1ceafeffe5a4f537
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d435e892837ce713317bc21f3d70fade5035e92a3edf62d74d50f5e390fa17bd
d57d52edf6a6f67f8d1fa2f0cc58894ffc47bff6348b4860c506164c10de1ee0
d5a36a46f47f4f4a4b3a437e9cdbeeee8524afcdf3c10e1be0db88085443c56a
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790
d685d349bc446d06cf68755fd4dbd95bb51f8913ad08cea281e371aa1fc284eb
d7211c6be77add6e7faa747a59c14d2b3a8fd4bce6cc59a6dac0927df4d07204
d8f67c15ef1136522d80b265ec52d3eea969960885ff6a99d40ccef0e3809c5e
da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88
dccb897ad40ab6f36103b91e65e56d18f50765e7363ac6eb46c320aff7ab6151
dccda823139f751043e07f6ee2bbafb2b3e45c8549b38823f76ff371b389c9dc
dce1ad02d28955863fd3e100c4e00f3f2c2d7557ffc125e376133061a06d1b53
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
dd83d427f5dab59eb3cf8e541cb699a4f12865b43867419727a168661272d987
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6f0465224d3875f51c7a77ecaa748aa72fefe427fa7483cc70e3b209a982e2
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
e0d6d8940e00d99ac6c56c82173f764d9d317e5fa7f1f28394d017940fd925a0
e0e944741fbf2961743a08ffb962054c13adfe0b4055362c648e7c3c4f5e863d
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e80d56f276414fd28ba61bcbd08cb5f16dd75fb62c100e07ab35cb01836baaf3
e8b8ef3f53b9219b6e45674894adf50db4dc1b550fef0ff583eb9b150d81ce3c
e9de6cf1275e2335cae4231d25e6119cd5bb53cfadd831de5cdfc411de862c6b
e9f9e2f8c42fe9cc2ce1871b27d7cf8a0a407048ac80a32f7051ae2dc56fc8ff
eaaa905013593b2f16a20ec416600696eb431faa30a5fb26eddf0fe4003612ab
eac910a34f69515d6a77249c022533c089356172e2706a96a1c65d6603d1bcc8
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebd6431503ff08fd6b81d56355f5353ec0dd4896234b299ece6253ed6b75f752
edeb4a5305dd8d5900fbd71a5bc5015071bdaf62b884b4ff5228bd6d8f39fe69
ee7fafc2f935351d7d3693ca55f003d7cdfb39c0117defeacb43c06f44ce9b36
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a26c725ae51e83c7c2211cdd75d0ea7b7b4d95cd57b3628e93fd5ee2267518
f20aa3c1f32442a08428b3f922e78848c790294e3acb607322a235c1ad7fc9c6
f20c3b723c99eae8cb814bb05254627c34d900eb485d0363bda614ad5b42d648
f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0
f3843eb7f05722457207c69c42503cdc327f8bb20e4a077c5910f7df6316ccb3
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382
fdb3a5f6e3182c980503f12c3b7d7a6cbbf899db34df26816ac905acb58f7cdb
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc