urlscan.io logo urlscan.io
SecurityTrails logo

www.walla.co.il Open in urlscan Pro
13.224.189.38  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://walla.co.il/
Effective URL: https://www.walla.co.il/
Submission: On October 09 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 109 IPs in 13 countries across 88 domains to perform 539 HTTP transactions. The main IP is 13.224.189.38, located in United States and belongs to AMAZON-02, US. The main domain is www.walla.co.il. The Cisco Umbrella rank of the primary domain is 156315.
TLS certificate: Issued by Amazon RSA 2048 M01 on March 27th 2023. Valid for: a year.
This is the only time www.walla.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.32.27.57 16509 (AMAZON-02)
1 1 13.32.27.118 16509 (AMAZON-02)
45 13.224.189.38 16509 (AMAZON-02)
1 12 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 18.66.147.111 16509 (AMAZON-02)
2 2600:9000:205... 16509 (AMAZON-02)
1 205.185.216.42 20446 (STACKPATH...)
44 151.101.193.44 54113 (FASTLY)
2 2606:2800:234... 15133 (EDGECAST)
4 2a00:1450:400... 15169 (GOOGLE)
17 34.160.198.118 15169 (GOOGLE)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2600:9000:224... 16509 (AMAZON-02)
1 52.6.76.142 14618 (AMAZON-AES)
3 2a03:2880:f08... 32934 (FACEBOOK)
4 216.58.212.162 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 9 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
1 104.244.42.136 13414 (TWITTER)
11 23.21.139.150 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 51.77.64.70 16276 (OVH)
1 34.111.199.139 396982 (GOOGLE-CL...)
1 216.239.32.21 ()
1 11 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 34.120.218.58 396982 (GOOGLE-CL...)
2 2001:4860:480... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 54.72.191.61 16509 (AMAZON-02)
1 6 2a02:2638:3::c 44788 (ASN-CRITE...)
2 2a03:2880:f17... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
46 2a00:1450:400... 15169 (GOOGLE)
1 1 2600:9000:211... 16509 (AMAZON-02)
6 15 99.86.4.37 16509 (AMAZON-02)
14 2a00:1450:400... 15169 (GOOGLE)
1 28 2a00:1450:400... 15169 (GOOGLE)
3 23.32.184.192 16625 (AKAMAI-AS)
1 18 104.22.69.131 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a02:2638:d::a 44788 (ASN-CRITE...)
4 8 216.52.2.91 30282 (AS-INAPCD...)
5 2a02:6b8::90 208722 (GLOBAL_DC)
3 4 185.184.8.90 204995 (RTB-HOUSE...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 95.101.149.35 16625 (AKAMAI-AS)
1 185.255.84.151 200271 (IGUANE-)
5 2602:803:c003... 26667 (RUBICONPR...)
4 8 104.18.27.193 13335 (CLOUDFLAR...)
2 7 37.252.173.215 29990 (ASN-APPNEX)
1 3.127.138.223 16509 (AMAZON-02)
8 185.86.138.124 201081 (SMARTADSE...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
5 34.149.20.76 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 7 51.89.9.254 16276 (OVH)
2 35.186.253.211 15169 (GOOGLE)
22 141.226.228.48 200478 (TABOOLA-AS)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.95.69.49 396982 (GOOGLE-CL...)
2 4 162.55.236.224 24940 (HETZNER-AS)
8 8 46.228.174.117 56396 (AMOBEE)
2 2 46.228.164.11 56396 (AMOBEE)
2 2 188.42.191.196 7979 (SERVERS-COM)
3 8.2.110.114 46636 (NATCOWEB)
5 7 37.157.6.243 198622 (ADFORM)
2 2a00:1450:400... 15169 (GOOGLE)
3 3 2a02:2638:3::6 44788 (ASN-CRITE...)
4 4 178.250.1.9 44788 (ASN-CRITE...)
5 7 35.157.211.238 16509 (AMAZON-02)
3 3 2.16.241.18 20940 (AKAMAI-ASN1)
2 18.185.192.135 16509 (AMAZON-02)
1 141.226.224.32 200478 (TABOOLA-AS)
1 2a00:1450:400... 15169 (GOOGLE)
7 35.71.131.137 16509 (AMAZON-02)
2 2 35.186.193.173 15169 (GOOGLE)
15 37 216.58.212.130 15169 (GOOGLE)
3 5 198.47.127.19 3257 (GTT-BACKB...)
1 2 69.173.144.139 26667 (RUBICONPR...)
2 2 35.214.129.161 15169 (GOOGLE)
4 104.18.26.193 13335 (CLOUDFLAR...)
5 34.98.64.218 396982 (GOOGLE-CL...)
1 6 2.16.97.41 16625 (AKAMAI-AS)
2 2a02:2638:d::2 44788 (ASN-CRITE...)
1 2 2620:116:800d... 16509 (AMAZON-02)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
6 142.250.186.162 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 35.204.74.118 396982 (GOOGLE-CL...)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
1 2 151.101.66.49 54113 (FASTLY)
2 98.98.134.242 21859 (ZEN-ECN)
2 2 213.155.156.185 1299 (TWELVE99 ...)
1 178.250.7.13 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
2 95.101.149.233 16625 (AKAMAI-AS)
1 23.35.236.188 16625 (AKAMAI-AS)
1 76.223.111.18 16509 (AMAZON-02)
2 104.18.25.18 13335 (CLOUDFLAR...)
1 67.202.105.24 32748 (STEADFAST)
12 185.64.191.210 62713 (AS-PUBMATIC)
1 2 52.94.223.167 16509 (AMAZON-02)
1 54.217.255.105 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 54.211.118.49 14618 (AMAZON-AES)
1 3.75.62.37 16509 (AMAZON-02)
1 2 52.46.128.147 16509 (AMAZON-02)
1 1 185.89.210.46 29990 (ASN-APPNEX)
2 2 44.205.93.51 14618 (AMAZON-AES)
2 2 13.32.27.113 16509 (AMAZON-02)
1 1 193.0.160.131 54312 (ROCKETFUEL)
1 35.244.174.68 15169 (GOOGLE)
1 1 3.69.181.182 16509 (AMAZON-02)
2 3 185.86.139.103 201081 (SMARTADSE...)
1 198.47.127.20 62713 (AS-PUBMATIC)
1 1 85.114.159.118 ()
2 2 18.192.43.30 ()
1 1 52.5.118.137 ()
5 5 52.50.109.207 ()
1 1 208.93.169.131 ()
1 2606:4700:10:... ()
1 2 77.243.51.122 ()
2 2 141.94.171.214 ()
2 2 54.78.254.47 ()
539 109
1    13.32.27.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-57.fra56.r.cloudfront.net
walla.co.il
1    13.32.27.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-118.fra56.r.cloudfront.net
walla.co.il
45    13.224.189.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-38.fra2.r.cloudfront.net
www.walla.co.il
12    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
5    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    18.66.147.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-111.fra60.r.cloudfront.net
tags.dxmdp.com
2    2600:9000:2057:3600:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.valuad.cloud
44    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
pips.taboola.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
4    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
17    34.160.198.118 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 118.198.160.34.bc.googleusercontent.com
images.wcdn.co.il
2    2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
web-sdk.smartlook.com
2    2600:9000:2240:4400:11:da61:a100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.dxmcdn.com
1    52.6.76.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-76-142.compute-1.amazonaws.com
ping.chartbeat.net
3    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
www.googleadservices.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
12890047.adoric-om.com
9    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a00:1450:4001:810::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
hb-dot-valuad.appspot.com
1    2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
1    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
11    23.21.139.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-139-150.compute-1.amazonaws.com
mabping.chartbeat.net
2    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
1    34.111.199.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.199.111.34.bc.googleusercontent.com
dal.walla.co.il
1    216.239.32.21 (None, )

ASN- ()
tr.dxmcdn.com
11    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
static.adoric.com
1    34.120.218.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.218.120.34.bc.googleusercontent.com
app.adoric-om.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
5    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
5    54.72.191.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-191-61.eu-west-1.compute.amazonaws.com
event.dxmdp.com
6    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
46    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2600:9000:211e:5c00:1a:1d58:31c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-uw2-prod.tsv2.amagi.tv
15    99.86.4.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-37.fra6.r.cloudfront.net
amg01742-walla-wallanews-ono-btlna.amagi.tv
14    2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
28    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
18    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
prebid.smilewanted.com
static.smilewanted.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
8    216.52.2.91 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
5    2a02:6b8::90 (Ulyanovsk, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
bs.yandex.ru
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
creativecdn.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
1    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
5    2602:803:c003:200::45 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
8    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
7    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    3.127.138.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-138-223.eu-central-1.compute.amazonaws.com
tlx.3lift.com
8    185.86.138.124 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    2a02:fa8:8806:13::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
5    34.149.20.76 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
7    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
22    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-trc-events.taboola.com
6    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
1    2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
4    162.55.236.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.236.55.162.clients.your-server.de
sync.richaudience.com
8    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
2    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
3    8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
7    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
c1.adform.net
dmp.adform.net
2    2a00:1450:400c:c00::5e (Brussels, Belgium)

ASN15169 (GOOGLE, US)
csi.gstatic.com
3    2a02:2638:3::6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ssp-sync.criteo.com
4    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
7    35.157.211.238 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-211-238.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    2.16.241.18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-241-18.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    18.185.192.135 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-192-135.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
7    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
cm.ctnsnet.com
37    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
cm.g.doubleclick.net
5    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    35.214.129.161 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 161.129.214.35.bc.googleusercontent.com
csync.loopme.me
4    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
5    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
pixelgroup-d.openx.net
6    2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com
sync.teads.tv
2    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
pubmatic-match.dotomi.com
6    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads4.g.doubleclick.net
3    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
2    2a05:d018:d29:3602:18d0:4fce:99a6:af2f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
2    213.155.156.185 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
12    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    52.94.223.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    54.217.255.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-255-105.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    54.211.118.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-118-49.compute-1.amazonaws.com
a.audrte.com
1    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
2    44.205.93.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-93-51.compute-1.amazonaws.com
i.liadm.com
2    13.32.27.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-113.fra56.r.cloudfront.net
live.rezync.com
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    3.69.181.182 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-181-182.eu-central-1.compute.amazonaws.com
1f2e7.v.fwmrm.net
3    185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
rtb-csync.smartadserver.com
1    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    85.114.159.118 (None, )

ASN- ()
dsp.adfarm1.adition.com
2    18.192.43.30 (None, )

ASN- ()
rtb.mfadsrvr.com
1    52.5.118.137 (None, )

ASN- ()
sync.srv.stackadapt.com
5    52.50.109.207 (None, )

ASN- ()
match.prod.bidr.io
1    208.93.169.131 (None, )

ASN- ()
bh.contextweb.com
1    2606:4700:10::6816:1857 (None, )

ASN- ()
mwzeom.zeotap.com
2    77.243.51.122 (None, )

ASN- ()
uipglob.semasio.net
2    141.94.171.214 (None, )

ASN- ()
pixel.onaudience.com
2    54.78.254.47 (None, )

ASN- ()
loada.exelator.com
Apex Domain
Subdomains		 Transfer
79 googlesyndication.com
d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
1 MB
67 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1126
pm-widget.taboola.com — Cisco Umbrella Rank: 3680
trc.taboola.com — Cisco Umbrella Rank: 680
vidstat.taboola.com — Cisco Umbrella Rank: 3058
trc-events.taboola.com — Cisco Umbrella Rank: 2281
am-trc-events.taboola.com — Cisco Umbrella Rank: 15139
images.taboola.com — Cisco Umbrella Rank: 1964
pips.taboola.com — Cisco Umbrella Rank: 1752
cds.taboola.com — Cisco Umbrella Rank: 2153
742 KB
67 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
pubads.g.doubleclick.net — Cisco Umbrella Rank: 412
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443
398 KB
48 walla.co.il
walla.co.il — Cisco Umbrella Rank: 82234
www.walla.co.il — Cisco Umbrella Rank: 156315
dal.walla.co.il — Cisco Umbrella Rank: 150646
1 MB
22 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 588
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 581
image6.pubmatic.com — Cisco Umbrella Rank: 967
simage2.pubmatic.com — Cisco Umbrella Rank: 959
image2.pubmatic.com — Cisco Umbrella Rank: 1116
simage4.pubmatic.com — Cisco Umbrella Rank: 1354
95 KB
18 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 2991
prebid.smilewanted.com — Cisco Umbrella Rank: 6260
static.smilewanted.com — Cisco Umbrella Rank: 10113
33 KB
17 wcdn.co.il
images.wcdn.co.il — Cisco Umbrella Rank: 99528
374 KB
16 amagi.tv
cdn-uw2-prod.tsv2.amagi.tv — Cisco Umbrella Rank: 61879
amg01742-walla-wallanews-ono-btlna.amagi.tv — Cisco Umbrella Rank: 155239
3 MB
15 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 478
bidder.criteo.com — Cisco Umbrella Rank: 895
ssp-sync.criteo.com — Cisco Umbrella Rank: 1344
dis.criteo.com — Cisco Umbrella Rank: 648
mug.criteo.com — Cisco Umbrella Rank: 2541
11 KB
14 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
598 KB
12 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 570
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
8 KB
12 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2714
1 KB
12 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1445
mabping.chartbeat.net — Cisco Umbrella Rank: 5630
2 KB
11 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1721
sync.smartadserver.com — Cisco Umbrella Rank: 1400
rtb-csync.smartadserver.com
5 KB
11 dxmdp.com
tags.dxmdp.com — Cisco Umbrella Rank: 46747
event.dxmdp.com — Cisco Umbrella Rank: 45696
132 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
acdn.adnxs.com — Cisco Umbrella Rank: 663
secure.adnxs.com — Cisco Umbrella Rank: 542
23 KB
9 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 563
pixel.rubiconproject.com — Cisco Umbrella Rank: 409
eus.rubiconproject.com — Cisco Umbrella Rank: 662
token.rubiconproject.com — Cisco Umbrella Rank: 504
16 KB
8 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 754
3 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
1 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
3 KB
7 adform.net
cm.adform.net — Cisco Umbrella Rank: 1279
c1.adform.net — Cisco Umbrella Rank: 643
dmp.adform.net — Cisco Umbrella Rank: 3616
3 KB
7 openx.net
rtb.openx.net — Cisco Umbrella Rank: 912
us-u.openx.net — Cisco Umbrella Rank: 547
pixelgroup-d.openx.net — Cisco Umbrella Rank: 112800
1 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 913
1 KB
7 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1558
sync.teads.tv — Cisco Umbrella Rank: 1584
1 KB
6 gstatic.com
csi.gstatic.com
www.gstatic.com
fonts.gstatic.com
114 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
353 KB
6 33across.com
ssc.33across.com — Cisco Umbrella Rank: 4057
ssc-cms.33across.com — Cisco Umbrella Rank: 1180
886 B
5 bidr.io
match.prod.bidr.io
3 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 649
2 KB
5 yandex.ru
bs.yandex.ru — Cisco Umbrella Rank: 13295
887 B
5 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 498
fonts.googleapis.com — Cisco Umbrella Rank: 49
359 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 6147
753 B
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
21 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
415 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2979
3 KB
4 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1086
s.amazon-adsystem.com — Cisco Umbrella Rank: 328
3 KB
4 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2114
820 B
4 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7541
creativecdn.com — Cisco Umbrella Rank: 646
1 KB
4 appspot.com
hb-dot-valuad.appspot.com — Cisco Umbrella Rank: 74994
122 B
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 153
20 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 22832
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27465
898 B
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
1 KB
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 620
2 KB
3 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3356
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1343
2 KB
3 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3968
dclk-match.dotomi.com — Cisco Umbrella Rank: 3431
pubmatic-match.dotomi.com
356 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1696
mp.4dex.io — Cisco Umbrella Rank: 2423
26 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
123 KB
3 dxmcdn.com
cf.dxmcdn.com — Cisco Umbrella Rank: 57831
tr.dxmcdn.com
123 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1192
syndication.twitter.com — Cisco Umbrella Rank: 1427
132 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1738
mab.chartbeat.com — Cisco Umbrella Rank: 2811
28 KB
2 exelator.com
loada.exelator.com
2 KB
2 onaudience.com
pixel.onaudience.com
923 B
2 semasio.net
uipglob.semasio.net
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 2003
1 KB
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 617
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 753
cdn.indexww.com — Cisco Umbrella Rank: 1795
2 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5121
647 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 847
374 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 782
800 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 952
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 929
952 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
60 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1165
642 B
2 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 50844
cm.ctnsnet.com — Cisco Umbrella Rank: 5170
946 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 621
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1822
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1024
952 B
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1374
104 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 659
eb2.3lift.com — Cisco Umbrella Rank: 434
683 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
216 B
2 adoric-om.com
12890047.adoric-om.com — Cisco Umbrella Rank: 229141
app.adoric-om.com — Cisco Umbrella Rank: 53462
54 KB
2 smartlook.com
web-sdk.smartlook.com — Cisco Umbrella Rank: 24211
20 KB
1 zeotap.com
mwzeom.zeotap.com
439 B
1 contextweb.com
bh.contextweb.com
663 B
1 stackadapt.com
sync.srv.stackadapt.com
1 KB
1 adition.com
dsp.adfarm1.adition.com
524 B
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 2993
595 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 445
98 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1000
1 KB
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1011
265 B
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 2049
46 KB
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3692
787 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
2 KB
1 adoric.com
static.adoric.com — Cisco Umbrella Rank: 56775
16 KB
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5842
175 B
1 valuad.cloud
cdn.valuad.cloud — Cisco Umbrella Rank: 111730
277 KB
539 88
Domain Requested by
46 pagead2.googlesyndication.com securepubads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
www.googletagservices.com
d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.walla.co.il
45 www.walla.co.il www.walla.co.il
37 cm.g.doubleclick.net 15 redirects d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
googleads.g.doubleclick.net
28 images.taboola.com
28 tpc.googlesyndication.com 1 redirects securepubads.g.doubleclick.net
tpc.googlesyndication.com
d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
www.walla.co.il
21 trc-events.taboola.com cdn.taboola.com
17 images.wcdn.co.il www.walla.co.il
15 amg01742-walla-wallanews-ono-btlna.amagi.tv 6 redirects www.walla.co.il
14 s0.2mdn.net imasdk.googleapis.com
www.walla.co.il
s0.2mdn.net
d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
12 securepubads.g.doubleclick.net 1 redirects www.walla.co.il
securepubads.g.doubleclick.net
www.googletagservices.com
11 csync.smilewanted.com 1 redirects cdn.valuad.cloud
csync.smilewanted.com
11 www.google.com 1 redirects www.walla.co.il
securepubads.g.doubleclick.net
tpc.googlesyndication.com
d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
11 mabping.chartbeat.net www.walla.co.il
9 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
www.googleadservices.com
d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
pagead2.googlesyndication.com
9 cdn.taboola.com www.walla.co.il
cdn.taboola.com
8 simage2.pubmatic.com ads.pubmatic.com
8 prg.smartadserver.com cdn.valuad.cloud
8 ap.lijit.com 4 redirects cdn.valuad.cloud
csync.smilewanted.com
7 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
7 match.adsrvr.org d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
ads.pubmatic.com
ssum-sec.casalemedia.com
7 x.bidswitch.net 5 redirects d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
7 onetag-sys.com 2 redirects cdn.valuad.cloud
csync.smilewanted.com
d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
7 ib.adnxs.com 2 redirects cdn.valuad.cloud
googleads.g.doubleclick.net
acdn.adnxs.com
csync.smilewanted.com
6 googleads4.g.doubleclick.net www.walla.co.il
6 sync.teads.tv 1 redirects googleads.g.doubleclick.net
d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
6 www.googletagservices.com securepubads.g.doubleclick.net
d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
6 gum.criteo.com 1 redirects cdn.taboola.com
static.criteo.net
cdn.valuad.cloud
6 tags.dxmdp.com www.walla.co.il
tags.dxmdp.com
5 match.prod.bidr.io 5 redirects
5 image6.pubmatic.com 3 redirects ads.pubmatic.com
5 sync.1rx.io 5 redirects
5 ssc.33across.com cdn.valuad.cloud
5 fastlane.rubiconproject.com cdn.valuad.cloud
5 prebid.smilewanted.com cdn.valuad.cloud
5 bs.yandex.ru cdn.valuad.cloud
5 event.dxmdp.com tags.dxmdp.com
12890047.adoric-om.com
5 d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 www.google.de www.walla.co.il
5 www.googletagmanager.com www.walla.co.il
www.googletagmanager.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 image2.pubmatic.com ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 us-u.openx.net googleads.g.doubleclick.net
4 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
4 dis.criteo.com 4 redirects
4 sync.richaudience.com 2 redirects csync.smilewanted.com
4 hb-dot-valuad.appspot.com cdn.valuad.cloud
12890047.adoric-om.com
4 www.googleadservices.com www.googletagmanager.com
4 www.google-analytics.com www.walla.co.il
www.google-analytics.com
3 creativecdn.com 3 redirects
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com s0.2mdn.net
3 ads.stickyadstv.com 3 redirects
3 ssp-sync.criteo.com 3 redirects
3 us.ck-ie.com csync.smilewanted.com
3 sync.targeting.unrulymedia.com 3 redirects
3 ads.pubmatic.com cdn.valuad.cloud
ads.pubmatic.com
3 trc.taboola.com cdn.taboola.com
3 connect.facebook.net www.walla.co.il
connect.facebook.net
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 rtb.mfadsrvr.com 2 redirects
2 sync.smartadserver.com 1 redirects csync.smilewanted.com
2 live.rezync.com 2 redirects
2 i.liadm.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 cr.frontend.weborama.fr 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 eus.rubiconproject.com cdn.valuad.cloud
eus.rubiconproject.com
2 d5p.de17a.com 2 redirects
2 pixel-sync.sitescout.com d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 cms.quantserve.com 1 redirects d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
2 static.criteo.net cdn.valuad.cloud
static.criteo.net
2 csync.loopme.me 2 redirects
2 match.sharethrough.com csync.smilewanted.com
2 csi.gstatic.com imasdk.googleapis.com
2 cm.adform.net 1 redirects csync.smilewanted.com
2 ads.betweendigital.com 2 redirects
2 ad.turn.com 2 redirects
2 i.clean.gg cadmus.script.ac
2 static.smilewanted.com csync.smilewanted.com
2 rtb.openx.net cdn.valuad.cloud
d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
2 script.4dex.io cdn.valuad.cloud
12890047.adoric-om.com
2 imasdk.googleapis.com www.walla.co.il
imasdk.googleapis.com
2 www.facebook.com www.walla.co.il
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 cf.dxmcdn.com tags.dxmdp.com
2 web-sdk.smartlook.com www.walla.co.il
web-sdk.smartlook.com
2 platform.twitter.com www.walla.co.il
platform.twitter.com
2 static.chartbeat.com www.walla.co.il
2 walla.co.il 2 redirects
1 pubmatic-match.dotomi.com
1 mwzeom.zeotap.com
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 1f2e7.v.fwmrm.net 1 redirects
1 cm.ctnsnet.com 1 redirects
1 idsync.rlcdn.com ssum-sec.casalemedia.com
1 p.rfihub.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ups.analytics.yahoo.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 token.rubiconproject.com eus.rubiconproject.com
1 ssc-cms.33across.com cdn.valuad.cloud
1 pixelgroup-d.openx.net cdn.valuad.cloud
1 js-sec.indexww.com cdn.valuad.cloud
1 eb2.3lift.com cdn.valuad.cloud
1 acdn.adnxs.com cdn.valuad.cloud
1 mug.criteo.com
1 dclk-match.dotomi.com d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
1 pixel.rubiconproject.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 www.gstatic.com d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 cadmus.script.ac script.4dex.io
1 pubads.g.doubleclick.net imasdk.googleapis.com
1 am-trc-events.taboola.com
1 vidstat.taboola.com cdn.taboola.com
1 mp.4dex.io cdn.valuad.cloud
1 web.hb.ad.cpe.dotomi.com cdn.valuad.cloud
1 tlx.3lift.com cdn.valuad.cloud
1 htlb.casalemedia.com cdn.valuad.cloud
1 hb-api.omnitagjs.com cdn.valuad.cloud
1 a.teads.tv cdn.valuad.cloud
1 hbopenbid.pubmatic.com cdn.valuad.cloud
1 prebid-eu.creativecdn.com cdn.valuad.cloud
1 bidder.criteo.com cdn.valuad.cloud
1 cdn.jsdelivr.net cdn.valuad.cloud
1 cdn-uw2-prod.tsv2.amagi.tv 1 redirects
1 region1.analytics.google.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 app.adoric-om.com 12890047.adoric-om.com
1 static.adoric.com 12890047.adoric-om.com
1 tr.dxmcdn.com cf.dxmcdn.com
1 dal.walla.co.il www.walla.co.il
1 pro.ip-api.com www.walla.co.il
1 syndication.twitter.com platform.twitter.com
1 mab.chartbeat.com static.chartbeat.com
1 12890047.adoric-om.com www.walla.co.il
1 ping.chartbeat.net www.walla.co.il
1 cdn.valuad.cloud www.walla.co.il
539 153
Subject Issuer Validity Valid
*.walla.co.il
Amazon RSA 2048 M01		 2023-03-27 -
2024-04-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
tags.dxmdp.com
Amazon RSA 2048 M02		 2023-01-22 -
2024-02-21		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
valuad.cloud
E1		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
images.wcdn.co.il
R3		 2023-08-30 -
2023-11-28		 3 months crt.sh
1688964705.rsc.cdn77.org
R3		 2023-10-05 -
2024-01-03		 3 months crt.sh
cf.dxmcdn.com
Amazon RSA 2048 M02		 2023-03-27 -
2024-04-24		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-17 -
2023-10-15		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
adoric-om.com
E1		 2023-08-30 -
2023-11-28		 3 months crt.sh
*.appspot.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
dal.walla.co.il
R3		 2023-08-30 -
2023-11-28		 3 months crt.sh
tr.dxmcdn.com
GTS CA 1D4		 2023-09-03 -
2023-12-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
adoric.com
GTS CA 1P5		 2023-09-14 -
2023-12-13		 3 months crt.sh
*.adoric.com
R3		 2023-10-03 -
2024-01-01		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
dxmdp.com
Amazon RSA 2048 M01		 2023-02-09 -
2024-02-16		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-18 -
2024-05-17		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-09-24 -
2024-03-24		 6 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
teads.tv
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2023-08-30 -
2023-11-28		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.amagi.tv
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-13		 a year crt.sh
cadmus.script.ac
E1		 2023-09-02 -
2023-12-01		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2023-09-17 -
2023-12-16		 3 months crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2023-10-08 -
2024-11-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh

This page contains 74 frames:

Primary Page: https://www.walla.co.il/
Frame ID: 8F9AF76544218036B095132335161892
Requests: 254 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.34999e64cd909e9be3bbd826bafcd2c4.html?origin=https%3A%2F%2Fwww.walla.co.il
Frame ID: D1A3D3D5878680BF3449E7D1B92FE7A9
Requests: 2 HTTP requests in this frame

Frame: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Frame ID: 7E443FACC75C67CCB9ABA3C5C559662D
Requests: 20 HTTP requests in this frame

Frame: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0241DF5027AF328F7C06AA2674E7CA75
Requests: 1 HTTP requests in this frame

Frame: https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=&monitoringConfig=%7B%22uuid%22%3A%22bc8a7a32-7d98-4226-8af9-d2a43a8621cc%22%2C%22enabled%22%3Afalse%2C%22verboseMode%22%3A%22ERRORS%22%2C%22sampling%22%3Anull%2C%22observedUserId%22%3Anull%2C%22includeDatabase%22%3Afalse%2C%22includeLocalStorage%22%3Afalse%2C%22includeLoggerState%22%3Afalse%7D
Frame ID: 8EA710864EA9C5D026B01836B1E1FD05
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Frame ID: 81EC16A05EC3176645DE905B515628A2
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 267713CEC8DF07FF8F16A946FAE1F7BF
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssa0wcSqINyiV4ul2puCkkF-tCHW8ZMfGqrIertNmj-Za490aK0rpk7WCWDFl2WYc1ssXwAAD1dCBJmkps0g8DAppFvcFu2p1BUA_xEhneW9Bz_pg6V8ZmSTyaiMidRlQ6qy4PsZNcfDzMzWz5gXkoJ6wTvHTDug_LGHDbbK16GergjTgZFCOIjt_ql131HPf9fLmOmni0dCQSzUZLJXuc8sZMN3Z3JLnxTs41LC9RuHBH7lmKC91RIUd6MJ4QrHDj4tMZ_9q97Tx_wlVdeH4k4paKG_sVkvOu3-BDzYaoVRHNjuMLHwX2gjM4pElbMvPS-ZvKUJLdQX6OY7JS4p3nISBdwIdLn-bTR5e2G0hn3FtH7KKw&sai=AMfl-YQNgvGPjPkEl5DW52JUB5SfrpIxubHczxEm5uJ2sLJuIAFS3_DhtL5-NZSvMvhXDUxTpqkXJLIlHNSdGFtMSwh2u3PegWztnq-W1YO_swi99wiV6SJaMGNT7wvCCy0&sig=Cg0ArKJSzBdfWsbS6nQ8EAE&uach_m=[UACH]&adurl=
Frame ID: 134A5D54D9BEC55F4C8EF4E6608C6BD6
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 035624DC5DA0EB8CFCB1F6B253B5A7B6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C53215FDF76E0F0A6AC2390BACBC8F59
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: C1A401F439D4255C7B7B5F0AD4082257
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 6D95792D7810E120648580C59FB170EC
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 89C63A554314B7A32A7BA625F45C1BAA
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
Frame ID: 354B3212F53B9B1E53A270812BE37F43
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-48b4ce40-3445-43a9-bf60-f7d9a1ccc49e-003
Frame ID: 8074911E5D168705505B2A2DC7778925
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/24aacee7-37a4-521a-a588-3004c0abc6bb
Frame ID: 9144436D521D555928D15B9B84BE95B9
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 30AAFF8D605B76111364D39BBF479734
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Frame ID: 0DD25570F8C63AEEE20AF7F3F59C0218
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/criteo/k-ahr92xEFbZ1EV8Wm5vD8LUUdKfIySg2OCDZF4g
Frame ID: EDC555673F07E02272F3A51DDAB82976
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/5faf2f8c39e7aa43735f5b7def5e7e1?gdpr_consent=&gdpr=0
Frame ID: 2FBA6944D0725FB0784C8606A192F932
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: F4A9AC03DEB7518C9B6BC9D7EEBCA077
Requests: 1 HTTP requests in this frame

Frame: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 63962D0924A3093B86963BECB6AE5F77
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssP4fVq2hzx7uXUD5mgO-sBUQJ_HyPNcbGCFEHQIvLRqMMa3noYu4uBa84155QoPv9GIp6HEk3J7qSwtnQFQxBvzd839FF9JtfS501nGzW5BDOBWJcKOB3q1EPrStcJH4AVLunAA-uWwkm3H7YLhblan3mUsV70yjwRqZJQPoW_C0KUyJfvl-VM0gFPQOa6_zAGzJmZm4WDjLaH_Lvu6SzyGSnVCBtssrtEy3pyIpbyzISjV7xIedRoDI92LPDoWQIUQOlgX_qjLL09YNOO0d4pHR8rNzdHCZft8gdQyXpYWiroz5p3B0xvlK4mtb5lufZjYO_mwXHxJdh3KZJuG67BYf3ZI2Wtok0A2QUuYOUd2A&sai=AMfl-YSGQPsa8l5TVgPrD5_rf5ZbZxSpmylE3QIJqqSlhmnmiaVIXCGJ0shHOlrVLxsx-nIeIgTqtfh-Uc5kTpW6oFpQPW2XPgzJe3oRRXLsHI_q11_WHCRwa19nYo0Zmzc&sig=Cg0ArKJSzLyA7-oWKARjEAE&uach_m=[UACH]&adurl=
Frame ID: 941BDCA6171143BB9E53882A6928F32D
Requests: 8 HTTP requests in this frame

Frame: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 84AE601A6718376958AEA440BE8E4737
Requests: 20 HTTP requests in this frame

Frame: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5746D382FC50AF1CBF23E4ED215144A5
Requests: 20 HTTP requests in this frame

Frame: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B4B8E656267A7148D60BF7A2F886266B
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 38593C1CF7E80542C3BCA6C569757DAB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXs3MQDELzr9K0EGOn2w_QBMAE&v=APEucNUg7yBQ603wiIVf1tRSxarerH0ybhQiDD145RuejEVMTdAx4BIIB0M4ACiFbxGfLEfWO_1I7TKjzGu_7qS0d7m1kubqu_JLBAewrfuhQW2MYbQaupo5Gd7lPxneroV0hymrwKoBewVoBZNPHMCkJfRDNl3xeWskiVJSZHWhBYYOUvN1038
Frame ID: B70CE68DAD3E37DEEAE5B74E33CE4492
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXs3MQDELzr9K0EGOn2w_QBMAE&v=APEucNXExLgaXqx9GRreKPou3og6hWgvwmEne-7zP6japZE63I9eGvAAT5ajmN6Kaot-W0RqIaqk2gKnXGU3k_Yh5Sy2hiyDyoKdW8wKtIXzudqDlgUYSkPmNF3GqfB4cUxrwi9seaqj1JDBlEpEM_wBjI3lz-9mmbFhlHRAdOd1rBHiS5rGQCE
Frame ID: C71F24F370389B4CD0B80B42751AD96B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXs3MQDELzr9K0EGOn2w_QBMAE&v=APEucNViJlQT7MMr5jRUlMsx86yKZsAcZXU-sAUUe-hlm3pOwPMNWYwfXtjNu5rtulZ2XwLhPzCt342S4JKyrIJ794jW3Whkoh95ix7o1YBoMyTv8gs6Nh2yeDfw-iT8g9vMomxR33swiDxhkSum-yXk3UGnb5-JxMoGln6DnSeBdJbuXii2jE8
Frame ID: 844B9A87034C70A96761AF6EB97846AD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B589C94F62D7EB7CD9CF5E8C3BD782E7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6384F6130CDF4E2B7D320BAADFC7901A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 78F074BB93E9DDA83E343BFC80C73E56
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1D4240FFB736B85E9ADAF34B3190143D
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9407729109653520384/index.html?ev=01_250
Frame ID: ACCF1C4747ED05A033D19F411606BBF6
Requests: 6 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9407729109653520384/index.html?ev=01_250
Frame ID: BB5D1A1F87C0F3F713151D4BF709C3B5
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F958258445BA271B9205B4CD4D4C6A01
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9407729109653520384/index.html?ev=01_250
Frame ID: 10927BF4CC7D49F1E7A0DD8BCB565B57
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A9CFEF50F178FD05C8D079BA7E3757AF
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il
Frame ID: 046F862F49B2C9B2B8F8DC3117BCB443
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
Frame ID: FE5A4F2020E57C17E2135A0EF2D80B2F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5E605F1D7F309CF6EA5BD27FEC6BAC81
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13421168
Frame ID: B8357886E675C99115DDE704662954D5
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1696855743213
Frame ID: A15685AEA220362BDC1EEF51AB0F8B55
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4527D05A79715A311DB03E92CD7DE992
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 8D61B3E652EA61F477A2B56A2C9C7927
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 48590AC304D056025C81754212691574
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: D496056270B599410B4CC4F3D7FE2E72
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Frame ID: C1D6497D4B45CD14135B8A706249FC58
Requests: 21 HTTP requests in this frame

Frame: https://pixelgroup-d.openx.net/w/1.0/pd
Frame ID: D3BC31B6218D71165C919FB6A5D65775
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cR0USG9OKr6ykwaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Frame ID: 8FC0D8A9BD93377C93945724E114E065
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 031C682ABB80CE10DCBB02A18A186AA8
Requests: 10 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 24BF735E394689A1BC6E0BAECE369F9F
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3A1A8BDC-E053-41E4-B009-9C4C11F95A04&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 2D7988665ABF4CA50AE6F040130457D6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oUwfXPFPTl66HR5e8U8ACfZIHw66GBtXokEBA4Tt
Frame ID: 3E8C9E4973BBF84AE83B4DABA49FFBE6
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 682ADFCFAAF89A786EE1CA826EA7847B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 18CC5C64B27842C6BA53E3EDD16257C0
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 0E659E00390F130C64E12FA84000E1E5
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: F75B4466FE60AA28FD92C88C42E56FA4
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 24F9993D004BCFD2CB62F920C34364DF
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/240629070848000568
Frame ID: E31E91B43DF9A3D7C36A8483C7FB29D1
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 676D13F2127354EE8FC8C79D197861E3
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 74C98831CCD122F3A05375D0D4260AE7
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/FdCqo5Pf28t0bQwiUnAo?pi=smilewanted
Frame ID: 547E45A747B6EAFF4B6045C88E22FCE1
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=0f1d115b1a7ce9e2d55add1e1c7804a7
Frame ID: B2F70B7D6829E5B268E6A1FA830BFDE6
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 4278265E8F352EF8994BBB8D7CE82F10
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=3A1A8BDC-E053-41E4-B009-9C4C11F95A04&gdpr=0&gdpr_consent=
Frame ID: 62AD3EF6FF4136E464A35388749CB832
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=102295683559728477&gdpr=0&gdpr_consent=
Frame ID: BF2303CBE1C8994C4ADF25D06CCBAE3A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7287939956580743311&gdpr=0&gdpr_consent=
Frame ID: 63DE1E8C50AE5AC1AFAC753F8DE3E6A3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7ec546d4-1c80-4ba7-8cf3-ee4fa20bc9cd&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: FC6AD28D3BE485DC8C79D9C7FCDCB633
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JnR7gpP_UZlFj4vJHde1l1FfBSQ&gdpr=0&gdpr_consent=
Frame ID: 558BFDBFCA50FAD67010AE17EC85F9AF
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 54586C7A70DDC1EE951AD0A9BEFA1D4B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAF3W07KR-4AABhbVJAfrw&gdpr=0&gdpr_consent=
Frame ID: 35B79253644F54092B5CF55FAC23CD09
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 46047110E5914F01B823806C334841AF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

וואלה! חדשות. ספורט. סלבס. אוכל - עדכונים ודיווחים שוטפים

Page URL History Show full URLs

  1. http://walla.co.il/ HTTP 301
    https://walla.co.il/ HTTP 301
    https://www.walla.co.il/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

539
Requests

89 %
HTTPS

34 %
IPv6

88
Domains

153
Subdomains

109
IPs

13
Countries

10246 kB
Transfer

22167 kB
Size

91
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://walla.co.il/ HTTP 301
    https://walla.co.il/ HTTP 301
    https://www.walla.co.il/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 109
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/777956447/?random=1222616621&cv=11&fst=1696855740388&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=866940080.1696855740&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=vPYjZf_UHJaB7_UP28eHgAI&sscte=1&crd=&eitems=ChEI8MmOqQYQgrXl7Muxh6GEARIdANLTtISld7Nptu7EmD0BE306nGVmIrUN0jaOPkc&pscrd=Ek5DaEVJOE1tT3FRWVF1dXltMy0yYS12eTVBUklsQUp0c0ZwYk5NeGtLWkliWEtFc2JLOFVDRGduRVdYQUNHVWhXVXZxRGtBOFd0Y1FObWcaWENoRUk4TW1PcVFZUTlmVDloWWE5NjlqZUFSSXRBTUFZSHlPQUlNWDJRdHI5SnlwNnBqYkk0WWc0RlRhY0xrMDNFTWt6elNrVjVpX01JcWFBSy1MT3lYM2giEwj_opWdgOmBAxWWwLsIHdvjASA HTTP 302
  • https://www.google.com/pagead/1p-conversion/777956447/?random=1222616621&cv=11&fst=1696855740388&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=866940080.1696855740&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE1tT3FRWVF1dXltMy0yYS12eTVBUklsQUp0c0ZwYk5NeGtLWkliWEtFc2JLOFVDRGduRVdYQUNHVWhXVXZxRGtBOFd0Y1FObWcaWENoRUk4TW1PcVFZUTlmVDloWWE5NjlqZUFSSXRBTUFZSHlPQUlNWDJRdHI5SnlwNnBqYkk0WWc0RlRhY0xrMDNFTWt6elNrVjVpX01JcWFBSy1MT3lYM2giEwj_opWdgOmBAxWWwLsIHdvjASA&is_vtc=1&ocp_id=vPYjZf_UHJaB7_UP28eHgAI&cid=CAQSKQDICaaN90X2lMnS61cK_yG5sw9-ttpbQsT9t1OAT_l5Wq-dwuDY9TtB&eitems=ChEI8MmOqQYQgrXl7Muxh6GEARIdANLTtIQWITjo0cuDHVGAPW4Fqr3CZzJcGQiE_AQ&random=3784579776 HTTP 302
  • https://www.google.de/pagead/1p-conversion/777956447/?random=1222616621&cv=11&fst=1696855740388&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=866940080.1696855740&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE1tT3FRWVF1dXltMy0yYS12eTVBUklsQUp0c0ZwYk5NeGtLWkliWEtFc2JLOFVDRGduRVdYQUNHVWhXVXZxRGtBOFd0Y1FObWcaWENoRUk4TW1PcVFZUTlmVDloWWE5NjlqZUFSSXRBTUFZSHlPQUlNWDJRdHI5SnlwNnBqYkk0WWc0RlRhY0xrMDNFTWt6elNrVjVpX01JcWFBSy1MT3lYM2giEwj_opWdgOmBAxWWwLsIHdvjASA&is_vtc=1&ocp_id=vPYjZf_UHJaB7_UP28eHgAI&cid=CAQSKQDICaaN90X2lMnS61cK_yG5sw9-ttpbQsT9t1OAT_l5Wq-dwuDY9TtB&eitems=ChEI8MmOqQYQgrXl7Muxh6GEARIdANLTtIQWITjo0cuDHVGAPW4Fqr3CZzJcGQiE_AQ&random=3784579776&ipr=y
Request Chain 144
  • https://cdn-uw2-prod.tsv2.amagi.tv/linear/amg01742-walla-wallanews-ono/playlist.m3u8 HTTP 302
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
Request Chain 274
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
Request Chain 277
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1696855743776 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7280243439 HTTP 302
  • https://sync.1rx.io/usersync/turn/3522402999126292583?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-48b4ce40-3445-43a9-bf60-f7d9a1ccc49e-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-48b4ce40-3445-43a9-bf60-f7d9a1ccc49e-003 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-48b4ce40-3445-43a9-bf60-f7d9a1ccc49e-003
Request Chain 278
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=8133837807451030747 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/24aacee7-37a4-521a-a588-3004c0abc6bb
Request Chain 284
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230 HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=73&p=230&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fgdprapplies%3d0%26gdpr%3d%26redir%3dhttps%253A%252F%252Fcsync.smilewanted.com%252Fset_partner_userid_get%252Fcriteo%252F%2524%257BCRITEO_USER_ID%257D%26profile%3d230%26uid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue&gdpr=&gdpr_consent=&gpp= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24{CRITEO_USER_ID}&profile=230&uid=0169fda1-4764-4448-91ab-3ac8a4cd0ae6&dised=true&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=qXgoMF9malF0JTJCUSUyQkE0aHhCR0pSTVFWdGwyYVhud0F6bThzcER5aEVZM1Z2M3V2ZjR6YTl2SVRMQU5PTUF3VWVpd1A2Q3JVR3hEMUpZb0VVMUlUQnFNbVAwUCUyQmRkbUxHN2QzNUNKN1JvNWphZ2UycWV6eDFSNENoRWNBWlllSVF5QXN5aEo3MDdvcFgyM3RiaThvb1B5TjhtZXhCMUk2QnBzUDZMJTJGY3FaNXI2eGVMSTdFUHRvOFFjNnVOY2ZOS0dobm14aQ&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-xOAk9hEFbZ1EV8Wm5vD8LUUdKfJKoS4zdJeXsA HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=qXgoMF9malF0JTJCUSUyQkE0aHhCR0pSTVFWdGwyYVhud0F6bThzcER5aEVZM1Z2M3V2ZjR6YTl2SVRMQU5PTUF3VWVpd1A2Q3JVR3hEMUpZb0VVMUlUQnFNbVAwUCUyQmRkbUxHN2QzNUNKN1JvNWphZ2UycWV6eDFSNENoRWNBWlllSVF5QXN5aEo3MDdvcFgyM3RiaThvb1B5TjhtZXhCMUk2QnBzUDZMJTJGY3FaNXI2eGVMSTdFUHRvOFFjNnVOY2ZOS0dobm14aQ&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-xOAk9hEFbZ1EV8Wm5vD8LUUdKfJKoS4zdJeXsA HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-xOAk9hEFbZ1EV8Wm5vD8LUUdKfJKoS4zdJeXsA&gdpr=&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=qXgoMF9malF0JTJCUSUyQkE0aHhCR0pSTVFWdGwyYVhud0F6bThzcER5aEVZM1Z2M3V2ZjR6YTl2SVRMQU5PTUF3VWVpd1A2Q3JVR3hEMUpZb0VVMUlUQnFNbVAwUCUyQmRkbUxHN2QzNUNKN1JvNWphZ2UycWV6eDFSNENoRWNBWlllSVF5QXN5aEo3MDdvcFgyM3RiaThvb1B5TjhtZXhCMUk2QnBzUDZMJTJGY3FaNXI2eGVMSTdFUHRvOFFjNnVOY2ZOS0dobm14aQ&u=7ec546d4-1c80-4ba7-8cf3-ee4fa20bc9cd HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/criteo/k-ahr92xEFbZ1EV8Wm5vD8LUUdKfIySg2OCDZF4g
Request Chain 285
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/5faf2f8c39e7aa43735f5b7def5e7e1?gdpr_consent=&gdpr=0
Request Chain 344
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCEsq2YKhCwCRisAjIIvZdPide9Ts0 HTTP 301
  • https://tpc.googlesyndication.com/simgad/14467163630005689831
Request Chain 346
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPF7ihEQPsSwqkyJbhedw90&google_cver=1&google_push=AXcoOmSl6Su8kHEA-qxoeI-pFOmufz5bIuzqQSO6ke90mdTq6WLfOzyFQZSL0EiM_HyAaUSbtJrx-STIBKEpLJDjLtffMgRnLGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSl6Su8kHEA-qxoeI-pFOmufz5bIuzqQSO6ke90mdTq6WLfOzyFQZSL0EiM_HyAaUSbtJrx-STIBKEpLJDjLtffMgRnLGQ&google_hm=cke6VleuT0m4_4v3l-hUAiQ
Request Chain 347
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEiFSocqm3CEmAiWUNFnLd8&google_cver=1&google_push=AXcoOmS7UcxZzl40S_lNZHBYsKGWMadovWS4JQnun_V5J-xzimDJXCwoosG-BSDMbPY8XjYihzYMifmeoSltFuQK87djDXVoWetx HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEiFSocqm3CEmAiWUNFnLd8&google_cver=1&google_push=AXcoOmS7UcxZzl40S_lNZHBYsKGWMadovWS4JQnun_V5J-xzimDJXCwoosG-BSDMbPY8XjYihzYMifmeoSltFuQK87djDXVoWetx&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OhqL3OBTQeSwCZxMEflaBA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmS7UcxZzl40S_lNZHBYsKGWMadovWS4JQnun_V5J-xzimDJXCwoosG-BSDMbPY8XjYihzYMifmeoSltFuQK87djDXVoWetx
Request Chain 348
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBxY3Ui_olMxX-hL3fYQmGc&google_cver=1&google_push=AXcoOmQj9ohYziwGtLs6r6fhRpNbx40XlLRkcRC1RANc9Ept4OhUs9c-zbweucI2OImZd5DTQ8i3sWhPrhoJ_LAQV_1g8z6a5VvI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5JVzNJUTEtWi0yNzUx&google_push=AXcoOmQj9ohYziwGtLs6r6fhRpNbx40XlLRkcRC1RANc9Ept4OhUs9c-zbweucI2OImZd5DTQ8i3sWhPrhoJ_LAQV_1g8z6a5VvI
Request Chain 349
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKzcOxFMGCPHj8Qt9A5aaOM&google_cver=1&google_push=AXcoOmSkTEQyo9ihN3i3kw-icMVMAtq7ChoRRaFt2NnpFN_b3Pn_8JJMyeRFFRZkDyKi4A6BEID582eYv9XsVE3ghzLQzOMXuSeD HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKzcOxFMGCPHj8Qt9A5aaOM&google_push=AXcoOmSkTEQyo9ihN3i3kw-icMVMAtq7ChoRRaFt2NnpFN_b3Pn_8JJMyeRFFRZkDyKi4A6BEID582eYv9XsVE3ghzLQzOMXuSeD&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKzcOxFMGCPHj8Qt9A5aaOM&google_hm=ZSP2wYm16DuSk1qYHh4kpwAAFCgAAAIB&google_nid=index&google_push=AXcoOmSkTEQyo9ihN3i3kw-icMVMAtq7ChoRRaFt2NnpFN_b3Pn_8JJMyeRFFRZkDyKi4A6BEID582eYv9XsVE3ghzLQzOMXuSeD
Request Chain 350
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEIpeFWh6OVQikVr1HB9tssM&google_cver=1&google_push=AXcoOmQRtnVJQR1vOp0opODNbPFc9IF6ltnmNmPwdmnkOwheNVapEnjaqncAGn_J0pCcfZB4x8ZZ1xLzGLLy37MZjWPRINddN1NZ HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-48b4ce40-3445-43a9-bf60-f7d9a1ccc49e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQRtnVJQR1vOp0opODNbPFc9IF6ltnmNmPwdmnkOwheNVapEnjaqncAGn_J0pCcfZB4x8ZZ1xLzGLLy37MZjWPRINddN1NZ%26google_hm%3DA0i0zkA0RUOpv2D32aHMxJ4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQRtnVJQR1vOp0opODNbPFc9IF6ltnmNmPwdmnkOwheNVapEnjaqncAGn_J0pCcfZB4x8ZZ1xLzGLLy37MZjWPRINddN1NZ&google_hm=A0i0zkA0RUOpv2D32aHMxJ4
Request Chain 351
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEHEznmhBY1cKWbiE0R9jzEM&google_cver=1&google_push=AXcoOmTPjMybR_qGq2l2Nv6rPhDSqNkrbEdqDqWZgsNh2TVYTFkkjzu57VwYjwZhHuGBDg_rQ_DTfK3ICpRzDKTyJRjkR8GdOcTdCA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=c6cbd4af-8eaa-4bc8-ba25-8bb21e07e6e5&google_cver=1&google_gid=CAESEHEznmhBY1cKWbiE0R9jzEM&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTPjMybR_qGq2l2Nv6rPhDSqNkrbEdqDqWZgsNh2TVYTFkkjzu57VwYjwZhHuGBDg_rQ_DTfK3ICpRzDKTyJRjkR8GdOcTdCA&gdpr=${GDPR}
Request Chain 353
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgctLFAWcmKkcGdPQeEkTY&google_cver=1
Request Chain 354
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSP2wYm16DuSk1qYHh4kpwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgctLFAWcmKkcGdPQeEkTY&google_cver=1
Request Chain 355
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECZOLisz8r4N2uyDD8vguyQ&google_cver=1
Request Chain 356
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAyMjk1NjgzNTU5NzI4NDc3
Request Chain 358
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP2OX5P3sXvshjTFKnQ0WRA&google_cver=1
Request Chain 360
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEDyMIOy1X-6vOYEbjevxmeE&google_cver=1
Request Chain 362
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP2OX5P3sXvshjTFKnQ0WRA&google_cver=1
Request Chain 364
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEDyMIOy1X-6vOYEbjevxmeE&google_cver=1
Request Chain 396
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENVb1TjyfQFdQepbsOJ9REU&google_cver=1&google_push=AXcoOmSw6pOa4sH8fhpkp6wjXnDn1ercSytp_wed1-FYvn6CAZ1-yXDN5CQj7bl8CEcsPf06_qfdkXIoGiziAfbEHdCt9yExgTc HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENVb1TjyfQFdQepbsOJ9REU&google_cver=1&google_push=AXcoOmSw6pOa4sH8fhpkp6wjXnDn1ercSytp_wed1-FYvn6CAZ1-yXDN5CQj7bl8CEcsPf06_qfdkXIoGiziAfbEHdCt9yExgTc&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSw6pOa4sH8fhpkp6wjXnDn1ercSytp_wed1-FYvn6CAZ1-yXDN5CQj7bl8CEcsPf06_qfdkXIoGiziAfbEHdCt9yExgTc&google_hm=HdQhpGZHjMyiDuTBR8C0C2Ey
Request Chain 397
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEIpeFWh6OVQikVr1HB9tssM&google_cver=1&google_push=AXcoOmSRrCOQIR3OL7S9BhiejY8KaMCnfJ1_WVfH39sA8ZdIodu6R1Eagbb7cep9rMF9kKcPhAsTkmLmErnh4skZRk77GSuIUWU HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-48b4ce40-3445-43a9-bf60-f7d9a1ccc49e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSRrCOQIR3OL7S9BhiejY8KaMCnfJ1_WVfH39sA8ZdIodu6R1Eagbb7cep9rMF9kKcPhAsTkmLmErnh4skZRk77GSuIUWU%26google_hm%3DA0i0zkA0RUOpv2D32aHMxJ4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSRrCOQIR3OL7S9BhiejY8KaMCnfJ1_WVfH39sA8ZdIodu6R1Eagbb7cep9rMF9kKcPhAsTkmLmErnh4skZRk77GSuIUWU&google_hm=A0i0zkA0RUOpv2D32aHMxJ4
Request Chain 398
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMregYNcyKImyqDyFnGme0k&google_cver=1&google_push=AXcoOmR7vXGGWwxvWma2qAB_9ZoHvaBKBBfpNg7USvAMLYehIg-ZgI-xJdTP-5JcumcX3Kac4hl7dbhtc8MydRKmnB3tN_nqZ4g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR7vXGGWwxvWma2qAB_9ZoHvaBKBBfpNg7USvAMLYehIg-ZgI-xJdTP-5JcumcX3Kac4hl7dbhtc8MydRKmnB3tN_nqZ4g HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 410
  • https://um.simpli.fi/gp_match?google_gid=CAESEBqyiyJo0KDqAnjKmALKHKo&google_cver=1&google_push=AXcoOmRVwEhPK55lXr4Dr0AFXIoWP8Lvv9nB4G-bVVuCax6_agDNarT8buObr_rOuP7-wNv0SVojWvMIhPHEWaroB7p24OjYc6xbGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=ADE3A19A26A14F01A6DEAAC1D7252C03&google_push=AXcoOmRVwEhPK55lXr4Dr0AFXIoWP8Lvv9nB4G-bVVuCax6_agDNarT8buObr_rOuP7-wNv0SVojWvMIhPHEWaroB7p24OjYc6xbGQ
Request Chain 411
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBCEYd-M0zm1xLk8c8muGM4&google_cver=1&google_push=AXcoOmSTErH4DgXQLSH5V9oNxqacDQFWvV0gpvk3lRdTqTbPvUw6tXYwmT1g3Xovwu1TEuSb267hKUI1lbK_neB3tSZGB7VHRNcW2A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSTErH4DgXQLSH5V9oNxqacDQFWvV0gpvk3lRdTqTbPvUw6tXYwmT1g3Xovwu1TEuSb267hKUI1lbK_neB3tSZGB7VHRNcW2A&google_hm=eS1mMDVJRjdKRTJwSG1PU3l3SzV5U2U3d015OVJDSThCUn5B
Request Chain 412
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTWwZQTtx8qWmOqbMyjWaAKL-bh1OtCe1BKcpOfJAh_iLBKQFG8ErR0gjfswmejD3xKF_3ZXrYQKdwx2CcHegpWgx1Cma2CtQ&google_gid=CAESEHcNQGCtOk97grvtQugjTCc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-fwJYRREFbZ1EV8Wm5vD8LUUdKfL5ejfzb1ukhA&google_push=AXcoOmTWwZQTtx8qWmOqbMyjWaAKL-bh1OtCe1BKcpOfJAh_iLBKQFG8ErR0gjfswmejD3xKF_3ZXrYQKdwx2CcHegpWgx1Cma2CtQ
Request Chain 413
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELrk3CA8aW8GdskoHe1y63M&google_cver=1&google_push=AXcoOmRNDzkcU2f63D1giJZUjmwvzk1i0AWoyzo6CoW2IcxE9PUXcfAr-rmbMk1iw8yEAQYWjhr0JdsYBPNCwRTlc8pTZ5agmk7MzA HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELrk3CA8aW8GdskoHe1y63M&google_cver=1&google_push=AXcoOmRNDzkcU2f63D1giJZUjmwvzk1i0AWoyzo6CoW2IcxE9PUXcfAr-rmbMk1iw8yEAQYWjhr0JdsYBPNCwRTlc8pTZ5agmk7MzA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQwNjI5MDcwODQ4MDAwNTY4&google_push=AXcoOmRNDzkcU2f63D1giJZUjmwvzk1i0AWoyzo6CoW2IcxE9PUXcfAr-rmbMk1iw8yEAQYWjhr0JdsYBPNCwRTlc8pTZ5agmk7MzA
Request Chain 415
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENVb1TjyfQFdQepbsOJ9REU&google_cver=1&google_push=AXcoOmQd4FTQ_iHD18va7sHTks_s0_xHaPIkqxx2RuSsRNMkSIfF2sfHPkeinM57-Fp8yeX5o1Fj3MIKExKbu7oQD3_78_bynAl2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQd4FTQ_iHD18va7sHTks_s0_xHaPIkqxx2RuSsRNMkSIfF2sfHPkeinM57-Fp8yeX5o1Fj3MIKExKbu7oQD3_78_bynAl2&google_hm=HdQhpGZHjMyiDuTBR8C0C2Ey
Request Chain 416
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHT9ZdVjlCVb8ARRItx_ZcM&google_cver=1&google_push=AXcoOmSJuZWmJ9gcgBOLIiLk3OFsSee1w2QpoTWmmJ-GfsGpEMeG3KJXRG5ChfvS5XyQ0NRlqmCbv6ea6LOmZoffb6G9vNFbQnXO0g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSJuZWmJ9gcgBOLIiLk3OFsSee1w2QpoTWmmJ-GfsGpEMeG3KJXRG5ChfvS5XyQ0NRlqmCbv6ea6LOmZoffb6G9vNFbQnXO0g HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 423
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKYFs2K3YOUaKvpEk-DKZSk&google_cver=1&google_push=AXcoOmTgyzfm10wNw2b29WtORL-oWc5o-rxKkJsHRh3XOcf4o8AAD1ZlbQktwZfVQidzcwPp4BYjfk1sHNbGlHgWSY7fdlhPhIvq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKYFs2K3YOUaKvpEk-DKZSk&google_push=AXcoOmTgyzfm10wNw2b29WtORL-oWc5o-rxKkJsHRh3XOcf4o8AAD1ZlbQktwZfVQidzcwPp4BYjfk1sHNbGlHgWSY7fdlhPhIvq
Request Chain 426
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEBBXoXhqF5x8_ldrq2pnvVw&google_cver=1&google_push=AXcoOmRqwQn1fAS4i_pgEEhyssBlmf11xfJZXx6IxCXYPKe_fd9v49Mej2jo4knGquL1pRLOXfFTFTRGr2RDwvd0JzwNfsBWscyp HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBBXoXhqF5x8_ldrq2pnvVw&google_cver=1&google_push=AXcoOmRqwQn1fAS4i_pgEEhyssBlmf11xfJZXx6IxCXYPKe_fd9v49Mej2jo4knGquL1pRLOXfFTFTRGr2RDwvd0JzwNfsBWscyp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRqwQn1fAS4i_pgEEhyssBlmf11xfJZXx6IxCXYPKe_fd9v49Mej2jo4knGquL1pRLOXfFTFTRGr2RDwvd0JzwNfsBWscyp
Request Chain 427
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENVb1TjyfQFdQepbsOJ9REU&google_cver=1&google_push=AXcoOmTu5iytKdDjRy2CSWn0aPaOzJuuTEdLC5G_seHbcTbgqsMvdsDTNPep8ZdiP5-4LcKo57OkVAhZkZz4NjqtRaIaBQdbcHOI HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTu5iytKdDjRy2CSWn0aPaOzJuuTEdLC5G_seHbcTbgqsMvdsDTNPep8ZdiP5-4LcKo57OkVAhZkZz4NjqtRaIaBQdbcHOI&google_hm=HdQhpGZHjMyiDuTBR8C0C2Ey
Request Chain 428
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMregYNcyKImyqDyFnGme0k&google_cver=1&google_push=AXcoOmRW5DOENaRekWl1Wv8k-IXwZSLrigQBZd5liV4inIGt7q75lGMtkpgKwbaX8N0OvSRL21x4kJUlNpac5rpkF4UXccTbB0Kt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRW5DOENaRekWl1Wv8k-IXwZSLrigQBZd5liV4inIGt7q75lGMtkpgKwbaX8N0OvSRL21x4kJUlNpac5rpkF4UXccTbB0Kt
Request Chain 437
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=4mLZOHwwazhla3FRd3pwTWlkVncydGg5OTR0a2xRTDV3VHRSR3Fmc1dqMU9qb2ZCT21UUkZwM1pvQjQvczRobjdlWkJ4NmR4Q2xGdGc3Y0J4V2dqTjU4NXFvMlpveDd0dVBQejUvTktZL2EyZ1FlUVpobGRPTnMzSFBLdEVCUGt3bTZoOVhXNjNOK3dvSDVhMFhOM1RESG1aczBacWJUWmpkZU54Sm81RnlWVUN3WWNBdVAxZ0RudmxEdkRmNGRrdTZOUEVudHhWdGV2dEp5K21tN2IvWW5OYjNqcFl0VjBFd0Jaa09hR0Y2SGF4ajhhUWRNUmx4R1FJVmZBbk9rbUtMY3VHL3ZDS2VmUG5sb1pQaldkektZcmtMQT09fA&cppv=2
Request Chain 454
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/beacon/amg01742-walla-wallanews-ono/cb50341f657b60909fd43c60f2b53dff915f3edd062fd12b6fba4cf02c9f4b06c2ffe1bd895bee68429f14ce06533357596cdb51d87818d7af3ae80d611b4226e1c1f664dc9a1517b1de1f3251cb1e632de21e49897e0632feec19038a74f55a0d01e7046b1963dcea47ad6857cc8302957e2d82bdbe306f2c180680585ee2be5da5edf55e4cd06ba5e74e4f882943b6805fc8d549ee9ddd099f419b22f746c8c6f0d8874481d091011e66884061ece6aff8f018e9ab799398fd4e3c8e7c2948072797c9f1db7b4c4ac3de3e8299eeaa77f003cbf34ae9e78e7461ea27a8358565a80cb5e60cddc5521d96204bc6e66c1b5582e4a48ff578041ebae9b6fdd87e7e9ce4133220a3088f73796ac9af887c80b26775168944b1413d41aebe8a6f98dac1cffae06f8937c5d7f1d71f475c6f0d0cbc8fc3f079f626c771a4c2126e090314edd262cd88dd5127710fa8b41e854355e980cbb4d6006d9e3b5b42be34901b247cdc38694be02fd2932823dc755dcb666bbb101ea876d19460b5abd2ee037b92dbc449f026af9602c0f90fac226d0855fda2620a1c1f259ebf3254704ac243e5c1c3ae225a57a2a49b8cb5395230301956039cf1a721cbfca7072956900368300e537df023d966d80c4c7a5eea16c1a30471c54b611aefa93b524d7fd4af958494ddde4ba575b19cab214ef8dca2f91417a9a22c6f8de3f43628f3/640x360_642400?bcn=1&ca=0&cid=VR1354&dur=6.000000&media_type=C&redirect_url=https%3A%2F%2Famg01742-walla-wallanews-ono-btlna.amagi.tv%2FplaylistY_360P_670371.ts&seg_id=670371&user_id=39874fb7-66a2-11ee-9b12-d6bed0cdd3f0 HTTP 307
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_670371.ts
Request Chain 455
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/beacon/amg01742-walla-wallanews-ono/cb50341f657b60909fd43c60f2b53dff915f3edd062fd12b6fba4cf02c9f4b06c2ffe1bd895bee68429f14ce06533357596cdb51d87818d7af3ae80d611b4226e1c1f664dc9a1517b1de1f3251cb1e632de21e49897e0632feec19038a74f55a0d01e7046b1963dcea47ad6857cc8302957e2d82bdbe306f2c180680585ee2be5da5edf55e4cd06ba5e74e4f882943b6805fc8d549ee9ddd099f419b22f746c8c6f0d8874481d091011e66884061ece6aff8f018e9ab799398fd4e3c8e7c2948072797c9f1db7b4c4ac3de3e8299eeaa77f003cbf34ae9e78e7461ea27a8358565a80cb5e60cddc5521d96204bc6e66c1b5582e4a48ff578041ebae9b6fdd87e7e9ce4133220a3088f73796ac9af887c80b26775168944b1413d41aebe8a6f98dac1cffae06f8937c5d7f1d71f475c6f0d0cbc8fc3f079f626c771a4c2126e090314edd262cd88dd5127710fa8b41e854355e980cbb4d6006d9e3b5b42be34901b247cdc38694be02fd2932823dc755dcb666bbb101ea876d19460b5abd2ee037b92dbc449f026af9602c0f90fac226d0855fda2620a1c1f259ebf3254704ac243e5c1c3ae225a57a2a49b8cb5395230301956039cf1a721cbfca7072956900368300e537df023d966d80c4c7a5eea16c1a30471c54b611aefa93b524d7fd4af958494ddde4ba575b19cab214ef8dca2f91417a9a22c6f8de3f43628f3/640x360_642400?bcn=1&ca=0&cid=VR1354&dur=6.000000&media_type=C&redirect_url=https%3A%2F%2Famg01742-walla-wallanews-ono-btlna.amagi.tv%2FplaylistY_360P_670372.ts&seg_id=670372&user_id=39874fb7-66a2-11ee-9b12-d6bed0cdd3f0 HTTP 307
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_670372.ts
Request Chain 456
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/beacon/amg01742-walla-wallanews-ono/cb50341f657b60909fd43c60f2b53dff915f3edd062fd12b6fba4cf02c9f4b06c2ffe1bd895bee68429f14ce06533357596cdb51d87818d7af3ae80d611b4226e1c1f664dc9a1517b1de1f3251cb1e632de21e49897e0632feec19038a74f55a0d01e7046b1963dcea47ad6857cc8302957e2d82bdbe306f2c180680585ee2be5da5edf55e4cd06ba5e74e4f882943b6805fc8d549ee9ddd099f419b22f746c8c6f0d8874481d091011e66884061ece6aff8f018e9ab799398fd4e3c8e7c2948072797c9f1db7b4c4ac3de3e8299eeaa77f003cbf34ae9e78e7461ea27a8358565a80cb5e60cddc5521d96204bc6e66c1b5582e4a48ff578041ebae9b6fdd87e7e9ce4133220a3088f73796ac9af887c80b26775168944b1413d41aebe8a6f98dac1cffae06f8937c5d7f1d71f475c6f0d0cbc8fc3f079f626c771a4c2126e090314edd262cd88dd5127710fa8b41e854355e980cbb4d6006d9e3b5b42be34901b247cdc38694be02fd2932823dc755dcb666bbb101ea876d19460b5abd2ee037b92dbc449f026af9602c0f90fac226d0855fda2620a1c1f259ebf3254704ac243e5c1c3ae225a57a2a49b8cb5395230301956039cf1a721cbfca7072956900368300e537df023d966d80c4c7a5eea16c1a30471c54b611aefa93b524d7fd4af958494ddde4ba575b19cab214ef8dca2f91417a9a22c6f8de3f43628f3/640x360_642400?bcn=1&ca=0&cid=VR1354&dur=6.000000&media_type=C&redirect_url=https%3A%2F%2Famg01742-walla-wallanews-ono-btlna.amagi.tv%2FplaylistY_360P_670373.ts&seg_id=670373&user_id=39874fb7-66a2-11ee-9b12-d6bed0cdd3f0 HTTP 307
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_670373.ts
Request Chain 458
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/beacon/amg01742-walla-wallanews-ono/cb50341f657b60909fd43c60f2b53dff915f3edd062fd12b6fba4cf02c9f4b06c2ffe1bd895bee68429f14ce06533357596cdb51d87818d7af3ae80d611b4226e1c1f664dc9a1517b1de1f3251cb1e632de21e49897e0632feec19038a74f55a0d01e7046b1963dcea47ad6857cc8302957e2d82bdbe306f2c180680585ee2be5da5edf55e4cd06ba5e74e4f882943b6805fc8d549ee9ddd099f419b22f746c8c6f0d8874481d091011e66884061ece6aff8f018e9ab799398fd4e3c8e7c2948072797c9f1db7b4c4ac3de3e8299eeaa77f003cbf34ae9e78e7461ea27a8358565a80cb5e60cddc5521d96204bc6e66c1b5582e4a48ff578041ebae9b6fdd87e7e9ce4133220a3088f73796ac9af887c80b26775168944b1413d41aebe8a6f98dac1cffae06f8937c5d7f1d71f475c6f0d0cbc8fc3f079f626c771a4c2126e090314edd262cd88dd5127710fa8b41e854355e980cbb4d6006d9e3b5b42be34901b247cdc38694be02fd2932823dc755dcb666bbb101ea876d19460b5abd2ee037b92dbc449f026af9602c0f90fac226d0855fda2620a1c1f259ebf3254704ac243e5c1c3ae225a57a2a49b8cb5395230301956039cf1a721cbfca7072956900368300e537df023d966d80c4c7a5eea16c1a30471c54b611aefa93b524d7fd4af958494ddde4ba575b19cab214ef8dca2f91417a9a22c6f8de3f43628f3/640x360_642400?bcn=1&ca=0&cid=VR1354&dur=6.000000&media_type=C&redirect_url=https%3A%2F%2Famg01742-walla-wallanews-ono-btlna.amagi.tv%2FplaylistY_360P_670374.ts&seg_id=670374&user_id=39874fb7-66a2-11ee-9b12-d6bed0cdd3f0 HTTP 307
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_670374.ts
Request Chain 460
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=C9-sAwPYjZY22Lcy99u8PhIah-Ae-1Jetc_rvjJ34EWQQASDRk8MqYJWCgICYB6ABldi1yAPIAQmpAiQmUY76cLQ-4AIAqAMByAPLBKoEtwJP0IheErkAtpc2CSjIA1O-BL0oPHsOIvxMcNJkyLS0aHCsXXHg7bDv4VMzbmc8rIdtsVfYRtkU5mDPviR9l9UzjePQlB-YfQnzNoqyGU76Z7vSnGJrsxNKnGYFdcz_mb_7x6EVJsfzhV8mWdHT5z80OOO1jnXuJgtMG6BRK-IrCBsu2EhbiGZuT1B5jZ3L1ArarOGoHTqaHHgLp6adkeXs3DXBo5WPh7lcBvZRzF1XAdC15r1TT42A3vbwoZjnx7GFeOvvq-fahfdNN5l6zWJsila38yp97sbDxXzZ7QhLOvIDYRcYMEMekOC2phjvQI6wHEwG4KSMLx-zFJDoSfT4JamGWqLPez51TjuZG-cyLCtNj8TJiei9KjOGBDAldIFDehmP8vwQ1jJJ-U-QMEX6l2Sx-SvGE8AEv7exnIYE4AQBiAWCuafIQ5IFBAgEGAGSBQQIBRgEoAYugAfx3OuEAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDfxgvSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgl1aHR0cHM6Ly93d3cuY2Fyd293LmRlLz91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWRpc3BsYXkmdXRtX2NhbXBhaWduPWdvb2dsZV9wZXJmb3JtYW5jZS1tYXhfZ2VuZXJpYyZnY2xzcmM9YXcuZHMmgAoDyAsB4g0TCJTNmJ-A6YEDFcye_QcdBEMIf9gTC9AVAYAXAbIXHgocCAASFHB1Yi03NjI3NjUwMDg2ODk1NTkwGPHmEw&sigh=KYmPcUebGCk&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNp-rn5xVx1zDPxKDum3PtBYrHXHir6KFxsXxdB5_ygu5tolXJgk2du7vuSGIaMBSYV9I3c71_nRgB&template_id=494&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212290115495598837040%22,%22debug_reporting%22:true,%22destination%22:%22https://carwow.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22957180949%22],%224%22:[%2210-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222998234084152821873%22}&andc=true
Request Chain 482
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 483
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3A1A8BDC-E053-41E4-B009-9C4C11F95A04&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3A1A8BDC-E053-41E4-B009-9C4C11F95A04&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 484
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oUwfXPFPTl66HR5e8U8ACfZIHw66GBtXokEBA4Tt
Request Chain 485
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OhqL3OBTQeSwCZxMEflaBA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 487
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1372065627 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3A1A8BDC-E053-41E4-B009-9C4C11F95A04
Request Chain 488
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=3A1A8BDC-E053-41E4-B009-9C4C11F95A04 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YTlmRnhXVGtrRWdUdzZqUnFMSC11VjRhZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=240629070848000568&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 489
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0ExQThCREMtRTA1My00MUU0LUIwMDktOUM0QzExRjk1QTA0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 490
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECSvEljrhL26Gq2_YdFQBAY&google_cver=1
Request Chain 492
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=240629070848000568
Request Chain 496
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSP2wYm16DuSk1qYHh4kpwAAFCgAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSP2wYm16DuSk1qYHh4kpwAAFCgAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 498
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZSP2wYm16DuSk1qYHh4kpwAAFCgAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKzcOxFMGCPHj8Qt9A5aaOM&google_cver=1
Request Chain 499
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=102295683559728477
Request Chain 500
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSP2wYm16DuSk1qYHh4kpwAA%265160 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSP2wYm16DuSk1qYHh4kpwAA%265160&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=FdCqo5Pf28t0bQwiUnAo&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSP2wYm16DuSk1qYHh4kpwAA%265160&tc=1
Request Chain 501
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZSP2wYm16DuSk1qYHh4kpwAA%265160&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZSP2wYm16DuSk1qYHh4kpwAA%265160&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=bec62fdd4bdc464d91e2d67ff94e305f HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=bec62fdd-4bdc-464d-91e2-d67ff94e305f HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=ade059d1-75a9-4683-b160-50f10c785b1f%3A1696855748.7155998&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dade059d1-75a9-4683-b160-50f10c785b1f%253A1696855748.7155998%26_%3D1696855748.7184358&cb=1696855748.718476 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322328894134515&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dade059d1-75a9-4683-b160-50f10c785b1f%253A1696855748.7155998%26_%3D1696855748.7184358 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=ade059d1-75a9-4683-b160-50f10c785b1f%3A1696855748.7155998&_=1696855748.7184358
Request Chain 502
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=7247ba5657ae4f49b8ff8bf797e85402&expiration=1699447748
Request Chain 503
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZSP2wYm16DuSk1qYHh4kpwAAFCgAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=5faf2f8c39e7aa43735f5b7def5e7e1&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZSP2wYm16DuSk1qYHh4kpwAAFCgAAAIB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv1b41_7289066977536757671&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 508
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 510
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/240629070848000568
Request Chain 513
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/FdCqo5Pf28t0bQwiUnAo?pi=smilewanted
Request Chain 514
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=0f1d115b1a7ce9e2d55add1e1c7804a7
Request Chain 515
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 525
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/beacon/amg01742-walla-wallanews-ono/cb50341f657b60909fd43c60f2b53dff915f3edd062fd12b6fba4cf02c9f4b06c2ffe1bd895bee68429f14ce06533357596cdb51d87818d7af3ae80d611b4226e1c1f664dc9a1517b1de1f3251cb1e632de21e49897e0632feec19038a74f55a0d01e7046b1963dcea47ad6857cc8302957e2d82bdbe306f2c180680585ee2be5da5edf55e4cd06ba5e74e4f882943b6805fc8d549ee9ddd099f419b22f746c8c6f0d8874481d091011e66884061ece6aff8f018e9ab799398fd4e3c8e7c2948072797c9f1db7b4c4ac3de3e8299eeaa77f003cbf34ae9e78e7461ea27a8358565a80cb5e60cddc5521d96204bc6e66c1b5582e4a48ff578041ebae9b6fdd87e7e9ce4133220a3088f73796ac9af887c80b26775168944b1413d41aebe8a6f98dac1cffae06f8937c5d7f1d71f475c6f0d0cbc8fc3f079f626c771a4c2126e090314edd262cd88dd5127710fa8b41e854355e980cbb4d6006d9e3b5b42be34901b247cdc38694be02fd2932823dc755dcb666bbb101ea876d19460b5abd2ee037b92dbc449f026af9602c0f90fac226d0855fda2620a1c1f259ebf3254704ac243e5c1c3ae225a57a2a49b8cb5395230301956039cf1a721cbfca7072956900368300e537df023d966d80c4c7a5eea16c1a30471c54b611aefa93b524d7fd4af958494ddde4ba575b19cab214ef8dca2f91417a9a22c6f8de3f43628f3/640x360_642400?bcn=1&ca=0&cid=VR1354&dur=6.000000&media_type=C&redirect_url=https%3A%2F%2Famg01742-walla-wallanews-ono-btlna.amagi.tv%2FplaylistY_360P_670375.ts&seg_id=670375&user_id=39874fb7-66a2-11ee-9b12-d6bed0cdd3f0 HTTP 307
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_670375.ts
Request Chain 526
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/beacon/amg01742-walla-wallanews-ono/cb50341f657b60909fd43c60f2b53dff915f3edd062fd12b6fba4cf02c9f4b06c2ffe1bd895bee68429f14ce06533357596cdb51d87818d7af3ae80d611b4226e1c1f664dc9a1517b1de1f3251cb1e632de21e49897e0632feec19038a74f55a0d01e7046b1963dcea47ad6857cc8302957e2d82bdbe306f2c180680585ee2be5da5edf55e4cd06ba5e74e4f882943b6805fc8d549ee9ddd099f419b22f746c8c6f0d8874481d091011e66884061ece6aff8f018e9ab799398fd4e3c8e7c2948072797c9f1db7b4c4ac3de3e8299eeaa77f003cbf34ae9e78e7461ea27a8358565a80cb5e60cddc5521d96204bc6e66c1b5582e4a48ff578041ebae9b6fdd87e7e9ce4133220a3088f73796ac9af887c80b26775168944b1413d41aebe8a6f98dac1cffae06f8937c5d7f1d71f475c6f0d0cbc8fc3f079f626c771a4c2126e090314edd262cd88dd5127710fa8b41e854355e980cbb4d6006d9e3b5b42be34901b247cdc38694be02fd2932823dc755dcb666bbb101ea876d19460b5abd2ee037b92dbc449f026af9602c0f90fac226d0855fda2620a1c1f259ebf3254704ac243e5c1c3ae225a57a2a49b8cb5395230301956039cf1a721cbfca7072956900368300e537df023d966d80c4c7a5eea16c1a30471c54b611aefa93b524d7fd4af958494ddde4ba575b19cab214ef8dca2f91417a9a22c6f8de3f43628f3/640x360_642400?bcn=1&ca=0&cid=VR1354&dur=6.000000&media_type=C&redirect_url=https%3A%2F%2Famg01742-walla-wallanews-ono-btlna.amagi.tv%2FplaylistY_360P_670376.ts&seg_id=670376&user_id=39874fb7-66a2-11ee-9b12-d6bed0cdd3f0 HTTP 307
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_670376.ts
Request Chain 530
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=102295683559728477&gdpr=0&gdpr_consent=
Request Chain 531
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7287939956580743311&gdpr=0&gdpr_consent=
Request Chain 532
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=7ec546d4-1c80-4ba7-8cf3-ee4fa20bc9cd&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=7ec546d4-1c80-4ba7-8cf3-ee4fa20bc9cd&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=5ff4cd82-5796-4cbb-8352-784981bb1d66&ssp=pubmatic&gdpr=0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7ec546d4-1c80-4ba7-8cf3-ee4fa20bc9cd&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 533
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JnR7gpP_UZlFj4vJHde1l1FfBSQ&gdpr=0&gdpr_consent=
Request Chain 535
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGM1cwN0tSLTRBQUJoYlZKQWZydw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAF3W07KR-4AABhbVJAfrw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAF3W07KR-4AABhbVJAfrw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAF3W07KR-4AABhbVJAfrw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4030770805725241773&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAF3W07KR-4AABhbVJAfrw&gdpr=0&gdpr_consent=
Request Chain 536
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 538
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3A1A8BDC-E053-41E4-B009-9C4C11F95A04&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3A1A8BDC-E053-41E4-B009-9C4C11F95A04&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 539
  • https://pixel.onaudience.com/?partner=214&mapped=3A1A8BDC-E053-41E4-B009-9C4C11F95A04&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=e8da85106aa5adf369847b73e1a4f60f&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 542
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3522402999126292583&gdpr=0&gdpr_consent=&us_privacy=

539 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.walla.co.il/
Redirect Chain
  • http://walla.co.il/
  • https://walla.co.il/
  • https://www.walla.co.il/
559 KB
252 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
ae8c3482d11bec7eff58f62a7e2e9cc39deeba854336ea0e9df67d98ec9776ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=30
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 09 Oct 2023 12:48:59 GMT
etag
W/"8bd60-ug4g1S+zjQQkcfdR44jFJFCaJM4"
server
openresty/1.15.8.3
vary
Accept-Encoding
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
x-amz-cf-id
i1tcveAaMmXHA6FS9XBMB9Oh0FRGxMEuvRVKGaX7hbmsBK2We0rkMA==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-cached
HIT

Redirect headers

age
1694
content-length
0
date
Mon, 09 Oct 2023 12:20:46 GMT
location
https://www.walla.co.il/
server
AmazonS3
via
1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-id
FhP3mcnh6W3xGld7pwfSwPl5-M5-U5zIwhRSvz-U3EZH0O97okFoCA==
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff39b05a330da9795c207ed8e7e3f746055ceded893d8e429a5ac6d98de0ebb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29706
x-xss-protection
0
server
cafe
etag
917 / 19639 / m202310030101 / config-hash: 2030080448169413085
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 09 Oct 2023 12:48:59 GMT
js
www.googletagmanager.com/gtag/ 		203 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11170679829
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f687e3e0750df10cec91d55f97dd986a1d7d323fad0c877c609d90c305739c99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74833
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 09 Oct 2023 12:48:59 GMT
dmp-provider.js
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/ 		211 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-111.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
229e400458da09038771f0974640be7bc3fb91571e41b8c0af3f323d89bfc3a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 10:15:51 GMT
content-encoding
br
via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA60-P4
age
9188
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
K5Re9jIekIYIR2mARxWOEKiXV8_zL5hg_iDcpsJM7R0ExUXrLLbLbA==
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3600:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 16:56:19 GMT
content-encoding
gzip
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 00:37:14 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
71560
etag
W/"649b80ba-5df1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
ir934JW4hYjyk9THAGjwKA5fLUIR5aDat6MH61FTs1A5dk1QKY3i8w==
expires
Mon, 09 Oct 2023 16:56:19 GMT
logo-with-israel-flag.svg
www.walla.co.il/public/assets/logo/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/logo/logo-with-israel-flag.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
38df94ec98f3e97f36a6a80b2e58776f9053ffecf8b140f68e83f3f748918063

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"bee-18b13de5404"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
-FvD_ltU5Ss8GXtQXqsI51T5mDLRE4va9iD0UGaLSNsK1QnVfAe-eg==
x-cached
HIT
icon-weather-mobile.svg
www.walla.co.il/public/assets/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-weather-mobile.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263612
etag
W/"7ee-18afef67d7e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
23-BeuLO-RSdARPifoDIv-W9JWJC3WRf2jottibJec0qF2Qr1uwM0w==
x-cached
MISS
icon-mail-no-bg.svg
www.walla.co.il/public/assets/homepage2/ 		464 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-mail-no-bg.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263612
etag
W/"1d0-18afef67d77"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
464
x-cached
MISS
x-amz-cf-id
mkhq0InT9R64aPjo2JiyfyMiZ5-xXy1RW4Q2i8dBnJ_Zp9c_fq-n8g==
wallacoil-prod.js
cdn.valuad.cloud/hb/ 		1011 KB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
26318d88d486abac38f9e0d2051f727b555d5b339368f135349e6f4e2f594c7b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Thu, 05 Oct 2023 10:08:41 GMT
x-amz-request-id
tx00000000000000a804714-006522b0ea-3b78b790-fra1a
etag
"f36b261da0ccc83e3b7166adea7d580f"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1696855739.dop153.fr8.t,1696855739.cds225.fr8.hn,1696855739.cds338.fr8.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
282996
loader.js
cdn.taboola.com/libtrc/wallail-walla/ 		892 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce938204a8843c5524466f1c76831f9266f54ede2fbaf1d703374f50a45a4a18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
cTiw5C.cldyaRkrhyvCsO2K2jAmaR2fQ
content-encoding
gzip
via
1.1 varnish
date
Mon, 09 Oct 2023 12:48:59 GMT
x-amz-request-id
EQ7157WZZ65K55QD
age
2721
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
69679
x-amz-id-2
rL6eqXgfc1Db3QOYyIjLyanSrqMIhCT4gYYpJmGGSw7M+41jQlVuLkz7+BYzGXdrExvh1S9xbsQ=
x-served-by
cache-fra-eddf8230061-FRA
last-modified
Mon, 09 Oct 2023 12:03:39 GMT
server
AmazonS3
x-timer
S1696855740.750262,VS0,VE0
etag
"094821c8365c54738ea8fb5540d686c4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
61
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
56
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668A) /
Resource Hash
d914e564ecf0f0620ab21ce0365beb2901287fa5802d69f3f0fb5cfae2a8bad7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Mon, 09 Oct 2023 12:48:59 GMT
Content-Encoding
gzip
Age
1401
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27595
Last-Modified
Wed, 04 Oct 2023 22:07:43 GMT
Server
ECS (frb/668A)
Etag
"27ff44f80811006c28f51333efa93f56+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
gtm.js
www.googletagmanager.com/ 		491 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2475efef46b7613b6b5091754d56b3260ac77a17197fbe545a4fcb3a2a0fba0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111049
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 09 Oct 2023 12:48:59 GMT
gtm.js
www.googletagmanager.com/ 		418 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
781492fe72ae0b0a0f15647d57d43309ec8aa99145ed208106a4943ff105e5d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83032
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 09 Oct 2023 12:48:59 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 09 Oct 2023 11:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3557
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 09 Oct 2023 13:49:42 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:3600:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 17:21:51 GMT
content-encoding
gzip
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 00:45:38 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
70028
etag
W/"64d2e1b2-94a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
xzTX6QoWwBdHATtnzuGzyzPG4Z995vG7X10o8jsxrXrQU8rhGbgsIQ==
expires
Mon, 09 Oct 2023 17:21:51 GMT
allay-icon.svg
www.walla.co.il/public/assets/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/allay-icon.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263612
etag
W/"c00-18afef67d7d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
yqdR09ecu1KykLJ5ww_MYJIneWO9yFhlEvhwEAj4wgf4APLyOmM1Tw==
x-cached
MISS
tiktok.svg
www.walla.co.il/public/assets/navigation/ 		628 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/navigation/tiktok.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
40083197f6c3fad2ef5d99095c72f3a60072e92bdfcd920dd91299f3679027b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263612
etag
W/"274-18afef67d88"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
628
x-cached
MISS
x-amz-cf-id
9m9ztAe6M6uwN_OLX1-P4lmXSwleereLW7MPnX9BQ4SZaKXLQ7_oUg==
insta.svg
www.walla.co.il/public/assets/navigation/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/navigation/insta.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
23e2409494818d5a7bbcf232f0818db8599da2d9c3c1856572f95ffc7b4b1d2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263612
etag
W/"79e-18afef67d88"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
S0kU2F_YJspFKnqXqgW42BTVRjuHAMD2ODq3Wm7H6rchWApb6fAQWg==
x-cached
MISS
twitter.svg
www.walla.co.il/public/assets/navigation/ 		1004 B
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/navigation/twitter.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
d685d349bc446d06cf68755fd4dbd95bb51f8913ad08cea281e371aa1fc284eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"3ec-18b13de5407"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
ldRojL-ouNG18TELOgQ3aGJVSsrgSR1YcjZZBrDLo54XJBJ7DFLbfg==
x-cached
MISS
facebook.svg
www.walla.co.il/public/assets/navigation/ 		471 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/navigation/facebook.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5d2840fc0bf868ec7e60c9e2f14a0f623b865ee0a7f8459fbfb25881709f7838

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263612
etag
W/"1d7-18afef67d88"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
471
x-cached
MISS
x-amz-cf-id
E1CiEJqdmQjD2esZpdXoUQC2I48dNlGx9mkRIvq0_ysOPoUaUYk5xw==
3611746-46.png
images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/3/6/1/1/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/3/6/1/1/3611746-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
e2bcacb9cb98bb24cffe93b912444a08931eb9e8ad25f7d7e51b1ca5402e974c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:38:18 GMT
via
1.1 google
age
641
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17872
3602381-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/6/0/2/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/6/0/2/3602381-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
cb83104a5fa0331abe1dc6736659956bae6a6e16dc5927a381a1de3f7ad98a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 06:33:18 GMT
via
1.1 google
age
22541
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19318
3580163-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/8/0/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/8/0/3580163-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
ee7fafc2f935351d7d3693ca55f003d7cdfb39c0117defeacb43c06f44ce9b36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 14:46:04 GMT
via
1.1 google
age
79375
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5698
invalid-name2.svg
www.walla.co.il/public/assets/shivuki/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/shivuki/invalid-name2.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"834-18b13de5411"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
1Qo141zzoEzfhMni631I4KgTXOzw0QsFwMwR77tbKIxABXlOCZ7iGQ==
x-cached
MISS
3582998-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/8/2/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/8/2/3582998-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
26f431af7024210d31fca970d3ee633c8beab47d56e4a0fb17d832e0615c9cab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 05:46:53 GMT
via
1.1 google
age
25326
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6324
logo_walla+.png
www.walla.co.il/public/assets/homepage2/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/logo_walla+.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
301bf90c72cd880946376981a30c087ebfdb02bf1a96780e311b7c48a0ed03a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263612
etag
W/"26ba-18afef67d77"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
9914
x-cached
MISS
x-amz-cf-id
G223bA58dfjSjdWATKm5lgzIczQFa65C828sndOFTYQNEoBVKa8qQA==
google.gif
www.walla.co.il/public/assets/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/google.gif
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263612
etag
W/"5b6-18afef67d7d"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1462
x-cached
MISS
x-amz-cf-id
D7wr-1Fk3qjBXwjzeQz5mtEWNg4h84IeIJQ4hk1xJ2LHE_gB7xL0-Q==
icon-serch.svg
www.walla.co.il/public/assets/homepage2/ 		743 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-serch.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"2e7-18b13de53f6"
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
743
x-cached
MISS
x-amz-cf-id
DjWPMIPdVixFSOMDtHY0j-NOa_yO-GzHEvaVYtOPwK3ahBOh_BlW3Q==
icon-5-g.svg
www.walla.co.il/public/assets/icons/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-5-g.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
9e3035b7f5b0074bf8401e498b2160a29e3f13741f03e537ad98e9a1836a701f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263612
etag
W/"b30-18afef67d7e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
INoK8i91mp81N9qUqu73aAee3S3jMH_gfnU2SoyJ-viokOmiZPvDeQ==
x-cached
MISS
icon-wather.svg
www.walla.co.il/public/assets/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/icon-wather.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"85c-18b13de53fd"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
S23qyK_eFgCbQANL2XFlRcMfOTnw5UrWX1qocZTw556aET3oosEa1Q==
x-cached
MISS
icon-mail-empty.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-mail-empty.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263612
etag
W/"5f6-18afef67d77"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
zU1SF0NfFzUFFzuewWI5JqtaV2Wv5VBneO5ol3EZ9EeviA7Bb9VD8Q==
x-cached
MISS
video@2x.webp
www.walla.co.il/public/assets/icons/homepage3/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/homepage3/video@2x.webp
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
1c4dcf3b62662f4aa2a585956c0a77eb845c6bb99dbc5d71263f742286d79c18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263612
etag
W/"74c-18afef67d7e"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1868
x-cached
MISS
x-amz-cf-id
YYOdb4KLT-opSWpQdHnR1rdMHDfSSjnJU0NEX6vroT0YqKgL3o895A==
almoni-neue-aaa-600.woff
www.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263612
etag
W/"e954-18afef67dac"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59732
x-cached
MISS
x-amz-cf-id
gnIoiUwlgzYjWpRuN2wd74tLNQnPUkqiC3fF_5VVxR_3UfEp33-eZw==
almoni-neue-aaa-700.woff
www.walla.co.il/public/font/almoni/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-700.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263612
etag
W/"ea00-18afef67dac"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59904
x-cached
MISS
x-amz-cf-id
fkIPp7pxrhSh38JNoi0JFtMUODnavxfOpCFSWwv9v-929Q9vVmdrhw==
almoni-neue-aaa-400.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-400.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"e770-18b13de5426"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59248
x-cached
MISS
x-amz-cf-id
kyoxmGTvrxlcAVsgjqRBIs4OpzyNyykzDoS8l23QJoaLOwVz14kSFg==
almoni-neue-aaa-500.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"e7c0-18b13de5427"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59328
x-cached
MISS
x-amz-cf-id
P90K163vjhCUisM37MTwgv_A7oS3wssmHsqnEqiiReOcCkNQYw_Nag==
3125231-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/1/2/5/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/1/2/5/3125231-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
2f9dacf0a2ff7b38244d273910d5bdbf00048ec13daa199ebb7ce53d56315007

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:47:58 GMT
via
1.1 google
age
14461
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4354
3598564-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/9/8/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/9/8/3598564-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
7455f093e10ad855982456bdd10cfcd51d0cff859356cec3ffb5c9317b8294ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 17:26:37 GMT
via
1.1 google
age
69742
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9944
3607177-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/6/0/7/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/6/0/7/3607177-46.jpeg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
a3b23c1b85f6e4a797e4a6098cb721285753bd1e6105a341d70d86755d147855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 22:09:55 GMT
via
1.1 google
age
52744
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13360
winner_logo.webp
www.walla.co.il/public/assets/sport/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/sport/winner_logo.webp
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5ac127188e6475f95cf602b5aeacfaf667081820adc57b78e9d46b9cb9149776

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:00 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"1a56-18b13de5413"
x-cache
Miss from cloudfront
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
6742
x-cached
MISS
x-amz-cf-id
DuMEE-imqFa08GXkiVx9AdEad2TBR7V2JfUaZwboIzeWNmOf4t4gyQ==
wallaicons.woff
www.walla.co.il/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"3bdc-18b13de5429"
x-cache
Miss from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15324
x-cached
MISS
x-amz-cf-id
uz1dHaLAGq-W0AvNvoKLvAqYBVZmVlqXBo_KGdnn1RTNCn25KjeBew==
6950_1ee1e84a2c2bf62f2adf_1ee1e84a2c2bf62f2adf_walla.js
www.walla.co.il/public/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/6950_1ee1e84a2c2bf62f2adf_1ee1e84a2c2bf62f2adf_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
f20aa3c1f32442a08428b3f922e78848c790294e3acb607322a235c1ad7fc9c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:00 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"248c-18b13de53e0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
h90mFt8TYMvgut6-vBC2v4_h5Msc5S3JSaoEEAFa17gD-3X2QfUo0Q==
x-cached
MISS
3059_03df53f5db8a294322fb_03df53f5db8a294322fb_walla.js
www.walla.co.il/public/ 		313 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/3059_03df53f5db8a294322fb_03df53f5db8a294322fb_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
da8356ea10c3ccaa5f0c89a0acfab206a79856452f5d67b22a088d90248d3877

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263612
etag
W/"4e534-18afef67d5f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
QEo_kXGBWVo5ZxGjou0zZHaTimC-h0SZbOc4UXEWDxahyNQhAO7Aag==
x-cached
MISS
main_3de75b32272a42ddfa3c_3de75b32272a42ddfa3c_walla.js
www.walla.co.il/public/ 		999 KB
234 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/main_3de75b32272a42ddfa3c_3de75b32272a42ddfa3c_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
a97cc502f748b97196cdb2e6c0431c5763654ea22d4fa44e18ceccd8a4c3785b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:00 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"f9c37-18b13de542c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
e_B3t3vZf-qTgboN8AlcA1hh_2PXZysHQI7A-31YaQN0HuZntO2Q5A==
x-cached
HIT
9561_a6cb45b79e6001ccc514_a6cb45b79e6001ccc514_walla.js
www.walla.co.il/public/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/9561_a6cb45b79e6001ccc514_a6cb45b79e6001ccc514_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
801d6ff0dd3191cc7e44d8060ed2336706e8301bf4478df935f1ef87a82c11de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263612
etag
W/"6b6b-18afef67d61"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
_EFl9DReZZQoReA0fy2JgLIjB-EymxpcJYYLGrSMi4Sq4odDiOC3Hw==
x-cached
MISS
homepage_1ff03ced9a895ee6b487_1ff03ced9a895ee6b487_walla.js
www.walla.co.il/public/ 		219 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/homepage_1ff03ced9a895ee6b487_1ff03ced9a895ee6b487_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
134e8c304f3fa0a6bb741b085624f496d9d697da80836f8b9ed65c412a2f8efb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:00 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"36a0c-18b13de542b"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
IyP1BTJNeeNsKZE1roXyt9BNwRAeRaoADQB6k_XWHgil6VFspnRshw==
x-cached
HIT
recorder.js
web-sdk.smartlook.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/recorder.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
48c0c57a2ff350ffc914dc5b5724d8f7df76a8345fd089398d353a0b6979a149
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 09 Oct 2023 12:49:00 GMT
strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
377
x-accel-date
1696855363
x-77-nzt
AZySIYg3Nzf/eQEAAA
x-accel-expires
@1696855963
x-77-age
377
last-modified
Thu, 05 Oct 2023 13:53:37 GMT
server
CDN77-Turbo
etag
W/"651ebfe1-10f6"
x-77-nzt-ray
f6587a1d285751adbcf62365600dba00
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
PRE
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/PRE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-111.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
1800
age
3608
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Mon, 09 Oct 2023 11:48:52 GMT
server
nginx/1.20.0
vary
Origin
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-cf-id
9M4VgY9sk_M_m8WE61RayrFC_vNupRK8ybhLYsso3eAGcas-Qm1a4Q==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
survey.js
cf.dxmcdn.com/dta/ 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/survey.js
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:4400:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd769d1da98da1a60dc08258b017b34d6962b92ec431b17df51c69fbfb2c6abf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 04:29:12 GMT
x-amz-version-id
YtNR9erNG.NoRBEcRdBoVE4OGMJQuym3
content-encoding
br
last-modified
Wed, 27 Sep 2023 11:46:39 GMT
server
AmazonS3
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
etag
W/"b034abfcfb6819eabeb9878dfce0a78a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
age
29989
x-amz-cf-id
fgYccnlAi9pZVX60iF4GlbAQ4pMGw8UNW3nXjhQDB8AyQG4POkO1tg==
PRE
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ 		0
320 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/PRE
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-111.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/javascript

Response headers

date
Mon, 09 Oct 2023 11:48:46 GMT
via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA60-P4
age
3614
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
LHIwDe2BVdMiOx_wF4FWpadX8FcwEwKvIUpwz0hCLZP66jjO-9OrLQ==
POST
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ 		0
319 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/POST
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-111.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/javascript

Response headers

date
Mon, 09 Oct 2023 11:48:46 GMT
via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA60-P4
age
3614
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
yw2hOFEFTT3ccJq3eLzM1GPrA1G1u6G--XohWmP4XeEquACI1hD2Vg==
POST
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/POST
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-111.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
1800
age
3608
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Mon, 09 Oct 2023 11:48:52 GMT
server
nginx/1.20.0
vary
Origin
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-cf-id
e0jYX-ISIcGsgJJ445JVcvX2N69dWoJnJLqDXQzxbieVblWO7aZ0ig==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=walla.co.il&p=%2F&u=BaJ0hKBGXbD2du34P&d=walla.co.il&g=20047&g0=%D7%95%D7%95%D7%90%D7%9C%D7%94&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11020&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.walla.co.il%2F&b=829&t=DfqWgUD63Hx0BOwvomzSk6pDUx8Ij&V=141&i=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&tz=-120&sn=1&sv=C-iF7_DFzNHv87bdx67rP8pDWe3&sd=1&im=067b2fff&_
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.76.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-76-142.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:00 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
widget_iframe.34999e64cd909e9be3bbd826bafcd2c4.html
platform.twitter.com/widgets/ Frame D1A3 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.34999e64cd909e9be3bbd826bafcd2c4.html?origin=https%3A%2F%2Fwww.walla.co.il
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668A) /
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
136562
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Mon, 09 Oct 2023 12:49:00 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Wed, 04 Oct 2023 21:58:35 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/668A)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
fbevents.js
connect.facebook.net/en_US/ 		198 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 09 Oct 2023 12:49:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53356
x-xss-protection
0
pragma
public
x-fb-debug
UdKRmCTRieZJ4x3sFQ0wBFezSsIiQiBlC7LTUQ1lxcnln2iss0ktaeBcZwO59IXEYBXbrZD1u+6BwcVjRJPu9A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=454211236&t=pageview&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAACAAI~&jid=1777554352&gjid=672246198&cid=1859869165.1696855740&tid=UA-4780630-1&_gid=606652621.1696855740&_r=1&_slc=1&gtm=45He3a40n71T728TH&cd1=&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=0&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&cd117=&cd118=&cd119=&cd120=&cd121=&cd122=gtm.js&cd123=https%3A%2F%2Fwww.walla.co.il%2F&cd124=&z=198355164
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/777956447/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/777956447/?random=1696855740388&cv=11&fst=1696855740388&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&bttype=purchase&auid=866940080.1696855740&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
bdca4c018fb20efa8d1364cf4717d574dbb3833af43e68e4d09c328fbfdc88f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1670
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion.js
www.googleadservices.com/pagead/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
9d4e281396b31c49f11066c0b5b6b4df80952f7d9cbe8debd41777e06ddab070
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18630
x-xss-protection
0
server
cafe
etag
7951265875426957259
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 09 Oct 2023 12:49:00 GMT
adoric.js
12890047.adoric-om.com/ 		194 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://12890047.adoric-om.com/adoric.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7e2fbc7de982f503e7260215071ba4137098ac7f2c32655a1ea59e9dec18089
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
via
1.1 google
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
895
x-dns-prefetch-control
off
content-range
bytes 50-10000/*
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-adoric-api-version
9.1.0
server
cloudflare
etag
W/"306f2-9CYdnBzPfOdeDxtg9L+WyF/1La0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
movetogcp2020.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjttXjnGpD9f3yLCGKIwBg6Kf4gQXGzsk58Onkm%2BdwJRdmYZZcJAjdFXUfUVjen6t5gQS1ouZjESG99HHbN4%2FXGjCv4%2BnNbfGnGAVUDOvsGBfn6vcPegH0YHKIzSeoybLwUovG1W%2FqbBYFGg52PPRDX6agM7"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
access-control-allow-credentials
*
vary
Accept-Encoding
cf-ray
8136bdb9fdbd1c28-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
js
www.googletagmanager.com/gtag/ 		217 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b3c6e9b093e1de11e5aedf3eff96d11e3378419ca3fc1b997241f151618597a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79176
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 09 Oct 2023 12:49:00 GMT
js
www.googletagmanager.com/gtag/ 		202 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TSQY5YTYZ0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f303b62315db68bdc95bac54c8e716a8dbb011122c3018fd70dde1fc0317b875
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75571
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 09 Oct 2023 12:49:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11170679829/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11170679829/?random=1696855740440&cv=11&fst=1696855740440&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&auid=866940080.1696855740&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11170679829
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53dfbcd0f8210d6934618a336f5e00049f4595f7dba0743f8477a3804dea5ce6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/ 		419 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ab1e5ef8baed1d906b9e8ea4126ad958556881a46150cd6712ad5ebc40f4e46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 11:52:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
3387
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134829
x-xss-protection
0
server
cafe
etag
3697166202567710199
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 08 Oct 2024 11:52:33 GMT
init
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 09 Oct 2023 12:49:00 GMT
server
Google Frontend
x-cloud-trace-context
163b8b788e63377890f1b19a032adb81
x-request-id
undefined
init
hb-dot-valuad.appspot.com/ 		38 B
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
x-request-id
11ce0ae2-b942-40fe-82c9-a03486b31bc8
x-vad-version
0.14.16

Response headers

date
Mon, 09 Oct 2023 12:49:00 GMT
content-encoding
gzip
server
Google Frontend
etag
W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
99d3f9ebbbe6f9acafd8a30dd3a6c7c2
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64
x-request-id
undefined
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=walla.co.il&domain=walla.co.il&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d9424633cf5a3fdbc122c8c300f196d1fdc57bb0459979f5f4abd9cf404716b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits
2
date
Mon, 09 Oct 2023 12:49:00 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
15
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2468
x-served-by
cache-fra-eddf8230116-FRA
x-timer
S1696855741.614491,VS0,VE0
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sat, 07 Oct 2023 12:48:45 GMT
settings
syndication.twitter.com/ Frame D1A3 		869 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=333d272d4a1f348cff7c73c57958ba96b98aa60e
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.34999e64cd909e9be3bbd826bafcd2c4.html?origin=https%3A%2F%2Fwww.walla.co.il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-response-time
116
date
Mon, 09 Oct 2023 12:49:00 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Mon, 09 Oct 2023 12:49:00 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
85dd7804c7265a02
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
e8d3004b136ec9ecdc972796a13da8dec5956df80852a234581bf4d3d7860e2b
content-length
337
mab
mabping.chartbeat.net/ping/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BaJ0hKBGXbD2du34P&c=0.01&V=141&x=XRdMNqB7rWO3C&v=A&ml=m&sl=C4glo2&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.139.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-139-150.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:00 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BaJ0hKBGXbD2du34P&c=0.01&V=141&x=6rZjoNuLbbLoU&v=B&ml=m&sl=41nFv&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.139.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-139-150.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:00 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BaJ0hKBGXbD2du34P&c=0.01&V=141&x=OqYegymfMyZNr&v=A&ml=m&sl=BO33fB&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.139.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-139-150.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:00 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BaJ0hKBGXbD2du34P&c=0.01&V=141&x=OWEwgadhZa3JE&v=B&ml=m&sl=CJBXfO&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.139.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-139-150.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:00 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BaJ0hKBGXbD2du34P&c=0.01&V=141&x=KXUFPw9kbDn54&v=B&ml=m&sl=CoguWv&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.139.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-139-150.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:00 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BaJ0hKBGXbD2du34P&c=0.01&V=141&x=nZfFM2GWLvqSo&v=B&ml=m&sl=Dskz_1&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.139.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-139-150.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:00 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BaJ0hKBGXbD2du34P&c=0.01&V=141&x=ueMXKD8RhC9I8&v=B&ml=m&sl=CK73GX&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.139.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-139-150.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:01 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BaJ0hKBGXbD2du34P&c=0.01&V=141&x=vbCBaCRAmDwUu&v=A&ml=m&sl=BcJnWY&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.139.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-139-150.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:01 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BaJ0hKBGXbD2du34P&c=0.01&V=141&x=eWZUI22O2a7kF&v=A&ml=m&sl=DldyCf&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.139.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-139-150.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:01 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BaJ0hKBGXbD2du34P&c=0.01&V=141&x=532TqRBhgNhZ8&v=B&ml=m&sl=CKlH4F&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.139.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-139-150.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:01 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
mab
mabping.chartbeat.net/ping/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=BaJ0hKBGXbD2du34P&c=0.01&V=141&x=9uxwsDwKhJAf9&v=B&ml=m&sl=BO_Wr4&e=-1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.139.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-139-150.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:01 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
collect
stats.g.doubleclick.net/j/ 		4 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-4780630-1&cid=1859869165.1696855740&jid=1777554352&gjid=672246198&_gid=606652621.1696855740&_u=aEBAAEAAEAAAACAAI~&z=487638714
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 09 Oct 2023 12:49:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
dmp-main.js
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/ 		239 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-111.fra60.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
742f69d5a3dc576df86c9845acf047bcd745d266f40900c95706badecfafe2e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 10:15:52 GMT
content-encoding
br
via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
FRA60-P4
age
9188
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
x-amz-cf-id
zbpcWIJhA46s0SVXoOV4RusHCmvvVcA9pnhk5VpPJgN45uhK_y4jzg==
init.d5393ac396c8794c869e.js
web-sdk.smartlook.com/es6/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/es6/init.d5393ac396c8794c869e.js
Requested by
Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5123513035c30f44e20d93f8bc9fda7ba74ec7c315add4883b5aa3ccd220503b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 09 Oct 2023 12:49:00 GMT
strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-age
340108
x-accel-date
1696515632
x-77-nzt
AZySIYg3Nzf/jDAFAA
x-accel-expires
@1728051632
x-77-age
340108
last-modified
Thu, 05 Oct 2023 13:53:37 GMT
server
CDN77-Turbo
etag
W/"651ebfe1-fa90"
x-77-nzt-ray
f6587a1dea3a83c0bcf6236588e0d82b
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
json
pro.ip-api.com/ 		20 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json?key=ay3FPSS6OcBXPHg&fields=countryCode
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/3059_03df53f5db8a294322fb_03df53f5db8a294322fb_walla.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 09 Oct 2023 12:49:01 GMT
Content-Length
20
Content-Type
application/json; charset=utf-8
almoni-neue-aaa-600.woff
www.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263614
etag
W/"e954-18afef67dac"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59732
x-cached
MISS
x-amz-cf-id
ba7KalpnfCTCE4nou2nufFNXiwEf101-H_W0ZSkY-96TcEfx48M_Fg==
almoni-neue-aaa-700.woff
www.walla.co.il/public/font/almoni/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-700.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:27 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263614
etag
W/"ea00-18afef67dac"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59904
x-cached
MISS
x-amz-cf-id
IOI_bo7V5H_epX3zeR09Cw61bQcVBLz9WYI_i3HbF_0SRtH-OEX_LA==
almoni-neue-aaa-400.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-400.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
2
etag
W/"e770-18b13de5426"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59248
x-cached
MISS
x-amz-cf-id
Wh_cU5G02b-R3raMqrkkVn43qIvi4UH8JmYFsph3iviMEuZxOgtihw==
almoni-neue-aaa-500.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
2
etag
W/"e7c0-18b13de5427"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59328
x-cached
MISS
x-amz-cf-id
ugm0Uhnt7IvqRNVzVhkN2-72ofexWHSbPCwKo0XkpAe8IXgUVk7NFg==
wallaicons.woff
www.walla.co.il/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:59 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
2
etag
W/"3bdc-18b13de5429"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15324
x-cached
MISS
x-amz-cf-id
RkWUEjokAbc0X1W00QnZV6TUvKXNO0n1AL2HVMV5KX_coik8Jun-aw==
3452_28c1808d0814a46feaca_28c1808d0814a46feaca_walla.js
www.walla.co.il/public/ 		123 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/3452_28c1808d0814a46feaca_28c1808d0814a46feaca_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_3de75b32272a42ddfa3c_3de75b32272a42ddfa3c_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
6dba6e329dfb9cefab40d65bd87209b0f98f585e82f455bff4ffb75e99573a23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:28 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263613
etag
W/"1eb65-18afef67d5f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
ZQfYbrJiBkN6nWLKXFAfJGMUt3Zu5EpmHb2varI1EXCLQT1x4CpbYg==
x-cached
MISS
PikudInner_2e1eca4b5cb115902ee9_2e1eca4b5cb115902ee9_walla.js
www.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/PikudInner_2e1eca4b5cb115902ee9_2e1eca4b5cb115902ee9_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_3de75b32272a42ddfa3c_3de75b32272a42ddfa3c_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
55e1bb5ac96493124163d21acdc1a9e620d826d6654f94a9fab30cd8a648c0b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:28 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263613
etag
W/"cfe-18afef67d62"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
xIpuS8B8aKRVAdiOFDr2ngJOGhQ2JSg6gI86ctppLlk-UPMCz-UcxQ==
x-cached
MISS
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/3059_03df53f5db8a294322fb_03df53f5db8a294322fb_walla.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
591baf010115e00d276211c893b9814efb01a67cebfb08bb58540e0c6bf52ebf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29707
x-xss-protection
0
server
cafe
etag
704 / 19639 / 31078562 / config-hash: 2030080448169413085
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 09 Oct 2023 12:49:01 GMT
load.js
pm-widget.taboola.com/wallail-walla/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/wallail-walla/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa13c715a970ff152c581c582d0d11959260c439601eef5aca942f3b8b79ae9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
FPTG2OxoLYtveF6L1lHa_yi.RcOwh3q6
content-encoding
gzip
via
1.1 varnish
date
Mon, 09 Oct 2023 12:49:01 GMT
x-amz-request-id
EWJRSD051645SZ7W
age
3136
x-cache
HIT
content-length
1113
x-amz-id-2
8ieejmpPIDpKsuOg3VR7pyVcDCwEO5Uyc1ke5XC44VLBPrOggUcPjoVerwQWjbLJg1YocDZbifo=
x-served-by
cache-fra-eddf8230061-FRA
last-modified
Tue, 26 Sep 2023 08:56:39 GMT
server
AmazonS3
x-timer
S1696855741.178557,VS0,VE0
etag
"0f035f8b52b8607074f683b28f021659"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
4
impl.20231009-1-RELEASE.js
cdn.taboola.com/libtrc/ 		811 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231009-1-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
79e4e27e77cde7c4d1f68c5ede06875086d9b995af24b12a22a9eb2cdb406fcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
vf7oJ0uNXoQFT6y8epYcFzLP3zwk_an0
content-encoding
br
via
1.1 varnish
date
Mon, 09 Oct 2023 12:49:01 GMT
x-amz-request-id
BVP7E6B8ZVE9QTQH
age
12507
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
171915
x-amz-id-2
Cquxky6u0ed+HUP3/wy+0rLYr8a13+e8WV6CGh0XNsCJMiEC+jIeTON5N46C35L70dZwMaDAidk=
x-served-by
cache-fra-eddf8230061-FRA
last-modified
Mon, 09 Oct 2023 09:20:34 GMT
server
AmazonS3-br
x-timer
S1696855741.173326,VS0,VE0
etag
"750e7d63dcc1456b315f58660c6c0d6c"
vary
Accept-Encoding
content-type
application/javascript
abp
33
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
45923
2323
dal.walla.co.il/editor/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dal.walla.co.il/editor/2323?from=www.walla.co.il
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/3059_03df53f5db8a294322fb_03df53f5db8a294322fb_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.199.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.199.111.34.bc.googleusercontent.com
Software
openresty/1.15.8.3 /
Resource Hash
8b976b4e0138f7b918382760a95c63f0f6cb058ddfa7ab8e3dfcd70bb6caf33c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:32 GMT
via
1.1 google
age
29
x-srkey
9ca383bf7f5c06689b373a08cfd03266
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6750
x-cached
HIT
pragma
cache
server
openresty/1.15.8.3
x-speed
0.0311059952
x-hostname
walla-dal-prod-6bf854b668-km9qc
x-ip-r
35.191.25.57
access-control-allow-origin
https://www.walla.co.il
x-ip-x
31.154.15.32, 34.111.199.139
content-type
application/json; charset=UTF-8
cache-control
max-age=60,public
7309_9e237d99c75cf4f9de9e_9e237d99c75cf4f9de9e_walla.js
www.walla.co.il/public/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/7309_9e237d99c75cf4f9de9e_9e237d99c75cf4f9de9e_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_3de75b32272a42ddfa3c_3de75b32272a42ddfa3c_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
02b9a34773ec700d23a92657536ca41b37bdd6012f2604ed935ebc25b5cbccd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:28 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263613
etag
W/"ae04-18afef67d60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
m9jgGAEQ51aAxD79aiNnbL_yz4jUMnFyHgD-Sck3EcnDVzGZp0Xfuw==
x-cached
HIT
player.html
www.walla.co.il/public/ Frame 7E44 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/3059_03df53f5db8a294322fb_03df53f5db8a294322fb_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
3dfcf027cca62240f42b3725b7a0010763ac3203519bc12a0db9cb36f4a89de8

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
263613
cache-control
public, max-age=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 06 Oct 2023 11:35:28 GMT
etag
W/"bc7-18afef67db2"
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
vary
Accept-Encoding
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
x-amz-cf-id
VtW8QPQX44-RStW8KY80zSGr82ZHqUqyMuisegcZ9xUtTaZowAiwIQ==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-cached
MISS
video.webp
www.walla.co.il/public/assets/icons/homepage3/ 		930 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/homepage3/video.webp
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
8cce178d2af1945d796fb0f59a956e2d51086ed8d5dd8152efc951c05ecf1f6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:28 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263613
etag
W/"3a2-18afef67d7e"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
930
x-cached
MISS
x-amz-cf-id
bBEp7V80wYYy8TO57_mfyKRBSdJrqfj_qDVJ2TP7ajPV8gyR5qnw5w==
1626_f5f3b35c90a142b6399c_f5f3b35c90a142b6399c_walla.js
www.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/1626_f5f3b35c90a142b6399c_f5f3b35c90a142b6399c_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_3de75b32272a42ddfa3c_3de75b32272a42ddfa3c_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
b3eac0550b379114427c1361eccd17319ca02132838d4f93b2d39666c2ba53a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:01 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"c35-18b13de53de"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
XkW58egBghU0lmiBmDw5HHzxxztAOMxVFbxD-iMIf_yBtOy0rDWaGg==
x-cached
MISS
winner_logo.webp
www.walla.co.il/public/assets/sport/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/sport/winner_logo.webp
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5ac127188e6475f95cf602b5aeacfaf667081820adc57b78e9d46b9cb9149776

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:00 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
1
etag
W/"1a56-18b13de5413"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
6742
x-cached
MISS
x-amz-cf-id
pdzWEc0xGSphMcSRTnZQJZgGAi9i_fELCFFmJ0c-mFfoGMrpElFo2g==
close.png
www.walla.co.il/public/assets/ads/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/ads/close.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:28 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263613
etag
W/"46c-18afef67d6a"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1132
x-cached
MISS
x-amz-cf-id
Aj9qHYQaBh1S1bC7eEoJyDyQ7mzuCIfnsg6nUmTRUjT4KRgd5IZQMA==
3611139-46.png
images.wcdn.co.il/f_auto,q_auto,w_800,t_18/3/6/1/1/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_800,t_18/3/6/1/1/3611139-46.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
371098e3d88da8afca83eacff757f9fe936b8277b4d84f7e07504ec19b70a95b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 03:36:56 GMT
via
1.1 google
age
33125
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40048
3611638-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/1/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/1/3611638-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
4c468db15d8fe102a7ad9df8328342478d16a43b1f8e85ca9fb83ae36f535dad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 10:42:20 GMT
via
1.1 google
age
7601
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6024
3611535-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/1/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/1/3611535-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
4c3fe6dff461732e9b4c89a81ec3df9f80bde820f4a24f58afc45406b1a4a655

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 11:06:35 GMT
via
1.1 google
age
6146
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12906
3611681-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/1/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/1/3611681-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
94a5c243f2cc1837a4367a5561cc0fcf4a84cbf19ca49cf00583a0c015c8dcdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 11:21:04 GMT
via
1.1 google
age
5277
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9300
3611563-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/1/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/1/3611563-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
6cf347395f2adc7bbe97b062140bcfa0ae98c25d7fc2dc4bb8d32bef162a3452

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:12:17 GMT
via
1.1 google
age
2204
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5448
3184750-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/1/8/4/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/1/8/4/3184750-46.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
aba40d0a8b9ed406a9836f4e0427edb20fda3ab6c21619e1dfb9aa38bc1ad009

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:33:30 GMT
via
1.1 google
age
931
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4346
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1696855741228&cv=9&fst=1696855741228&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4449cdc719bb24acb48af09de341dc48cf9ef811f14a2c8855526fa3bf3bcb44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1444
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
survey-executed
tr.dxmcdn.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tr.dxmcdn.com/rest/api/v1/survey-executed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.21 -, , ASN (),
Reverse DNS
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-type
text/html
date
Mon, 09 Oct 2023 12:49:11 GMT
expires
0
pragma
no-cache
server
Google Frontend
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-cloud-trace-context
28f1407efd55741932c0e2deee267d3d
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
survey-executed
tr.dxmcdn.com/rest/api/v1/ 		0
0
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4780630-1&cid=1859869165.1696855740&jid=1777554352&_u=aEBAAEAAEAAAACAAI~&z=566765097
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4780630-1&cid=1859869165.1696855740&jid=1777554352&_u=aEBAAEAAEAAAACAAI~&z=566765097
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/777956447/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/777956447/?random=1222616621&cv=11&fst=1696855740388&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww....
  • https://www.google.com/pagead/1p-conversion/777956447/?random=1222616621&cv=11&fst=1696855740388&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=...
  • https://www.google.de/pagead/1p-conversion/777956447/?random=1222616621&cv=11&fst=1696855740388&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=m...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/777956447/?random=1222616621&cv=11&fst=1696855740388&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=866940080.1696855740&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE1tT3FRWVF1dXltMy0yYS12eTVBUklsQUp0c0ZwYk5NeGtLWkliWEtFc2JLOFVDRGduRVdYQUNHVWhXVXZxRGtBOFd0Y1FObWcaWENoRUk4TW1PcVFZUTlmVDloWWE5NjlqZUFSSXRBTUFZSHlPQUlNWDJRdHI5SnlwNnBqYkk0WWc0RlRhY0xrMDNFTWt6elNrVjVpX01JcWFBSy1MT3lYM2giEwj_opWdgOmBAxWWwLsIHdvjASA&is_vtc=1&ocp_id=vPYjZf_UHJaB7_UP28eHgAI&cid=CAQSKQDICaaN90X2lMnS61cK_yG5sw9-ttpbQsT9t1OAT_l5Wq-dwuDY9TtB&eitems=ChEI8MmOqQYQgrXl7Muxh6GEARIdANLTtIQWITjo0cuDHVGAPW4Fqr3CZzJcGQiE_AQ&random=3784579776&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/777956447/?random=1222616621&cv=11&fst=1696855740388&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=866940080.1696855740&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE1tT3FRWVF1dXltMy0yYS12eTVBUklsQUp0c0ZwYk5NeGtLWkliWEtFc2JLOFVDRGduRVdYQUNHVWhXVXZxRGtBOFd0Y1FObWcaWENoRUk4TW1PcVFZUTlmVDloWWE5NjlqZUFSSXRBTUFZSHlPQUlNWDJRdHI5SnlwNnBqYkk0WWc0RlRhY0xrMDNFTWt6elNrVjVpX01JcWFBSy1MT3lYM2giEwj_opWdgOmBAxWWwLsIHdvjASA&is_vtc=1&ocp_id=vPYjZf_UHJaB7_UP28eHgAI&cid=CAQSKQDICaaN90X2lMnS61cK_yG5sw9-ttpbQsT9t1OAT_l5Wq-dwuDY9TtB&eitems=ChEI8MmOqQYQgrXl7Muxh6GEARIdANLTtIQWITjo0cuDHVGAPW4Fqr3CZzJcGQiE_AQ&random=3784579776&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/11170679829/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11170679829/?random=1696855740440&cv=11&fst=1696852800000&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1633539424&rmt_tld=0&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/11170679829/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/11170679829/?random=1696855740440&cv=11&fst=1696852800000&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1633539424&rmt_tld=1&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adoric.v9.4.min.css
static.adoric.com/ 		169 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.adoric.com/adoric.v9.4.min.css
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd5322d2a8576e402dd580efbf61ce9c007e786315b76393d740e64b3476e6dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1811
x-guploader-uploadid
ADPycdte3pwLeBkJYKT7uHsWN4MFod_sGtoSel8cxt_jXLMJNU4i4JjtKZDJ1Q0vxd0EvtgWFY65wSX0pg6rPLsaR_22GGg4rzEv
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 04 Sep 2023 08:54:57 GMT
server
cloudflare
etag
W/"d6693c4efa6e72bb9b105bc8e6384b27"
vary
Accept-Encoding
x-goog-hash
crc32c=aiZ+bA==, md5=1mk8TvpucrubEFvI5jhLJw==
x-goog-generation
1693817697766768
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aet6P0ZWh9%2F5SUMywejLKL2EKkWwbhqSSuurR1lpONvY%2BzkG%2FFRu6cs6TdbBRFxlVO8F60xPok%2B96sGGzTGCgPLRNibU3N93aPy22v02E9IWA4J%2BzyC3tKsBiUQcDE%2Bptq3FGOhoLqPlnXgPtgO5Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
14462
cf-ray
8136bdc00da73650-FRA
expires
Mon, 09 Oct 2023 13:17:27 GMT
/
app.adoric-om.com/v1/campaigns/ 		744 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.adoric-om.com/v1/campaigns/?u=9cf2e1a44ca72a3fec13c925568a4883&l=en&cc=0&b=chrome&os=win&h=https%3A%2F%2Fwww.walla.co.il%2F&d=desktop&lsps=0&pd=A&nv=true&tz=-120&cIds=%5B%5D
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.218.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
58.218.120.34.bc.googleusercontent.com
Software
/
Resource Hash
5065bc418cee9a1f1841747f1715792a75f298cb394929741870519a1697a78e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
date
Mon, 09 Oct 2023 12:49:01 GMT
x-content-type-options
nosniff
via
1.1 google
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
744
x-xss-protection
1; mode=block
x-adoric-api-version
9.1.0
etag
W/"2e8-Y+oempp/KV9lF8UMiodEDvNuljE"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
170717926997655
connect.facebook.net/signals/config/ 		136 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/170717926997655?v=2.9.132&r=stable&domain=www.walla.co.il
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
744955188c8bf50c64bb2d9095eec5fe3df45dad12b40c7444ef86d94218fd4d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 09 Oct 2023 12:49:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36091
x-xss-protection
0
pragma
public
x-fb-debug
/I59AGmFuYWqcoiHYQCwMXfLL5ezyU8L1YKOcWfh1KOMSMCJIgE91Fck6gY6YKVcY0e/ylOVrzqjiCJ15UhZrQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
3589_26d30df0f2e2888527b1_26d30df0f2e2888527b1_walla.js
www.walla.co.il/public/ Frame 7E44 		736 KB
209 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/3589_26d30df0f2e2888527b1_26d30df0f2e2888527b1_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
df9a74ba55b4b89b027a8123540004258e9b4396f1bd73e258af6adfac037750

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:01 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 09:56:59 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
etag
W/"b81b9-18b13de53df"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
IoW2RJyQ4lTNLDCjmVlpdOCZWnNvmp35XzZZHsRcm5bWpNcGecp0KA==
x-cached
MISS
player_ec0e692c68bd258e6d75_ec0e692c68bd258e6d75_walla.js
www.walla.co.il/public/ Frame 7E44 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player_ec0e692c68bd258e6d75_ec0e692c68bd258e6d75_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
b194ec6f02131053688eee2371fecd9165f8687b55e60a850b357f5cbb30fe24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:28 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263613
etag
W/"77a5-18afef67db3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
XGfxAz7Euakm8Zb98qjrOjvq6b4EATNiKFVyS_Bg3FtrECkw79G7pQ==
x-cached
MISS
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TSQY5YTYZ0&gtm=45je3a40&_p=454211236&cid=1859869165.1696855740&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696855741&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSQY5YTYZ0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RYD7X7E8VN&gtm=45je3a40&_p=454211236&_gaz=1&cid=1859869165.1696855740&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2F&sid=1696855741&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&en=page_view&_fv=1&_ss=1&ep.ga_client_id=&epn.vertical_id=173&ep.vertical_name=%D7%95%D7%95%D7%90%D7%9C%D7%94&ep.category_id=&ep.item_id=&ep.item_type=&ep.item_publication_date=&ep.item_last_update=&ep.content_provider=&ep.item_title=&ep.item_author=&ep.hostname=walla.co.il&ep.item_sections_words_count=&ep.tags=&ep.editor=&ep.tohash=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RYD7X7E8VN&cid=1859869165.1696855740&gtm=45je3a40&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RYD7X7E8VN&cid=1859869165.1696855740&gtm=45je3a40&aip=1&z=1252412170
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1931849544333114&correlator=3741438133940551&eid=31077098%2C31078636%2C44804939&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Crm1_phone%2Crm2_phone%2Crm3_phone%2Crm4_phone%2Crm5_phone%2Crm6_phone%2Crm7_phone%2Crm8_phone%2Crm9_phone%2Crm10_phone%2Crm11_phone%2Crm12_phone%2Crm13_phone%2Crm14_phone%2Crm15_phone&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17&prev_iu_szs=1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ifi=1&didk=2010046529~1562409716~233263091~3796002052~1919438049~1481219513~821200554~2702319212~3668432129~3890141254~1992583291~3539871807~3702126702~2228587107~584797780&sfv=1-0-40&ists=32767&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1696855741564&lmt=1696848541&adxs=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&adys=11125%2C11125%2C11125%2C11125%2C11125%2C11125%2C11125%2C11125%2C11125%2C11125%2C11125%2C11125%2C11125%2C11125%2C11125&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&vis=1&psz=1600x11125%7C1600x11125%7C1600x11125%7C1600x11125%7C1600x11125%7C1600x11125%7C1600x11125%7C1600x11125%7C1600x11125%7C1600x11125%7C1600x11125%7C1600x11125%7C1600x11125%7C1600x11125%7C1600x11125&msz=1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1859869165.1696855740&ga_sid=1696855742&ga_hid=454211236&ga_fc=true&dlt=1696855739678&idt=1816&prev_scp=slot_name%3Drm1_phone%7Cslot_name%3Drm2_phone%7Cslot_name%3Drm3_phone%7Cslot_name%3Drm4_phone%7Cslot_name%3Drm5_phone%7Cslot_name%3Drm6_phone%7Cslot_name%3Drm7_phone%7Cslot_name%3Drm8_phone%7Cslot_name%3Drm9_phone%7Cslot_name%3Drm10_phone%7Cslot_name%3Drm11_phone%7Cslot_name%3Drm12_phone%7Cslot_name%3Drm13_phone%7Cslot_name%3Drm14_phone%7Cslot_name%3Drm15_phone&adks=4062366051%2C981125922%2C1662060138%2C2143205728%2C1564292565%2C2986496565%2C3080922210%2C291215337%2C2575937656%2C1306414956%2C1001994536%2C2473283962%2C646109108%2C1950117139%2C3594270397&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd60f874f2b0b8658341f377e8e97d7d06b1a0b20a497c505fcb6bb6eb87831f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
450
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0241 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 12:49:01 GMT
expires
Tue, 08 Oct 2024 12:49:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pmk-20220605.2.js
pm-widget.taboola.com/wallail-walla/ 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/wallail-walla/pmk-20220605.2.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/wallail-walla/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4fcbd9b339d1bc8b72c3d698a6c4bb856516c41b52a3be330313cb6a51be99df

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
J_7JEZUDdQ4YrzJhODl8FUK4deJJqu3C
content-encoding
gzip
via
1.1 varnish
date
Mon, 09 Oct 2023 12:49:01 GMT
x-amz-request-id
C4CNW471XAJG1JKR
age
1137024
x-cache
HIT
content-length
28795
x-amz-id-2
4bU+8ggP5BGzYnRPZoxP18lPMdvVfqi5Se5gA4FftCE+8YQoUkJ+gWoDDRWcedCnJxJ2ekTqqNQ=
x-served-by
cache-fra-eddf8230053-FRA
last-modified
Tue, 26 Sep 2023 08:56:38 GMT
server
AmazonS3
x-timer
S1696855742.665009,VS0,VE0
etag
"a78996a082a974b0dc6659aacfa84748"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
5218
logo.png
www.walla.co.il/public/assets/pikud/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/pikud/logo.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:28 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263613
etag
W/"558e-18afef67d91"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
21902
x-cached
MISS
x-amz-cf-id
N4WPRfIZn-0OVa-FyQFqe1D6x26InFDhtvUkLi3cOjxkuvrqOtC4tQ==
state
event.dxmdp.com/rest/api/v1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/state
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.191.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-191-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231009-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:01 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
291157
expires
60
json
trc.taboola.com/wallail-walla/trc/3/ 		107 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/wallail-walla/trc/3/json?tim=14%3A49%3A01.777&lti=deflated&data=%7B%22id%22%3A713%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1696853017110%2C%22vi%22%3A1696855741772%2C%22cv%22%3A%2220231009-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A11125%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Left%20Rail%20Homepage%22%2C%22orig_uip%22%3A%22Left%20Rail%20Homepage%22%2C%22cd%22%3A1106.484375%2C%22mw%22%3A298%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-g%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Homepage%201%22%2C%22orig_uip%22%3A%22Mid%20Homepage%201%22%2C%22cd%22%3A4313.984375%2C%22mw%22%3A864%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-g%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Homepage%202%22%2C%22orig_uip%22%3A%22Mid%20Homepage%202%22%2C%22cd%22%3A5480.984375%2C%22mw%22%3A864%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-g%3Aabp%3D0%22%2C%22uip%22%3A%22Homepage%20Endless%22%2C%22orig_uip%22%3A%22Homepage%20Endless%22%2C%22cd%22%3A11125.0625%2C%22mw%22%3A863%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHomepage%20Endless%3Dthumbnails-g%3Aabp%3D0%2C%2CLeft%20Rail%20Homepage%3Dthumbnails-a%3Aabp%3D0%2C%2CMid%20Homepage%201%3Dthumbnails-g%3Aabp%3D0%2C%2CMid%20Homepage%202%3Dthumbnails-g%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231009-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
967be818fa6a98d2fb65c23d2dd18e5a7ae174b0c878cb2b78b27e2c6dcf677d

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
747
date
Mon, 09 Oct 2023 12:49:02 GMT
content-encoding
gzip
via
1.1 varnish
cpu
1.0831250000000001
x-fastly-to-nlb-rtt
7550
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230061-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1696855742.796950,VS0,VE747
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
/
www.google.com/pagead/1p-user-list/964224610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/964224610/?random=1696855741228&cv=9&fst=1696852800000&num=1&guid=ON&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&fmt=3&is_vtc=1&random=1549316387&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/964224610/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/964224610/?random=1696855741228&cv=9&fst=1696852800000&num=1&guid=ON&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&fmt=3&is_vtc=1&random=1549316387&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
walla.json
www.walla.co.il/public/player-config/ Frame 7E44 		111 B
499 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/player-config/walla.json?cache=1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player_ec0e692c68bd258e6d75_ec0e692c68bd258e6d75_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-38.fra2.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
51f3359dfda7f7e3bb7ca5440eba096f6b170c38da65853d53fc56bdd65f396a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 11:35:29 GMT
via
1.1 google, 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Thu, 05 Oct 2023 08:31:21 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA2-C1
age
263612
etag
W/"6f-18afef67db2"
x-cache
Hit from cloudfront
content-type
application/json; charset=UTF-8
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
111
x-cached
MISS
x-amz-cf-id
ihtgA4tSuG77voRMp6aQOjp445AoZFDY0MnGwsg3XZRkE5EdDFUzFQ==
1616785908557850
connect.facebook.net/signals/config/ 		131 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1616785908557850?v=2.9.132&r=stable&domain=www.walla.co.il
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5f1a782224ffa91d993bfd2833b9187414fe2c0acc508f3259b2432bb78d195e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 09 Oct 2023 12:49:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
34800
x-xss-protection
0
pragma
public
x-fb-debug
9ul0aFiwHe31+K9yhikEQw2p16WQjLqGCMoRfs+wU/E92oTgFlkZMsrY4zpisLGp4X5pCZnWt41C9kTVKd3rTg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1696855741980&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbp=fb.2.1696855741977.1187203357&cs_est=true&ler=empty&it=1696855741386&coo=false&exp=a0&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 09 Oct 2023 12:49:02 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 7E44 		359 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/player_ec0e692c68bd258e6d75_ec0e692c68bd258e6d75_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d0577359952b714e119cc1aa6e318656f7d7c642adb87cc84ff00e87c949dde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125855
x-xss-protection
0
expires
Mon, 09 Oct 2023 12:49:02 GMT
sync
event.dxmdp.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.191.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-191-61.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Mon, 09 Oct 2023 12:49:02 GMT
server
nginx/1.20.0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
sync
event.dxmdp.com/rest/api/v1/ 		13 B
326 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.191.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-191-61.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Mon, 09 Oct 2023 12:49:02 GMT
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
truncated
/ Frame 7E44 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1696855742127&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbp=fb.2.1696855741977.1187203357&ler=empty&it=1696855741386&coo=false&exp=a0&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 09 Oct 2023 12:49:02 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310030101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fba71319cb9a4f555589e26d093cb281d93c153d27e028f5c24bc3c0ebc36adc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12110
x-xss-protection
0
sync
gum.criteo.com/ 		46 B
287 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231009-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:01 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
221605
expires
60
sync
event.dxmdp.com/rest/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync?audids=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.191.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-191-61.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Mon, 09 Oct 2023 12:49:02 GMT
server
nginx/1.20.0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
sync
event.dxmdp.com/rest/api/v1/ 		13 B
326 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.dxmdp.com/rest/api/v1/sync?audids=
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.191.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-191-61.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Mon, 09 Oct 2023 12:49:02 GMT
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json
dmp-common-iframe.html
cf.dxmcdn.com/dta/ Frame 8EA7 		194 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=&monitoringConfig=%7B%22uuid%22%3A%22bc8a7a32-7d98-4226-8af9-d2a43a8621cc%22%2C%22enabled%22%3Afalse%2C%22verboseMode%22%3A%22ERRORS%22%2C%22sampling%22%3Anull%2C%22observedUserId%22%3Anull%2C%22includeDatabase%22%3Afalse%2C%22includeLocalStorage%22%3Afalse%2C%22includeLoggerState%22%3Afalse%7D
Requested by
Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:4400:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c90f4fa10a90d240c6dcd2d798e6c528ae91f104d232870fb6f1453967a7066

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
27087
content-encoding
gzip
content-type
text/html
date
Mon, 09 Oct 2023 06:08:12 GMT
etag
W/"52319100f3cad7c781dec5018ed1ca59"
last-modified
Wed, 27 Sep 2023 11:46:39 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-amz-cf-id
zepGURZbxOxb0fGQJhf8hqg_Q4SgRVVam18aj46XZRczHVEpEa3_og==
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
VtKfS.xLqR2wYAZ0uda1_bwOn38WDDK3
x-cache
Hit from cloudfront
d639e114-3672-49b1-a7d2-a58655bc0c38
https://www.walla.co.il/ Frame 7E44 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/d639e114-3672-49b1-a7d2-a58655bc0c38
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
playlist.m3u8
amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/ Frame 7E44
Redirect Chain
  • https://cdn-uw2-prod.tsv2.amagi.tv/linear/amg01742-walla-wallanews-ono/playlist.m3u8
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
Protocol
H2
Server
99.86.4.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-37.fra6.r.cloudfront.net
Software
/
Resource Hash
7391fb91118d48d2079a6c90710ec9d61d8047bc70ac666b5fdf8b0f7ff44534

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 google, 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
null
x-cache
Miss from cloudfront
cache-control
max-age=0
access-control-allow-credentials
true
x-amz-cf-id
DA1amM1uOCKVYlMOJVtqlwRvk54kxpt9-n_Kr5lJQ9Kcqfes6GT-4g==

Redirect headers

date
Mon, 09 Oct 2023 12:49:02 GMT
via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
vary
origin
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
access-control-allow-origin
https://www.walla.co.il
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
x-amz-cf-id
VOikq3cM6aWtQCQ9KOq_BeyNgVejAs2Oe3LhhoInUlBytBFiKUQ7yA==
bridge3.594.0_en.html
imasdk.googleapis.com/js/core/ Frame 81EC 		724 KB
232 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98fa96669f1c1e20102e4101636ed3b684bad2766a69eab9195a191815bc65d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
376496
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
237562
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 04:14:06 GMT
expires
Fri, 04 Oct 2024 04:14:06 GMT
last-modified
Wed, 04 Oct 2023 14:44:22 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 7E44 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 09 Oct 2023 12:49:02 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2677 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 09 Oct 2023 13:12:40 GMT
c0e6e502-3552-47f3-9152-7da86ebd4c66
https://www.walla.co.il/ Frame 7E44 		6 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/c0e6e502-3552-47f3-9152-7da86ebd4c66
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b94a77fa0aa100733aaea38ce611cc70fd81ebf17c1727a8511cb2bde47e2106

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length
5872
Content-Type
application/javascript
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 09 Oct 2023 12:49:02 GMT
9a05123d-ebfc-4d90-b94c-10000646b676
https://www.walla.co.il/ Frame 7E44 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/9a05123d-ebfc-4d90-b94c-10000646b676
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bbe9554acdc9fc122c3aad62ead41c1a503320adc8b145e67b1f37de5740db8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length
80351
Content-Type
application/javascript
981b50cd-b6ec-40eb-a4e4-9e4b3dd7828b
https://www.walla.co.il/ Frame 7E44 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.walla.co.il/981b50cd-b6ec-40eb-a4e4-9e4b3dd7828b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bbe9554acdc9fc122c3aad62ead41c1a503320adc8b145e67b1f37de5740db8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length
80351
Content-Type
application/javascript
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 		210 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fdb3a5f6e3182c980503f12c3b7d7a6cbbf899db34df26816ac905acb58f7cdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:02 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:35:42 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=22439
accept-ranges
bytes
content-length
65459
expires
Mon, 09 Oct 2023 19:03:01 GMT
/
csync.smilewanted.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a95d0861fc3b1f3c39e7bc7cd83f6d83e57376d9596ae5a0b070ae1965cec16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
8136bdc7eff5364a-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231009
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
650ae8f7c90ede05991a1fab60aaf04c8f04d82f9470c1b37f9e46af27793002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 12:49:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
31690
x-jsd-version
1.0.1837
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4573-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"640-WMXXL644BJGOS75wQ8RzfSxrGeg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEX0MU4iA8XZlW0c2rsNwnixjqV8P2wsqrzo4x85ZlTXTu6LasV3T%2Bg7k6liCyvVFGHN4YzpyVtwZkbddSOM1Eu%2BcwsHK0VnZ5o21R%2B6782Sz6uVM19nUz6vHqMpR%2FVW11JC9DLoYQdXBk%2FDOH4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8136bdc7f9c41c34-FRA
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Mon, 09 Oct 2023 12:49:02 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 02 Oct 2023 15:19:34 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
595578
ETag
W/"4689fed115ceb1ec0446e336376eed1e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pXpuiREMI9prLW6KTB1zMGKypf3yObjyMMmxYO6wdV1SdQfkACQM1Nxe%2FjGg2DmXQPCA0RS50B5DsV9fnHsB4vJsHmcQLukIx9afWWoEyUrs3V7OzIodQo2gHf70N8XSGkH8oEAgX9I2dgJ"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
8136bdc828442c7b-FRA
cdb
bidder.criteo.com/ 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.5.0&cb=95854175235&lsavail=1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Mon, 09 Oct 2023 12:49:02 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid
ap.lijit.com/rtb/ 		95 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.5.0
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
caef7ab77d76d0854cf0c1c2186b08ecdaccdbd1111fe4a1f891382138afc913

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 09 Oct 2023 12:49:02 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.walla.co.il
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
2214040
bs.yandex.ru/prebid/ 		0
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:02 GMT
last-modified
Mon, 09 Oct 2023 12:49:02 GMT
x-yandex-req-id
1696855742866164-1348304240375467105100247-production-app-host-sas-pcode-26
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
Direct
expires
Mon, 09 Oct 2023 12:49:02 GMT
2214040
bs.yandex.ru/prebid/ 		0
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:03 GMT
last-modified
Mon, 09 Oct 2023 12:49:03 GMT
x-yandex-req-id
1696855742905336-1142280562901726104900295-production-app-host-sas-pcode-44
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
Direct
expires
Mon, 09 Oct 2023 12:49:03 GMT
2214040
bs.yandex.ru/prebid/ 		0
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:03 GMT
last-modified
Mon, 09 Oct 2023 12:49:03 GMT
x-yandex-req-id
1696855742866036-697086917472243530600187-production-app-host-sas-pcode-270
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
Direct
expires
Mon, 09 Oct 2023 12:49:03 GMT
2214040
bs.yandex.ru/prebid/ 		0
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:04 GMT
last-modified
Mon, 09 Oct 2023 12:49:04 GMT
x-yandex-req-id
1696855742868921-406572133393765002200187-production-app-host-vla-pcode-207
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Mon, 09 Oct 2023 12:49:04 GMT
2214040
bs.yandex.ru/prebid/ 		0
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:03 GMT
last-modified
Mon, 09 Oct 2023 12:49:03 GMT
x-yandex-req-id
1696855742902998-67117437036374470100176-production-app-host-vla-pcode-470
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.walla.co.il
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Mon, 09 Oct 2023 12:49:03 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Mon, 09 Oct 2023 12:49:02 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Mon, 09 Oct 2023 12:49:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 12:49:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8136bdc83850364a-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 12:49:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8136bdc8384d364a-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 12:49:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8136bdc8384f364a-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 12:49:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8136bdc83853364a-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 12:49:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
8136bdc83851364a-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
bid-request
a.teads.tv/hb/ 		16 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:02 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 09 Oct 2023 12:49:02 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		1 KB
787 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.walla.co.il%2F&PageUrl=https%3A%2F%2Fwww.walla.co.il%2F&PageReferrer=https%3A%2F%2Fwww.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
969b284ff7a34f9a834506d2ba14344ff96d016be460e027a0474fc89adb3ba7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 12:49:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
111
content-length
432
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		380 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=2e542dd7-265b-4ced-998f-37323bf9798f&l_pb_bid_id=59d707357dae5d7&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=f667e573-b12a-4a28-9285-ab69330d62a5&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&slots=1&rand=0.1816062010306747
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9c1e1ebe0653101ab71f18e0bb7c914ba2f850c71618d76214da492ecc0f5a01

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:02 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
380
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		377 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Ftop_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=2e542dd7-265b-4ced-998f-37323bf9798f&l_pb_bid_id=6002147967a701f&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=ce7bd7f2-dba8-476b-b510-808cee0ba520&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Ftop_desktop&slots=1&rand=0.7391753733658295
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
eef95c8826b63efba50492368a5d4d78ad91bf066de9de155e01956f5e50e40e

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:02 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
377
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		365 B
881 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Frectangle_hp3_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=2e542dd7-265b-4ced-998f-37323bf9798f&l_pb_bid_id=614b5ca33c9f0b5&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5a88cac9-5aee-49b9-8b08-7cfc36d8f634&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Frectangle_hp3_desktop&slots=1&rand=0.4344215445000441
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1256979ccdf90db5278202b6df7472bc0ace9c2ec097f903f3077000dc93ea02

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:02 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
365
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		370 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fpremium_rectangle1_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=2e542dd7-265b-4ced-998f-37323bf9798f&l_pb_bid_id=62154f54b80f54a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=7fd5d0a5-1493-4113-a812-b38c0fe6c6af&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fpremium_rectangle1_desktop&slots=1&rand=0.6707983194951301
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
af4fac3d8408e8b646d05f939bed809992f07bcb71a8c14a7239dfe58b47cd01

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:02 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
370
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		366 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=2e542dd7-265b-4ced-998f-37323bf9798f&l_pb_bid_id=63a972bfeec2cec&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=f024a3df-1a94-4c81-b757-4738c19b8691&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&slots=1&rand=0.7610256701550939
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
66121d68eddb3357644f5ab01e376a5c330f5b8eb7698b915f657d01397fa5b5

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:02 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
366
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=715831
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdbb9a4db5a7b025285ab368659b8023ae3bf0ab7b5606c7c846ffd4f2266aaa

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcNplzxr1W7v05qbY%2FB88ppN5hSHdowSgpv1Y6NVWf8oKK4lu9YYNqM9LEbccMN8zypzfgCj46E80Z0OtvIMA%2F79QeuVXDptojrPEoW1MVwaMXNJ%2BbRRrhE0onZD86reULzfAMEc"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8136bdc899b59217-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ 		612 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
b68a8388bd08958e9820044b7202f54a4679029d7a88d99bdb9103a079afcfb2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:02 GMT
content-encoding
gzip
an-x-request-uuid
366acdba-727d-45e3-8cfc-4d879e3cf459
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.5.0&referrer=https%3A%2F%2Fwww.walla.co.il%2F&tmax=3000
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.127.138.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-138-223.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:02 GMT
accept-ch
sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:02 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:02 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:02 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:02 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
0
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:02 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:02 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:02 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:02 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:02 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		67 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
c1ca35767d8b55c2c379ab6905bc382eac962b058b6d8753aecec75e145e17a2

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 12:49:02 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		67 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
c1ca35767d8b55c2c379ab6905bc382eac962b058b6d8753aecec75e145e17a2

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 12:49:02 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		67 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
c1ca35767d8b55c2c379ab6905bc382eac962b058b6d8753aecec75e145e17a2

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 12:49:02 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		67 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
c1ca35767d8b55c2c379ab6905bc382eac962b058b6d8753aecec75e145e17a2

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 12:49:02 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		67 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=cR0USG9OKr6ykwaKkv7mNO
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
c1ca35767d8b55c2c379ab6905bc382eac962b058b6d8753aecec75e145e17a2

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 12:49:02 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid
mp.4dex.io/ 		60 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Mon, 09 Oct 2023 12:49:02 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 4 inventory rules not found for mediatype: banner and adUnitCode: adSlot-2
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8136bdc8bf214d50-FRA
expires
0
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebidjs
rtb.openx.net/openrtbb/ 		53 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e18ad703c8c2986a185ea56c44ca07a8832c1f696a29c6f2038cdd800783b568

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 12:49:02 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1931849544333114&correlator=1558182564408148&eid=31077098%2C31078636%2C676982961%2C44804939&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cnickbar_desktop%2Cdontmiss_strip_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4&prev_iu_szs=1200x40%2C320x50%7C865x190&fluid=0%2Cheight&ifi=16&didk=1193244743~1193245117&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Db87cec4a34b635e9%3AT%3D1696855741%3ART%3D1696855741%3AS%3DALNI_MbclvPU_51s-bXoJg7ba196jFfh-A&gpic=UID%3D00000c931ae61db7%3AT%3D1696855741%3ART%3D1696855741%3AS%3DALNI_MZQAKTPkMRyfGx7JWhrflDDIIsyhg&abxe=1&dt=1696855742810&lmt=1696848542&adxs=200%2C535&adys=1200%2C2723&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=16%7C17&ucis=g%7Ch&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&vis=1&psz=0x-1%7C864x0&msz=1200x-1%7C865x0&fws=644%2C132&ohw=0%2C864&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1859869165.1696855740&ga_sid=1696855742&ga_hid=454211236&ga_fc=true&ga_cid=606652621.1696855740&dlt=1696855739678&idt=1816&prev_scp=slot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Ddontmiss_strip_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&cust_params=dxseg%3D&adks=1750305995%2C3185403617&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5472eea2427b39c06a2f4f89c9d78d4f4d8b7fcd0d1cdb9e9b38a09e6703dc92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:02 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17188
x-xss-protection
0
google-lineitem-id
6392209359,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138449459730,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.4.2/ 		129 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.4.2/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231009-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40938ff6e6b641eab9e5691988d4d870a97680dadd628ac5e07c30066218797b

Request headers

Referer
https://www.walla.co.il/
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:02 GMT
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
186132
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
34938
x-served-by
cache-fra-eddf8230053-FRA
last-modified
Sat, 07 Oct 2023 09:06:35 GMT
server
AmazonS3
x-timer
S1696855743.880589,VS0,VE0
etag
"c0c74ba27fda577d582671b4c6c9a52f"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
cnC2-RsorMm_HvCQkCZF9FufYWTYAWvfnSeX24nHb9tkcTj4lQul9Q==
x-cache-hits
18863
feed-card-placeholder.20231009-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231009-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ad4ea14298dd60b6bf1481bd42fad48dc018c78c2547823d3fcb7e73555f954

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
fOie_Zx4wG2OeLwDrqPNOsBwxyjbQ3ap
content-encoding
gzip
via
1.1 varnish
date
Mon, 09 Oct 2023 12:49:02 GMT
x-amz-request-id
YEAC4NGDEMYKRHBV
age
874
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
/RNUX0WBeRKyVpunYPzYmi+T77xyL0ukcI55B5xTg/gGAz1o/lGIKevQ2yaPQ2ysNZE1GY1e1+Q=
x-served-by
cache-fra-eddf8230061-FRA
last-modified
Mon, 09 Oct 2023 12:34:30 GMT
server
AmazonS3
x-timer
S1696855743.853439,VS0,VE0
etag
"9fb62f1dbeecbdf3d8f84a13602c025a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
6
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
2368
userx.20231009-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231009-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17fc159664a481670c9f5ca2f4650c2e7f7369aad81910ae3d89ddef3631666f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
.oVrYh6w6vZelF09Fpcz2bsRRek3bmxt
content-encoding
gzip
via
1.1 varnish
date
Mon, 09 Oct 2023 12:49:02 GMT
x-amz-request-id
ZGWD2Z9W9NAZ7J2V
age
847
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5397
x-amz-id-2
nlVAn8eSvYjEj1RFI4iFzE7yr3ibliXKfsVIZuE2GdKUlLr7YUiM2jv//lIDAXd+hXrIo368HuA=
x-served-by
cache-fra-eddf8230061-FRA
last-modified
Mon, 09 Oct 2023 12:34:56 GMT
server
AmazonS3
x-timer
S1696855743.877330,VS0,VE0
etag
"62917a42cc191a430f54f69264755b83"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
71
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
773
distance-from-article.20231009-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231009-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2bffee38e24dd95aa44e2b6dd53b5fa3e3ee5a537d356e17368555f513539fed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
ZIO88PyhAobgzpQdRTMbHka2oeJrbR65
content-encoding
gzip
via
1.1 varnish
date
Mon, 09 Oct 2023 12:49:02 GMT
x-amz-request-id
8XR8DQWZME8089XB
age
1034
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1131
x-amz-id-2
z0GyHu83knLI1TgVMzjvQ8j7RCjVs63EHiDPRfwoIwrhSwx0sAouu/bBaazIK5kcFX1RwiYT0+4=
x-served-by
cache-fra-eddf8230061-FRA
last-modified
Mon, 09 Oct 2023 12:31:49 GMT
server
AmazonS3
x-timer
S1696855743.877324,VS0,VE0
etag
"89729e2ba5a55a37c7c34215545d0091"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
47
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
2630
article-detection.20231009-1-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231009-1-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ab4b55c7eb822be8b29202439c3ab043da8e1e82e6eb3ed929e92fd46931ccf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
f6K.X.PkIVrrGgVDZ5L.tG_YUn9QyM83
content-encoding
gzip
via
1.1 varnish
date
Mon, 09 Oct 2023 12:49:02 GMT
x-amz-request-id
8HC3DY5V47620BFJ
age
884
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
2Mk+hA5mPba/fZ1mSwaRXucTDK0XwSpj/OIDQthnBEfGgwnsv0YWPGMMa1vRppgGY4TIBgxnJn8=
x-served-by
cache-fra-eddf8230061-FRA
last-modified
Mon, 09 Oct 2023 12:34:19 GMT
server
AmazonS3
x-timer
S1696855743.877483,VS0,VE0
etag
"861a5a3cea3986ae3c34ea081c26329e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
35
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
2659
abtests
trc-events.taboola.com/wallail-walla/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/wallail-walla/log/3/abtests?lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-dupChecker%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1696855742900%7D&tim=14%3A49%3A02.900&id=578&llvl=2&ri=eb69848a3e813c001a27b5dc4ead1070&sd=v2_1ce468c120894bc845fe2058fd348341_1325017b-8e75-4532-adc8-7bce57d968e3-tuctc1d7c3d_1696855741_1696855741_CIi3jgYQk-FcGMyq76OxMSABKAEwODib4wlAiIoQSKvH2QNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=1325017b-8e75-4532-adc8-7bce57d968e3-tuctc1d7c3d&pi=/&pt=home&vi=1696855741772&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231009-1-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:03 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
trc-events.taboola.com/wallail-walla/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/wallail-walla/log/3/abtests?lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-ct%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1696855742904%7D&tim=14%3A49%3A02.904&id=1737&llvl=2&ri=eb69848a3e813c001a27b5dc4ead1070&sd=v2_1ce468c120894bc845fe2058fd348341_1325017b-8e75-4532-adc8-7bce57d968e3-tuctc1d7c3d_1696855741_1696855741_CIi3jgYQk-FcGMyq76OxMSABKAEwODib4wlAiIoQSKvH2QNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=1325017b-8e75-4532-adc8-7bce57d968e3-tuctc1d7c3d&pi=/&pt=home&vi=1696855741772&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231009-1-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:03 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
trc-events.taboola.com/wallail-walla/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/wallail-walla/log/3/abtests?lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1696855742905%7D&tim=14%3A49%3A02.905&id=1367&llvl=2&ri=eb69848a3e813c001a27b5dc4ead1070&sd=v2_1ce468c120894bc845fe2058fd348341_1325017b-8e75-4532-adc8-7bce57d968e3-tuctc1d7c3d_1696855741_1696855741_CIi3jgYQk-FcGMyq76OxMSABKAEwODib4wlAiIoQSKvH2QNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=1325017b-8e75-4532-adc8-7bce57d968e3-tuctc1d7c3d&pi=/&pt=home&vi=1696855741772&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231009-1-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:03 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/wallail-walla/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-walla/log/3/abtests?route=AM:AM:V&tvi48=9598&tvi50=-50&lti=deflated&ri=eb69848a3e813c001a27b5dc4ead1070&sd=v2_1ce468c120894bc845fe2058fd348341_1325017b-8e75-4532-adc8-7bce57d968e3-tuctc1d7c3d_1696855741_1696855741_CIi3jgYQk-FcGMyq76OxMSABKAEwODib4wlAiIoQSKvH2QNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=1325017b-8e75-4532-adc8-7bce57d968e3-tuctc1d7c3d&pi=/&wi=2990753527669053458&pt=home&vi=1696855741772&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1696855742856%7D&tim=14%3A49%3A02.857&id=7690&llvl=2&cv=20231009-1-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:02 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Mon, 09 Oct 2023 12:49:02 GMT
x-amz-request-id
0R9XQHAA5Q1ZDC2Q
age
58
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
MkI6vMFxHgM3ZVV9S+UeT9PE5jyReG3BVKLcXsx3HwZ8PMgvnFA1z8I5XykG/Hk432UfiS+ju9w=
x-served-by
cache-fra-eddf8230061-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1696855743.943887,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
78
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
92
social
trc.taboola.com/wallail-walla/log/3/ 		0
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/wallail-walla/log/3/social?lti=deflated&ri=eb69848a3e813c001a27b5dc4ead1070&sd=v2_1ce468c120894bc845fe2058fd348341_1325017b-8e75-4532-adc8-7bce57d968e3-tuctc1d7c3d_1696855741_1696855741_CIi3jgYQk-FcGMyq76OxMSABKAEwODib4wlAiIoQSKvH2QNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=1325017b-8e75-4532-adc8-7bce57d968e3-tuctc1d7c3d&pi=/&pt=home&vi=1696855741772&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.walla.co.il%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%22%2C%22sec%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fimages.wcdn.co.il%2Ff_auto%2Cq_auto%2Cw_1200%2Ct_54%2F3%2F1%2F3%2F6%2F3136860-46.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=14%3A49%3A02.992&id=1110&llvl=2&cv=20231009-1-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7242
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230061-FRA
pragma
no-cache
server
nginx
x-timer
S1696855743.019523,VS0,VE9
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
debug
trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/wallail-walla/log/2/debug?tim=14%3A49%3A03.007&type=usage&msg=New_CTA-event-1696855743007&llvl=2&id=6258&cv=20231009-1-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~5385806190183663209~~MAPD4klXMFqau%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20145
debug
trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/wallail-walla/log/2/debug?tim=14%3A49%3A03.008&type=usage&msg=New_CTA-event-1696855743008&llvl=2&id=4568&cv=20231009-1-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~5385806190183663209~~MAPD4klXMFqau%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20145
debug
trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/wallail-walla/log/2/debug?tim=14%3A49%3A03.009&type=usage&msg=New_CTA-event-1696855743009&llvl=2&id=9764&cv=20231009-1-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~4355832408535691515~~BCtYXNZiOkmkH%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20145
debug
trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/wallail-walla/log/2/debug?tim=14%3A49%3A03.010&type=usage&msg=New_CTA-event-1696855743010&llvl=2&id=2254&cv=20231009-1-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~4355832408535691515~~BCtYXNZiOkmkH%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19953
debug
trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/wallail-walla/log/2/debug?tim=14%3A49%3A03.019&type=usage&msg=New_CTA-event-1696855743019&llvl=2&id=1694&cv=20231009-1-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-6344888526337323264~~UYvnFQtODMsH%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19953
debug
trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/wallail-walla/log/2/debug?tim=14%3A49%3A03.020&type=usage&msg=New_CTA-event-1696855743020&llvl=2&id=3627&cv=20231009-1-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-6344888526337323264~~UYvnFQtODMsH%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19953
debug
trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/wallail-walla/log/2/debug?tim=14%3A49%3A03.023&type=usage&msg=New_CTA-event-1696855743023&llvl=2&id=578&cv=20231009-1-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~8070590236156035563~~-cnh74okczN2U%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19953
debug
trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/wallail-walla/log/2/debug?tim=14%3A49%3A03.024&type=usage&msg=New_CTA-event-1696855743024&llvl=2&id=775&cv=20231009-1-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~8070590236156035563~~-cnh74okczN2U%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19953
debug
trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/wallail-walla/log/2/debug?tim=14%3A49%3A03.024&type=usage&msg=New_CTA-event-1696855743024&llvl=2&id=108&cv=20231009-1-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~2006958143282708204~~X3l_h_ozP-25f%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19953
debug
trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/wallail-walla/log/2/debug?tim=14%3A49%3A03.025&type=usage&msg=New_CTA-event-1696855743025&llvl=2&id=9524&cv=20231009-1-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~2006958143282708204~~X3l_h_ozP-25f%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19707
debug
trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/wallail-walla/log/2/debug?tim=14%3A49%3A03.025&type=usage&msg=New_CTA-event-1696855743025&llvl=2&id=2627&cv=20231009-1-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-6212314546163179263~~oBV8TBXq7gPL%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19707
debug
trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/wallail-walla/log/2/debug?tim=14%3A49%3A03.031&type=usage&msg=New_CTA-event-1696855743031&llvl=2&id=6286&cv=20231009-1-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-1391103727429008993~~KlEWMnKH5rNV%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19707
debug
trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/wallail-walla/log/2/debug?tim=14%3A49%3A03.031&type=usage&msg=New_CTA-event-1696855743031&llvl=2&id=2072&cv=20231009-1-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-1391103727429008993~~KlEWMnKH5rNV%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19707
debug
trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/wallail-walla/log/2/debug?tim=14%3A49%3A03.032&type=usage&msg=New_CTA-event-1696855743032&llvl=2&id=473&cv=20231009-1-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-8713286706595294166~~-TKKBOPBzay4%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19707
debug
trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/wallail-walla/log/2/debug?tim=14%3A49%3A03.032&type=usage&msg=New_CTA-event-1696855743032&llvl=2&id=2263&cv=20231009-1-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-8713286706595294166~~-TKKBOPBzay4%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19707
732deb2a72dfa0f6d1aa742b172e2895.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/732deb2a72dfa0f6d1aa742b172e2895.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
782d0736ef185ea212091405c65374f1208ddc1fd62f7291b9efc1aecd444b4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/732deb2a72dfa0f6d1aa742b172e2895.jpg
age
1644075
edge-cache-tag
459946194497192590537253935243328834748,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
459946194497192590537253935243328834748,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
242
expiration
expiry-date="Mon, 02 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.kicker.de/
content-length
16740
x-backend-name
LA_nlb203
x-served-by
cache-iad-kcgs7200170-IAD, cache-iad-kcgs7200170-IAD, cache-sna10747-LGB, cache-iad-kiad7000110-IAD, cache-fra-eddf8230061-FRA
last-modified
Fri, 01 Sep 2023 04:43:23 GMT
server
nginx
surrogate-reporting
width=340,height=189,owidth=1067,oheight=600,obytes=802474
x-timer
S1696855743.056480,VS0,VE0
etag
"e046b02577cf1cf2a7de7045309ffa9f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 368, 2
221655ce032044f5ae2f7f6de9ec5bdb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/221655ce032044f5ae2f7f6de9ec5bdb.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3830d364bd7e1323e0c98acb5c9849d90670822dbb77a5588c61d4baed17ac08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/221655ce032044f5ae2f7f6de9ec5bdb.jpg
age
2602996
edge-cache-tag
494366385138543953060662240160626996212,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
494366385138543953060662240160626996212,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
88
expiration
expiry-date="Sun, 10 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://today.line.me/
content-length
11398
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000041-IAD, cache-iad-kjyo7100083-IAD, cache-iad-kjyo7100039-IAD, cache-fra-eddf8230061-FRA
last-modified
Thu, 10 Aug 2023 01:51:21 GMT
server
nginx
x-timer
S1696855743.056804,VS0,VE1
etag
"527408fc3902e52710479b5a71c3bdd3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 20, 1
dba7a4e86280859f904c417734463117.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dba7a4e86280859f904c417734463117.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2d86cc573c7a00d81cce15384441babc5e61f895ab1cd96812b86989ce1c8873

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dba7a4e86280859f904c417734463117.jpg
age
609540
edge-cache-tag
358758132626213703092736147958903512829,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
358758132626213703092736147958903512829,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
390
expiration
expiry-date="Mon, 16 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.calcalist.co.il/
content-length
9086
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100131-IAD, cache-iad-kjyo7100104-IAD, cache-lax10664-LGB, cache-iad-kiad7000126-IAD, cache-fra-eddf8230061-FRA
last-modified
Fri, 15 Sep 2023 12:33:05 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=16139,owidth=1920,oheight=1080,obytes=665930
x-timer
S1696855743.056497,VS0,VE2
etag
"8e4bf9cc45afd8684648617c9ea507ce"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
46fbfee2ae6e5fb94876d9baea617ee3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46fbfee2ae6e5fb94876d9baea617ee3.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
99357389be347481ea6b9b77d94643ffc97cbf51c4be1b801b635496c70e9927

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
5
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46fbfee2ae6e5fb94876d9baea617ee3.jpg
age
2333481
edge-cache-tag
431245638440729080228318667116461111866,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
431245638440729080228318667116461111866,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
167
expiration
expiry-date="Thu, 28 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.rundschau-online.de/
content-length
20926
x-backend-name
US_nlb101
x-served-by
cache-iad-kcgs7200035-IAD, cache-iad-kiad7000140-IAD, cache-iad-kjyo7100174-IAD, cache-fra-eddf8230061-FRA
last-modified
Mon, 28 Aug 2023 12:17:31 GMT
server
nginx
surrogate-reporting
width=1000,height=555,owidth=1000,oheight=600,obytes=368059
x-timer
S1696855743.056882,VS0,VE5
etag
"25ab807eab01fdf4cb58769079f58331"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 179, 1
0bf2fe1e50ca23352b4225abbca3bbe4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0bf2fe1e50ca23352b4225abbca3bbe4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d064a29640bfd997ce38d1861ebcd5c6ebe721972e5c0030a7cbb297b162c29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0bf2fe1e50ca23352b4225abbca3bbe4.jpg
age
4165895
edge-cache-tag
578688334154265888352565686747097829264,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
cache-tag
578688334154265888352565686747097829264,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
78
expiration
expiry-date="Thu, 24 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.kicker.de/
content-length
16048
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000159-IAD, cache-iad-kiad7000150-IAD, cache-lax10621-LGB, cache-iad-kjyo7100078-IAD, cache-fra-eddf8230061-FRA
last-modified
Mon, 24 Jul 2023 13:06:38 GMT
server
nginx
x-timer
S1696855743.067469,VS0,VE0
etag
"71d6a128e1546fe251c0b8846d814059"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 641, 2
1da13c416e4ae1117b79c8d2518d5f26.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1da13c416e4ae1117b79c8d2518d5f26.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8ef2e4b14f9970a0f7951a3938bb6e73348d1f4b23fe7bb6573a0917cce75b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1da13c416e4ae1117b79c8d2518d5f26.png
age
1743778
edge-cache-tag
411353838435870792009935523382245975514,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
411353838435870792009935523382245975514,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
63
req-referer
https://www.billboard.com/
content-length
17788
x-request-id
310a0eec9ce4dc96de5ccd398864aaf6
x-backend-name
US_nlb101
x-served-by
cache-iad-kjyo7100078-IAD, cache-iad-kjyo7100167-IAD, cache-iad-kiad7000150-IAD, cache-fra-eddf8230061-FRA
last-modified
Mon, 18 Sep 2023 14:23:35 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=28033,owidth=1000,oheight=600,obytes=868654
x-timer
S1696855743.067460,VS0,VE1
etag
"7983564caed64dce967bc00a456cd43a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 51, 1
38eaa3536db42856ffcf552116219537.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/38eaa3536db42856ffcf552116219537.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8b88789866707cc2a66343215919e4ecdcc01fbee1d6e8e79a95f9401775d11e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/38eaa3536db42856ffcf552116219537.png
age
1823247
edge-cache-tag
564229015779271618797165079865142645018,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
564229015779271618797165079865142645018,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
445
req-referer
https://www.sport1.de/
content-length
9700
x-request-id
dddedcb212f88a951e8d5142aa6b6315
x-backend-name
LA_nlb204
x-served-by
cache-iad-kiad7000106-IAD, cache-iad-kcgs7200077-IAD, cache-sna10724-LGB, cache-iad-kcgs7200171-IAD, cache-fra-eddf8230061-FRA
last-modified
Fri, 15 Sep 2023 08:15:52 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=15209,owidth=1344,oheight=896,obytes=1767628
x-timer
S1696855743.067823,VS0,VE1
etag
"8c39bad9d703d0677fd06dfc034f74d4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 5, 1
fe7f80e25c07179fed2d8f7ab8e7130b
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe7f80e25c07179fed2d8f7ab8e7130b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ce57fe647f5402397fbf1bf49c69b573760d708ca99deb82464a4638736a221f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe7f80e25c07179fed2d8f7ab8e7130b
age
253390
edge-cache-tag
319385278892084243524823343039641684896,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
319385278892084243524823343039641684896,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
295
req-referer
https://ads.taboola.com/
content-length
7382
x-request-id
3f390d2a6a15478545e3ee3fe43bb66d
x-backend-name
CH_nlb804
x-served-by
cache-iad-kcgs7200144-IAD, cache-iad-kjyo7100083-IAD, cache-iad-kcgs7200176-IAD, cache-fra-eddf8230061-FRA
last-modified
Fri, 06 Oct 2023 14:24:37 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=14746,owidth=940,oheight=529,obytes=54613
x-timer
S1696855743.071510,VS0,VE1
etag
"ae7dc0b1915fb12508b51d5987db832f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1
3611507-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/1/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/1/3611507-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1aad1ba2fbd5bbadf1f95f9655c4ae102c95fd6572104d78b5ddf51b8ee3a597

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/1/3611507-46.jpg
age
18607
edge-cache-tag
428799258223315268428778363553709473763,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
428799258223315268428778363553709473763,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
684
req-referer
https://www.walla.co.il/
content-length
8204
x-request-id
52cc95a2df51fb688b7384e9b1f5ee4b
x-backend-name
US_nlb104
x-served-by
cache-iad-kcgs7200142-IAD, cache-iad-kjyo7100119-IAD, cache-iad-kcgs7200023-IAD, cache-fra-eddf8230061-FRA
last-modified
Mon, 09 Oct 2023 07:38:34 GMT
server
nginx
surrogate-reporting
width=385,height=213,bytes=8107,owidth=385,oheight=216,obytes=5698
x-timer
S1696855743.077497,VS0,VE0
etag
"a31ab2e123d8811a286de2ce0b94dbc4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 2
3609288-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/0/9/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/0/9/3609288-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b9fb86c0a40a010a70dc6dbff1129c6533b94c26282d6cb7e152a8af1f5ac166

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/0/9/3609288-46.jpg
age
522496
edge-cache-tag
332595727826747204011032569464948033406,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
332595727826747204011032569464948033406,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
103
req-referer
https://www.walla.co.il/
content-length
9772
x-request-id
c00a6850d93f6541d1bf473f1c64eebe
x-backend-name
LA_nlb204
x-served-by
cache-iad-kiad7000069-IAD, cache-iad-kiad7000048-IAD, cache-sna10744-LGB, cache-iad-kjyo7100145-IAD, cache-fra-eddf8230061-FRA
last-modified
Tue, 03 Oct 2023 11:40:19 GMT
server
nginx
surrogate-reporting
width=883,height=490,bytes=33139,owidth=883,oheight=496,obytes=15932
x-timer
S1696855743.078562,VS0,VE0
etag
"179a5738fb55c0b2260ec56b60ed00bf"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 2, 2
43f26ae1dccc3d8160515c8de257a0a4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/43f26ae1dccc3d8160515c8de257a0a4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
efa66a94ef7122cf393e6b61e74ece6d790517eb7d901cc7a9a36aaebd16b076

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/43f26ae1dccc3d8160515c8de257a0a4.jpg
age
351166
edge-cache-tag
426336402369161135018781090864335508605,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
426336402369161135018781090864335508605,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
293
req-referer
https://www.sueddeutsche.de/
content-length
22166
x-request-id
a6b656f13d47880bf00b39fdde3b75ba
x-backend-name
CH_nlb804
x-served-by
cache-iad-kjyo7100120-IAD, cache-iad-kjyo7100104-IAD, cache-iad-kjyo7100123-IAD, cache-fra-eddf8230061-FRA
last-modified
Thu, 05 Oct 2023 10:38:48 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=27370,owidth=1067,oheight=600,obytes=858161
x-timer
S1696855743.078725,VS0,VE0
etag
"6b987e546658351871012e967ce0108f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 3
00b34a4035dc549d0609719e54a2035a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00b34a4035dc549d0609719e54a2035a.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
23382b9534161712a2dee8f93216a483bb32997e1ecb9ca3dbab7079553cc75d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00b34a4035dc549d0609719e54a2035a.png
age
1811804
edge-cache-tag
330184441911425794108049727948765940498,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
330184441911425794108049727948765940498,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
147
expiration
expiry-date="Fri, 22 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.espn.com/
content-length
17540
x-backend-name
US_nlb101
x-served-by
cache-iad-kcgs7200161-IAD, cache-iad-kiad7000056-IAD, cache-iad-kiad7000058-IAD, cache-fra-eddf8230061-FRA
last-modified
Tue, 22 Aug 2023 08:54:04 GMT
server
nginx
surrogate-reporting
width=340,height=189,owidth=1204,oheight=668,obytes=1748119
x-timer
S1696855743.080738,VS0,VE1
etag
"75e1470d86f650b58ffe8ca4b7e8925a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 6, 1
0208012f3133e50757c2b393d3ab3655
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0208012f3133e50757c2b393d3ab3655
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
57b29ec6f2a022e39a851846bcd096861fa98ab8ee4f07ced17554ef84568425

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0208012f3133e50757c2b393d3ab3655
age
249341
edge-cache-tag
626692332432042755254392617535215798749,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
626692332432042755254392617535215798749,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
358
req-referer
https://www.walla.co.il/
content-length
11188
x-request-id
e58d0275831da6dc653f48ecdc545e10
x-backend-name
CH_nlb801
x-served-by
cache-iad-kiad7000179-IAD, cache-iad-kiad7000124-IAD, cache-iad-kjyo7100164-IAD, cache-fra-eddf8230061-FRA
last-modified
Mon, 02 Oct 2023 15:21:12 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=24176,owidth=940,oheight=529,obytes=67724
x-timer
S1696855743.088583,VS0,VE2
etag
"8e289f03310cac6e7e8eaa48b188a285"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1
1307905824__8FQZKzP4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/1307905824__8FQZKzP4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
92264c925f0b6212d5009dd403ab653ee0b31cd697d0900d68bbbdd266e5ecc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/1307905824__8FQZKzP4.jpg
age
529915
edge-cache-tag
386729593019003987516845094887405581257,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
cache-tag
386729593019003987516845094887405581257,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
47
req-referer
https://mein-mallorca.org/
content-length
12814
x-request-id
8d6129d66c32068c59d71e457b22eef0
x-backend-name
US_nlb103
x-served-by
cache-iad-kcgs7200032-IAD, cache-iad-kjyo7100080-IAD, cache-iad-kjyo7100097-IAD, cache-fra-eddf8230061-FRA
last-modified
Sat, 09 Sep 2023 09:39:38 GMT
server
nginx
surrogate-reporting
width=360,height=212,bytes=18889,owidth=2121,oheight=1414,obytes=1287130
x-timer
S1696855743.108965,VS0,VE1
etag
"be65b9ebe633b79f5321ebc4b2ff5799"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1
view
securepubads.g.doubleclick.net/pcs/ Frame 134A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssa0wcSqINyiV4ul2puCkkF-tCHW8ZMfGqrIertNmj-Za490aK0rpk7WCWDFl2WYc1ssXwAAD1dCBJmkps0g8DAppFvcFu2p1BUA_xEhneW9Bz_pg6V8ZmSTyaiMidRlQ6qy4PsZNcfDzMzWz5gXkoJ6wTvHTDug_LGHDbbK16GergjTgZFCOIjt_ql131HPf9fLmOmni0dCQSzUZLJXuc8sZMN3Z3JLnxTs41LC9RuHBH7lmKC91RIUd6MJ4QrHDj4tMZ_9q97Tx_wlVdeH4k4paKG_sVkvOu3-BDzYaoVRHNjuMLHwX2gjM4pElbMvPS-ZvKUJLdQX6OY7JS4p3nISBdwIdLn-bTR5e2G0hn3FtH7KKw&sai=AMfl-YQNgvGPjPkEl5DW52JUB5SfrpIxubHczxEm5uJ2sLJuIAFS3_DhtL5-NZSvMvhXDUxTpqkXJLIlHNSdGFtMSwh2u3PegWztnq-W1YO_swi99wiV6SJaMGNT7wvCCy0&sig=Cg0ArKJSzBdfWsbS6nQ8EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 134A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:33:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
15328
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 08:33:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 134A 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Oct 2023 12:49:03 GMT
13668303644406596739
tpc.googlesyndication.com/simgad/ Frame 134A 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13668303644406596739
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9792e2a0d3d94a3cc858a6aa1a097f3959f0f1dd663ab47535c23630dd13d531
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 10:11:08 GMT
x-content-type-options
nosniff
age
95875
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20291
x-xss-protection
0
last-modified
Sun, 08 Oct 2023 10:09:48 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 07 Oct 2024 10:11:08 GMT
l
www.google.com/ads/measurement/ Frame 134A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRR-AiwAbLKYHiqYHRPnQJuQBy2_5UTHuNhBQBZDcikxTUxmlFyAdbBkWBFVVcZAIyB43Gi0L9VYlIY8zt0h66nUuNzOw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
truncated
/ Frame 134A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a84ac483ad8a095286f649c7e4d654c3d08fb52e49cf601fb393919ca71f5ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0356 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
11913
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 09:30:30 GMT
expires
Tue, 08 Oct 2024 09:30:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C532 		829 B
562 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d23efe46ad3a605a1c4bfb6a2f62e07c792780d15e187f533c661038ac64b747
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6Ggy9LbZkvNITUSCvE5KFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-6Ggy9LbZkvNITUSCvE5KFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 12:49:03 GMT
expires
Mon, 09 Oct 2023 12:49:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
index.m3u8
amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb50341f657b60909fd43c60f2b53dff915f3edd062fd12b6fba4cf02c9f4b06c2ffe1bd895bee68429f14ce06533357596cdb51d87818d7af3... Frame 7E44 		13 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb50341f657b60909fd43c60f2b53dff915f3edd062fd12b6fba4cf02c9f4b06c2ffe1bd895bee68429f14ce06533357596cdb51d87818d7af3ae80d611b4226e1c1f664dc9a1517b1de1f3251cb1e632de21e49897e0632feec19038a74f55a0d01e7046b1963dcea47ad6857cc8302957e2d82bdbe306f2c180680585ee2be5da5edf55e4cd06ba5e74e4f882943b6805fc8d549ee9ddd099f419b22f746c8c6f0d8874481d091011e66884061ece6aff8f018e9ab799398fd4e3c8e7c2948072797c9f1db7b4c4ac3de3e8299eeaa77f003cbf34ae9e78e7461ea27a8358565a80cb5e60cddc5521d96204bc6e66c1b5582e4a48ff578041ebae9b6fdd87e7e9ce4133220a3088f73796ac9af887c80b26775168944b1413d41aebe8a6f98dac1cffae06f8937c5d7f1d71f475c6f0d0cbc8fc3f079f626c771a4c2126e090314edd262cd88dd5127710fa8b41e854355e980cbb4d6006d9e3b5b42be34901b247cdc38694be02fd2932823dc755dcb666bbb101ea876d19460b5abd2ee037b92dbc449f026af9602c0f90fac226d0855fda2620a1c1f259ebf3254704ac243e5c1c3ae225a57a2a49b8cb5395230301956039cf1a721cbfca7072956900368300e537df023d966d80c4c7a5eea16c1a30471c54b611aefa93b524d7fd4af958494ddde4ba575b19cab214ef8dca2f91417a9a22c6f8de3f43628f3/36/640x360_642400/index.m3u8
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/3589_26d30df0f2e2888527b1_26d30df0f2e2888527b1_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-37.fra6.r.cloudfront.net
Software
/
Resource Hash
83838167ee7428fb56e2b7d15e9ee4f6f8075841a875e426646522043848eacb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 google, 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
content-encoding
br
last-modified
Mon, 09 Oct 2023 12:48:56 GMT
x-amz-cf-pop
FRA6-C1
x-cache-status
FRA-fa985ced, miss
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
https://www.walla.co.il
x-cache
Miss from cloudfront
cache-control
max-age=1
access-control-allow-credentials
true
accept-ranges
none
x-amz-cf-id
OGxrrfsO4jrqpj5byp8S88F213vNaqYKWtdU4lJtt9WSWfVB50csAQ==
ads
pubads.g.doubleclick.net/gampad/ Frame 81EC 		475 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=43010785%2Fwallanews%2Fmain%2Fpre_desktop&sz=635x360%7C640x480%7C640x480%7C640x360%7C635x360&url=https%3A%2F%2Fwww.walla.co.il%2F&description_url=https%3A%2F%2Fwww.walla.co.il%2F&cust_params=app_name%3Dfalse%26providerId%3D0%26item_id%3D0%26vertical_id%3D173%26vertical_name%3D%D7%95%D7%95%D7%90%D7%9C%D7%94%26category_id%3D0%26item_type%3D%26exclusive%3Dnot%26login%3Dno%26isMobileApp%3Dfalse&output=xml_vmap1&vpi=1&gdfp_req=1&env=vp&unviewed_position_start=1&vpa=click&vpmute=1&sdkv=h.3.594.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=2054437229&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.594.0&media_url=blob%3Ahttps%253a%2F%2Fwww.walla.co.il%2F517d3b0c-52d7-4efe-b23e-914c920426f7&sid=CCE4611A-D886-4EB3-9247-70639B572850&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604%2C44803005&ref=https%3A%2F%2Fwww.walla.co.il%2F&top=https%3A%2F%2Fwww.walla.co.il%2F&loc=https%3A%2F%2Fwww.walla.co.il%2Fpublic%2Fplayer.html%3Fautoplay%3Dtrue%26imaAdUnit%3D43010785%252Fwallanews%252Fmain%252Fpre_desktop%26imaKeyValues%3D%257B%2522app_name%2522%253Afalse%252C%2522providerId%2522%253A0%252C%2522item_id%2522%253A0%252C%2522vertical_id%2522%253A173%252C%2522vertical_name%2522%253A%2522%25D7%2595%25D7%2595%25D7%2590%25D7%259C%25D7%2594%2522%252C%2522category_id%2522%253A0%252C%2522item_type%2522%253A%2522%2522%252C%2522exclusive%2522%253A%2522not%2522%252C%2522login%2522%253A%2522no%2522%252C%2522isMobileApp%2522%253Afalse%257D%26muted%3Dtrue%26player%3Dwalla%26stream%3Dhttps%253A%252F%252Fcdn-uw2-prod.tsv2.amagi.tv%252Flinear%252Famg01742-walla-wallanews-ono%252Fplaylist.m3u8%26url%3Dhttps%253A%252F%252Fwww.walla.co.il%252F%26ver%3D2023&dt=1696855743272&cookie=ID%3Db87cec4a34b635e9%3AT%3D1696855741%3ART%3D1696855741%3AS%3DALNI_MbclvPU_51s-bXoJg7ba196jFfh-A&gpic=UID%3D00000c931ae61db7%3AT%3D1696855741%3ART%3D1696855741%3AS%3DALNI_MZQAKTPkMRyfGx7JWhrflDDIIsyhg&correlator=3704486877809234&scor=2386494415320532&ged=ve4_td2_tt0_pd2_la2000_er1700.200.1700.200_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c304344eff955b3da1e3ab3ffc88dea0fe128903e53895978136eb4f431abfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
1307905824__8FQZKzP4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/1307905824__8FQZKzP4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
92264c925f0b6212d5009dd403ab653ee0b31cd697d0900d68bbbdd266e5ecc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/1307905824__8FQZKzP4.jpg
age
529915
edge-cache-tag
386729593019003987516845094887405581257,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
cache-tag
386729593019003987516845094887405581257,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
47
req-referer
https://mein-mallorca.org/
content-length
12814
x-request-id
8d6129d66c32068c59d71e457b22eef0
x-backend-name
US_nlb103
x-served-by
cache-iad-kcgs7200032-IAD, cache-iad-kjyo7100080-IAD, cache-iad-kjyo7100097-IAD, cache-fra-eddf8230061-FRA
last-modified
Sat, 09 Sep 2023 09:39:38 GMT
server
nginx
surrogate-reporting
width=360,height=212,bytes=18889,owidth=2121,oheight=1414,obytes=1287130
x-timer
S1696855743.300791,VS0,VE0
etag
"be65b9ebe633b79f5321ebc4b2ff5799"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 2
732deb2a72dfa0f6d1aa742b172e2895.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/732deb2a72dfa0f6d1aa742b172e2895.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
782d0736ef185ea212091405c65374f1208ddc1fd62f7291b9efc1aecd444b4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/732deb2a72dfa0f6d1aa742b172e2895.jpg
age
1644075
edge-cache-tag
459946194497192590537253935243328834748,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
459946194497192590537253935243328834748,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
242
expiration
expiry-date="Mon, 02 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.kicker.de/
content-length
16740
x-backend-name
LA_nlb203
x-served-by
cache-iad-kcgs7200170-IAD, cache-iad-kcgs7200170-IAD, cache-sna10747-LGB, cache-iad-kiad7000110-IAD, cache-fra-eddf8230061-FRA
last-modified
Fri, 01 Sep 2023 04:43:23 GMT
server
nginx
surrogate-reporting
width=340,height=189,owidth=1067,oheight=600,obytes=802474
x-timer
S1696855743.300641,VS0,VE0
etag
"e046b02577cf1cf2a7de7045309ffa9f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 368, 3
221655ce032044f5ae2f7f6de9ec5bdb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/221655ce032044f5ae2f7f6de9ec5bdb.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3830d364bd7e1323e0c98acb5c9849d90670822dbb77a5588c61d4baed17ac08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/221655ce032044f5ae2f7f6de9ec5bdb.jpg
age
2602996
edge-cache-tag
494366385138543953060662240160626996212,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
494366385138543953060662240160626996212,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
88
expiration
expiry-date="Sun, 10 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://today.line.me/
content-length
11398
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000041-IAD, cache-iad-kjyo7100083-IAD, cache-iad-kjyo7100039-IAD, cache-fra-eddf8230061-FRA
last-modified
Thu, 10 Aug 2023 01:51:21 GMT
server
nginx
x-timer
S1696855743.300927,VS0,VE0
etag
"527408fc3902e52710479b5a71c3bdd3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 20, 2
dba7a4e86280859f904c417734463117.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dba7a4e86280859f904c417734463117.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2d86cc573c7a00d81cce15384441babc5e61f895ab1cd96812b86989ce1c8873

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dba7a4e86280859f904c417734463117.jpg
age
609540
edge-cache-tag
358758132626213703092736147958903512829,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
358758132626213703092736147958903512829,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
390
expiration
expiry-date="Mon, 16 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.calcalist.co.il/
content-length
9086
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100131-IAD, cache-iad-kjyo7100104-IAD, cache-lax10664-LGB, cache-iad-kiad7000126-IAD, cache-fra-eddf8230061-FRA
last-modified
Fri, 15 Sep 2023 12:33:05 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=16139,owidth=1920,oheight=1080,obytes=665930
x-timer
S1696855743.300642,VS0,VE0
etag
"8e4bf9cc45afd8684648617c9ea507ce"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 2
46fbfee2ae6e5fb94876d9baea617ee3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46fbfee2ae6e5fb94876d9baea617ee3.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
99357389be347481ea6b9b77d94643ffc97cbf51c4be1b801b635496c70e9927

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/46fbfee2ae6e5fb94876d9baea617ee3.jpg
age
2333481
edge-cache-tag
431245638440729080228318667116461111866,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
431245638440729080228318667116461111866,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
167
expiration
expiry-date="Thu, 28 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.rundschau-online.de/
content-length
20926
x-backend-name
US_nlb101
x-served-by
cache-iad-kcgs7200035-IAD, cache-iad-kiad7000140-IAD, cache-iad-kjyo7100174-IAD, cache-fra-eddf8230061-FRA
last-modified
Mon, 28 Aug 2023 12:17:31 GMT
server
nginx
surrogate-reporting
width=1000,height=555,owidth=1000,oheight=600,obytes=368059
x-timer
S1696855743.300570,VS0,VE0
etag
"25ab807eab01fdf4cb58769079f58331"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 179, 2
0bf2fe1e50ca23352b4225abbca3bbe4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0bf2fe1e50ca23352b4225abbca3bbe4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d064a29640bfd997ce38d1861ebcd5c6ebe721972e5c0030a7cbb297b162c29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0bf2fe1e50ca23352b4225abbca3bbe4.jpg
age
4165895
edge-cache-tag
578688334154265888352565686747097829264,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
cache-tag
578688334154265888352565686747097829264,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
78
expiration
expiry-date="Thu, 24 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.kicker.de/
content-length
16048
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000159-IAD, cache-iad-kiad7000150-IAD, cache-lax10621-LGB, cache-iad-kjyo7100078-IAD, cache-fra-eddf8230061-FRA
last-modified
Mon, 24 Jul 2023 13:06:38 GMT
server
nginx
x-timer
S1696855743.300557,VS0,VE0
etag
"71d6a128e1546fe251c0b8846d814059"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 641, 3
1da13c416e4ae1117b79c8d2518d5f26.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1da13c416e4ae1117b79c8d2518d5f26.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8ef2e4b14f9970a0f7951a3938bb6e73348d1f4b23fe7bb6573a0917cce75b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1da13c416e4ae1117b79c8d2518d5f26.png
age
1743778
edge-cache-tag
411353838435870792009935523382245975514,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
411353838435870792009935523382245975514,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
63
req-referer
https://www.billboard.com/
content-length
17788
x-request-id
310a0eec9ce4dc96de5ccd398864aaf6
x-backend-name
US_nlb101
x-served-by
cache-iad-kjyo7100078-IAD, cache-iad-kjyo7100167-IAD, cache-iad-kiad7000150-IAD, cache-fra-eddf8230061-FRA
last-modified
Mon, 18 Sep 2023 14:23:35 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=28033,owidth=1000,oheight=600,obytes=868654
x-timer
S1696855743.316218,VS0,VE0
etag
"7983564caed64dce967bc00a456cd43a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 51, 2
38eaa3536db42856ffcf552116219537.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/38eaa3536db42856ffcf552116219537.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8b88789866707cc2a66343215919e4ecdcc01fbee1d6e8e79a95f9401775d11e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/38eaa3536db42856ffcf552116219537.png
age
1823247
edge-cache-tag
564229015779271618797165079865142645018,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
564229015779271618797165079865142645018,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
445
req-referer
https://www.sport1.de/
content-length
9700
x-request-id
dddedcb212f88a951e8d5142aa6b6315
x-backend-name
LA_nlb204
x-served-by
cache-iad-kiad7000106-IAD, cache-iad-kcgs7200077-IAD, cache-sna10724-LGB, cache-iad-kcgs7200171-IAD, cache-fra-eddf8230061-FRA
last-modified
Fri, 15 Sep 2023 08:15:52 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=15209,owidth=1344,oheight=896,obytes=1767628
x-timer
S1696855743.316160,VS0,VE0
etag
"8c39bad9d703d0677fd06dfc034f74d4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 5, 2
fe7f80e25c07179fed2d8f7ab8e7130b
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe7f80e25c07179fed2d8f7ab8e7130b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ce57fe647f5402397fbf1bf49c69b573760d708ca99deb82464a4638736a221f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fe7f80e25c07179fed2d8f7ab8e7130b
age
253390
edge-cache-tag
319385278892084243524823343039641684896,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
319385278892084243524823343039641684896,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
295
req-referer
https://ads.taboola.com/
content-length
7382
x-request-id
3f390d2a6a15478545e3ee3fe43bb66d
x-backend-name
CH_nlb804
x-served-by
cache-iad-kcgs7200144-IAD, cache-iad-kjyo7100083-IAD, cache-iad-kcgs7200176-IAD, cache-fra-eddf8230061-FRA
last-modified
Fri, 06 Oct 2023 14:24:37 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=14746,owidth=940,oheight=529,obytes=54613
x-timer
S1696855743.316165,VS0,VE0
etag
"ae7dc0b1915fb12508b51d5987db832f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 2
3611507-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/1/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/1/3611507-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1aad1ba2fbd5bbadf1f95f9655c4ae102c95fd6572104d78b5ddf51b8ee3a597

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/1/1/3611507-46.jpg
age
18607
edge-cache-tag
428799258223315268428778363553709473763,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
428799258223315268428778363553709473763,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
684
req-referer
https://www.walla.co.il/
content-length
8204
x-request-id
52cc95a2df51fb688b7384e9b1f5ee4b
x-backend-name
US_nlb104
x-served-by
cache-iad-kcgs7200142-IAD, cache-iad-kjyo7100119-IAD, cache-iad-kcgs7200023-IAD, cache-fra-eddf8230061-FRA
last-modified
Mon, 09 Oct 2023 07:38:34 GMT
server
nginx
surrogate-reporting
width=385,height=213,bytes=8107,owidth=385,oheight=216,obytes=5698
x-timer
S1696855743.316135,VS0,VE0
etag
"a31ab2e123d8811a286de2ce0b94dbc4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 3
3609288-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/0/9/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/0/9/3609288-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b9fb86c0a40a010a70dc6dbff1129c6533b94c26282d6cb7e152a8af1f5ac166

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/6/0/9/3609288-46.jpg
age
522496
edge-cache-tag
332595727826747204011032569464948033406,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
332595727826747204011032569464948033406,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
103
req-referer
https://www.walla.co.il/
content-length
9772
x-request-id
c00a6850d93f6541d1bf473f1c64eebe
x-backend-name
LA_nlb204
x-served-by
cache-iad-kiad7000069-IAD, cache-iad-kiad7000048-IAD, cache-sna10744-LGB, cache-iad-kjyo7100145-IAD, cache-fra-eddf8230061-FRA
last-modified
Tue, 03 Oct 2023 11:40:19 GMT
server
nginx
surrogate-reporting
width=883,height=490,bytes=33139,owidth=883,oheight=496,obytes=15932
x-timer
S1696855743.316133,VS0,VE0
etag
"179a5738fb55c0b2260ec56b60ed00bf"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 2, 3
43f26ae1dccc3d8160515c8de257a0a4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/43f26ae1dccc3d8160515c8de257a0a4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
efa66a94ef7122cf393e6b61e74ece6d790517eb7d901cc7a9a36aaebd16b076

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/43f26ae1dccc3d8160515c8de257a0a4.jpg
age
351166
edge-cache-tag
426336402369161135018781090864335508605,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
426336402369161135018781090864335508605,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
293
req-referer
https://www.sueddeutsche.de/
content-length
22166
x-request-id
a6b656f13d47880bf00b39fdde3b75ba
x-backend-name
CH_nlb804
x-served-by
cache-iad-kjyo7100120-IAD, cache-iad-kjyo7100104-IAD, cache-iad-kjyo7100123-IAD, cache-fra-eddf8230061-FRA
last-modified
Thu, 05 Oct 2023 10:38:48 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=27370,owidth=1067,oheight=600,obytes=858161
x-timer
S1696855743.316103,VS0,VE0
etag
"6b987e546658351871012e967ce0108f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 4
00b34a4035dc549d0609719e54a2035a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00b34a4035dc549d0609719e54a2035a.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
23382b9534161712a2dee8f93216a483bb32997e1ecb9ca3dbab7079553cc75d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/00b34a4035dc549d0609719e54a2035a.png
age
1811804
edge-cache-tag
330184441911425794108049727948765940498,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
330184441911425794108049727948765940498,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
147
expiration
expiry-date="Fri, 22 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.espn.com/
content-length
17540
x-backend-name
US_nlb101
x-served-by
cache-iad-kcgs7200161-IAD, cache-iad-kiad7000056-IAD, cache-iad-kiad7000058-IAD, cache-fra-eddf8230061-FRA
last-modified
Tue, 22 Aug 2023 08:54:04 GMT
server
nginx
surrogate-reporting
width=340,height=189,owidth=1204,oheight=668,obytes=1748119
x-timer
S1696855743.329850,VS0,VE0
etag
"75e1470d86f650b58ffe8ca4b7e8925a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 6, 2
0208012f3133e50757c2b393d3ab3655
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0208012f3133e50757c2b393d3ab3655
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
57b29ec6f2a022e39a851846bcd096861fa98ab8ee4f07ced17554ef84568425

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0208012f3133e50757c2b393d3ab3655
age
249341
edge-cache-tag
626692332432042755254392617535215798749,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag
626692332432042755254392617535215798749,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
358
req-referer
https://www.walla.co.il/
content-length
11188
x-request-id
e58d0275831da6dc653f48ecdc545e10
x-backend-name
CH_nlb801
x-served-by
cache-iad-kiad7000179-IAD, cache-iad-kiad7000124-IAD, cache-iad-kjyo7100164-IAD, cache-fra-eddf8230061-FRA
last-modified
Mon, 02 Oct 2023 15:21:12 GMT
server
nginx
surrogate-reporting
width=340,height=189,bytes=24176,owidth=940,oheight=529,obytes=67724
x-timer
S1696855743.329869,VS0,VE0
etag
"8e289f03310cac6e7e8eaa48b188a285"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 2
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		131 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
636fa83efec532ea5b901c05157edc09d1b51c0a281cfbcb231423c5ab19e1ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
content-encoding
gzip
last-modified
Mon, 09 Oct 2023 11:18:07 GMT
server
cloudflare
age
0
etag
W/"11dca176cc195a72ed692d371d752f737eb042e4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
8136bdcc5c575b98-FRA
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Mon, 09 Oct 2023 12:49:03 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
595577
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 02 Oct 2023 15:19:33 GMT
Server
cloudflare
ETag
W/"0680a0a53dae661d4707e1cc0f6bc95a"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGsQPWaA%2BiiqbPNua4fmwds748bVCaDg0xuNRGTkw6E%2BhYZQas1Bg8qH1xA1IdDNdK%2BYNF317Z0dQLoB4fQm5Chx8YsMfYiiSgU1wIeh%2FO6Am%2Fbe9fGOAh472LPTAhcy4s5Lx9Af6I6D9yNe"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
8136bdcbbcc635f3-FRA
debug
trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/wallail-walla/log/2/debug?tim=14%3A49%3A03.316&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=1967&cv=20231009-1-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19639
supply-feature
trc-events.taboola.com/wallail-walla/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/wallail-walla/log/3/supply-feature?lti=deflated&ri=eb69848a3e813c001a27b5dc4ead1070&sd=v2_1ce468c120894bc845fe2058fd348341_1325017b-8e75-4532-adc8-7bce57d968e3-tuctc1d7c3d_1696855741_1696855741_CIi3jgYQk-FcGMyq76OxMSABKAEwODib4wlAiIoQSKvH2QNQ____________AVgAYABoqNjagrmd0eOnAXAA&ui=1325017b-8e75-4532-adc8-7bce57d968e3-tuctc1d7c3d&pi=/&pt=home&vi=1696855741772&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22114.078125%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=14%3A49%3A03.355&id=4945&llvl=2&cv=20231009-1-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:03 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
decode_consent.js
static.smilewanted.com/js/decode_consent/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1023593
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
8136bdcc2e24364a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame C1A4 		0
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8136bdccaef6364a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 12:49:03 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 6D95 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 09 Oct 2023 12:49:03 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
view
securepubads.g.doubleclick.net/pcs/ Frame 134A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOgVa2ahyyJEwwBtvG075y9q_WMp5cziK5D3eXs38umVi17aEz1PsXxYFYfdli88OtGTPbrQ5BDBTlnkWxjn7LlATI0vgKXl4iOvWfC_VtJq6P8r5VkKQB5t-7wYWgu1tW1xm_aMMK5_lR3e7sNoMY3_Swqx75SA2NXkRDz6m7ltFGM_OoZjSZLC8J4_yplfL2AxmZPub5-7WrDLGcXRPQJi6qqyIqemi1wsE772rpE3BUCnuLBf5xipVknEozq0ipWdBkAekvBBotTBcMbhFUgX_SMulKyr8JadyHpP7U6ewWlt8R3kGq5Lad9JS7BddKwIX_S9wu0vuMsH-dSuYwtRppp62Ccag&sai=AMfl-YR468NarTc6v-4kP-ZrYmSlMjoglumnIRgEX9luvQUjCz7cvZ6IIHtBVda3IBNbKHkHSmkMedb1tZZNrPtUk-FqoDDjso92gkuaSs0y36b1jo-dOjIUwniJ1RgTc7o&sig=Cg0ArKJSzJLi0vFdPxiuEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 09 Oct 2023 12:49:03 GMT
pixel
ap.lijit.com/ Frame 89C6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 09 Oct 2023 12:49:03 GMT
X-Sovrn-Pod
ad_ap1ams1
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame 0356 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 11:52:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
3372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Oct 2024 11:52:51 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 354B
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
95 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Mon, 09 Oct 2023 12:44:18 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 12:44:18 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
server
nginx
x-powered-by
PHP/8.2.4
debug
trc-events.taboola.com/wallail-walla/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/wallail-walla/log/2/debug?tim=14%3A49%3A03.630&type=error&msg=Uncaught%20RangeError%3A%20Maximum%20call%20stack%20size%20exceeded%3A%201%40https%3A%2F%2Fvidstat.taboola.com%2Flite-unit%2F4.4.2%2FUnitFeedManagerDesktop.min.js&llvl=2&id=9724&cv=20231009-1-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27160
sodar
pagead2.googlesyndication.com/pagead/ Frame C532 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310030101&jk=1931849544333114&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
RX-48b4ce40-3445-43a9-bf60-f7d9a1ccc49e-003
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame 8074
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1696855743776
  • https://ad.turn.com/r/cs?pid=45&rndcb=7280243439
  • https://sync.1rx.io/usersync/turn/3522402999126292583?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-48b4ce40-3445-43a9-bf60-f7d9a1ccc49e-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-48b4ce40-3445-43a9-bf60-f7d...
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-48b4ce40-3445-43a9-bf60-f7d9a1ccc49e-003
0
774 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-48b4ce40-3445-43a9-bf60-f7d9a1ccc49e-003
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8136bdd25fb5364a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 12:49:04 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-type
text/html
date
Mon, 09 Oct 2023 12:49:04 GMT
etag
RX48b4ce40344543a9bf60f7d9a1ccc49e003
location
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-48b4ce40-3445-43a9-bf60-f7d9a1ccc49e-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
24aacee7-37a4-521a-a588-3004c0abc6bb
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 9144
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=8133837807451030747
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/24aacee7-37a4-521a-a588-3004c0abc6bb
0
395 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/24aacee7-37a4-521a-a588-3004c0abc6bb
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8136bdce799d364a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 12:49:03 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/24aacee7-37a4-521a-a588-3004c0abc6bb
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=1931849544333114&vrg=202310030101&nw_id=43010785&nslots=21&eid=31077098%2C31078636%2C676982961%2C44804939&pub_url=https%3A%2F%2Fwww.walla.co.il%2F&qid=CN6bpp6A6YEDFfKT_QcdzGAPbg&iu=43010785%2Fwallanews%2Fmain%2Fnickbar_desktop&e=0&ret=1200x40&req=1200x40&bm=0&efh=0&stk=1&ifi=17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
smwt256.gif
us.ck-ie.com/ Frame 30AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Mon, 09 Oct 2023 12:49:04 GMT
Server
nginx
cookie
cm.adform.net/ Frame 0DD2 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Mon, 09 Oct 2023 12:49:03 GMT
server
nginx
csi
csi.gstatic.com/ Frame 81EC 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lniw3ikg&c=2360191116871&slotId=1180095558435.5&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:03 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=454211236&t=event&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=IMAPluginLoaded&el=&_u=aHDAAEABEAAAACAUI~&jid=&gjid=&cid=1859869165.1696855740&tid=UA-4780630-1&_gid=606652621.1696855740&gtm=45He3a40n71T728TH&cd1=1859869165.1696855740&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=0&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&cd122=GTM%20video%20event%20To%20GA&cd123=https%3A%2F%2Fwww.walla.co.il%2F&cd124=&cd35=editorial&cd38=Live&cd39=Live&cd44=true&cd47=Live&cd49=&cd50=Live&cd72=true&z=1153731284
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 00:36:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43968
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
k-ahr92xEFbZ1EV8Wm5vD8LUUdKfIySg2OCDZF4g
csync.smilewanted.com/set_partner_userid_get/criteo/ Frame EDC5
Redirect Chain
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230
  • https://dis.criteo.com/dis/usersync.aspx?r=73&p=230&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fgdprapplies%3d0%26gdpr%3d%26redir%3dhttps%253A%252F%252Fcsync.smilewanted.co...
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24{CRITEO_USER_ID}&profile=230&uid=0169fda1-4764-44...
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=qXgoMF9malF0JTJCUSUyQkE0aHhCR0pSTVFWdGwyYVhud0F6bThzcER5aEVZM1Z2M3V2ZjR6YTl2SVRMQU5PTUF3VWVpd1A2Q3JVR3hEMUpZb0VVMUlUQnFNbVAwUCUyQmRkbUxHN2QzNUNKN...
  • https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=qXgoMF9malF0JTJCUSUyQkE0aHhCR0pSTVFWdGwyYVhud0F6bThzcER5aEVZM1Z2M3V2ZjR6YTl2SVRMQU5PTUF3VWVpd1A2Q3JVR3hEMUpZb0VVMUlUQnFNbVAwUCUyQmRkbUxHN2Q...
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-xOAk9hEFbZ1EV8Wm5vD8LUUdKfJKoS4zdJeXsA&gdpr=&gdpr_consent=
  • https://ssp-sync.criteo.com/user-sync/match?p=qXgoMF9malF0JTJCUSUyQkE0aHhCR0pSTVFWdGwyYVhud0F6bThzcER5aEVZM1Z2M3V2ZjR6YTl2SVRMQU5PTUF3VWVpd1A2Q3JVR3hEMUpZb0VVMUlUQnFNbVAwUCUyQmRkbUxHN2QzNUNKN1JvNWp...
  • https://csync.smilewanted.com/set_partner_userid_get/criteo/k-ahr92xEFbZ1EV8Wm5vD8LUUdKfIySg2OCDZF4g
0
512 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/criteo/k-ahr92xEFbZ1EV8Wm5vD8LUUdKfIySg2OCDZF4g
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8136bdd1ef16364a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 12:49:04 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-store,max-age=0
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 12:49:03 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/criteo/k-ahr92xEFbZ1EV8Wm5vD8LUUdKfIySg2OCDZF4g
server
Kestrel
strict-transport-security
max-age=31536000; preload;
5faf2f8c39e7aa43735f5b7def5e7e1
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 2FBA
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/5faf2f8c39e7aa43735f5b7def5e7e1?gdpr_consent=&gdpr=0
0
451 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/5faf2f8c39e7aa43735f5b7def5e7e1?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8136bdd03c37364a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 12:49:04 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 09 Oct 2023 12:49:04 GMT
Expires
Mon, 09 Oct 2023 12:49:04 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/5faf2f8c39e7aa43735f5b7def5e7e1?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1696855743935093-411
v1
match.sharethrough.com/universal/ Frame F4A9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.192.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-192-135.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 09 Oct 2023 12:49:03 GMT
bulk
trc.taboola.com/wallail-walla/log/3/ 		0
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/wallail-walla/log/3/bulk?tvi48=9598&tvi50=-50&route=AM%3AAM%3AV&lti=deflated&bulkSize=6
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231009-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
date
Mon, 09 Oct 2023 12:49:04 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7240
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230061-FRA
pragma
no-cache
server
nginx
x-timer
S1696855744.046449,VS0,VE10
content-type
image/gif
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
csi
csi.gstatic.com/ Frame 81EC 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lniw3jg0&c=2360191116871&slotId=1180095558435.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604%2C44803005
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:04 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 0356 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?7NCFHA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:04 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Mon, 09 Oct 2023 12:49:04 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
22881
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230061-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1696855744.323917,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
93
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
20761
activeview
pagead2.googlesyndication.com/pcs/ Frame 134A 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvuT9QmaH7HkLbmwAyJOyigJ-TiOz92OjP6u75c3kwsKL_C8kliYtQ5mCfi8MofDmeI29xLWb4xFPYWDUDX27owW5dsV_FoylUbGW1ma0iBppQu7kuKhy0q1nyehmUW&sig=Cg0ArKJSzAEGkzZk6zSzEAE&id=lidar2&mcvt=1006&p=1160,200,1200,1400&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20231004&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1750305995&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696855743128&rpt=428&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 09 Oct 2023 12:49:04 GMT
server
Google Frontend
x-cloud-trace-context
d5677bbb40d7a735dbe7580267cc266b
x-request-id
undefined
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics
Requested by
Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
x-request-id
b1f89591-1e43-4e53-b887-914cb9971e06
x-vad-version
0.14.16

Response headers

date
Mon, 09 Oct 2023 12:49:04 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
baf9211038af374f6562789beee35882
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
x-request-id
undefined
ads
securepubads.g.doubleclick.net/gampad/ 		264 KB
67 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1931849544333114&correlator=2889168968981521&eid=31077098%2C31078636%2C676982961%2C44804939&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cskyscraper_desktop%2Ctop_desktop%2Crectangle_hp3_desktop%2Cpremium_rectangle1_desktop%2Cyad2_rectangle_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7&prev_iu_szs=120x600%7C160x600%2C1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%7C1200x1%7C1200x90%7C1200x250%7C1200x330%7C1200x350%7C1200x550%2C300x250%2C300x250%2C300x250&ifi=18&didk=1193244742~1193245113~1193245112~1193245115~1193245114&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Db87cec4a34b635e9%3AT%3D1696855741%3ART%3D1696855741%3AS%3DALNI_MbclvPU_51s-bXoJg7ba196jFfh-A&gpic=UID%3D00000c931ae61db7%3AT%3D1696855741%3ART%3D1696855741%3AS%3DALNI_MZQAKTPkMRyfGx7JWhrflDDIIsyhg&abxe=1&dt=1696855744676&lmt=1696848544&adxs=1480%2C920%2C516%2C200%2C516&adys=160%2C173%2C839%2C839%2C1105&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0&ucis=i%7Cj%7Ck%7Cl%7Cm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&vis=1&psz=120x0%7C1200x0%7C300x0%7C300x0%7C300x0&msz=120x0%7C1200x0%7C300x0%7C300x0%7C300x0&fws=4%2C4%2C4%2C4%2C4&ohw=120%2C1200%2C300%2C300%2C300&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGskZNz718BqxHigLtO7P59zMztHxmaMR1v8OQ8dU04Pjm5v2nOxbnIhqq9xeWS8uCjH1UE975r7DBhgbkIHyFO_H7w04gQs-PDaFDE0&ga_vid=1859869165.1696855740&ga_sid=1696855742&ga_hid=454211236&ga_fc=true&ga_cid=606652621.1696855740&dlt=1696855739678&idt=1816&prev_scp=slot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drectangle_hp3_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dpremium_rectangle1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dyad2_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&cust_params=dxseg%3D&adks=2273020715%2C885339186%2C1717219177%2C1472875564%2C2299111211&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9321434a2cc9d78ee0a6cd3cddea2d83e239c28ff76a02c36b9b7e9a2e8ee09a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:05 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68692
x-xss-protection
0
google-lineitem-id
-1,6392209359,-1,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138450127588,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310030101&jk=1931849544333114&bg=!9_Sl9LvNAAbjlzx0w5c7ADQBe5WfOKjk4Jb_A13S1a6tdASiA3Ayhd5v507hKDEo8OnVNABhCx-qPn8EblHgRASiy2RgAgAAAfRSAAAACWgBBwoACRJ3CNjn_O7m0ZkCxTCZtlTh28wAn0Mjrzk24FQZt7Xp1zBnh6fOlD-8OeqK6xdOZrX7SUQudhu-J-_idR1bveGVfalxtC-6ArMpjdbEuy3dtkbkb-mq38QMG85S2DcR8J4n7T83spEa53qehl86HxmUWYxhFCNtaoAiHi5aq2GUPzxqwxmn6vOSPnkJZ1GRFb-NmHi6O51uH7YGJOBcSkLBjmgX1fJMiFPfhOZYZ_SmV7bwDhpKNanWvVQttYlRtkOoo4kBfrcIfpMdc5nr43lSY-Bk5zhNxScIVyPlZOq-ckIMsC8TTQg71O5Ku5kQTkGENxZTigvueD4vMnpUiFfT5sPtp2WPW39eUYG2lWRrOwj5BNA1VZbIg3AZ5tInhzGtwh_wAYTOh7jDnTD1qNiM-C99Cbz6lga9Ibi_tferGwm83tI_6wEyHAcFqjkjeWEuZeETUz0hvSenwaNjLXHneH4dy4E06e-qVGtgW1IL_Wia5QjGcVFBu7HsJK3_dkjk-H5oU0Onl05wPjSacg8T1XDLgOfoSVidcA0japjON0nuelU66_q3ZGvCB9YfdAXl3Odgsuv8zR-PW7ZI0yvWVQRS4FxOqMdfqRupTqofenIHqIyCbjxyYVKscY9myfaYnT_TDTuOYV-iQI6PlcINBtUHeDDwMNmOrcHohQOcWpeMILTl5ovJ8LSx9PqzZe9v_gb46Gz9wZPEaUzmw478Xvo-Mdvx8eLdavSlv9LG69mN8BAMKFieFC41D6zuCj5sESkcqso1dvatQoVbulhAROULYflAphouRiou46sbVEz2lAZY3J3808ORBrQF1FAH1wYcOaqE0HTOijYlpFztpS1JC9AkRVp11IkERhkTbUoGE3UELO9c_UF8R8Kg0EKg9OkYu9dZ6gRn_FrXMjrLb2k2cDufmxto6W0UlecbLi53Xd25ZgHHGblrhQD6gMs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231009-1-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Mon, 09 Oct 2023 12:49:04 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
36
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230061-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1696855745.840357,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
75
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
441
/
pips.taboola.com/ 		4 B
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230053-FRA
date
Mon, 09 Oct 2023 12:49:04 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.walla.co.il
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=1325017b-8e75-4532-adc8-7bce57d968e3-tuctc1d7c3d&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 09 Oct 2023 12:49:05 GMT
cache-control
no-store
server
nginx
container.html
d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6396 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 12:49:01 GMT
expires
Tue, 08 Oct 2024 12:49:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 941B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssP4fVq2hzx7uXUD5mgO-sBUQJ_HyPNcbGCFEHQIvLRqMMa3noYu4uBa84155QoPv9GIp6HEk3J7qSwtnQFQxBvzd839FF9JtfS501nGzW5BDOBWJcKOB3q1EPrStcJH4AVLunAA-uWwkm3H7YLhblan3mUsV70yjwRqZJQPoW_C0KUyJfvl-VM0gFPQOa6_zAGzJmZm4WDjLaH_Lvu6SzyGSnVCBtssrtEy3pyIpbyzISjV7xIedRoDI92LPDoWQIUQOlgX_qjLL09YNOO0d4pHR8rNzdHCZft8gdQyXpYWiroz5p3B0xvlK4mtb5lufZjYO_mwXHxJdh3KZJuG67BYf3ZI2Wtok0A2QUuYOUd2A&sai=AMfl-YSGQPsa8l5TVgPrD5_rf5ZbZxSpmylE3QIJqqSlhmnmiaVIXCGJ0shHOlrVLxsx-nIeIgTqtfh-Uc5kTpW6oFpQPW2XPgzJe3oRRXLsHI_q11_WHCRwa19nYo0Zmzc&sig=Cg0ArKJSzLyA7-oWKARjEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 941B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:33:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
15330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 08:33:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 941B 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Oct 2023 12:49:07 GMT
2909869239201243758
tpc.googlesyndication.com/simgad/ Frame 941B 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2909869239201243758
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f3a6f02c6f855a32890b10af7a3287a502f9a3836caf846df7fa14220358d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 10:12:23 GMT
x-content-type-options
nosniff
age
95802
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50749
x-xss-protection
0
last-modified
Sun, 08 Oct 2023 10:10:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 07 Oct 2024 10:12:23 GMT
l
www.google.com/ads/measurement/ Frame 941B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSupSrPWFXm7n5q02Wjij3xoVUu3EfWGSCfPI4rNmF-a7P_nU77qGD7xNn-OLOC0L3bKpdcKk8VcTF0D9ZKSdtGL3JYuA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
container.html
d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 84AE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 12:49:01 GMT
expires
Tue, 08 Oct 2024 12:49:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5746 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 12:49:01 GMT
expires
Tue, 08 Oct 2024 12:49:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B4B8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 12:49:01 GMT
expires
Tue, 08 Oct 2024 12:49:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 941B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
790639da95dbf7cec2a99aa03d9fd9ddeda2c2f5e4769b71f1bd015472266c9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 6396 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 13:36:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
83574
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9151
x-xss-protection
0
server
cafe
etag
7930219084593097114
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Oct 2023 13:36:11 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 6396 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:33:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
15330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 08:33:35 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3859 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51175
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 Oct 2023 22:36:10 GMT
etag
48472445140208031
expires
Mon, 09 Oct 2023 22:36:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 6396 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 13:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
83576
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Oct 2023 13:36:09 GMT
l
www.google.com/ads/measurement/ Frame 6396 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSeyc5OKsiex9096BOhY0fJ-4jMb1XmQ5A5Qv3z6_fIaDkWa1MOqeI6RZYexTApjhGtsxQJGoekHHEeYOOl0FLb7rq_fQ
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6396 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Oct 2023 12:49:07 GMT
f20a2b7dfb9062a0a08db52babdaa11c.js
www.gstatic.com/mysidia/ Frame 6396 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 10:17:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
354707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15586
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:46:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 03 Jan 2024 10:17:18 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B70C 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXs3MQDELzr9K0EGOn2w_QBMAE&v=APEucNUg7yBQ603wiIVf1tRSxarerH0ybhQiDD145RuejEVMTdAx4BIIB0M4ACiFbxGfLEfWO_1I7TKjzGu_7qS0d7m1kubqu_JLBAewrfuhQW2MYbQaupo5Gd7lPxneroV0hymrwKoBewVoBZNPHMCkJfRDNl3xeWskiVJSZHWhBYYOUvN1038
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 12:49:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 84AE 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 09 Oct 2023 12:49:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 84AE 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DQ8waLFle5wz2iAcTfZaAoT0zKh9sTjFCoDUsbtsHHGrg_6PhhUWcMYIlsFtBy2jW7Ql4RD3yhicCHsm-A4RUxfD7He9s_U7qDJSbo6I71vYNmU08
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 84AE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5099633516393192459&x=1&ct=119
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 84AE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:33:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
15330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 08:33:35 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 84AE 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 13:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
83576
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Oct 2023 13:36:09 GMT
l
www.google.com/ads/measurement/ Frame 84AE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5bZu5WIt8BR08GR7t001KHfwCwTGwKRQQogu7GOZzHKLXytQIEK4qChOaQXTKYQfQ0UIATp2w81iCxWpGcSj3SLcpfA
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 84AE 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Oct 2023 12:49:07 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C71F 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXs3MQDELzr9K0EGOn2w_QBMAE&v=APEucNXExLgaXqx9GRreKPou3og6hWgvwmEne-7zP6japZE63I9eGvAAT5ajmN6Kaot-W0RqIaqk2gKnXGU3k_Yh5Sy2hiyDyoKdW8wKtIXzudqDlgUYSkPmNF3GqfB4cUxrwi9seaqj1JDBlEpEM_wBjI3lz-9mmbFhlHRAdOd1rBHiS5rGQCE
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 12:49:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 5746 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 09 Oct 2023 12:49:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5746 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DLJ8Z4fYxl4iYI7BBZTsbLDQ4Un6BZbEU3DLJvXqxqzsCNOXtHgqpHkyiucx5OnnMPn8O8PYokPS13vUW7bv34-Schqeun61MDduTD6uWrrbXubKw
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5746 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8846399749532908642&x=1&ct=119
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 5746 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:33:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
15330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 08:33:35 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 5746 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 13:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
83576
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Oct 2023 13:36:09 GMT
l
www.google.com/ads/measurement/ Frame 5746 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSagejINjDA1a8glqPPrTPP_WwdahymGnJjxKzFgDRThm1R8OWtpO138yKCZLeeRa7v5XON4rVKZi0bKDKkne1CpDOP6g
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5746 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Oct 2023 12:49:07 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 844B 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXs3MQDELzr9K0EGOn2w_QBMAE&v=APEucNViJlQT7MMr5jRUlMsx86yKZsAcZXU-sAUUe-hlm3pOwPMNWYwfXtjNu5rtulZ2XwLhPzCt342S4JKyrIJ794jW3Whkoh95ix7o1YBoMyTv8gs6Nh2yeDfw-iT8g9vMomxR33swiDxhkSum-yXk3UGnb5-JxMoGln6DnSeBdJbuXii2jE8
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 12:49:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B4B8 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 09 Oct 2023 12:49:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B4B8 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DHQlS1axU6X73Sk9dANBjkbk-iTZZsW_UUu8UtY3l8_R2okAbYigSAskD_OMuDgVGzJIYS-ScU-MMUBSGa5r6wY8a2DD6aMMh_JojD0XudrmTAGKI
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B4B8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3213841707746351591&x=1&ct=119
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame B4B8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:33:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
15330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 23 Oct 2023 08:33:35 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame B4B8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 13:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
83576
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Oct 2023 13:36:09 GMT
l
www.google.com/ads/measurement/ Frame B4B8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQnGd_zBw-WXgu1kiusA3XyeRD109C-tMm6iaHizRklPfgDDQjv86liUnjkBVDDgeQYAGzXn497d-2InyWvKe6bs4vRlA
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B4B8 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60043
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1696419354076528"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Oct 2023 12:49:07 GMT
8574709457205617498
tpc.googlesyndication.com/gpa_images/simgad/ Frame 6396 		210 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/8574709457205617498
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
261811deab7f71d8e1e8c54e7a7ca0183f4750fbf30d6064ca49cc561b1904be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:52:03 GMT
x-content-type-options
nosniff
age
291422
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
214728
x-xss-protection
0
last-modified
Fri, 19 May 2023 18:40:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 05 Oct 2024 03:52:03 GMT
13014048003015651081
tpc.googlesyndication.com/gpa_images/simgad/ Frame 6396 		226 KB
226 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/13014048003015651081
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96d72b285136f08d1566b81a25e30d474d27225a4589d101f12a9640a938b178
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 21:02:54 GMT
x-content-type-options
nosniff
age
229571
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
231737
x-xss-protection
0
last-modified
Sat, 20 May 2023 12:35:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 05 Oct 2024 21:02:54 GMT
8427539888175416006
tpc.googlesyndication.com/gpa_images/simgad/ Frame 6396 		302 KB
302 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/8427539888175416006
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
848d870cb178bcc65bf826a05e1086d21d9d42f8930bee1b076e2c1f26d26b60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 15:27:42 GMT
x-content-type-options
nosniff
age
249683
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
309273
x-xss-protection
0
last-modified
Tue, 23 May 2023 04:12:19 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 05 Oct 2024 15:27:42 GMT
2129007031103425269
tpc.googlesyndication.com/gpa_images/simgad/ Frame 6396 		225 KB
225 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/2129007031103425269
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1725cffde4f68a25fb09c871457575634b14513cd8a364145974e8897afe233c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 23:30:35 GMT
x-content-type-options
nosniff
age
307110
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
230705
x-xss-protection
0
last-modified
Sat, 20 May 2023 10:56:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Oct 2024 23:30:35 GMT
14467163630005689831
tpc.googlesyndication.com/simgad/ Frame 6396
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCEsq2YKhCwCRisAjIIvZdPide9Ts0
  • https://tpc.googlesyndication.com/simgad/14467163630005689831
28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14467163630005689831
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62e8dfa5a5c097491130bc38964c77a5b98dc71aa04929163676db756cca4097
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 17:58:23 GMT
x-content-type-options
nosniff
age
240642
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28339
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 08:22:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 05 Oct 2024 17:58:23 GMT

Redirect headers

date
Sun, 08 Oct 2023 15:40:26 GMT
x-content-type-options
nosniff
server
cafe
age
76119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/14467163630005689831
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 07 Nov 2023 15:40:26 GMT
google
match.adsrvr.org/track/cmf/ Frame 3859 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOt3WcUKQk8cNs9YjZMo1wQ&google_cver=1&google_push=AXcoOmRr8geD0jNE8OLZYXEityNB91B1svX930CDSsluhd7U0c2Klu1rAUSoHqnL0mjRPQ6DHtl4wRNmWHJoEoUdOd9FkBUlEjw
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:05 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 3859
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPF7ihEQPsSwqkyJbhedw90&google_cver=1&google_push=AXcoOmSl6Su8kHEA-qxoeI-pFOmufz5bIuzqQSO6ke90mdTq6WLfOzyFQZSL0EiM_HyAaUSbtJrx-STIBKE...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSl6Su8kHEA-qxoeI-pFOmufz5bIuzqQSO6ke90mdTq6WLfOzyFQZSL0EiM_HyAaUSbtJrx-STIBKEpLJDjLtffMgRnLGQ&google_hm=cke6VleuT0m4_4v3l-hUAiQ
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSl6Su8kHEA-qxoeI-pFOmufz5bIuzqQSO6ke90mdTq6WLfOzyFQZSL0EiM_HyAaUSbtJrx-STIBKEpLJDjLtffMgRnLGQ&google_hm=cke6VleuT0m4_4v3l-hUAiQ
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:04 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSl6Su8kHEA-qxoeI-pFOmufz5bIuzqQSO6ke90mdTq6WLfOzyFQZSL0EiM_HyAaUSbtJrx-STIBKEpLJDjLtffMgRnLGQ&google_hm=cke6VleuT0m4_4v3l-hUAiQ
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3859
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OhqL3OBTQeSwCZxMEflaBA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OhqL3OBTQeSwCZxMEflaBA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmS7UcxZzl40S_lNZHBYsKGWMadovWS4JQnun_V5J-xzimDJXCwoosG-BSDMbPY8XjYihzYMifmeoSltFuQK87djDXVoWetx
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OhqL3OBTQeSwCZxMEflaBA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmS7UcxZzl40S_lNZHBYsKGWMadovWS4JQnun_V5J-xzimDJXCwoosG-BSDMbPY8XjYihzYMifmeoSltFuQK87djDXVoWetx
date
Mon, 09 Oct 2023 12:49:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 3859
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBxY3Ui_olMxX-hL3fYQmGc&google_cver=1&google_push=AXcoOmQj9ohYziwGtLs6r6fhRpNbx40XlLRkcRC1RANc9Ept4OhUs9c-zbweucI2OImZd5DTQ8i...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5JVzNJUTEtWi0yNzUx&google_push=AXcoOmQj9ohYziwGtLs6r6fhRpNbx40XlLRkcRC1RANc9Ept4OhUs9c-zbweucI2OImZd5DTQ8i3sWhPrhoJ_LAQV_1g8z6a5VvI
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5JVzNJUTEtWi0yNzUx&google_push=AXcoOmQj9ohYziwGtLs6r6fhRpNbx40XlLRkcRC1RANc9Ept4OhUs9c-zbweucI2OImZd5DTQ8i3sWhPrhoJ_LAQV_1g8z6a5VvI
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE5JVzNJUTEtWi0yNzUx&google_push=AXcoOmQj9ohYziwGtLs6r6fhRpNbx40XlLRkcRC1RANc9Ept4OhUs9c-zbweucI2OImZd5DTQ8i3sWhPrhoJ_LAQV_1g8z6a5VvI
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
pixel
cm.g.doubleclick.net/ Frame 3859
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKzcOxFMGCPHj8Qt9A5aaOM&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKzcOxFMGCPHj8Qt9A5aaOM&google_push=AX...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKzcOxFMGCPHj8Qt9A5aaOM&google_hm=ZSP2wYm16DuSk1qYHh4kpwAAFCgAAAIB&google_nid=index&google_push=AXcoOmSkTEQyo9ihN3i3kw-icMVMAtq7ChoRR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKzcOxFMGCPHj8Qt9A5aaOM&google_hm=ZSP2wYm16DuSk1qYHh4kpwAAFCgAAAIB&google_nid=index&google_push=AXcoOmSkTEQyo9ihN3i3kw-icMVMAtq7ChoRRaFt2NnpFN_b3Pn_8JJMyeRFFRZkDyKi4A6BEID582eYv9XsVE3ghzLQzOMXuSeD
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kiNay00uhwvSlUcb%2FSKZXOy9tmCt3mSU48TvDhI9of1ZwF5k0vOX1BCb8ZIEljjV1Wug1o%2FgDf4zr1poEsLvXedMv4itOwVBIYy06H9E6ZbRVveYt8XfOrlGCYsLqx%2BHZJ1e7HO%2F3KJtg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKzcOxFMGCPHj8Qt9A5aaOM&google_hm=ZSP2wYm16DuSk1qYHh4kpwAAFCgAAAIB&google_nid=index&google_push=AXcoOmSkTEQyo9ihN3i3kw-icMVMAtq7ChoRRaFt2NnpFN_b3Pn_8JJMyeRFFRZkDyKi4A6BEID582eYv9XsVE3ghzLQzOMXuSeD
cache-control
no-cache
cf-ray
8136bdd9ec8e9217-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 3859
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI...
  • https://sync.targeting.unrulymedia.com/csync/RX-48b4ce40-3445-43a9-bf60-f7d9a1ccc49e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQRtnVJQR1vOp0opODNb...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQRtnVJQR1vOp0opODNbPFc9IF6ltnmNmPwdmnkOwheNVapEnjaqncAGn_J0pCcfZB4x8ZZ1xLzGLLy37MZjWPRINddN1NZ&google_hm=A0i0zkA0RUOpv2D32aHMxJ4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQRtnVJQR1vOp0opODNbPFc9IF6ltnmNmPwdmnkOwheNVapEnjaqncAGn_J0pCcfZB4x8ZZ1xLzGLLy37MZjWPRINddN1NZ&google_hm=A0i0zkA0RUOpv2D32aHMxJ4
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQRtnVJQR1vOp0opODNbPFc9IF6ltnmNmPwdmnkOwheNVapEnjaqncAGn_J0pCcfZB4x8ZZ1xLzGLLy37MZjWPRINddN1NZ&google_hm=A0i0zkA0RUOpv2D32aHMxJ4
date
Mon, 09 Oct 2023 12:49:05 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX48b4ce40344543a9bf60f7d9a1ccc49e003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 3859
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=c6cbd4af-8eaa-4bc8-ba25-8bb21e07e6e5&google_cver=1&google_gid=CAESEHEznmhBY1cKWbiE0R9jzEM&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=c6cbd4af-8eaa-4bc8-ba25-8bb21e07e6e5&google_cver=1&google_gid=CAESEHEznmhBY1cKWbiE0R9jzEM&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTPjMybR_qGq2l2Nv6rPhDSqNkrbEdqDqWZgsNh2TVYTFkkjzu57VwYjwZhHuGBDg_rQ_DTfK3ICpRzDKTyJRjkR8GdOcTdCA&gdpr=${GDPR}
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=c6cbd4af-8eaa-4bc8-ba25-8bb21e07e6e5&google_cver=1&google_gid=CAESEHEznmhBY1cKWbiE0R9jzEM&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTPjMybR_qGq2l2Nv6rPhDSqNkrbEdqDqWZgsNh2TVYTFkkjzu57VwYjwZhHuGBDg_rQ_DTfK3ICpRzDKTyJRjkR8GdOcTdCA&gdpr=${GDPR}
date
Mon, 09 Oct 2023 12:49:05 GMT
server
_
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 3859 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IJeDE6YXneLfdAaxCnC5w0HJJEUT3vVRf_xnhME6kpD8IVbMnWco1SyE5pZJiof_ql5Lx5ag
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:05 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
rum
dsum-sec.casalemedia.com/ Frame B70C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgctLFAWcmKkcGdPQeEkTY&google_cver=1
43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgctLFAWcmKkcGdPQeEkTY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXs3MQDELzr9K0EGOn2w_QBMAE&v=APEucNUg7yBQ603wiIVf1tRSxarerH0ybhQiDD145RuejEVMTdAx4BIIB0M4ACiFbxGfLEfWO_1I7TKjzGu_7qS0d7m1kubqu_JLBAewrfuhQW2MYbQaupo5Gd7lPxneroV0hymrwKoBewVoBZNPHMCkJfRDNl3xeWskiVJSZHWhBYYOUvN1038
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxw6Au86caU%2BrZduSvoN4B1UBLO2LFVvDAx97Bx9IQ6kwd29SCKUtOi6D9m7xrQGjz49pCvEQ9y1BuUN0afto21QpFjALkUoIWEhSR64tACewXIYM3LNvA9Bb5foBMs60tA95SylqKMmBA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8136bdda1cb99217-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgctLFAWcmKkcGdPQeEkTY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B70C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSP2wYm16DuSk1qYHh4kpwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgctLFAWcmKkcGdPQeEkTY&google_cver=1
43 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgctLFAWcmKkcGdPQeEkTY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXs3MQDELzr9K0EGOn2w_QBMAE&v=APEucNUg7yBQ603wiIVf1tRSxarerH0ybhQiDD145RuejEVMTdAx4BIIB0M4ACiFbxGfLEfWO_1I7TKjzGu_7qS0d7m1kubqu_JLBAewrfuhQW2MYbQaupo5Gd7lPxneroV0hymrwKoBewVoBZNPHMCkJfRDNl3xeWskiVJSZHWhBYYOUvN1038
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2B%2BH%2BRCUU12THpMAu5PvWoXUlc3pRvxIl4O7lLGAh2khKfqjYiwnLXvCDYVqh3VZ%2BWXdCBzDwRJF3yz3nvJ3Vq3oXpmWRvBlVaOIu2VE0yRDBmELIyCF5Nc6TsRr1IPzU1xIL%2BYVNWbzzw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8136bdda89752c25-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPgctLFAWcmKkcGdPQeEkTY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B70C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECZOLisz8r4N2uyDD8vguyQ&google_cver=1
43 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESECZOLisz8r4N2uyDD8vguyQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXs3MQDELzr9K0EGOn2w_QBMAE&v=APEucNUg7yBQ603wiIVf1tRSxarerH0ybhQiDD145RuejEVMTdAx4BIIB0M4ACiFbxGfLEfWO_1I7TKjzGu_7qS0d7m1kubqu_JLBAewrfuhQW2MYbQaupo5Gd7lPxneroV0hymrwKoBewVoBZNPHMCkJfRDNl3xeWskiVJSZHWhBYYOUvN1038
Protocol
H2
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
an-x-request-uuid
2b0c3768-d4df-4aa6-8464-9d01c6f312e1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESECZOLisz8r4N2uyDD8vguyQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B70C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAyMjk1NjgzNTU5NzI4NDc3
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAyMjk1NjgzNTU5NzI4NDc3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXs3MQDELzr9K0EGOn2w_QBMAE&v=APEucNUg7yBQ603wiIVf1tRSxarerH0ybhQiDD145RuejEVMTdAx4BIIB0M4ACiFbxGfLEfWO_1I7TKjzGu_7qS0d7m1kubqu_JLBAewrfuhQW2MYbQaupo5Gd7lPxneroV0hymrwKoBewVoBZNPHMCkJfRDNl3xeWskiVJSZHWhBYYOUvN1038
Protocol
H2
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
an-x-request-uuid
8bb4ea8b-c23f-4df0-b9e6-ee36ccb05f55
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTAyMjk1NjgzNTU5NzI4NDc3
x-proxy-origin
81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 6396 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57137b03b3a9f62b57ef6bd7c6d0624142aed707cdfa0ac01e77a19e653b7bc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
sd
us-u.openx.net/w/1.0/ Frame C71F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP2OX5P3sXvshjTFKnQ0WRA&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP2OX5P3sXvshjTFKnQ0WRA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXs3MQDELzr9K0EGOn2w_QBMAE&v=APEucNXExLgaXqx9GRreKPou3og6hWgvwmEne-7zP6japZE63I9eGvAAT5ajmN6Kaot-W0RqIaqk2gKnXGU3k_Yh5Sy2hiyDyoKdW8wKtIXzudqDlgUYSkPmNF3GqfB4cUxrwi9seaqj1JDBlEpEM_wBjI3lz-9mmbFhlHRAdOd1rBHiS5rGQCE
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP2OX5P3sXvshjTFKnQ0WRA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame C71F 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXs3MQDELzr9K0EGOn2w_QBMAE&v=APEucNXExLgaXqx9GRreKPou3og6hWgvwmEne-7zP6japZE63I9eGvAAT5ajmN6Kaot-W0RqIaqk2gKnXGU3k_Yh5Sy2hiyDyoKdW8wKtIXzudqDlgUYSkPmNF3GqfB4cUxrwi9seaqj1JDBlEpEM_wBjI3lz-9mmbFhlHRAdOd1rBHiS5rGQCE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame C71F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEDyMIOy1X-6vOYEbjevxmeE&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEDyMIOy1X-6vOYEbjevxmeE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXs3MQDELzr9K0EGOn2w_QBMAE&v=APEucNXExLgaXqx9GRreKPou3og6hWgvwmEne-7zP6japZE63I9eGvAAT5ajmN6Kaot-W0RqIaqk2gKnXGU3k_Yh5Sy2hiyDyoKdW8wKtIXzudqDlgUYSkPmNF3GqfB4cUxrwi9seaqj1JDBlEpEM_wBjI3lz-9mmbFhlHRAdOd1rBHiS5rGQCE
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Mon, 09 Oct 2023 12:49:05 GMT
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEDyMIOy1X-6vOYEbjevxmeE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame C71F 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXs3MQDELzr9K0EGOn2w_QBMAE&v=APEucNXExLgaXqx9GRreKPou3og6hWgvwmEne-7zP6japZE63I9eGvAAT5ajmN6Kaot-W0RqIaqk2gKnXGU3k_Yh5Sy2hiyDyoKdW8wKtIXzudqDlgUYSkPmNF3GqfB4cUxrwi9seaqj1JDBlEpEM_wBjI3lz-9mmbFhlHRAdOd1rBHiS5rGQCE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Mon, 09 Oct 2023 12:49:05 GMT
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 844B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP2OX5P3sXvshjTFKnQ0WRA&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP2OX5P3sXvshjTFKnQ0WRA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXs3MQDELzr9K0EGOn2w_QBMAE&v=APEucNViJlQT7MMr5jRUlMsx86yKZsAcZXU-sAUUe-hlm3pOwPMNWYwfXtjNu5rtulZ2XwLhPzCt342S4JKyrIJ794jW3Whkoh95ix7o1YBoMyTv8gs6Nh2yeDfw-iT8g9vMomxR33swiDxhkSum-yXk3UGnb5-JxMoGln6DnSeBdJbuXii2jE8
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEP2OX5P3sXvshjTFKnQ0WRA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 844B 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXs3MQDELzr9K0EGOn2w_QBMAE&v=APEucNViJlQT7MMr5jRUlMsx86yKZsAcZXU-sAUUe-hlm3pOwPMNWYwfXtjNu5rtulZ2XwLhPzCt342S4JKyrIJ794jW3Whkoh95ix7o1YBoMyTv8gs6Nh2yeDfw-iT8g9vMomxR33swiDxhkSum-yXk3UGnb5-JxMoGln6DnSeBdJbuXii2jE8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 844B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEDyMIOy1X-6vOYEbjevxmeE&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEDyMIOy1X-6vOYEbjevxmeE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXs3MQDELzr9K0EGOn2w_QBMAE&v=APEucNViJlQT7MMr5jRUlMsx86yKZsAcZXU-sAUUe-hlm3pOwPMNWYwfXtjNu5rtulZ2XwLhPzCt342S4JKyrIJ794jW3Whkoh95ix7o1YBoMyTv8gs6Nh2yeDfw-iT8g9vMomxR33swiDxhkSum-yXk3UGnb5-JxMoGln6DnSeBdJbuXii2jE8
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Mon, 09 Oct 2023 12:49:05 GMT
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEDyMIOy1X-6vOYEbjevxmeE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 844B 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPXs3MQDELzr9K0EGOn2w_QBMAE&v=APEucNViJlQT7MMr5jRUlMsx86yKZsAcZXU-sAUUe-hlm3pOwPMNWYwfXtjNu5rtulZ2XwLhPzCt342S4JKyrIJ794jW3Whkoh95ix7o1YBoMyTv8gs6Nh2yeDfw-iT8g9vMomxR33swiDxhkSum-yXk3UGnb5-JxMoGln6DnSeBdJbuXii2jE8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Mon, 09 Oct 2023 12:49:05 GMT
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 84AE 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2059384266603&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 84AE 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2059384266603&version=m202309260101&ct=119&x=1&cor=5099633516393192000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 84AE 		89 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C42RbZCJvRQlQUvKrngXkAvpSOCWwFHkbhTZFPfi0IjOpPMWxdOMTJPm6-46iEiZqPsfEB1gDbAefP_NyN1Zuei4-QwQB8yilpWPALFntsTMLnPbfT-gr02jH-OetuCmBBPyYf7NvghHMwwuoDYKiPNJ2SG7qxA38T90nDYxz_9qszg7I&cry=1&dbm_d=AKAmf-BHTFm8lr1Iu_zKeke0fV8QPFY6H8FOdGkBMFcPeDmkPtcQWtd2nUIv3-xXyFoar0SLWJQ1I66uBKVBnQGXOGACm2IjcdzbxQ7m3nPWTfJv57jJVnuK_kADF53CQqtSqSa1VA_dNngUH2S2FNxz4or8w44EFH3lkNOwJez3vLwXL_8r4MVGEl3hL_rMcOcKg5_dddgAxqb9pJq7BMDwIENvFaS1fiSnXyC2mdJKh_FURHDH6JwdAjtPUy8auUqH0-yJxX3ElCQjtjvVOue0HOEgPORzxYqd79YefARukXEVz_uK47OWfxROd4jGOejobyniyZmPy2sze0LsHeEUm5e7LQwig-c_qCkwbc11TEMLtBYOhp6s3gUaj09yKZdOkF0CE8AlkLRglGV2qZa00Be9nO6pJMWM-5bD9FuoPa0pZT1QTCj2UKIlmFNaSKrfR_X4wGJ_Hu3YfejUEZwFrYj9sOKZtDilig6zQeBytr3Lu2jcRH2WurspamDrjNnemVAbL3H5uXiBup9pB5QzvFHhC2H7BXqhHYDcz9ruFbJ0SuRGPuiD2RKAw7vIsgJLkH0oMRK5rzm84BvNTj-OhFKZ7cZ_h8h2ES1S2IysYkSpn4PL0XcuAMqjBYyPupA__H6IXiz38rEY2W2XoGvHEuAeonBVR4J4nLGMuFUC9FdGPOKHCVO5D_pyo-31aye7CozVTs5vcy6yy636ZauNfMvQa-Ga4TRKV0SHRY6k_W8ozIxw1hmfB0fRIQgyg-f2uPY-70QYqmiHVqQwGUuVHSK4Fynr6M7gTzjggYBDUuAymDlrreTGiGkpiAD6gjrn8sK-7BuWglq6iabDX0WUYMrQWydUCpJckWjH28HNmGSUkJ-NCVce14NS5d3E84O_OvqO0BdYz-U6GK8SqJIN6_-D1Jas8gqmU1BwKl7meYzddcX5FqLNkrRSrrnXZoKOWxdxXndITjZ_D2z-mAnTob8qBesNqWXAVBBMO1Rna9U0mQ0yIQyWXvxWxTAO8v5LfjNItKYBIxzBD9qWTmt6yZ2GKlUdd1qry1v2DdsjXEpJs_195DdKZ73b48WponJpjy5YYIwJ-rHYfycKYvE7Es2iBB_eNsP3FIA185eHyEy6wrKJKKd1kDodAOpwalJjikMFHy7z8JfxllBLFK1as5nIVskCGCsrUrRLOwHrk9EV8YRcqLkATVV-UVIlc7SsqTugnFV__w4VYJxINBheRhzqLDKD6BNw_3T9qq2qwfV8FFnnqEJFslvsTpCHGEGI8cLo1LZKHgQ3Hle8LLvWRlneNSOmPJDgkYJhAUUGhwcg3Dr1QrCAvYI0tZolDRsWuD83NBkZrSPyTto2KBU5JylOBXfQ7MwDgGa11lM9F5GzhItg76dVZmsyVRj6Nx9SmIJ3aUHaJMESQwsBIraVxu4qkK1rW7VXjHiOGN641Dl6t2QFLq2e0N_ndv2hvKhX7vxOcZoBoLte0jE3RL1RxMMHo_lelXy4K7ePwdH3FchDMA2lWx1v0Yd7PU-6z3FSS_CpZvP9--6mH46qccRt0vOd5Q3YuqVWO-1trQs9GenRZeV7ZSM7Q5LYBvxXJXHDpEJ5QEYga41sRXyfzIFRxVgd2HrXM-ZohI3lPK7kFVMKsJhqjIh4wUd7GNwoCXijmKIadG8vl0cOQE8zlAKGJsiWj4kpa_YlnXYXEWf3h59k9E4dqgtvOh1GdP7gDL_JrE5G63JvaUULmeiDR208g5vN6cJPLosbVkBDOTSQ97nx_v5mkkO1omwaWrI5RvB1FhnrjIRCjUXt1eOc0xRLCIN6ndsvwxtPcD7jccHZTblLHPFssjDv3SvbhiO-hVH8ecs-DW1idm8JuB08gtyROk0BW0wXYwNlkTSHoFo3lVVr162KPQaC1g6-l9s5Yr1AW4L3o4FhV31wBp_NgKNwZQLrEidgomNq8T1BykxGr-Q9z2MndjVCc-u-fLqzciLZHVyC5uiG0fFh8RTPQXRxLUYCpa6bHjAD0nzZPTe02ue8dgQpbxwoT-z3ohfBWKCUdFjUVpZVKdvh4Ov7ApN2Fq8bWGP2_87F-lqRjY0mH-vaioAG1fZlhspcYpRbWDo3UiT083uZmTIzofouJtXz5i2qOGNJ_F6iWAP9lkOW1_PYL5U2LC8CoMdAoMBbI3ORFbYAJ63VGeq9wGpKyovr7pdM2OFc6bGB4woFFjN4FMpX_KMQBrzplHUm2bmWSLmTh9bMWrrLxO-T_DjRqefug2fw_xA49tQWTyFOf95QbpvwugkUU3gCfrWAnVLdNAW_Z_P-8yRYq-Av099YvK21aTmY5NfyhEv9FfvAnx7Kv0vyuNWgCeJrgZTwdKyyjfYZVazLcjH8pOygArj9bUBUzFmiufhwCC0Gke5iIzF5B7q6iegwjZZ-XNwJ3_8r-SpyUYn20oLI5mJi82Ow0GvhidY4pEqbTr6jE_e4HLV_us0tdffRz7W_C4ixPCMypYuuNYs6JWhD5Yp_ob8V8I8MSmVIdCCjJIZyZhstHF97H81o71R0h8YCPTx0NZliJFqxDAgX_7PdcJ8ioDQcMgG__QL4ME6Eo9YlAZ_4UfSVoskcVqCYkzI7Rfogud8UOuDMxko-BMxW2h41uNeNAG_SsywW7dcE4oHYhHr_wqXAteHDnIEX0P3vYJ-PSQm5TtzXG9seRl-NxhC5EK42JD_11x-DfeHEga0v62KWlUUO8kfCpu0yIMXMuIaobfjTtlAvxjiOpb9nL1XETF_70iO54ilmwyymQQZHWl4Si-9YfhofDsf8eVk92VdI7hvadFpNUFjKIClNiw-9peiapz1Sc6z1ZHfvsQP94beyIGUL7uE1_INJPLdmvvzp9x1uKEDgM0kMP-CDIwH4BM8wFzEyWOH9nR1JwX6VsDeGedf5SK78_EczFCKzUt9t8p9U61LSuaNi4H15j4MluPLxR8bc_WqUjzLfEZgF9nUSVSQ2Ry9eU5Zh01mfApnrhCn71HIKx9NWYQxRFRfyX-h1cUiu2QJZ-lmsaAciz2H5IKOOv3hH5G9PNXfHyODZn8c8wIvt0qiZfj0kH2luaXs8iADPiHJuhCcQy65jAl9mMH3HCI5UJACnjWjymAxPZPWoPpxfmVHhKYm7Od5wg0Gx9Lwd2Dy-AUPohlTV359ctnvbC2c8BlUuO7vd9YK2TBLHk3BNmpUXOstLHTwUzNxgYj4ICWN8pU94UhgvCorSQrJrco2vD7URDYiV_d8bKDOBEjrkrWCFxq0Gm9-oA2xRSK4FrHhYspgCL2ZE8eovqFFsqSTZXZJuy1C1_xj37b0tO-nW7BD4JS4uIm7ZXTjj13kCKU3zbYUzHShtj02W2eo6DRQeaYqJDy8xAXBGieRTvwiOEcSGHm-iOZJIyQ-4fU5xk-XJiZ5iwUB0azcakNInsORdUZj7pPmdo9d95nQ1pCTaF5ZIeqUhnBB5HbY9FnaTbPHExAwrTGzmWMcf7FwzU573x82hGttV13p97UpCunn9Okx339ScESrnm8GvRJd9BaXGIq7MEHS0IzuuFp6MPQg6BSL35PsR-2PILPSOkKAbPyEJubnFs2pZcgQkuFtl7CclgEFfmVBNc99vtmHsa0giTPrLoSFNRilbfz17w1ctZHcnqg6h5MAIzeb2g9_i8_SOLM7beqKizFja9TK0sSmuNbojJKN56Q6wXeAMqNAfOmIAyvs3k1Xu3IdQiZ8rJbRQrJPeoHy-k1KGhegnTYotIpusxEGpSQahxnE8Qo8UCG2RRq4OPX5_TM_1T0BXyYMgAJr9t0YkGz86KTPdzY_e8U_9WttGGNXMDrZsfRPLgc47B4emyiQptawc3ItmKLsYbIHsCQ2dZtg4IydaiDLr4NQsLXG3ohnh6-_I-AR3wkBlVM06TK_JhBaGpOG0xv6oogZ0WSVcbowM6To9rlJNknAYHnNUW91NUvfov4Hchf5BRweqXbAZoDgX95rvvDG4yCh8F-COKWcTJlozZ7X09Mqa6C8Al_3vMGdfDSZwzbjkQ9pdrneip1CZ9TaLLte4gBZzxmAcXAfAhIMnHKvxLK-9p0Uql29uScP71fv-_10TPtWKz-x8_v5USCQlCkekJMjJrV7_YcvIuH88hT0N8pnzepUaOkGXnPE6dZFTt9eiR2OrhimFnlSJoVOs46j0V_fvf2HRrIhk29RcPpgESsr5vM0BVfBzmC-v2vfldsVvdDG38N_SZjk_xP2TUH87nNR8PDE2bSa9lHVJ_7KaLJsRz9ro77-hXp6MoIX_ymnua9T28ZopBd1rU0pzWXk-zwMe3fqalXUTCXMwa-yj6GozXAUhxc1-jwFBUFIKryJMZX5TmEvQdXVm7wix8dvMnPLzigz_nTZzrdKPCB0NtjiC8skL11h77D4wKmaBzau3tY1LdecYHoAuVK81bUAG12PEtuyRLS9GHmXil7CrlFDKdwKxCzNUQMZJu2M2XhS0-K0Kp4WZ3mJK6bQi3pm3LgMGKw&cid=CAQSPADICaaNp-rn5xVx1zDPxKDum3PtBYrHXHir6KFxsXxdB5_ygu5tolXJgk2du7vuSGIaMBSYV9I3c71_nRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=5099633516393192000&adk=4020099329&idt=92&cac=0&dtd=99
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b80e7ccf19c1d6e809fa9c550c7a948fdd9591a4d0fde880dc95f35f23d5d08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38356
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5746 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6536210826533&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5746 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6536210826533&version=m202309260101&ct=119&x=1&cor=8846399749532909000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 5746 		89 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CODhXJazCbqtUxlAlxGhQ77l-hGFPfClzvXoo2wfQW_ZcLvAYQdNl_6sEL8FiodqXEwWrSkYShHQyXG_UQiBIg7n8XJ3AO6B--rygMXqnsJEoWJYlYlKvsdAt2ol9JdU1FDvz5B2sRp_MO2BtDneLePgb79MTLhCXfZSbibaHEjPT8XO0&cry=1&dbm_d=AKAmf-DAbn_JmCk5c2_OdFYEJ1CoVFXGbBrZSPMrnMlpy_4uYSQI5izM3aNqCOGtjwgP-jZr1AGipHNsFLF7NIFLXH5p00wXup5znkMPR11u9yWkPc5UEDWjSFI3y8l-3onNaShs-MooiPO_myWKQ2sM4Or2iUmVijIop6TshZlsBjLSfjlacMnrXAGGqt-8aHpsTVvM7aN2oHCLB7xP5ig0tPQHetzVtw5AGh4NeZaVrRzo3jpv_VX3vThBKfFOIz5ZnEat5D3IeGUIXGInPnwpne7tfMWUvZyaZy8l293Kfj_hrpyfkVPs9FBqdXEHd8DrDDKWIebggpR1crLqCaQHP9aoayky3Vw5a_7aFaIaq2FbAROHcUwLGNRY-e780j41pYfWWOY1O15uUo8GqQmEJ4R8cQqFoAWvtFiM9yKFBFw7cfx6kcCyS3MJuwgH0xaO1hQR58qpCHDFLdbf2oCV7I3G2G1ZbXGkoQpdByyEHEydVDcR8PctPjeUI48DsD9U6oPnp8cBWZt7MCjjtuQgY0sv4hIRkiDWoj455isqYMFoj1F2nNjx0gakgPi8PAPFOv4w41a8UXqzrukCM62Ny-F9057BJ8lG364iq1gPZcseH1IVveO18CnQiuPMScGPbRcKyQo9agjmLiW5q6HiZ2D9tN3qlm_8U-CX_Bs4am_Vx0KkttcEXzUW-7UOsC5F7DsK7ut_VlA7ZygaeQxvi31v-q3_rodu7pjVdxRQgGWmmljzvL4WA8bQJ4-qthu45KzAh4iw1SWX6iTdExXdpmZLehRHMeWMbcuzd2JK9q2rN2a7hKSc_JuieuDdDHcbs0oLwRklQcRYffMTzHbuIgR6nxwokYtCIrwwMLYMJ1ED4stAXy8rQzHleetpqLLDblYoblIQeTpSxcspxszcv99rR7hCPEjIkzw3lBLzXZ-ZBRILqCg0sc2jS0yxZNLmwxBubH-RwiurpHrrKfj37Bq5Eu70EP2fSFPUlRSdDjllv35CzOTELcIG3Bkxgxw1fwWc0i0xaaKABKMjSlq5YZprTBsh9qnLMFbewhs_XE4FPrP9EXJ8P8eNaE-oqXvMLD7J9bNoRI9Lw-JSS7C2fslCOb1K0OcvGsoNHqJp9rzLtdwef2GPzPjP8gUnJilEzGXyiAOwKHZPkK57Y3iV-xQQrKdV9EG3WPsn2VGkUA0Y1g1U4IO1jjlA_sq6NTByR72zKqmpM6q1kbgiGBkH-3Qvs12xz4ZMrnj_iQgYDVLxqLPxEgnoq8UnfJxOqTMjIPSD9vttVkXSoubM3PiMvtMOrikI6SFKkIjVk7SFVqb7Z4_pMFilzkrFwcTIbLuXpCkaocUESOWo88rt18x2Aiz8T1UG57G15k44cXKvbRRHY2eML8SwQl-Ue6ZXQjRZ9dCcJPRaVW9eV-PLR4cGO_pjJgCh2W5gps5twstCaMRPjIfkfcy7F5xlTWdcY44m7r85PStL2NRUzt3amQoNIurFfB0DCGkpa1-1qlfw2A4CsVkjfpwMe9BQzv2VCdvyF5EDBR-J_1GxKnoKAQBP8eK1AQwhqG27imBnK6MdxUW2xmXeqWhiNzjj0Ytc1Da6UQU3OhQGSVLbBz4uBXjdSh1uEUTKI_-FW-K6XAPz5rLLX9COuqeHm0qDfE2JR6yp8HC3uDd5Lli_AQb18kyY5pyCOfZEr3KdvTdAKpxs6SxLajQ6bxFqMLYMqYRlhQh7Ck-lHGaBgXrEIq8vNpBtiE-ueDAzE7v5TzZqEkTmhq4HoK-KmHscWL4WWAZ1N8lSld3IDO0cCLss3SxaQPNzS07YzZwM6yH9b0RUrT8LLEJDaAxeIa3mJ4BFN-u5tWPWT8XsIuD4bqEL-6ERpIPmoQNjk-O6iy4sm_iDdoM8LQ9vhSa2QFaWYI00dbuUVbG64kWcVYmV6I3EhK1DrLhc6AaXHsW5XjqVbZwawIiXW0oJJJKBoT_ACCNQVnlIB4C1BkXiLyu8j6bGLRoP3FZLcWssLJsVfjkKUqHvjaeuP-DNE0TD1YFHhOijlyG2RFysz_nq9V_mB-sSA8X3XyZ64UTEq3nDvC3q_Y2-PKnguvx9VTK6CTtQjuZySg_j0Z0ds4RiAIEEwzI7ZKCIWD4Y5w4uI1cP6bvG_R9CX2AJeBD2K93WVsNr0mklTTnmMPK5uEjntNeOhYaRxJT2adA1cVmp-5KxT_OSvdMfi29CyCihZkAjGZbO5JRmlIs3k9CpvAizJZvt0CRKw7GtILozYsxvmcn3J5dcSQ3wbVq6ZegwabY3_k3oN-D34R3z3u_LKnd_Z21CBmtJTq5xjxpezkiwP3PccOEAN90V22Pl-ZhbVQcojsmfucm0FeXdGKdvYKNDUnf-PJVC_9Oi-Ai0WmxZnrzgtNiO-vjVsnjzqqvZrVnuSyVmh3yeDHhI5bNDnAp7q_w_6LHJsFjenUQXq1aPl0M43a5cbvafAn4sL2xEGQjVJHKnWTwQRpmRErkNDWo6xQjYrBnFZ8tAUEzS5zDu_H9qur1U5rfRl8J4Eo3his3qQwN7jLFZC0pho0m32HDWoa2-bWGufFUtUM34KfZTT_1a-3yNIR2hPwLAuPUncc6YHlYs6wDQ8e6AnUOHHMt-BmS_xWUGLE_4riTL3UJfAVNVU9KZZtXUr3i3jzrhVouwMvA-dPl17yPHph7qgfORGqWggKcmiQ4LfojBI3IFNx9lpni9yZas5zd7UTKK_BQF7StWcnMIt5ivDKwUQkiGFzwPewgCbiQ0g9VSYljKXxIREeMnhKVd6iVj7eNFbyRJs0j8w_jkhpPN2XE3QDwf58BhSTtBK2M58nfnfJnmDOhdJrXaBsWEI_Ddo8KqJdbXr53HKYe64EZfHQuN0hUSMBdlamIhhxjg5yfgroHBlRX8RU4EfMHJRE5f6FZv9Z7bIZp3IcUupsNmZYB3duD93-v3XrOxp52-HRENZmjgns5jmUt-sKS_4hxIMFQdcZ7fyWtnb0wyuwtU-pQQfcBlqaVBkZ6BkoYK5ss0Ws5Z0AUPDZ8Vc-n5sN0R8s_ktlXPcDZC0yEc9YLLBpX5GGHbXCPpr9YydasnKhUEH5QYSFqgbuzefBQFAe-xaPy5xxi6oGPhTcIOmRQXYnDYKKLVAE4NcvHDMPZ1WAzbx_Xw0Fe-5lpeXgZEMoz6Qd9DC8lYc0cxSF0DWYdbqNLIefSVp50I_7iO5jtiHnzEVnfIfYyuY9boMrWnq53D_MXEzk-TGkkFD3C_0PH69LGeBBZnDKYIBQqgSRhIrcK_Nq06YielpGW3ReRuefANu6rVRHOYpiFu_-U-ITyueOI4osD3OhzeAfN9EHJGCPpSp8nyqCkFUupXpkK6C5V_oKrPwNAFFhR20aLMAjEm3jWaxlMO5CaK5S0mhy51IkODfvoppv0NjsUxqJ4qepkbG1LVCr9BcalvObSBnkfFDABlmOqmkots1QK3pXJRwsoxL_5U1fV_fF7lQVeZJkDF95hYTdiTPKLV21BFQyif51-_mYvj1c5swtof8uZIn6zS74d6owiYi4eJzlA3YhYpzfAhtaF9dBMUtCijHn8wWF5ZmK0AzuOb-lufj5Z_lHMi45uRJYd8f8nJ9HRMURpEQ8PM0KLFewR3gEIMsjH3_bCqZmfVvQ95ZiQDfwbpaUMSh_ef3-L8IOzDwarQQVjM-dR2jatqsiUd0vmYtGJBAEln4i7Fc2wszqDNeFwOJHDMh3ohwWHh_8vzljNvfSFisR5syhKkTtJAEndiCJ_ZqX8Q9Oe4-DJFjdFGxXaeMJTzhm-bPzkFTI5InmWZraBeApcmhL9xV_J3Rbw7iJqMlt5IWhH6R7gIefgcbP9mMZABQxAoOyMVh2z7wigbrDwyLg3QD6J2HMmL431n1K3YdUUQPLtl5MGDZzcwnLXRoaQhoiiceZHJlOS5cahVk9s_eA0G1TlkcZJHa2LvT0KH1b8v1vF9xzoz02F5lQ9vMh5wGnmgRSZOmohMjJdjjxKleOPn9UUw3a4Du2UK2b_fkvArmB1wH8k7L6KC1xWoBLUd1AHjEIxADDfF_mH7LG6kwyMifKZsk13DS_9XhZ8vbNqbGBUN9eYpI1M-XVmsII79P4auwQ18GRtQi8Ta7_yny8tr__jTzYIc0d92cmENKg3z7T8niOosfWEDesNwbaEWdughMAak687p-lU2xg4FAQCZsckdz4XTjIBajjZXaSHMSj7dfMpiHjNLt_tG5Iylir5eBYtfmDUORTQBWx6U3SZj0-4rmTuUBgohlBgZuXIJTJcG7fj8Q27VAOaaC0Ue2C1iK6ZjxlEBMXQU7MUcUer3OFhHix6MnmO0-Cnvh9A6EmUst1-MzQqhsJQVzh3NGnYuxzzRjik2EiTC0ktv2SPBgbOWdEgrZEpwowjs0_WMfeOWpm7VLZZz2Sdaa-vU_SeEDzN7sc13ptRK7RTuU-8TPiw5Qpq-QA-DsTRo9oWDpD5zHUg1uDsX5lyPxzbQFBdy4qlqAg&cid=CAQSPADICaaNp-rn5xVx1zDPxKDum3PtBYrHXHir6KFxsXxdB5_ygu5tolXJgk2du7vuSGIaMBSYV9I3c71_nRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=8846399749532909000&adk=548554675&idt=133&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6dd9835e93ed8a65823c54f125f74962cf3640fb1422f0592c4d77af8e44af4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38456
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B4B8 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4197695620213&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B4B8 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4197695620213&version=m202309260101&ct=119&x=1&cor=3213841707746351600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B4B8 		89 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BY9dwSEjUn5D7OlddENRjyApiO-0YH7y1-YnloqEA4QCpxQAdlnRleNo_BDt-buuWAvPO2Aoi0whJA_hyllJGGQT45XT8LfbE3SV7-zthtU2Gc8m22uRFuVmIggOv-4nkOBNiBA2YZOAX5dwhWYp6l3XIv3JLeyndxvntRCX6VmNb5Ih8&cry=1&dbm_d=AKAmf-AiEHWmOqiAvACnZxooBgY7IDVTvtJB0EOEPqLdH_3BLJ2t-43ZllQAjvctjeewio0r_uccRZKPRNMrNHlXe6OOdkhecgjGSNuxAWdM8puOc_hcUlpZXctDjH_uLoagUV0I3X8zE1I2oaYsTmkq8aGTshqYChLZRyRtMG3f6WLT8zLzRb-6tgVrZsINv8070Q37A-QxCzt2Ik5tWrz5uV95k8BGscU0QWA6iRNbdEL3fUf8ZE_vOO-vCrn1Jd7apZgoVV7tZDkf6xLnddGV0qsV9UmNq_IvtYLxmgT853KP3IacMO8vPV7wswGTA-jDFMmCXrAJXIYZgNAIlzwmxSvmuyE7YmrHOydPIqjAzLga0AbMS6Fgn4YgHRt3GrzgqCw3BkSn4n10xFNC5tM9L_uIjzxjRbCDUzysnVBGloWXdSOoIbhQawJwkLOQBJDlOUrpb3Olpibs-SoYBlc1DNPiaXLvrsfQKY2L398xoJwX14lI8ub-4F-0PVWytiJCMIiHpMSXkb9C52-mNzBFJDAoMa7ezZUcjXWb4t72at1Jx_UwFk3v8soeVQFoJ_sGO4ADBd0H-tM9KludJht3wO6n-2fTL9wOUWNGcKs5y0QRA44tbKU4HcOgvsUAiqsLXQCPs02-buNcbWiP0bS00lAj_Xxn-hIDGTpZF2iNGgahTtncKyuQ0Ivzm0SlzXSZPrCinJQkQL1lDlXWuD6bZGb0xZ6JLGHszUihPPPlT3mRvWcKYmOX8DisGdBcHtOzWT1goVQKCGmQPvOCpc4ZFN77PmYoukPjoenvP2G3JfxEUKRh4diNCmjhG3WlUAjo29q5OM3HAdIEYaOlDcQ3jpaQqIc-2M02HzHqihoaglXNL8fiwMk8GNK81RyF9qizPVA16am63DMz-KCuIftG24lBtcix1hOZfCjtdKCxMOmzSYfNVs_F0LIfUwBnCxW-74qqcQ_9RmzQrobaFrGnNwIv0QPzdfHeRDXBwsnt934hmcaqeiNznbZlbD0arckDWVjzVMuvO9ygwMyphPDtC-EGPZF0PBrq3KqLpRZiD6cb6kHlBv5KCpmDGqcXL81tX_R40vMnLyMS8TCkGXPgCf9mK-vKJKFOrYG9KOS4314JIT1acXBSRLB3JoeLDZkL_7S91U1-Lm5l65UqeZv2mqt_CJwPRKkusNe9ZOt-jkMYoSx6pM2TjJM9--FmplcEl38ALIxEY8tguZ_-uNgP0hiHt5e8RzQqcIDMPbdjoRm5IH1Pr5PMfYKyKsl--AGjI3JDcQydqEWBcUl1Q2OfAjdE8LEBmfX_sAkHUiXGh438yTeU0inDNu2wIpmpbu3hq5jpankUeZ0xAvFon5l7UMQyhoLoFrBjqCZ91Ld9CJdEKfjqaIpzWKosv-HXLsu4j2VwT5NfyPGwiuwt4qk7FfIjwr2TkqW8bHzjDJxu1pR3kMVkjc_OvMjvmMR6PSiYr4ZmFT4h6UYR0S7m9WJAgIbXdn74na9f5VUg57HZuNuN_Ex3jV6PlldPH5jo0C_9cLdtrJNUG_JfvSAzXr3pzOrWgu7NY4rxvQrWaYANRQfRjn0wwvJs0pgvjiIUjGreunZ8ZXQ4vcrDCqb99XHjAfZ8FJU41xO0iBZTVBMYTdXERThA94Yohl6c8RSHWMFPtOP9zQvJRUCrnfsiWAtbtishDbthXkfVJ7vORhbDVMtfxVwvnDQJ5P9qnk-mcT9b_v9-_eg8ot-ARbo6WD8EBXIpkXCurTamPfePUfveqPvKAUfIwTr5YGkVg2W4aBTOcNC7DT-bOdyaRIFoDtIFdd0rzStjuxQk3Mgtl30XcaAvWChTQoohvhx07RxSg7iiSfOmHOnwMY--TWUZeyxrgQvniVnCKjK3IT-ZLZp8cu4DOg3Ny9lbziRM2qzLJydnirh93qViT4NY-HNUd95WJV-T8x8TVr6ZZ1Gc2mERBNM5FbnZcfjaV_7F2swjnRkb3aSnlgqoJ5xBvkTKbOn_7en3jTkchx93hisXLKaS29-pvKtcCgffvufuwSVl3DJ7UtzBQF48RstZLjZLK4w1n7QJYGYAom82XWjVfiXBDGAuIgBzFAELX-7gNtrMOvqkl7DhuF7AzbhTdQpzjQC8RlZcx3Wm2MIWZma-3qE2tBhAiztksa6uldPOvcpgPSeAvcKEOWi2Tf3su5uMZpWS2D-vkAAV4MGnNK5AMm_5D3h5lGJhsJNqNA0lcGtdNV-FeyW7LW5LuJYSj5D9NsNrUgZ2fBDPVB7kS0LABDtt8raPssYoKdE42xpN0F_O9l3YwnwZnhWE90cMAK23GhKvLwob2G8hzhaC0s3TWKgkc2dbXHaUQr7S1y5rbhE9d9z5QdAIiCCq6Z1j_1TRXqucLt3j_DJAI3qwqzgSOiV30R958lkfGy-e0YtC6sztEevzKfzBFc4nqVuwsWa8IUis_QL2xohUvms10lM7_LNasrIr0gu_aY7vAa2Jkg-KzcrGxgmbQWDuWau5qnwrxym2wFT4vfVhwm5DF8ofGiWJE3IW2k9SGosNj2NNMj9p6OiNNA10Otfe3xWCC6Nme_zp-Iyz-IUZ8QRKfzQkIyJqz54V6WERlSV5APoGUjjXBBSwfMqL4PwrPW_UKWPq6OBoNvTFEoSfmRphdxMxxb__CqqUPCnVnp1-U8nP9nPcYlP_WrczzcXJeu8YRipsnmRQ2VwozLXuX0PXpb3fy_OPZ0af-eOYI4P8szFPqtm57c2HB20wYg8mIxDHldKoIFg9ya_H2aSpytDh1ImGVwXzoFaLDKBghb09s96w7FoTnZomCH5DmylE1PifO2197kzNVWcgri-BpL8rT03gGTaJi3YYsz0pus27rVxIulV3zItW2o9nYQMpDNYp2hORxkxVghkAR5n1mfq6wVxqBm3zkMMHwiBSCG65mc3fIuUo1VI7q_S8qTWW6FTHZ9BNR1NytcECzbc-1G7_yDrjnDUlpH85RvanOJcdI5FQuJ0oWnpbrW0tZ3WFzAkbV8TlEDkvgdSyrmrgWO7uD-JG8EjmtdBW0JYbXlLzzXy_j_UIQywVu7T63YniVLun9_K5ZDi9--xndA6XnGFMoCaLskRDFCNwf8-LkobIVCrj5L8yOlHzlVjludwLlWZv5DO3MoRszHvesELDOmlRtlC6heQMC4_1_hKLuVVquputQGrMvK2WX1hKHDT8FvSExOwBgr22Y58tndzwGQvIMu7plByw4yO-ammPb0dBv1LfIwh8oO-eDh3FBIfeY8JqHHjwZGOywuGEpqzX-F7CVXstzrL-dXdv-5NgVGhROjXLyaeUMlZA6NZJ78O-vLQFU_wygnBnwQk01taf0G1FWvm0KtvywqkZewCiHxc8k9DDKr5ysyVUGkRLb323B3cMDgtPhOzMaQU3Q9RJ7IXKhbJgd4WTnl2f53MW-iNtrursI7sb2SHJQZoJ0T9NgR-D30JamRfLTyi8FuBPacdAx8eDX2vWsW6GEKnAd6O9XAICtZF_yRyLUH9j5vG-DdvU6_-gy7pnZUYNpXq1uOtL8PKyEO6C9tKtDNzPEX0jlE2VHEbqBYReylXMWjV_GrhCd5qA0XgQ2GbH0n_H-ancr_db2_juFdpgx2aI1NRbQ84LHkBPVmhLcLTDSf28C8QvkZ-M6fU8DvcPIaGGGpZw8f9JdU9TRiGAbjyrsRjcyWI_wqGo41oDHEcbK5wcjqWGBcb1yMmZrr5bj9WuiJ8kOVZOTQ9RfI7GrKrW0Dj37pWIHXAi7drMZACc75PN1qsV5tSNkjDPEiilpEHFq6JuJVfXymmLAcHLapugDU43qRUgM9VfIFVHrWLMhJvyhLzgPIEJVsnwMxpiirrKbO3z3k3g_ICN2oIEhE0rI6kby9-TRtGqbljlVmg2aQfY9DmGyg1oQZk8fShz3ESP3Hm2cfw_YSnzfyYqwXSqLXKQDMZRMroureo7Az-dUZOgmt32q2sXT1qa5uwi2zu8dmwAfVyyA8LFkF4dVAR-iM-MXhG0e5X_E58QjrN0tZxl0HmwYRm-QIE_RHZ4-8D9WrdsLB0Ld5Sast0MMFvGj7KO9_xPugZ3dv7C6PiYnHrp9wxzpXFDzeWvQlqhLhRw4ZSSm4uZfK9kOg_jKoqZsj5f8OvGJW9VOohPrCG-jDOqC_firzlmp6xo4L4GPqkrhBTwyg4wNWtXSedR9iZGgAAWaQAHCv9yu9ahYAs1FVSYpiUeG9BzvGXXZ__DhQobQSk3oz27E7rPC7KoQu5QchQo5UQsN_PiGgg_6tKyOTdHYhWsScboJUt-j9Yc66_3Jx6f4O4833kDvDHuLz9rTk3uSvLKnGahsx_ffANPmUg49Cj6JcOfN8eFcKNOKds-JatZuoqvpn7lWYCY6MFNfparMfHAxlhrSjwXlHspEWAjQxSaZW_FfgbW_h9S1Ofo0ttEN2NS4zo0pLSd8ENsJ5thl75k17Kfmcaztfo5PMPRS4rsHpYGvrXXr36lOI-EbQ&cid=CAQSPADICaaNp-rn5xVx1zDPxKDum3PtBYrHXHir6KFxsXxdB5_ygu5tolXJgk2du7vuSGIaMBSYV9I3c71_nRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=3213841707746351600&adk=531095043&idt=129&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a586c2fc381aff16e0a97127c11587201cc6fec7e3c7cf1b12b541e29ccfd95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38452
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 84AE 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
Origin
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 20:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 09 Oct 2023 20:02:15 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 84AE 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C42RbZCJvRQlQUvKrngXkAvpSOCWwFHkbhTZFPfi0IjOpPMWxdOMTJPm6-46iEiZqPsfEB1gDbAefP_NyN1Zuei4-QwQB8yilpWPALFntsTMLnPbfT-gr02jH-OetuCmBBPyYf7NvghHMwwuoDYKiPNJ2SG7qxA38T90nDYxz_9qszg7I&cry=1&dbm_d=AKAmf-BHTFm8lr1Iu_zKeke0fV8QPFY6H8FOdGkBMFcPeDmkPtcQWtd2nUIv3-xXyFoar0SLWJQ1I66uBKVBnQGXOGACm2IjcdzbxQ7m3nPWTfJv57jJVnuK_kADF53CQqtSqSa1VA_dNngUH2S2FNxz4or8w44EFH3lkNOwJez3vLwXL_8r4MVGEl3hL_rMcOcKg5_dddgAxqb9pJq7BMDwIENvFaS1fiSnXyC2mdJKh_FURHDH6JwdAjtPUy8auUqH0-yJxX3ElCQjtjvVOue0HOEgPORzxYqd79YefARukXEVz_uK47OWfxROd4jGOejobyniyZmPy2sze0LsHeEUm5e7LQwig-c_qCkwbc11TEMLtBYOhp6s3gUaj09yKZdOkF0CE8AlkLRglGV2qZa00Be9nO6pJMWM-5bD9FuoPa0pZT1QTCj2UKIlmFNaSKrfR_X4wGJ_Hu3YfejUEZwFrYj9sOKZtDilig6zQeBytr3Lu2jcRH2WurspamDrjNnemVAbL3H5uXiBup9pB5QzvFHhC2H7BXqhHYDcz9ruFbJ0SuRGPuiD2RKAw7vIsgJLkH0oMRK5rzm84BvNTj-OhFKZ7cZ_h8h2ES1S2IysYkSpn4PL0XcuAMqjBYyPupA__H6IXiz38rEY2W2XoGvHEuAeonBVR4J4nLGMuFUC9FdGPOKHCVO5D_pyo-31aye7CozVTs5vcy6yy636ZauNfMvQa-Ga4TRKV0SHRY6k_W8ozIxw1hmfB0fRIQgyg-f2uPY-70QYqmiHVqQwGUuVHSK4Fynr6M7gTzjggYBDUuAymDlrreTGiGkpiAD6gjrn8sK-7BuWglq6iabDX0WUYMrQWydUCpJckWjH28HNmGSUkJ-NCVce14NS5d3E84O_OvqO0BdYz-U6GK8SqJIN6_-D1Jas8gqmU1BwKl7meYzddcX5FqLNkrRSrrnXZoKOWxdxXndITjZ_D2z-mAnTob8qBesNqWXAVBBMO1Rna9U0mQ0yIQyWXvxWxTAO8v5LfjNItKYBIxzBD9qWTmt6yZ2GKlUdd1qry1v2DdsjXEpJs_195DdKZ73b48WponJpjy5YYIwJ-rHYfycKYvE7Es2iBB_eNsP3FIA185eHyEy6wrKJKKd1kDodAOpwalJjikMFHy7z8JfxllBLFK1as5nIVskCGCsrUrRLOwHrk9EV8YRcqLkATVV-UVIlc7SsqTugnFV__w4VYJxINBheRhzqLDKD6BNw_3T9qq2qwfV8FFnnqEJFslvsTpCHGEGI8cLo1LZKHgQ3Hle8LLvWRlneNSOmPJDgkYJhAUUGhwcg3Dr1QrCAvYI0tZolDRsWuD83NBkZrSPyTto2KBU5JylOBXfQ7MwDgGa11lM9F5GzhItg76dVZmsyVRj6Nx9SmIJ3aUHaJMESQwsBIraVxu4qkK1rW7VXjHiOGN641Dl6t2QFLq2e0N_ndv2hvKhX7vxOcZoBoLte0jE3RL1RxMMHo_lelXy4K7ePwdH3FchDMA2lWx1v0Yd7PU-6z3FSS_CpZvP9--6mH46qccRt0vOd5Q3YuqVWO-1trQs9GenRZeV7ZSM7Q5LYBvxXJXHDpEJ5QEYga41sRXyfzIFRxVgd2HrXM-ZohI3lPK7kFVMKsJhqjIh4wUd7GNwoCXijmKIadG8vl0cOQE8zlAKGJsiWj4kpa_YlnXYXEWf3h59k9E4dqgtvOh1GdP7gDL_JrE5G63JvaUULmeiDR208g5vN6cJPLosbVkBDOTSQ97nx_v5mkkO1omwaWrI5RvB1FhnrjIRCjUXt1eOc0xRLCIN6ndsvwxtPcD7jccHZTblLHPFssjDv3SvbhiO-hVH8ecs-DW1idm8JuB08gtyROk0BW0wXYwNlkTSHoFo3lVVr162KPQaC1g6-l9s5Yr1AW4L3o4FhV31wBp_NgKNwZQLrEidgomNq8T1BykxGr-Q9z2MndjVCc-u-fLqzciLZHVyC5uiG0fFh8RTPQXRxLUYCpa6bHjAD0nzZPTe02ue8dgQpbxwoT-z3ohfBWKCUdFjUVpZVKdvh4Ov7ApN2Fq8bWGP2_87F-lqRjY0mH-vaioAG1fZlhspcYpRbWDo3UiT083uZmTIzofouJtXz5i2qOGNJ_F6iWAP9lkOW1_PYL5U2LC8CoMdAoMBbI3ORFbYAJ63VGeq9wGpKyovr7pdM2OFc6bGB4woFFjN4FMpX_KMQBrzplHUm2bmWSLmTh9bMWrrLxO-T_DjRqefug2fw_xA49tQWTyFOf95QbpvwugkUU3gCfrWAnVLdNAW_Z_P-8yRYq-Av099YvK21aTmY5NfyhEv9FfvAnx7Kv0vyuNWgCeJrgZTwdKyyjfYZVazLcjH8pOygArj9bUBUzFmiufhwCC0Gke5iIzF5B7q6iegwjZZ-XNwJ3_8r-SpyUYn20oLI5mJi82Ow0GvhidY4pEqbTr6jE_e4HLV_us0tdffRz7W_C4ixPCMypYuuNYs6JWhD5Yp_ob8V8I8MSmVIdCCjJIZyZhstHF97H81o71R0h8YCPTx0NZliJFqxDAgX_7PdcJ8ioDQcMgG__QL4ME6Eo9YlAZ_4UfSVoskcVqCYkzI7Rfogud8UOuDMxko-BMxW2h41uNeNAG_SsywW7dcE4oHYhHr_wqXAteHDnIEX0P3vYJ-PSQm5TtzXG9seRl-NxhC5EK42JD_11x-DfeHEga0v62KWlUUO8kfCpu0yIMXMuIaobfjTtlAvxjiOpb9nL1XETF_70iO54ilmwyymQQZHWl4Si-9YfhofDsf8eVk92VdI7hvadFpNUFjKIClNiw-9peiapz1Sc6z1ZHfvsQP94beyIGUL7uE1_INJPLdmvvzp9x1uKEDgM0kMP-CDIwH4BM8wFzEyWOH9nR1JwX6VsDeGedf5SK78_EczFCKzUt9t8p9U61LSuaNi4H15j4MluPLxR8bc_WqUjzLfEZgF9nUSVSQ2Ry9eU5Zh01mfApnrhCn71HIKx9NWYQxRFRfyX-h1cUiu2QJZ-lmsaAciz2H5IKOOv3hH5G9PNXfHyODZn8c8wIvt0qiZfj0kH2luaXs8iADPiHJuhCcQy65jAl9mMH3HCI5UJACnjWjymAxPZPWoPpxfmVHhKYm7Od5wg0Gx9Lwd2Dy-AUPohlTV359ctnvbC2c8BlUuO7vd9YK2TBLHk3BNmpUXOstLHTwUzNxgYj4ICWN8pU94UhgvCorSQrJrco2vD7URDYiV_d8bKDOBEjrkrWCFxq0Gm9-oA2xRSK4FrHhYspgCL2ZE8eovqFFsqSTZXZJuy1C1_xj37b0tO-nW7BD4JS4uIm7ZXTjj13kCKU3zbYUzHShtj02W2eo6DRQeaYqJDy8xAXBGieRTvwiOEcSGHm-iOZJIyQ-4fU5xk-XJiZ5iwUB0azcakNInsORdUZj7pPmdo9d95nQ1pCTaF5ZIeqUhnBB5HbY9FnaTbPHExAwrTGzmWMcf7FwzU573x82hGttV13p97UpCunn9Okx339ScESrnm8GvRJd9BaXGIq7MEHS0IzuuFp6MPQg6BSL35PsR-2PILPSOkKAbPyEJubnFs2pZcgQkuFtl7CclgEFfmVBNc99vtmHsa0giTPrLoSFNRilbfz17w1ctZHcnqg6h5MAIzeb2g9_i8_SOLM7beqKizFja9TK0sSmuNbojJKN56Q6wXeAMqNAfOmIAyvs3k1Xu3IdQiZ8rJbRQrJPeoHy-k1KGhegnTYotIpusxEGpSQahxnE8Qo8UCG2RRq4OPX5_TM_1T0BXyYMgAJr9t0YkGz86KTPdzY_e8U_9WttGGNXMDrZsfRPLgc47B4emyiQptawc3ItmKLsYbIHsCQ2dZtg4IydaiDLr4NQsLXG3ohnh6-_I-AR3wkBlVM06TK_JhBaGpOG0xv6oogZ0WSVcbowM6To9rlJNknAYHnNUW91NUvfov4Hchf5BRweqXbAZoDgX95rvvDG4yCh8F-COKWcTJlozZ7X09Mqa6C8Al_3vMGdfDSZwzbjkQ9pdrneip1CZ9TaLLte4gBZzxmAcXAfAhIMnHKvxLK-9p0Uql29uScP71fv-_10TPtWKz-x8_v5USCQlCkekJMjJrV7_YcvIuH88hT0N8pnzepUaOkGXnPE6dZFTt9eiR2OrhimFnlSJoVOs46j0V_fvf2HRrIhk29RcPpgESsr5vM0BVfBzmC-v2vfldsVvdDG38N_SZjk_xP2TUH87nNR8PDE2bSa9lHVJ_7KaLJsRz9ro77-hXp6MoIX_ymnua9T28ZopBd1rU0pzWXk-zwMe3fqalXUTCXMwa-yj6GozXAUhxc1-jwFBUFIKryJMZX5TmEvQdXVm7wix8dvMnPLzigz_nTZzrdKPCB0NtjiC8skL11h77D4wKmaBzau3tY1LdecYHoAuVK81bUAG12PEtuyRLS9GHmXil7CrlFDKdwKxCzNUQMZJu2M2XhS0-K0Kp4WZ3mJK6bQi3pm3LgMGKw&cid=CAQSPADICaaNp-rn5xVx1zDPxKDum3PtBYrHXHir6KFxsXxdB5_ygu5tolXJgk2du7vuSGIaMBSYV9I3c71_nRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=5099633516393192000&adk=4020099329&idt=92&cac=0&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 13:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
83420
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Oct 2023 13:38:45 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 84AE 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C42RbZCJvRQlQUvKrngXkAvpSOCWwFHkbhTZFPfi0IjOpPMWxdOMTJPm6-46iEiZqPsfEB1gDbAefP_NyN1Zuei4-QwQB8yilpWPALFntsTMLnPbfT-gr02jH-OetuCmBBPyYf7NvghHMwwuoDYKiPNJ2SG7qxA38T90nDYxz_9qszg7I&cry=1&dbm_d=AKAmf-BHTFm8lr1Iu_zKeke0fV8QPFY6H8FOdGkBMFcPeDmkPtcQWtd2nUIv3-xXyFoar0SLWJQ1I66uBKVBnQGXOGACm2IjcdzbxQ7m3nPWTfJv57jJVnuK_kADF53CQqtSqSa1VA_dNngUH2S2FNxz4or8w44EFH3lkNOwJez3vLwXL_8r4MVGEl3hL_rMcOcKg5_dddgAxqb9pJq7BMDwIENvFaS1fiSnXyC2mdJKh_FURHDH6JwdAjtPUy8auUqH0-yJxX3ElCQjtjvVOue0HOEgPORzxYqd79YefARukXEVz_uK47OWfxROd4jGOejobyniyZmPy2sze0LsHeEUm5e7LQwig-c_qCkwbc11TEMLtBYOhp6s3gUaj09yKZdOkF0CE8AlkLRglGV2qZa00Be9nO6pJMWM-5bD9FuoPa0pZT1QTCj2UKIlmFNaSKrfR_X4wGJ_Hu3YfejUEZwFrYj9sOKZtDilig6zQeBytr3Lu2jcRH2WurspamDrjNnemVAbL3H5uXiBup9pB5QzvFHhC2H7BXqhHYDcz9ruFbJ0SuRGPuiD2RKAw7vIsgJLkH0oMRK5rzm84BvNTj-OhFKZ7cZ_h8h2ES1S2IysYkSpn4PL0XcuAMqjBYyPupA__H6IXiz38rEY2W2XoGvHEuAeonBVR4J4nLGMuFUC9FdGPOKHCVO5D_pyo-31aye7CozVTs5vcy6yy636ZauNfMvQa-Ga4TRKV0SHRY6k_W8ozIxw1hmfB0fRIQgyg-f2uPY-70QYqmiHVqQwGUuVHSK4Fynr6M7gTzjggYBDUuAymDlrreTGiGkpiAD6gjrn8sK-7BuWglq6iabDX0WUYMrQWydUCpJckWjH28HNmGSUkJ-NCVce14NS5d3E84O_OvqO0BdYz-U6GK8SqJIN6_-D1Jas8gqmU1BwKl7meYzddcX5FqLNkrRSrrnXZoKOWxdxXndITjZ_D2z-mAnTob8qBesNqWXAVBBMO1Rna9U0mQ0yIQyWXvxWxTAO8v5LfjNItKYBIxzBD9qWTmt6yZ2GKlUdd1qry1v2DdsjXEpJs_195DdKZ73b48WponJpjy5YYIwJ-rHYfycKYvE7Es2iBB_eNsP3FIA185eHyEy6wrKJKKd1kDodAOpwalJjikMFHy7z8JfxllBLFK1as5nIVskCGCsrUrRLOwHrk9EV8YRcqLkATVV-UVIlc7SsqTugnFV__w4VYJxINBheRhzqLDKD6BNw_3T9qq2qwfV8FFnnqEJFslvsTpCHGEGI8cLo1LZKHgQ3Hle8LLvWRlneNSOmPJDgkYJhAUUGhwcg3Dr1QrCAvYI0tZolDRsWuD83NBkZrSPyTto2KBU5JylOBXfQ7MwDgGa11lM9F5GzhItg76dVZmsyVRj6Nx9SmIJ3aUHaJMESQwsBIraVxu4qkK1rW7VXjHiOGN641Dl6t2QFLq2e0N_ndv2hvKhX7vxOcZoBoLte0jE3RL1RxMMHo_lelXy4K7ePwdH3FchDMA2lWx1v0Yd7PU-6z3FSS_CpZvP9--6mH46qccRt0vOd5Q3YuqVWO-1trQs9GenRZeV7ZSM7Q5LYBvxXJXHDpEJ5QEYga41sRXyfzIFRxVgd2HrXM-ZohI3lPK7kFVMKsJhqjIh4wUd7GNwoCXijmKIadG8vl0cOQE8zlAKGJsiWj4kpa_YlnXYXEWf3h59k9E4dqgtvOh1GdP7gDL_JrE5G63JvaUULmeiDR208g5vN6cJPLosbVkBDOTSQ97nx_v5mkkO1omwaWrI5RvB1FhnrjIRCjUXt1eOc0xRLCIN6ndsvwxtPcD7jccHZTblLHPFssjDv3SvbhiO-hVH8ecs-DW1idm8JuB08gtyROk0BW0wXYwNlkTSHoFo3lVVr162KPQaC1g6-l9s5Yr1AW4L3o4FhV31wBp_NgKNwZQLrEidgomNq8T1BykxGr-Q9z2MndjVCc-u-fLqzciLZHVyC5uiG0fFh8RTPQXRxLUYCpa6bHjAD0nzZPTe02ue8dgQpbxwoT-z3ohfBWKCUdFjUVpZVKdvh4Ov7ApN2Fq8bWGP2_87F-lqRjY0mH-vaioAG1fZlhspcYpRbWDo3UiT083uZmTIzofouJtXz5i2qOGNJ_F6iWAP9lkOW1_PYL5U2LC8CoMdAoMBbI3ORFbYAJ63VGeq9wGpKyovr7pdM2OFc6bGB4woFFjN4FMpX_KMQBrzplHUm2bmWSLmTh9bMWrrLxO-T_DjRqefug2fw_xA49tQWTyFOf95QbpvwugkUU3gCfrWAnVLdNAW_Z_P-8yRYq-Av099YvK21aTmY5NfyhEv9FfvAnx7Kv0vyuNWgCeJrgZTwdKyyjfYZVazLcjH8pOygArj9bUBUzFmiufhwCC0Gke5iIzF5B7q6iegwjZZ-XNwJ3_8r-SpyUYn20oLI5mJi82Ow0GvhidY4pEqbTr6jE_e4HLV_us0tdffRz7W_C4ixPCMypYuuNYs6JWhD5Yp_ob8V8I8MSmVIdCCjJIZyZhstHF97H81o71R0h8YCPTx0NZliJFqxDAgX_7PdcJ8ioDQcMgG__QL4ME6Eo9YlAZ_4UfSVoskcVqCYkzI7Rfogud8UOuDMxko-BMxW2h41uNeNAG_SsywW7dcE4oHYhHr_wqXAteHDnIEX0P3vYJ-PSQm5TtzXG9seRl-NxhC5EK42JD_11x-DfeHEga0v62KWlUUO8kfCpu0yIMXMuIaobfjTtlAvxjiOpb9nL1XETF_70iO54ilmwyymQQZHWl4Si-9YfhofDsf8eVk92VdI7hvadFpNUFjKIClNiw-9peiapz1Sc6z1ZHfvsQP94beyIGUL7uE1_INJPLdmvvzp9x1uKEDgM0kMP-CDIwH4BM8wFzEyWOH9nR1JwX6VsDeGedf5SK78_EczFCKzUt9t8p9U61LSuaNi4H15j4MluPLxR8bc_WqUjzLfEZgF9nUSVSQ2Ry9eU5Zh01mfApnrhCn71HIKx9NWYQxRFRfyX-h1cUiu2QJZ-lmsaAciz2H5IKOOv3hH5G9PNXfHyODZn8c8wIvt0qiZfj0kH2luaXs8iADPiHJuhCcQy65jAl9mMH3HCI5UJACnjWjymAxPZPWoPpxfmVHhKYm7Od5wg0Gx9Lwd2Dy-AUPohlTV359ctnvbC2c8BlUuO7vd9YK2TBLHk3BNmpUXOstLHTwUzNxgYj4ICWN8pU94UhgvCorSQrJrco2vD7URDYiV_d8bKDOBEjrkrWCFxq0Gm9-oA2xRSK4FrHhYspgCL2ZE8eovqFFsqSTZXZJuy1C1_xj37b0tO-nW7BD4JS4uIm7ZXTjj13kCKU3zbYUzHShtj02W2eo6DRQeaYqJDy8xAXBGieRTvwiOEcSGHm-iOZJIyQ-4fU5xk-XJiZ5iwUB0azcakNInsORdUZj7pPmdo9d95nQ1pCTaF5ZIeqUhnBB5HbY9FnaTbPHExAwrTGzmWMcf7FwzU573x82hGttV13p97UpCunn9Okx339ScESrnm8GvRJd9BaXGIq7MEHS0IzuuFp6MPQg6BSL35PsR-2PILPSOkKAbPyEJubnFs2pZcgQkuFtl7CclgEFfmVBNc99vtmHsa0giTPrLoSFNRilbfz17w1ctZHcnqg6h5MAIzeb2g9_i8_SOLM7beqKizFja9TK0sSmuNbojJKN56Q6wXeAMqNAfOmIAyvs3k1Xu3IdQiZ8rJbRQrJPeoHy-k1KGhegnTYotIpusxEGpSQahxnE8Qo8UCG2RRq4OPX5_TM_1T0BXyYMgAJr9t0YkGz86KTPdzY_e8U_9WttGGNXMDrZsfRPLgc47B4emyiQptawc3ItmKLsYbIHsCQ2dZtg4IydaiDLr4NQsLXG3ohnh6-_I-AR3wkBlVM06TK_JhBaGpOG0xv6oogZ0WSVcbowM6To9rlJNknAYHnNUW91NUvfov4Hchf5BRweqXbAZoDgX95rvvDG4yCh8F-COKWcTJlozZ7X09Mqa6C8Al_3vMGdfDSZwzbjkQ9pdrneip1CZ9TaLLte4gBZzxmAcXAfAhIMnHKvxLK-9p0Uql29uScP71fv-_10TPtWKz-x8_v5USCQlCkekJMjJrV7_YcvIuH88hT0N8pnzepUaOkGXnPE6dZFTt9eiR2OrhimFnlSJoVOs46j0V_fvf2HRrIhk29RcPpgESsr5vM0BVfBzmC-v2vfldsVvdDG38N_SZjk_xP2TUH87nNR8PDE2bSa9lHVJ_7KaLJsRz9ro77-hXp6MoIX_ymnua9T28ZopBd1rU0pzWXk-zwMe3fqalXUTCXMwa-yj6GozXAUhxc1-jwFBUFIKryJMZX5TmEvQdXVm7wix8dvMnPLzigz_nTZzrdKPCB0NtjiC8skL11h77D4wKmaBzau3tY1LdecYHoAuVK81bUAG12PEtuyRLS9GHmXil7CrlFDKdwKxCzNUQMZJu2M2XhS0-K0Kp4WZ3mJK6bQi3pm3LgMGKw&cid=CAQSPADICaaNp-rn5xVx1zDPxKDum3PtBYrHXHir6KFxsXxdB5_ygu5tolXJgk2du7vuSGIaMBSYV9I3c71_nRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=5099633516393192000&adk=4020099329&idt=92&cac=0&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 13:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
83420
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Oct 2023 13:38:45 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 84AE 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 12:26:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
346957
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 12:26:28 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B589 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51175
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 Oct 2023 22:36:10 GMT
etag
48472445140208031
expires
Mon, 09 Oct 2023 22:36:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 84AE 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5289a98c8c4bffd882eb2137df9dd31ae80c12cd20e42c60dc62ff083649b3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6384 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
277817
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 07:38:48 GMT
expires
Sat, 05 Oct 2024 07:38:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 5746 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
Origin
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 20:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 09 Oct 2023 20:02:15 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 5746 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CODhXJazCbqtUxlAlxGhQ77l-hGFPfClzvXoo2wfQW_ZcLvAYQdNl_6sEL8FiodqXEwWrSkYShHQyXG_UQiBIg7n8XJ3AO6B--rygMXqnsJEoWJYlYlKvsdAt2ol9JdU1FDvz5B2sRp_MO2BtDneLePgb79MTLhCXfZSbibaHEjPT8XO0&cry=1&dbm_d=AKAmf-DAbn_JmCk5c2_OdFYEJ1CoVFXGbBrZSPMrnMlpy_4uYSQI5izM3aNqCOGtjwgP-jZr1AGipHNsFLF7NIFLXH5p00wXup5znkMPR11u9yWkPc5UEDWjSFI3y8l-3onNaShs-MooiPO_myWKQ2sM4Or2iUmVijIop6TshZlsBjLSfjlacMnrXAGGqt-8aHpsTVvM7aN2oHCLB7xP5ig0tPQHetzVtw5AGh4NeZaVrRzo3jpv_VX3vThBKfFOIz5ZnEat5D3IeGUIXGInPnwpne7tfMWUvZyaZy8l293Kfj_hrpyfkVPs9FBqdXEHd8DrDDKWIebggpR1crLqCaQHP9aoayky3Vw5a_7aFaIaq2FbAROHcUwLGNRY-e780j41pYfWWOY1O15uUo8GqQmEJ4R8cQqFoAWvtFiM9yKFBFw7cfx6kcCyS3MJuwgH0xaO1hQR58qpCHDFLdbf2oCV7I3G2G1ZbXGkoQpdByyEHEydVDcR8PctPjeUI48DsD9U6oPnp8cBWZt7MCjjtuQgY0sv4hIRkiDWoj455isqYMFoj1F2nNjx0gakgPi8PAPFOv4w41a8UXqzrukCM62Ny-F9057BJ8lG364iq1gPZcseH1IVveO18CnQiuPMScGPbRcKyQo9agjmLiW5q6HiZ2D9tN3qlm_8U-CX_Bs4am_Vx0KkttcEXzUW-7UOsC5F7DsK7ut_VlA7ZygaeQxvi31v-q3_rodu7pjVdxRQgGWmmljzvL4WA8bQJ4-qthu45KzAh4iw1SWX6iTdExXdpmZLehRHMeWMbcuzd2JK9q2rN2a7hKSc_JuieuDdDHcbs0oLwRklQcRYffMTzHbuIgR6nxwokYtCIrwwMLYMJ1ED4stAXy8rQzHleetpqLLDblYoblIQeTpSxcspxszcv99rR7hCPEjIkzw3lBLzXZ-ZBRILqCg0sc2jS0yxZNLmwxBubH-RwiurpHrrKfj37Bq5Eu70EP2fSFPUlRSdDjllv35CzOTELcIG3Bkxgxw1fwWc0i0xaaKABKMjSlq5YZprTBsh9qnLMFbewhs_XE4FPrP9EXJ8P8eNaE-oqXvMLD7J9bNoRI9Lw-JSS7C2fslCOb1K0OcvGsoNHqJp9rzLtdwef2GPzPjP8gUnJilEzGXyiAOwKHZPkK57Y3iV-xQQrKdV9EG3WPsn2VGkUA0Y1g1U4IO1jjlA_sq6NTByR72zKqmpM6q1kbgiGBkH-3Qvs12xz4ZMrnj_iQgYDVLxqLPxEgnoq8UnfJxOqTMjIPSD9vttVkXSoubM3PiMvtMOrikI6SFKkIjVk7SFVqb7Z4_pMFilzkrFwcTIbLuXpCkaocUESOWo88rt18x2Aiz8T1UG57G15k44cXKvbRRHY2eML8SwQl-Ue6ZXQjRZ9dCcJPRaVW9eV-PLR4cGO_pjJgCh2W5gps5twstCaMRPjIfkfcy7F5xlTWdcY44m7r85PStL2NRUzt3amQoNIurFfB0DCGkpa1-1qlfw2A4CsVkjfpwMe9BQzv2VCdvyF5EDBR-J_1GxKnoKAQBP8eK1AQwhqG27imBnK6MdxUW2xmXeqWhiNzjj0Ytc1Da6UQU3OhQGSVLbBz4uBXjdSh1uEUTKI_-FW-K6XAPz5rLLX9COuqeHm0qDfE2JR6yp8HC3uDd5Lli_AQb18kyY5pyCOfZEr3KdvTdAKpxs6SxLajQ6bxFqMLYMqYRlhQh7Ck-lHGaBgXrEIq8vNpBtiE-ueDAzE7v5TzZqEkTmhq4HoK-KmHscWL4WWAZ1N8lSld3IDO0cCLss3SxaQPNzS07YzZwM6yH9b0RUrT8LLEJDaAxeIa3mJ4BFN-u5tWPWT8XsIuD4bqEL-6ERpIPmoQNjk-O6iy4sm_iDdoM8LQ9vhSa2QFaWYI00dbuUVbG64kWcVYmV6I3EhK1DrLhc6AaXHsW5XjqVbZwawIiXW0oJJJKBoT_ACCNQVnlIB4C1BkXiLyu8j6bGLRoP3FZLcWssLJsVfjkKUqHvjaeuP-DNE0TD1YFHhOijlyG2RFysz_nq9V_mB-sSA8X3XyZ64UTEq3nDvC3q_Y2-PKnguvx9VTK6CTtQjuZySg_j0Z0ds4RiAIEEwzI7ZKCIWD4Y5w4uI1cP6bvG_R9CX2AJeBD2K93WVsNr0mklTTnmMPK5uEjntNeOhYaRxJT2adA1cVmp-5KxT_OSvdMfi29CyCihZkAjGZbO5JRmlIs3k9CpvAizJZvt0CRKw7GtILozYsxvmcn3J5dcSQ3wbVq6ZegwabY3_k3oN-D34R3z3u_LKnd_Z21CBmtJTq5xjxpezkiwP3PccOEAN90V22Pl-ZhbVQcojsmfucm0FeXdGKdvYKNDUnf-PJVC_9Oi-Ai0WmxZnrzgtNiO-vjVsnjzqqvZrVnuSyVmh3yeDHhI5bNDnAp7q_w_6LHJsFjenUQXq1aPl0M43a5cbvafAn4sL2xEGQjVJHKnWTwQRpmRErkNDWo6xQjYrBnFZ8tAUEzS5zDu_H9qur1U5rfRl8J4Eo3his3qQwN7jLFZC0pho0m32HDWoa2-bWGufFUtUM34KfZTT_1a-3yNIR2hPwLAuPUncc6YHlYs6wDQ8e6AnUOHHMt-BmS_xWUGLE_4riTL3UJfAVNVU9KZZtXUr3i3jzrhVouwMvA-dPl17yPHph7qgfORGqWggKcmiQ4LfojBI3IFNx9lpni9yZas5zd7UTKK_BQF7StWcnMIt5ivDKwUQkiGFzwPewgCbiQ0g9VSYljKXxIREeMnhKVd6iVj7eNFbyRJs0j8w_jkhpPN2XE3QDwf58BhSTtBK2M58nfnfJnmDOhdJrXaBsWEI_Ddo8KqJdbXr53HKYe64EZfHQuN0hUSMBdlamIhhxjg5yfgroHBlRX8RU4EfMHJRE5f6FZv9Z7bIZp3IcUupsNmZYB3duD93-v3XrOxp52-HRENZmjgns5jmUt-sKS_4hxIMFQdcZ7fyWtnb0wyuwtU-pQQfcBlqaVBkZ6BkoYK5ss0Ws5Z0AUPDZ8Vc-n5sN0R8s_ktlXPcDZC0yEc9YLLBpX5GGHbXCPpr9YydasnKhUEH5QYSFqgbuzefBQFAe-xaPy5xxi6oGPhTcIOmRQXYnDYKKLVAE4NcvHDMPZ1WAzbx_Xw0Fe-5lpeXgZEMoz6Qd9DC8lYc0cxSF0DWYdbqNLIefSVp50I_7iO5jtiHnzEVnfIfYyuY9boMrWnq53D_MXEzk-TGkkFD3C_0PH69LGeBBZnDKYIBQqgSRhIrcK_Nq06YielpGW3ReRuefANu6rVRHOYpiFu_-U-ITyueOI4osD3OhzeAfN9EHJGCPpSp8nyqCkFUupXpkK6C5V_oKrPwNAFFhR20aLMAjEm3jWaxlMO5CaK5S0mhy51IkODfvoppv0NjsUxqJ4qepkbG1LVCr9BcalvObSBnkfFDABlmOqmkots1QK3pXJRwsoxL_5U1fV_fF7lQVeZJkDF95hYTdiTPKLV21BFQyif51-_mYvj1c5swtof8uZIn6zS74d6owiYi4eJzlA3YhYpzfAhtaF9dBMUtCijHn8wWF5ZmK0AzuOb-lufj5Z_lHMi45uRJYd8f8nJ9HRMURpEQ8PM0KLFewR3gEIMsjH3_bCqZmfVvQ95ZiQDfwbpaUMSh_ef3-L8IOzDwarQQVjM-dR2jatqsiUd0vmYtGJBAEln4i7Fc2wszqDNeFwOJHDMh3ohwWHh_8vzljNvfSFisR5syhKkTtJAEndiCJ_ZqX8Q9Oe4-DJFjdFGxXaeMJTzhm-bPzkFTI5InmWZraBeApcmhL9xV_J3Rbw7iJqMlt5IWhH6R7gIefgcbP9mMZABQxAoOyMVh2z7wigbrDwyLg3QD6J2HMmL431n1K3YdUUQPLtl5MGDZzcwnLXRoaQhoiiceZHJlOS5cahVk9s_eA0G1TlkcZJHa2LvT0KH1b8v1vF9xzoz02F5lQ9vMh5wGnmgRSZOmohMjJdjjxKleOPn9UUw3a4Du2UK2b_fkvArmB1wH8k7L6KC1xWoBLUd1AHjEIxADDfF_mH7LG6kwyMifKZsk13DS_9XhZ8vbNqbGBUN9eYpI1M-XVmsII79P4auwQ18GRtQi8Ta7_yny8tr__jTzYIc0d92cmENKg3z7T8niOosfWEDesNwbaEWdughMAak687p-lU2xg4FAQCZsckdz4XTjIBajjZXaSHMSj7dfMpiHjNLt_tG5Iylir5eBYtfmDUORTQBWx6U3SZj0-4rmTuUBgohlBgZuXIJTJcG7fj8Q27VAOaaC0Ue2C1iK6ZjxlEBMXQU7MUcUer3OFhHix6MnmO0-Cnvh9A6EmUst1-MzQqhsJQVzh3NGnYuxzzRjik2EiTC0ktv2SPBgbOWdEgrZEpwowjs0_WMfeOWpm7VLZZz2Sdaa-vU_SeEDzN7sc13ptRK7RTuU-8TPiw5Qpq-QA-DsTRo9oWDpD5zHUg1uDsX5lyPxzbQFBdy4qlqAg&cid=CAQSPADICaaNp-rn5xVx1zDPxKDum3PtBYrHXHir6KFxsXxdB5_ygu5tolXJgk2du7vuSGIaMBSYV9I3c71_nRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=8846399749532909000&adk=548554675&idt=133&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 13:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
83420
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Oct 2023 13:38:45 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 5746 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CODhXJazCbqtUxlAlxGhQ77l-hGFPfClzvXoo2wfQW_ZcLvAYQdNl_6sEL8FiodqXEwWrSkYShHQyXG_UQiBIg7n8XJ3AO6B--rygMXqnsJEoWJYlYlKvsdAt2ol9JdU1FDvz5B2sRp_MO2BtDneLePgb79MTLhCXfZSbibaHEjPT8XO0&cry=1&dbm_d=AKAmf-DAbn_JmCk5c2_OdFYEJ1CoVFXGbBrZSPMrnMlpy_4uYSQI5izM3aNqCOGtjwgP-jZr1AGipHNsFLF7NIFLXH5p00wXup5znkMPR11u9yWkPc5UEDWjSFI3y8l-3onNaShs-MooiPO_myWKQ2sM4Or2iUmVijIop6TshZlsBjLSfjlacMnrXAGGqt-8aHpsTVvM7aN2oHCLB7xP5ig0tPQHetzVtw5AGh4NeZaVrRzo3jpv_VX3vThBKfFOIz5ZnEat5D3IeGUIXGInPnwpne7tfMWUvZyaZy8l293Kfj_hrpyfkVPs9FBqdXEHd8DrDDKWIebggpR1crLqCaQHP9aoayky3Vw5a_7aFaIaq2FbAROHcUwLGNRY-e780j41pYfWWOY1O15uUo8GqQmEJ4R8cQqFoAWvtFiM9yKFBFw7cfx6kcCyS3MJuwgH0xaO1hQR58qpCHDFLdbf2oCV7I3G2G1ZbXGkoQpdByyEHEydVDcR8PctPjeUI48DsD9U6oPnp8cBWZt7MCjjtuQgY0sv4hIRkiDWoj455isqYMFoj1F2nNjx0gakgPi8PAPFOv4w41a8UXqzrukCM62Ny-F9057BJ8lG364iq1gPZcseH1IVveO18CnQiuPMScGPbRcKyQo9agjmLiW5q6HiZ2D9tN3qlm_8U-CX_Bs4am_Vx0KkttcEXzUW-7UOsC5F7DsK7ut_VlA7ZygaeQxvi31v-q3_rodu7pjVdxRQgGWmmljzvL4WA8bQJ4-qthu45KzAh4iw1SWX6iTdExXdpmZLehRHMeWMbcuzd2JK9q2rN2a7hKSc_JuieuDdDHcbs0oLwRklQcRYffMTzHbuIgR6nxwokYtCIrwwMLYMJ1ED4stAXy8rQzHleetpqLLDblYoblIQeTpSxcspxszcv99rR7hCPEjIkzw3lBLzXZ-ZBRILqCg0sc2jS0yxZNLmwxBubH-RwiurpHrrKfj37Bq5Eu70EP2fSFPUlRSdDjllv35CzOTELcIG3Bkxgxw1fwWc0i0xaaKABKMjSlq5YZprTBsh9qnLMFbewhs_XE4FPrP9EXJ8P8eNaE-oqXvMLD7J9bNoRI9Lw-JSS7C2fslCOb1K0OcvGsoNHqJp9rzLtdwef2GPzPjP8gUnJilEzGXyiAOwKHZPkK57Y3iV-xQQrKdV9EG3WPsn2VGkUA0Y1g1U4IO1jjlA_sq6NTByR72zKqmpM6q1kbgiGBkH-3Qvs12xz4ZMrnj_iQgYDVLxqLPxEgnoq8UnfJxOqTMjIPSD9vttVkXSoubM3PiMvtMOrikI6SFKkIjVk7SFVqb7Z4_pMFilzkrFwcTIbLuXpCkaocUESOWo88rt18x2Aiz8T1UG57G15k44cXKvbRRHY2eML8SwQl-Ue6ZXQjRZ9dCcJPRaVW9eV-PLR4cGO_pjJgCh2W5gps5twstCaMRPjIfkfcy7F5xlTWdcY44m7r85PStL2NRUzt3amQoNIurFfB0DCGkpa1-1qlfw2A4CsVkjfpwMe9BQzv2VCdvyF5EDBR-J_1GxKnoKAQBP8eK1AQwhqG27imBnK6MdxUW2xmXeqWhiNzjj0Ytc1Da6UQU3OhQGSVLbBz4uBXjdSh1uEUTKI_-FW-K6XAPz5rLLX9COuqeHm0qDfE2JR6yp8HC3uDd5Lli_AQb18kyY5pyCOfZEr3KdvTdAKpxs6SxLajQ6bxFqMLYMqYRlhQh7Ck-lHGaBgXrEIq8vNpBtiE-ueDAzE7v5TzZqEkTmhq4HoK-KmHscWL4WWAZ1N8lSld3IDO0cCLss3SxaQPNzS07YzZwM6yH9b0RUrT8LLEJDaAxeIa3mJ4BFN-u5tWPWT8XsIuD4bqEL-6ERpIPmoQNjk-O6iy4sm_iDdoM8LQ9vhSa2QFaWYI00dbuUVbG64kWcVYmV6I3EhK1DrLhc6AaXHsW5XjqVbZwawIiXW0oJJJKBoT_ACCNQVnlIB4C1BkXiLyu8j6bGLRoP3FZLcWssLJsVfjkKUqHvjaeuP-DNE0TD1YFHhOijlyG2RFysz_nq9V_mB-sSA8X3XyZ64UTEq3nDvC3q_Y2-PKnguvx9VTK6CTtQjuZySg_j0Z0ds4RiAIEEwzI7ZKCIWD4Y5w4uI1cP6bvG_R9CX2AJeBD2K93WVsNr0mklTTnmMPK5uEjntNeOhYaRxJT2adA1cVmp-5KxT_OSvdMfi29CyCihZkAjGZbO5JRmlIs3k9CpvAizJZvt0CRKw7GtILozYsxvmcn3J5dcSQ3wbVq6ZegwabY3_k3oN-D34R3z3u_LKnd_Z21CBmtJTq5xjxpezkiwP3PccOEAN90V22Pl-ZhbVQcojsmfucm0FeXdGKdvYKNDUnf-PJVC_9Oi-Ai0WmxZnrzgtNiO-vjVsnjzqqvZrVnuSyVmh3yeDHhI5bNDnAp7q_w_6LHJsFjenUQXq1aPl0M43a5cbvafAn4sL2xEGQjVJHKnWTwQRpmRErkNDWo6xQjYrBnFZ8tAUEzS5zDu_H9qur1U5rfRl8J4Eo3his3qQwN7jLFZC0pho0m32HDWoa2-bWGufFUtUM34KfZTT_1a-3yNIR2hPwLAuPUncc6YHlYs6wDQ8e6AnUOHHMt-BmS_xWUGLE_4riTL3UJfAVNVU9KZZtXUr3i3jzrhVouwMvA-dPl17yPHph7qgfORGqWggKcmiQ4LfojBI3IFNx9lpni9yZas5zd7UTKK_BQF7StWcnMIt5ivDKwUQkiGFzwPewgCbiQ0g9VSYljKXxIREeMnhKVd6iVj7eNFbyRJs0j8w_jkhpPN2XE3QDwf58BhSTtBK2M58nfnfJnmDOhdJrXaBsWEI_Ddo8KqJdbXr53HKYe64EZfHQuN0hUSMBdlamIhhxjg5yfgroHBlRX8RU4EfMHJRE5f6FZv9Z7bIZp3IcUupsNmZYB3duD93-v3XrOxp52-HRENZmjgns5jmUt-sKS_4hxIMFQdcZ7fyWtnb0wyuwtU-pQQfcBlqaVBkZ6BkoYK5ss0Ws5Z0AUPDZ8Vc-n5sN0R8s_ktlXPcDZC0yEc9YLLBpX5GGHbXCPpr9YydasnKhUEH5QYSFqgbuzefBQFAe-xaPy5xxi6oGPhTcIOmRQXYnDYKKLVAE4NcvHDMPZ1WAzbx_Xw0Fe-5lpeXgZEMoz6Qd9DC8lYc0cxSF0DWYdbqNLIefSVp50I_7iO5jtiHnzEVnfIfYyuY9boMrWnq53D_MXEzk-TGkkFD3C_0PH69LGeBBZnDKYIBQqgSRhIrcK_Nq06YielpGW3ReRuefANu6rVRHOYpiFu_-U-ITyueOI4osD3OhzeAfN9EHJGCPpSp8nyqCkFUupXpkK6C5V_oKrPwNAFFhR20aLMAjEm3jWaxlMO5CaK5S0mhy51IkODfvoppv0NjsUxqJ4qepkbG1LVCr9BcalvObSBnkfFDABlmOqmkots1QK3pXJRwsoxL_5U1fV_fF7lQVeZJkDF95hYTdiTPKLV21BFQyif51-_mYvj1c5swtof8uZIn6zS74d6owiYi4eJzlA3YhYpzfAhtaF9dBMUtCijHn8wWF5ZmK0AzuOb-lufj5Z_lHMi45uRJYd8f8nJ9HRMURpEQ8PM0KLFewR3gEIMsjH3_bCqZmfVvQ95ZiQDfwbpaUMSh_ef3-L8IOzDwarQQVjM-dR2jatqsiUd0vmYtGJBAEln4i7Fc2wszqDNeFwOJHDMh3ohwWHh_8vzljNvfSFisR5syhKkTtJAEndiCJ_ZqX8Q9Oe4-DJFjdFGxXaeMJTzhm-bPzkFTI5InmWZraBeApcmhL9xV_J3Rbw7iJqMlt5IWhH6R7gIefgcbP9mMZABQxAoOyMVh2z7wigbrDwyLg3QD6J2HMmL431n1K3YdUUQPLtl5MGDZzcwnLXRoaQhoiiceZHJlOS5cahVk9s_eA0G1TlkcZJHa2LvT0KH1b8v1vF9xzoz02F5lQ9vMh5wGnmgRSZOmohMjJdjjxKleOPn9UUw3a4Du2UK2b_fkvArmB1wH8k7L6KC1xWoBLUd1AHjEIxADDfF_mH7LG6kwyMifKZsk13DS_9XhZ8vbNqbGBUN9eYpI1M-XVmsII79P4auwQ18GRtQi8Ta7_yny8tr__jTzYIc0d92cmENKg3z7T8niOosfWEDesNwbaEWdughMAak687p-lU2xg4FAQCZsckdz4XTjIBajjZXaSHMSj7dfMpiHjNLt_tG5Iylir5eBYtfmDUORTQBWx6U3SZj0-4rmTuUBgohlBgZuXIJTJcG7fj8Q27VAOaaC0Ue2C1iK6ZjxlEBMXQU7MUcUer3OFhHix6MnmO0-Cnvh9A6EmUst1-MzQqhsJQVzh3NGnYuxzzRjik2EiTC0ktv2SPBgbOWdEgrZEpwowjs0_WMfeOWpm7VLZZz2Sdaa-vU_SeEDzN7sc13ptRK7RTuU-8TPiw5Qpq-QA-DsTRo9oWDpD5zHUg1uDsX5lyPxzbQFBdy4qlqAg&cid=CAQSPADICaaNp-rn5xVx1zDPxKDum3PtBYrHXHir6KFxsXxdB5_ygu5tolXJgk2du7vuSGIaMBSYV9I3c71_nRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=8846399749532909000&adk=548554675&idt=133&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 13:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
83420
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Oct 2023 13:38:45 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5746 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 12:26:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
346957
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 12:26:28 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 78F0 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51175
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 Oct 2023 22:36:10 GMT
etag
48472445140208031
expires
Mon, 09 Oct 2023 22:36:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 5746 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb8638ba91a9476d05b8511457caf07926a7bd70d89917f7247ddecab875bba9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 10 Oct 2023 12:49:05 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame B4B8 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
Origin
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 20:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 09 Oct 2023 20:02:15 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame B4B8 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BY9dwSEjUn5D7OlddENRjyApiO-0YH7y1-YnloqEA4QCpxQAdlnRleNo_BDt-buuWAvPO2Aoi0whJA_hyllJGGQT45XT8LfbE3SV7-zthtU2Gc8m22uRFuVmIggOv-4nkOBNiBA2YZOAX5dwhWYp6l3XIv3JLeyndxvntRCX6VmNb5Ih8&cry=1&dbm_d=AKAmf-AiEHWmOqiAvACnZxooBgY7IDVTvtJB0EOEPqLdH_3BLJ2t-43ZllQAjvctjeewio0r_uccRZKPRNMrNHlXe6OOdkhecgjGSNuxAWdM8puOc_hcUlpZXctDjH_uLoagUV0I3X8zE1I2oaYsTmkq8aGTshqYChLZRyRtMG3f6WLT8zLzRb-6tgVrZsINv8070Q37A-QxCzt2Ik5tWrz5uV95k8BGscU0QWA6iRNbdEL3fUf8ZE_vOO-vCrn1Jd7apZgoVV7tZDkf6xLnddGV0qsV9UmNq_IvtYLxmgT853KP3IacMO8vPV7wswGTA-jDFMmCXrAJXIYZgNAIlzwmxSvmuyE7YmrHOydPIqjAzLga0AbMS6Fgn4YgHRt3GrzgqCw3BkSn4n10xFNC5tM9L_uIjzxjRbCDUzysnVBGloWXdSOoIbhQawJwkLOQBJDlOUrpb3Olpibs-SoYBlc1DNPiaXLvrsfQKY2L398xoJwX14lI8ub-4F-0PVWytiJCMIiHpMSXkb9C52-mNzBFJDAoMa7ezZUcjXWb4t72at1Jx_UwFk3v8soeVQFoJ_sGO4ADBd0H-tM9KludJht3wO6n-2fTL9wOUWNGcKs5y0QRA44tbKU4HcOgvsUAiqsLXQCPs02-buNcbWiP0bS00lAj_Xxn-hIDGTpZF2iNGgahTtncKyuQ0Ivzm0SlzXSZPrCinJQkQL1lDlXWuD6bZGb0xZ6JLGHszUihPPPlT3mRvWcKYmOX8DisGdBcHtOzWT1goVQKCGmQPvOCpc4ZFN77PmYoukPjoenvP2G3JfxEUKRh4diNCmjhG3WlUAjo29q5OM3HAdIEYaOlDcQ3jpaQqIc-2M02HzHqihoaglXNL8fiwMk8GNK81RyF9qizPVA16am63DMz-KCuIftG24lBtcix1hOZfCjtdKCxMOmzSYfNVs_F0LIfUwBnCxW-74qqcQ_9RmzQrobaFrGnNwIv0QPzdfHeRDXBwsnt934hmcaqeiNznbZlbD0arckDWVjzVMuvO9ygwMyphPDtC-EGPZF0PBrq3KqLpRZiD6cb6kHlBv5KCpmDGqcXL81tX_R40vMnLyMS8TCkGXPgCf9mK-vKJKFOrYG9KOS4314JIT1acXBSRLB3JoeLDZkL_7S91U1-Lm5l65UqeZv2mqt_CJwPRKkusNe9ZOt-jkMYoSx6pM2TjJM9--FmplcEl38ALIxEY8tguZ_-uNgP0hiHt5e8RzQqcIDMPbdjoRm5IH1Pr5PMfYKyKsl--AGjI3JDcQydqEWBcUl1Q2OfAjdE8LEBmfX_sAkHUiXGh438yTeU0inDNu2wIpmpbu3hq5jpankUeZ0xAvFon5l7UMQyhoLoFrBjqCZ91Ld9CJdEKfjqaIpzWKosv-HXLsu4j2VwT5NfyPGwiuwt4qk7FfIjwr2TkqW8bHzjDJxu1pR3kMVkjc_OvMjvmMR6PSiYr4ZmFT4h6UYR0S7m9WJAgIbXdn74na9f5VUg57HZuNuN_Ex3jV6PlldPH5jo0C_9cLdtrJNUG_JfvSAzXr3pzOrWgu7NY4rxvQrWaYANRQfRjn0wwvJs0pgvjiIUjGreunZ8ZXQ4vcrDCqb99XHjAfZ8FJU41xO0iBZTVBMYTdXERThA94Yohl6c8RSHWMFPtOP9zQvJRUCrnfsiWAtbtishDbthXkfVJ7vORhbDVMtfxVwvnDQJ5P9qnk-mcT9b_v9-_eg8ot-ARbo6WD8EBXIpkXCurTamPfePUfveqPvKAUfIwTr5YGkVg2W4aBTOcNC7DT-bOdyaRIFoDtIFdd0rzStjuxQk3Mgtl30XcaAvWChTQoohvhx07RxSg7iiSfOmHOnwMY--TWUZeyxrgQvniVnCKjK3IT-ZLZp8cu4DOg3Ny9lbziRM2qzLJydnirh93qViT4NY-HNUd95WJV-T8x8TVr6ZZ1Gc2mERBNM5FbnZcfjaV_7F2swjnRkb3aSnlgqoJ5xBvkTKbOn_7en3jTkchx93hisXLKaS29-pvKtcCgffvufuwSVl3DJ7UtzBQF48RstZLjZLK4w1n7QJYGYAom82XWjVfiXBDGAuIgBzFAELX-7gNtrMOvqkl7DhuF7AzbhTdQpzjQC8RlZcx3Wm2MIWZma-3qE2tBhAiztksa6uldPOvcpgPSeAvcKEOWi2Tf3su5uMZpWS2D-vkAAV4MGnNK5AMm_5D3h5lGJhsJNqNA0lcGtdNV-FeyW7LW5LuJYSj5D9NsNrUgZ2fBDPVB7kS0LABDtt8raPssYoKdE42xpN0F_O9l3YwnwZnhWE90cMAK23GhKvLwob2G8hzhaC0s3TWKgkc2dbXHaUQr7S1y5rbhE9d9z5QdAIiCCq6Z1j_1TRXqucLt3j_DJAI3qwqzgSOiV30R958lkfGy-e0YtC6sztEevzKfzBFc4nqVuwsWa8IUis_QL2xohUvms10lM7_LNasrIr0gu_aY7vAa2Jkg-KzcrGxgmbQWDuWau5qnwrxym2wFT4vfVhwm5DF8ofGiWJE3IW2k9SGosNj2NNMj9p6OiNNA10Otfe3xWCC6Nme_zp-Iyz-IUZ8QRKfzQkIyJqz54V6WERlSV5APoGUjjXBBSwfMqL4PwrPW_UKWPq6OBoNvTFEoSfmRphdxMxxb__CqqUPCnVnp1-U8nP9nPcYlP_WrczzcXJeu8YRipsnmRQ2VwozLXuX0PXpb3fy_OPZ0af-eOYI4P8szFPqtm57c2HB20wYg8mIxDHldKoIFg9ya_H2aSpytDh1ImGVwXzoFaLDKBghb09s96w7FoTnZomCH5DmylE1PifO2197kzNVWcgri-BpL8rT03gGTaJi3YYsz0pus27rVxIulV3zItW2o9nYQMpDNYp2hORxkxVghkAR5n1mfq6wVxqBm3zkMMHwiBSCG65mc3fIuUo1VI7q_S8qTWW6FTHZ9BNR1NytcECzbc-1G7_yDrjnDUlpH85RvanOJcdI5FQuJ0oWnpbrW0tZ3WFzAkbV8TlEDkvgdSyrmrgWO7uD-JG8EjmtdBW0JYbXlLzzXy_j_UIQywVu7T63YniVLun9_K5ZDi9--xndA6XnGFMoCaLskRDFCNwf8-LkobIVCrj5L8yOlHzlVjludwLlWZv5DO3MoRszHvesELDOmlRtlC6heQMC4_1_hKLuVVquputQGrMvK2WX1hKHDT8FvSExOwBgr22Y58tndzwGQvIMu7plByw4yO-ammPb0dBv1LfIwh8oO-eDh3FBIfeY8JqHHjwZGOywuGEpqzX-F7CVXstzrL-dXdv-5NgVGhROjXLyaeUMlZA6NZJ78O-vLQFU_wygnBnwQk01taf0G1FWvm0KtvywqkZewCiHxc8k9DDKr5ysyVUGkRLb323B3cMDgtPhOzMaQU3Q9RJ7IXKhbJgd4WTnl2f53MW-iNtrursI7sb2SHJQZoJ0T9NgR-D30JamRfLTyi8FuBPacdAx8eDX2vWsW6GEKnAd6O9XAICtZF_yRyLUH9j5vG-DdvU6_-gy7pnZUYNpXq1uOtL8PKyEO6C9tKtDNzPEX0jlE2VHEbqBYReylXMWjV_GrhCd5qA0XgQ2GbH0n_H-ancr_db2_juFdpgx2aI1NRbQ84LHkBPVmhLcLTDSf28C8QvkZ-M6fU8DvcPIaGGGpZw8f9JdU9TRiGAbjyrsRjcyWI_wqGo41oDHEcbK5wcjqWGBcb1yMmZrr5bj9WuiJ8kOVZOTQ9RfI7GrKrW0Dj37pWIHXAi7drMZACc75PN1qsV5tSNkjDPEiilpEHFq6JuJVfXymmLAcHLapugDU43qRUgM9VfIFVHrWLMhJvyhLzgPIEJVsnwMxpiirrKbO3z3k3g_ICN2oIEhE0rI6kby9-TRtGqbljlVmg2aQfY9DmGyg1oQZk8fShz3ESP3Hm2cfw_YSnzfyYqwXSqLXKQDMZRMroureo7Az-dUZOgmt32q2sXT1qa5uwi2zu8dmwAfVyyA8LFkF4dVAR-iM-MXhG0e5X_E58QjrN0tZxl0HmwYRm-QIE_RHZ4-8D9WrdsLB0Ld5Sast0MMFvGj7KO9_xPugZ3dv7C6PiYnHrp9wxzpXFDzeWvQlqhLhRw4ZSSm4uZfK9kOg_jKoqZsj5f8OvGJW9VOohPrCG-jDOqC_firzlmp6xo4L4GPqkrhBTwyg4wNWtXSedR9iZGgAAWaQAHCv9yu9ahYAs1FVSYpiUeG9BzvGXXZ__DhQobQSk3oz27E7rPC7KoQu5QchQo5UQsN_PiGgg_6tKyOTdHYhWsScboJUt-j9Yc66_3Jx6f4O4833kDvDHuLz9rTk3uSvLKnGahsx_ffANPmUg49Cj6JcOfN8eFcKNOKds-JatZuoqvpn7lWYCY6MFNfparMfHAxlhrSjwXlHspEWAjQxSaZW_FfgbW_h9S1Ofo0ttEN2NS4zo0pLSd8ENsJ5thl75k17Kfmcaztfo5PMPRS4rsHpYGvrXXr36lOI-EbQ&cid=CAQSPADICaaNp-rn5xVx1zDPxKDum3PtBYrHXHir6KFxsXxdB5_ygu5tolXJgk2du7vuSGIaMBSYV9I3c71_nRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=3213841707746351600&adk=531095043&idt=129&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 13:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
83420
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Oct 2023 13:38:45 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame B4B8 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BY9dwSEjUn5D7OlddENRjyApiO-0YH7y1-YnloqEA4QCpxQAdlnRleNo_BDt-buuWAvPO2Aoi0whJA_hyllJGGQT45XT8LfbE3SV7-zthtU2Gc8m22uRFuVmIggOv-4nkOBNiBA2YZOAX5dwhWYp6l3XIv3JLeyndxvntRCX6VmNb5Ih8&cry=1&dbm_d=AKAmf-AiEHWmOqiAvACnZxooBgY7IDVTvtJB0EOEPqLdH_3BLJ2t-43ZllQAjvctjeewio0r_uccRZKPRNMrNHlXe6OOdkhecgjGSNuxAWdM8puOc_hcUlpZXctDjH_uLoagUV0I3X8zE1I2oaYsTmkq8aGTshqYChLZRyRtMG3f6WLT8zLzRb-6tgVrZsINv8070Q37A-QxCzt2Ik5tWrz5uV95k8BGscU0QWA6iRNbdEL3fUf8ZE_vOO-vCrn1Jd7apZgoVV7tZDkf6xLnddGV0qsV9UmNq_IvtYLxmgT853KP3IacMO8vPV7wswGTA-jDFMmCXrAJXIYZgNAIlzwmxSvmuyE7YmrHOydPIqjAzLga0AbMS6Fgn4YgHRt3GrzgqCw3BkSn4n10xFNC5tM9L_uIjzxjRbCDUzysnVBGloWXdSOoIbhQawJwkLOQBJDlOUrpb3Olpibs-SoYBlc1DNPiaXLvrsfQKY2L398xoJwX14lI8ub-4F-0PVWytiJCMIiHpMSXkb9C52-mNzBFJDAoMa7ezZUcjXWb4t72at1Jx_UwFk3v8soeVQFoJ_sGO4ADBd0H-tM9KludJht3wO6n-2fTL9wOUWNGcKs5y0QRA44tbKU4HcOgvsUAiqsLXQCPs02-buNcbWiP0bS00lAj_Xxn-hIDGTpZF2iNGgahTtncKyuQ0Ivzm0SlzXSZPrCinJQkQL1lDlXWuD6bZGb0xZ6JLGHszUihPPPlT3mRvWcKYmOX8DisGdBcHtOzWT1goVQKCGmQPvOCpc4ZFN77PmYoukPjoenvP2G3JfxEUKRh4diNCmjhG3WlUAjo29q5OM3HAdIEYaOlDcQ3jpaQqIc-2M02HzHqihoaglXNL8fiwMk8GNK81RyF9qizPVA16am63DMz-KCuIftG24lBtcix1hOZfCjtdKCxMOmzSYfNVs_F0LIfUwBnCxW-74qqcQ_9RmzQrobaFrGnNwIv0QPzdfHeRDXBwsnt934hmcaqeiNznbZlbD0arckDWVjzVMuvO9ygwMyphPDtC-EGPZF0PBrq3KqLpRZiD6cb6kHlBv5KCpmDGqcXL81tX_R40vMnLyMS8TCkGXPgCf9mK-vKJKFOrYG9KOS4314JIT1acXBSRLB3JoeLDZkL_7S91U1-Lm5l65UqeZv2mqt_CJwPRKkusNe9ZOt-jkMYoSx6pM2TjJM9--FmplcEl38ALIxEY8tguZ_-uNgP0hiHt5e8RzQqcIDMPbdjoRm5IH1Pr5PMfYKyKsl--AGjI3JDcQydqEWBcUl1Q2OfAjdE8LEBmfX_sAkHUiXGh438yTeU0inDNu2wIpmpbu3hq5jpankUeZ0xAvFon5l7UMQyhoLoFrBjqCZ91Ld9CJdEKfjqaIpzWKosv-HXLsu4j2VwT5NfyPGwiuwt4qk7FfIjwr2TkqW8bHzjDJxu1pR3kMVkjc_OvMjvmMR6PSiYr4ZmFT4h6UYR0S7m9WJAgIbXdn74na9f5VUg57HZuNuN_Ex3jV6PlldPH5jo0C_9cLdtrJNUG_JfvSAzXr3pzOrWgu7NY4rxvQrWaYANRQfRjn0wwvJs0pgvjiIUjGreunZ8ZXQ4vcrDCqb99XHjAfZ8FJU41xO0iBZTVBMYTdXERThA94Yohl6c8RSHWMFPtOP9zQvJRUCrnfsiWAtbtishDbthXkfVJ7vORhbDVMtfxVwvnDQJ5P9qnk-mcT9b_v9-_eg8ot-ARbo6WD8EBXIpkXCurTamPfePUfveqPvKAUfIwTr5YGkVg2W4aBTOcNC7DT-bOdyaRIFoDtIFdd0rzStjuxQk3Mgtl30XcaAvWChTQoohvhx07RxSg7iiSfOmHOnwMY--TWUZeyxrgQvniVnCKjK3IT-ZLZp8cu4DOg3Ny9lbziRM2qzLJydnirh93qViT4NY-HNUd95WJV-T8x8TVr6ZZ1Gc2mERBNM5FbnZcfjaV_7F2swjnRkb3aSnlgqoJ5xBvkTKbOn_7en3jTkchx93hisXLKaS29-pvKtcCgffvufuwSVl3DJ7UtzBQF48RstZLjZLK4w1n7QJYGYAom82XWjVfiXBDGAuIgBzFAELX-7gNtrMOvqkl7DhuF7AzbhTdQpzjQC8RlZcx3Wm2MIWZma-3qE2tBhAiztksa6uldPOvcpgPSeAvcKEOWi2Tf3su5uMZpWS2D-vkAAV4MGnNK5AMm_5D3h5lGJhsJNqNA0lcGtdNV-FeyW7LW5LuJYSj5D9NsNrUgZ2fBDPVB7kS0LABDtt8raPssYoKdE42xpN0F_O9l3YwnwZnhWE90cMAK23GhKvLwob2G8hzhaC0s3TWKgkc2dbXHaUQr7S1y5rbhE9d9z5QdAIiCCq6Z1j_1TRXqucLt3j_DJAI3qwqzgSOiV30R958lkfGy-e0YtC6sztEevzKfzBFc4nqVuwsWa8IUis_QL2xohUvms10lM7_LNasrIr0gu_aY7vAa2Jkg-KzcrGxgmbQWDuWau5qnwrxym2wFT4vfVhwm5DF8ofGiWJE3IW2k9SGosNj2NNMj9p6OiNNA10Otfe3xWCC6Nme_zp-Iyz-IUZ8QRKfzQkIyJqz54V6WERlSV5APoGUjjXBBSwfMqL4PwrPW_UKWPq6OBoNvTFEoSfmRphdxMxxb__CqqUPCnVnp1-U8nP9nPcYlP_WrczzcXJeu8YRipsnmRQ2VwozLXuX0PXpb3fy_OPZ0af-eOYI4P8szFPqtm57c2HB20wYg8mIxDHldKoIFg9ya_H2aSpytDh1ImGVwXzoFaLDKBghb09s96w7FoTnZomCH5DmylE1PifO2197kzNVWcgri-BpL8rT03gGTaJi3YYsz0pus27rVxIulV3zItW2o9nYQMpDNYp2hORxkxVghkAR5n1mfq6wVxqBm3zkMMHwiBSCG65mc3fIuUo1VI7q_S8qTWW6FTHZ9BNR1NytcECzbc-1G7_yDrjnDUlpH85RvanOJcdI5FQuJ0oWnpbrW0tZ3WFzAkbV8TlEDkvgdSyrmrgWO7uD-JG8EjmtdBW0JYbXlLzzXy_j_UIQywVu7T63YniVLun9_K5ZDi9--xndA6XnGFMoCaLskRDFCNwf8-LkobIVCrj5L8yOlHzlVjludwLlWZv5DO3MoRszHvesELDOmlRtlC6heQMC4_1_hKLuVVquputQGrMvK2WX1hKHDT8FvSExOwBgr22Y58tndzwGQvIMu7plByw4yO-ammPb0dBv1LfIwh8oO-eDh3FBIfeY8JqHHjwZGOywuGEpqzX-F7CVXstzrL-dXdv-5NgVGhROjXLyaeUMlZA6NZJ78O-vLQFU_wygnBnwQk01taf0G1FWvm0KtvywqkZewCiHxc8k9DDKr5ysyVUGkRLb323B3cMDgtPhOzMaQU3Q9RJ7IXKhbJgd4WTnl2f53MW-iNtrursI7sb2SHJQZoJ0T9NgR-D30JamRfLTyi8FuBPacdAx8eDX2vWsW6GEKnAd6O9XAICtZF_yRyLUH9j5vG-DdvU6_-gy7pnZUYNpXq1uOtL8PKyEO6C9tKtDNzPEX0jlE2VHEbqBYReylXMWjV_GrhCd5qA0XgQ2GbH0n_H-ancr_db2_juFdpgx2aI1NRbQ84LHkBPVmhLcLTDSf28C8QvkZ-M6fU8DvcPIaGGGpZw8f9JdU9TRiGAbjyrsRjcyWI_wqGo41oDHEcbK5wcjqWGBcb1yMmZrr5bj9WuiJ8kOVZOTQ9RfI7GrKrW0Dj37pWIHXAi7drMZACc75PN1qsV5tSNkjDPEiilpEHFq6JuJVfXymmLAcHLapugDU43qRUgM9VfIFVHrWLMhJvyhLzgPIEJVsnwMxpiirrKbO3z3k3g_ICN2oIEhE0rI6kby9-TRtGqbljlVmg2aQfY9DmGyg1oQZk8fShz3ESP3Hm2cfw_YSnzfyYqwXSqLXKQDMZRMroureo7Az-dUZOgmt32q2sXT1qa5uwi2zu8dmwAfVyyA8LFkF4dVAR-iM-MXhG0e5X_E58QjrN0tZxl0HmwYRm-QIE_RHZ4-8D9WrdsLB0Ld5Sast0MMFvGj7KO9_xPugZ3dv7C6PiYnHrp9wxzpXFDzeWvQlqhLhRw4ZSSm4uZfK9kOg_jKoqZsj5f8OvGJW9VOohPrCG-jDOqC_firzlmp6xo4L4GPqkrhBTwyg4wNWtXSedR9iZGgAAWaQAHCv9yu9ahYAs1FVSYpiUeG9BzvGXXZ__DhQobQSk3oz27E7rPC7KoQu5QchQo5UQsN_PiGgg_6tKyOTdHYhWsScboJUt-j9Yc66_3Jx6f4O4833kDvDHuLz9rTk3uSvLKnGahsx_ffANPmUg49Cj6JcOfN8eFcKNOKds-JatZuoqvpn7lWYCY6MFNfparMfHAxlhrSjwXlHspEWAjQxSaZW_FfgbW_h9S1Ofo0ttEN2NS4zo0pLSd8ENsJ5thl75k17Kfmcaztfo5PMPRS4rsHpYGvrXXr36lOI-EbQ&cid=CAQSPADICaaNp-rn5xVx1zDPxKDum3PtBYrHXHir6KFxsXxdB5_ygu5tolXJgk2du7vuSGIaMBSYV9I3c71_nRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=3213841707746351600&adk=531095043&idt=129&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 13:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
83420
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Oct 2023 13:38:45 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B4B8 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 12:26:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
346957
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 12:26:28 GMT
dpixel
cms.quantserve.com/ Frame B589 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKlPBnFuU1foGqVI8qjAjkM&google_cver=1&google_push=AXcoOmQY0QDEXNFPlbhcKIxolKCeWtIQbv-zfIZRsOlzbnu8xKhBqZPzGxK12RLObQl1j0F1dh5j1nq-M8D5F15iImIUN59D2Ps
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame B589 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMYZvCLMeTzWwImqh4QWUzg&google_cver=1&google_push=AXcoOmT6IkqxGl3NwEbcrMEZKri603N7ViPfLR7-1lhPTOExkpINevyICdyDyNzETHGSqfoaLCDn0SmzucD8j_ypHzs9l43i8w
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
google
match.adsrvr.org/track/cmf/ Frame B589 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOt3WcUKQk8cNs9YjZMo1wQ&google_cver=1&google_push=AXcoOmQxUtNmN40e22KGMSWAwAKTb3CbTMnFrYllByquBYnx4rS7XOrnpfqrdRZysfasuzsW9Ch3GXCM2S8UMcoVM46R_gm-Fw
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:05 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame B589
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENVb1TjyfQFdQepbsOJ9REU&google_cver=1&google_push=AXcoOmSw6pOa4sH8fhpkp6wjXnDn1ercSytp_wed1-FYvn6CAZ1-yXDN5CQj7bl8CEcsPf06_qfdkXIoGiziAfbEH...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENVb1TjyfQFdQepbsOJ9REU&google_cver=1&google_push=AXcoOmSw6pOa4sH8fhpkp6wjXnDn1ercSytp_wed1-FYvn6CAZ1-yXDN5CQj7bl8CEcsPf06_qfdkXIoGiziAfbEH...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSw6pOa4sH8fhpkp6wjXnDn1ercSytp_wed1-FYvn6CAZ1-yXDN5CQj7bl8CEcsPf06_qfdkXIoGiziAfbEHdCt9yExgTc&google_hm=HdQhpGZHjMyiDuTBR8C0C2Ey
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSw6pOa4sH8fhpkp6wjXnDn1ercSytp_wed1-FYvn6CAZ1-yXDN5CQj7bl8CEcsPf06_qfdkXIoGiziAfbEHdCt9yExgTc&google_hm=HdQhpGZHjMyiDuTBR8C0C2Ey
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 09 Oct 2023 12:49:05 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSw6pOa4sH8fhpkp6wjXnDn1ercSytp_wed1-FYvn6CAZ1-yXDN5CQj7bl8CEcsPf06_qfdkXIoGiziAfbEHdCt9yExgTc&google_hm=HdQhpGZHjMyiDuTBR8C0C2Ey
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame B589
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI...
  • https://sync.targeting.unrulymedia.com/csync/RX-48b4ce40-3445-43a9-bf60-f7d9a1ccc49e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSRrCOQIR3OL7S9Bhiej...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSRrCOQIR3OL7S9BhiejY8KaMCnfJ1_WVfH39sA8ZdIodu6R1Eagbb7cep9rMF9kKcPhAsTkmLmErnh4skZRk77GSuIUWU&google_hm=A0i0zkA0RUOpv2D32aHMxJ4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSRrCOQIR3OL7S9BhiejY8KaMCnfJ1_WVfH39sA8ZdIodu6R1Eagbb7cep9rMF9kKcPhAsTkmLmErnh4skZRk77GSuIUWU&google_hm=A0i0zkA0RUOpv2D32aHMxJ4
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSRrCOQIR3OL7S9BhiejY8KaMCnfJ1_WVfH39sA8ZdIodu6R1Eagbb7cep9rMF9kKcPhAsTkmLmErnh4skZRk77GSuIUWU&google_hm=A0i0zkA0RUOpv2D32aHMxJ4
date
Mon, 09 Oct 2023 12:49:05 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX48b4ce40344543a9bf60f7d9a1ccc49e003
content-type
text/html
/
onetag-sys.com/match/ Frame B589
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMregYNcyKImyqDyFnGme0k&google_cver=1&google_push=AXcoOmR7vXGGWwxvWma2qAB_9ZoHvaBKBBfpNg7USvAMLYehIg-ZgI-xJdTP-5JcumcX3Kac4hl7dbhtc8M...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR7vXGGWwxvWma2qAB_9ZoHvaBKBBfpNg7USvAMLYehIg-ZgI-xJdTP-5JcumcX3Kac4hl7dbhtc8MydRKmnB3tN_nqZ4g
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame B589 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOVLttxj6GBfA8TiBz3sUx4&google_cver=1&google_push=AXcoOmQDnjKIGn5RvOOsOgaKgL0WyClYEVlm0NQ8zpKfKKhwNqyFB0VvZfcBOvsk18OggdJYJuUTtDCjN0_C5YulrQz9bSFdw41y
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.211.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-211-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame B589 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KWyluIBuDPOAx06NI5zVzVYtgLOri1tsP_LnoKln84uT5AGz3eCVVm3rusRE5KRUBAsdf9cnU
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:05 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1D42 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51175
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 Oct 2023 22:36:10 GMT
etag
48472445140208031
expires
Mon, 09 Oct 2023 22:36:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/9407729109653520384/ Frame ACCF 		205 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9407729109653520384/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c66aad39e5f74c6a167e2f744160835509283484fab456f0c6aca222ac0ab515
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
512044
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
41060
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 14:35:01 GMT
expires
Wed, 02 Oct 2024 14:35:01 GMT
last-modified
Fri, 25 Aug 2023 06:28:46 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 84AE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuke87M28B3WpAQ1k7Ewo8a7h-t-ZqUsqT4AMPeRrxosUYeiIAy9Co3yZs9UCI-feRpF8wSsjl5GywOeCdE3yyOsc5ciGYuAyLHquf3g4NPqELtLssGXZ0CBms_59DTHulTMvYQzu3bAh3KZLksS55czRm8fmLJjCm1b2vS4YyZEEUboVUgqwT86At4RJ3ixh-CNNl0Ga9kSvDl0lDjwN2Z8-wCtYdRRFC6ZhouVR5Bx79OyNmxLpOCrOWnaozHZvGYFDxai9y6t7NTrut0JQw89V_q017TiHzt8ilR6mUsZc065Yh9GDjzBTEzpD5IY20xdm5cqLoNM77_sjMjqFO_Qa-usj6qTrDroKjjEKe_qqNLJmPquMDRArDznbFcCcj5vPcmMxTvcsypFMmuIgXS_17jAfBXOIiU2YOIZRgg60CY-ZIvBHITb4EUHKBiynlJNP4tnGMd8sYcxpkQ2C5O4M-flpdSIzauhCkh5vBLUiyu8EUrYSSk0MUPVrGBcj9NPaqWmVYBnx6pSIdOgxMmYkj2RUhTWzmwu-xXQs_OKkBHYPueMwEGR-dAelBsoE7VGkRJSq8m9pa0FE93OIljm-WqtdA_TmS3L68RrD-RZpj_nFPgTBAFQfwuufHF0kmJ8RAdmS22BQK7G7SdPWs_J3-zvglmaJcCLPmWRcYCHkKEd6W0Xxq4KyDHx_5gyBewBjyhCaEw6O4jZ2vy5Cy5AplPE91Xm2E95XHIvFuwizfRr7pgLNyDL3X13GXKiNY1HkrWoW8DCNnR4kZcdEuv5NUrq4asbcojDRS1Gt2nZVJ_vD3ByVIMA4hD3Fa-2-2LZsUH--7gFZNLa3UsgecdMlmB8tbKeuMGlthbGqQfuX-ztbTAjUGKvRORRPQ_SAm7-jBXJyxD4cBcPGV-m7qC_GYXVO053gke5zQmquvPe7zDFtx4LLZHUnxcdBcc4uc4YVru9Dlld4yZaWkYGxGrXTEk1w1tpmXZYauqwhXRpl7-VPtk7ORfP7Yl_DoMu48IlPtGWELnyFGALU9Hk3qR3LbG4TRG_rA7YEVrPaCYzVrgJ7Y4RKAR0e4vm4nt3YIDRz_bf8fqrVzav2xyBEUX2NIQkmARsUD0ul7ZuPmyIPyTrZx8JdeoXNzl7Bbw2gPSj5UDbIPgqPgtckV_noz4IeK90y9Xq3j238QGoFfsGYCjpBdy-ALLeK9Wb6smZHpu7EAbygULnyDiLsZdmrUGLxbzhEWXLXbcdciWX3xnoTsYPolDt_OjPJLlIhk2YiXtjND9U9KK9TARcKhEGbcMG9INf8sCufbOrbpAg86CRcqhJtRvwpugwKAtmYGnK38Dg_Yb5SN1euZFGZc_lCOTgSSc-X5X_X1lud225RbChA&sai=AMfl-YSo_vM4-BEuXdrdsoMo0aIvuF1UX47Y-beO2csClV6UBAZsp8vb4OAgAWVbcoAS5VEIjztfQfZP9aAScQWg91o2oF53kbQenYczRXtQyzEiuUq3gP2Zxla_t_ka7jatchD3dK1d07N05CtthmlJpWA3CCXDEZFTXVB57s2pkiOmW3T9f_h3iDmbSJi9QB-VXTz-7n1fc8QJUeEKwlk41Vjmn83ECIbnJbAECE81nlHnDk76EMv3cH9Zdh-dCJ1JUKFnW2c&sig=Cg0ArKJSzCkRPgrzYjPVEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=165&cbvp=1&cstd=161&cisv=r20231004.09385&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 09 Oct 2023 12:49:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame B4B8 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2813c0a3f00a8267102a747c6b27144547f554641850a3aeef02879ab83b5c6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/9407729109653520384/ Frame BB5D 		205 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9407729109653520384/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c66aad39e5f74c6a167e2f744160835509283484fab456f0c6aca222ac0ab515
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
512044
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
41060
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 14:35:01 GMT
expires
Wed, 02 Oct 2024 14:35:01 GMT
last-modified
Fri, 25 Aug 2023 06:28:46 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 5746 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssgI_QtM7koWu3IXDzSQH9oFyhiZ8xywG4cKe2NoCEqDNYbcRW2QHEMnK8f8tnLKaT9Ve7gvFKVwJyKnIxcltOZtpvgkWXdInYKZ9h2XFjiv70yWtrEPjbogSwe8hOgLPmqgZstI-BOSWI4WaLrOf49b6pe5Gq6eeDN-hgApVIitNiDs8mygsjbpUS5pCgkATNkgaCDkvX_qABkDJmC4yHKZf4vF_sAHF5Bf4kZLFiZJYHmCeU7tCQRDwPZxwbfA6VZKCP6l0lqZIGWP0pcLpkm-K-r8giMYmp-EjvI_qxJZH9Jg1frHbFrqmawRr3a2Afx66j1SoPlHRitw-710XDkYoz8TW4cPqyqnRqxZJkPgJkVjdMRLPWYS6WN7U6nnD3LcBMvNei_lVGKl-k8Fl_hL150kMbF0o1oSKTom1GPy8pPHYEmohE1nhp9f-EW1sXWbYgKZH95nbvHbZf3vy7jAt1aBKIg9YATlDtnmzxbPzWHEpdd4JUGB7pNhjdeKBSu6xQGJbfyOSLXQKb-mZab52TKF4YLjENdYMlWFI9lU-lgo36VslxBASYlTcgkD_sLHMpzgwFst_XruArhksJGGwW4aQNzp7CA8oL3sqo7_c5RPCKJJ5g4tKDu_FDr7oinuWYlAGs7pzr-gZbdv5f9nOLQO5Kn6-EBMldCEou_hFDFUmaMz4ryjE_Ixr9W7EBJXDH2pIAHri-HBPs_7LLD8JG3rHi3J9HQlUAnz0kctTLyA32lqXhRst-z78xlOKSeDkSVEpnp-jyRa2YXSIdGsZsSefmNBcQ4hZjm_JN842FQXemy5Iiz5_hcfwlN8vo0LyREXKqlgIWNvop3amwc1uNtVJ2KlzcOkPjuFpuAtfXIYUEbrF6qNlCNkSYj2GWVU9w4x5hGHtrLGsKFrAl3W6HMGh8izQ5UEts_Ud8Pir88ipeMncuRPFEwMCxHFNcZl-X_sYRSlwqU1WGxJSZEuX_QjF0Zo-F0kmiEnWz2HVKOtzK27UpiliQFrz9NvxBWN9KXveqTQPjRzNAbLvda8Bj5adm8nPmji04zCn6OWfOyV1hwN44dt3uZO763tP1vpsU6xNo7s-MN5r1vGoXqXaAd-xZJWUf9QhTntDACy_AFoNjY7BO9ucev75cWZ9Oj_JM2CxQ7I8YO9r5CDqBp0JFQnNa21QlEe8q9U6pZLWd_ze4N6zhTy62yIK6P1aEzONI1mHPlmVMLHWSW3EnbfDFNla1VWfC9L_2a0KFo7ul0bp9EVDbl2sQVmP6SVvi5k-eT8EKqYu4UNtcawddZuJA8L4sNF1PL5-lt2l6ILm-yBDgxaQz_ZkQ41eYU22aLYqNrQvtid0j8soo4f8Fep0dfiK36830ItNpJ6Y7cGw&sai=AMfl-YSYCwKimLqV-LvnX017OYjhaSkmHksVbQDkmlfu2H1ffzPObwtX4BDyqVVgBaFTpKCASV-JKclTkIu42j2wpgSrXCUnk22IQUWEx3D2Fucn1E1TB01sotKOmLNtK9dpOZlC0T6MSzm9t_DP4XYD8isJfwPcw4YMDAqk9zuf-rYJ7HYLocNTKEgOvvdtdureLIWY8XjtJmjiwrI4_m0lp1IwSfGeeezKUkwtzq242VoadbcZKtRLWvqN93-FVn1DWdvbv5g&sig=Cg0ArKJSzDz4Jms6sJx0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=118&cbvp=1&cstd=117&cisv=r20231004.21382&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 09 Oct 2023 12:49:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
pagead2.googlesyndication.com/bg/ Frame 6384 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 10:33:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
353751
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 10:33:14 GMT
css
fonts.googleapis.com/ Frame ACCF 		30 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,200,300,regular,500,600,700,800,900,100italic,200italic,300italic,italic,500italic,600italic,700italic,800italic,900italic
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9407729109653520384/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
00f0ca5978af7f577f3bb245b52f5b98546fca77cbf7b2b42838fddc2b53cd59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 09 Oct 2023 12:49:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 11:46:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 09 Oct 2023 12:49:05 GMT
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame ACCF 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9407729109653520384/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9407729109653520384/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 07:13:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20143
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 07:13:22 GMT
pixel
cm.g.doubleclick.net/ Frame 78F0
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEBqyiyJo0KDqAnjKmALKHKo&google_cver=1&google_push=AXcoOmRVwEhPK55lXr4Dr0AFXIoWP8Lvv9nB4G-bVVuCax6_agDNarT8buObr_rOuP7-wNv0SVojWvMIhPHEWaroB7p24OjYc6xbGQ
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=ADE3A19A26A14F01A6DEAAC1D7252C03&google_push=AXcoOmRVwEhPK55lXr4Dr0AFXIoWP8Lvv9nB4G-bVVuCax6_agDNarT8buObr_rOuP7-wNv0SVojWvMIhPHEWar...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=ADE3A19A26A14F01A6DEAAC1D7252C03&google_push=AXcoOmRVwEhPK55lXr4Dr0AFXIoWP8Lvv9nB4G-bVVuCax6_agDNarT8buObr_rOuP7-wNv0SVojWvMIhPHEWaroB7p24OjYc6xbGQ
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 09 Oct 2023 12:49:05 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=ADE3A19A26A14F01A6DEAAC1D7252C03&google_push=AXcoOmRVwEhPK55lXr4Dr0AFXIoWP8Lvv9nB4G-bVVuCax6_agDNarT8buObr_rOuP7-wNv0SVojWvMIhPHEWaroB7p24OjYc6xbGQ
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 08 Oct 2023 12:49:05 GMT
pixel
cm.g.doubleclick.net/ Frame 78F0
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBCEYd-M0zm1xLk8c8muGM4&google_cver=1&google_push=AXcoOmSTErH4DgXQLSH5V9oNxqacDQFWvV0gpvk3lRdTqTbPvUw6tXYwmT1g3Xovwu1TEuSb267hKUI1lbK_neB3tSZGB7V...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSTErH4DgXQLSH5V9oNxqacDQFWvV0gpvk3lRdTqTbPvUw6tXYwmT1g3Xovwu1TEuSb267hKUI1lbK_neB3tSZGB7VHRNcW2A&google_hm=eS1mMDVJRjdKRTJwSG1P...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSTErH4DgXQLSH5V9oNxqacDQFWvV0gpvk3lRdTqTbPvUw6tXYwmT1g3Xovwu1TEuSb267hKUI1lbK_neB3tSZGB7VHRNcW2A&google_hm=eS1mMDVJRjdKRTJwSG1PU3l3SzV5U2U3d015OVJDSThCUn5B
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 09 Oct 2023 12:49:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSTErH4DgXQLSH5V9oNxqacDQFWvV0gpvk3lRdTqTbPvUw6tXYwmT1g3Xovwu1TEuSb267hKUI1lbK_neB3tSZGB7VHRNcW2A&google_hm=eS1mMDVJRjdKRTJwSG1PU3l3SzV5U2U3d015OVJDSThCUn5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 78F0
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTWwZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-fwJYRREFbZ1EV8Wm5vD8LUUdKfL5ejfzb1ukhA&google_push=AXcoOmTWwZQTtx8qWmOqbMyjWaAKL-bh1OtCe1BKcpOfJAh_iLBKQFG8ErR0gjfswmejD3xKF_3ZXrYQKdwx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-fwJYRREFbZ1EV8Wm5vD8LUUdKfL5ejfzb1ukhA&google_push=AXcoOmTWwZQTtx8qWmOqbMyjWaAKL-bh1OtCe1BKcpOfJAh_iLBKQFG8ErR0gjfswmejD3xKF_3ZXrYQKdwx2CcHegpWgx1Cma2CtQ
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-fwJYRREFbZ1EV8Wm5vD8LUUdKfL5ejfzb1ukhA&google_push=AXcoOmTWwZQTtx8qWmOqbMyjWaAKL-bh1OtCe1BKcpOfJAh_iLBKQFG8ErR0gjfswmejD3xKF_3ZXrYQKdwx2CcHegpWgx1Cma2CtQ
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
765323
content-length
0
expires
Mon, 09 Oct 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 78F0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELrk3CA8aW8GdskoHe1y63M&google_cver=1&google_push=AXcoOmRNDzkcU2f63D1giJZUjmwvzk1i0AWoyzo6CoW2IcxE9PUXcfAr-rmbMk1iw8yEAQYWjhr0JdsY...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELrk3CA8aW8GdskoHe1y63M&google_cver=1&google_push=AXcoOmRNDzkcU2f63D1giJZUjmwvzk1i0AWoyzo6CoW2IcxE9PUXcfAr-rmbMk1iw8yEAQYWjhr...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQwNjI5MDcwODQ4MDAwNTY4&google_push=AXcoOmRNDzkcU2f63D1giJZUjmwvzk1i0AWoyzo6CoW2IcxE9PUXcfAr-rmbMk1iw8yEAQYWjhr0JdsY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQwNjI5MDcwODQ4MDAwNTY4&google_push=AXcoOmRNDzkcU2f63D1giJZUjmwvzk1i0AWoyzo6CoW2IcxE9PUXcfAr-rmbMk1iw8yEAQYWjhr0JdsYBPNCwRTlc8pTZ5agmk7MzA
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQwNjI5MDcwODQ4MDAwNTY4&google_push=AXcoOmRNDzkcU2f63D1giJZUjmwvzk1i0AWoyzo6CoW2IcxE9PUXcfAr-rmbMk1iw8yEAQYWjhr0JdsYBPNCwRTlc8pTZ5agmk7MzA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 78F0 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEPtS8IaVw8FltIO3tbKqeq4&google_cver=1&google_push=AXcoOmRDwsNT0jkZKTrOW1AziNt1fXx1EODn-PhyFSqHFWktLKq0xH06Qqv5Wmasz8SMOqXlBTxXfJNde2u3NEB8ZsEa291WmHcZ
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 78F0
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENVb1TjyfQFdQepbsOJ9REU&google_cver=1&google_push=AXcoOmQd4FTQ_iHD18va7sHTks_s0_xHaPIkqxx2RuSsRNMkSIfF2sfHPkeinM57-Fp8yeX5o1Fj3MIKExKbu7oQD...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQd4FTQ_iHD18va7sHTks_s0_xHaPIkqxx2RuSsRNMkSIfF2sfHPkeinM57-Fp8yeX5o1Fj3MIKExKbu7oQD3_78_bynAl2&google_hm=HdQhpGZHjMyiDuTBR8C0C2Ey
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQd4FTQ_iHD18va7sHTks_s0_xHaPIkqxx2RuSsRNMkSIfF2sfHPkeinM57-Fp8yeX5o1Fj3MIKExKbu7oQD3_78_bynAl2&google_hm=HdQhpGZHjMyiDuTBR8C0C2Ey
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 09 Oct 2023 12:49:05 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQd4FTQ_iHD18va7sHTks_s0_xHaPIkqxx2RuSsRNMkSIfF2sfHPkeinM57-Fp8yeX5o1Fj3MIKExKbu7oQD3_78_bynAl2&google_hm=HdQhpGZHjMyiDuTBR8C0C2Ey
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
report
sync.teads.tv/um/ Frame 78F0
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHT9ZdVjlCVb...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSJuZWmJ9gcgBOLIiLk3OFsSee1w2QpoTWmmJ-GfsGpEMeG3KJXRG5ChfvS5XyQ0NRlqmCbv6ea6LOmZoffb6G9vNFbQnXO0g
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires
Mon, 09 Oct 2023 12:49:06 GMT
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:06 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 78F0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KUu2Ptgqxex9P98ElKp1UldDZrWGSFuQjZP8ahShZAde5mBj8A21F_V49udtoK2vyVw4B-4w
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:05 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F958 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
277817
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 07:38:48 GMT
expires
Sat, 05 Oct 2024 07:38:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/9407729109653520384/ Frame 1092 		205 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9407729109653520384/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c66aad39e5f74c6a167e2f744160835509283484fab456f0c6aca222ac0ab515
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
512044
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
41060
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 14:35:01 GMT
expires
Wed, 02 Oct 2024 14:35:01 GMT
last-modified
Fri, 25 Aug 2023 06:28:46 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B4B8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstliODqMKkcwEjmscsiuVIKOtS78aQaRF6G43vxUvRhoh1oZIF8nzJLVANpg-Ehlmz-10vx6c-xFFakQlDq1I-I7l4OyLbNmhQwBT3N95V3pqZPaxs9J3Kt49jxftTbCAYDo9wSxg4zo4-BuvvkWvT2ygiF_pyUzzy_akXnNTQ4zefmfXeaPxqWcrMx6pEKPQUxIv2dYHd6k_xLi1YI1l4_JUQiSIkqA5Cohy6aBaPqMPji0DWfHsGlWPR0xfNv7UhtzehXz1uMSOq4eFot6tOr9mFe72WwfU6KJKFnLjT_MizW3C-x6YEUzmXFQgPQUl-6j_pHJb8-ZENCyD6f9Uqh5cGQ1hKr5MciccPesnvGOI5hQls9TtLn3Ud6r85SwDIddwoNEsghLrj2UuWOJ4aKHHqnXF4EASNCm35hdehgbnd3XwlXzs75rk8FhhniwTJdNsopc-jIGxpQ4HDfiaJiJHBQ5PJEt1kK-BHfljdEeAsv1mZcEyQlQ5DcDUGSeEl1kI6x4pwFRDxSIHu32xmf2oOm11iKwMj49whEcqHRKn_zhDERu-Ag7cCGpNyLa6WJCOrRisOZ_8toLGxPDmnZ7i4fVaiRHj23wZtGjFW4PyO5koTi-nE7g1b7qqXFJ5mkKv681mwLE9QPaZFu4rgN0QI0by7omtgwxzgOSKIXh9nrBeVYlUT_6UGWPJIMXZb1CIIXxe38FE2HehXnb19GB3vRs0ccl8yzqNxaGFB4IxFldNWqGYAvktGMiEPT8KP8Cj7j0E3N7olchJ5Vj0kE_sczSJTX7yWlqha9gqEEpsgsntgk0aE9w8NOlSVsRPkvZpdm-oD7dpFIN72kN34JPFk_AlTqJVHf4AqYPwHFXVKKtsCIpmREUZhW0kUlPKNMB67fUtK_fBTIti2jjMceIwt2wD5aBpAUqdpoyagu0eOASxIndUb9SSP4K34eqbsApU8UDEeRlu95Ch10JKFCllMOxMzBlRt2EnpopTdZuvKLwnUo8BQoL6yUswTF50HD-sQYZcOyCOQlWvjaIIVlHc1Pza9IQQKQWasb12CdFv28L2jxPl8a9SeQ9iH2vgIyacKo_sZrSaUqVSSbOJBN_apU5gei047dZ4veLqwEFiubSoxDknpe-Jd6Yt4Hx4XH8P0tCkgwSZctePgkZ_1FsslBy3SCN0kK_yZe_RdAv1bQgCovugLB9D1tH6H9UJs5rjDrEu2oyX4sNsdnVhf5aOIvPGL-GM2u3QdAihB0OeqVm1c8gEAtgUWmy4dlgal-7Cy-kD-f90B0uG_YiYcGwJA-yjQ7deuNB3UftuOwxtNLdaAFSUgISpnx5TG5osHUilYEfUzqQhvV9HOX31PRNuTL116mcev_OlihJWLw5g&sai=AMfl-YRv8ZLOwLsihfE4CnSJ5Y9VIKyFeqySPlNDOp_160ICnNeGeg_-SQrBxbMiIYfT-sBRY2uEGCNlayk4xrEmzs0pQp4BO-I4OAh0ZhKETFujvpHFpJX8f2vHj3nOVkxDm1BkvGkgr_zrFhvg0vfntvBxarMAIhEzTpPjINg0CGjJ6mZj-ZjWE-wtBcY0gXnQqjdm8ZkaHxHUDAebs8eoZ31pUipTyRF2Nn_l9Hi2RiGTG8VvVb37QwEhdBpB2Q8dCWcGBl8&sig=Cg0ArKJSzMGOgA-PmSTkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=116&cbvp=1&cstd=114&cisv=r20231004.57584&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 09 Oct 2023 12:49:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
css
fonts.googleapis.com/ Frame BB5D 		30 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,200,300,regular,500,600,700,800,900,100italic,200italic,300italic,italic,500italic,600italic,700italic,800italic,900italic
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9407729109653520384/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
00f0ca5978af7f577f3bb245b52f5b98546fca77cbf7b2b42838fddc2b53cd59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 09 Oct 2023 12:49:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 10:54:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 09 Oct 2023 12:49:05 GMT
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame BB5D 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9407729109653520384/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9407729109653520384/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 07:13:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20143
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 07:13:22 GMT
pixel
cm.g.doubleclick.net/ Frame 1D42
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKYFs2K3YOUaKvpEk-DKZSk&google_push=AXcoOmTgyzfm10wNw2b29WtORL-oWc5o-rxKkJsHRh3XOcf4o8AAD1ZlbQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKYFs2K3YOUaKvpEk-DKZSk&google_push=AXcoOmTgyzfm10wNw2b29WtORL-oWc5o-rxKkJsHRh3XOcf4o8AAD1ZlbQktwZfVQidzcwPp4BYjfk1sHNbGlHgWSY7fdlhPhIvq
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230080-FRA
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:06 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1696855746.962835,VS0,VE89
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKYFs2K3YOUaKvpEk-DKZSk&google_push=AXcoOmTgyzfm10wNw2b29WtORL-oWc5o-rxKkJsHRh3XOcf4o8AAD1ZlbQktwZfVQidzcwPp4BYjfk1sHNbGlHgWSY7fdlhPhIvq
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame 1D42 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOt3WcUKQk8cNs9YjZMo1wQ&google_cver=1&google_push=AXcoOmQpTlm2r17OcKwsTvCMXPYwGcX-J68-rx2paX4wRnjqTbE5P6HOTzuyP4PoxnINMMt-wtyGUgZqG8ZXkicXk_2KiI82k08m
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:05 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 1D42 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEC8BuS2JJxjJbE9iVMKOkPc&google_cver=1&google_push=AXcoOmTE6hRZ2RoAKKshNhs6RNRs6k1W6Hmg8tpuqQQwgdKLfBFXTP26w-Xiqn4oW2WsxQmxLItDtNcBsYiBpQZO8Y2ZWESxuDA
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
ddos.com
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 1D42
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEBBXoXhqF5x8_ldrq2pnvVw&google_cver=1&google_push=AXcoOmRqwQn1fAS4i_pgEEhyssBlmf11xfJZXx6IxCXYPKe_fd9v49Mej2jo4knGquL1pRLOXfFTFTRGr2RDwvd0JzwNfsB...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBBXoXhqF5x8_ldrq2pnvVw&google_cver=1&google_push=AXcoOmRqwQn1fAS4i_pgEEhyssBlmf11xfJZXx6IxCXYPKe_fd9v49Mej2jo4knGquL1pRLOXfFTFTRGr2RDwvd0JzwNf...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRqwQn1fAS4i_pgEEhyssBlmf11xfJZXx6IxCXYPKe_fd9v49Mej2jo4knGquL1pRLOXfFTFTRGr2RDwvd0JzwNfsBWscyp
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRqwQn1fAS4i_pgEEhyssBlmf11xfJZXx6IxCXYPKe_fd9v49Mej2jo4knGquL1pRLOXfFTFTRGr2RDwvd0JzwNfsBWscyp
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRqwQn1fAS4i_pgEEhyssBlmf11xfJZXx6IxCXYPKe_fd9v49Mej2jo4knGquL1pRLOXfFTFTRGr2RDwvd0JzwNfsBWscyp
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 1D42
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENVb1TjyfQFdQepbsOJ9REU&google_cver=1&google_push=AXcoOmTu5iytKdDjRy2CSWn0aPaOzJuuTEdLC5G_seHbcTbgqsMvdsDTNPep8ZdiP5-4LcKo57OkVAhZkZz4NjqtR...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTu5iytKdDjRy2CSWn0aPaOzJuuTEdLC5G_seHbcTbgqsMvdsDTNPep8ZdiP5-4LcKo57OkVAhZkZz4NjqtRaIaBQdbcHOI&google_hm=HdQhpGZHjMyiDuTBR8C0C2Ey
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTu5iytKdDjRy2CSWn0aPaOzJuuTEdLC5G_seHbcTbgqsMvdsDTNPep8ZdiP5-4LcKo57OkVAhZkZz4NjqtRaIaBQdbcHOI&google_hm=HdQhpGZHjMyiDuTBR8C0C2Ey
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 09 Oct 2023 12:49:05 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTu5iytKdDjRy2CSWn0aPaOzJuuTEdLC5G_seHbcTbgqsMvdsDTNPep8ZdiP5-4LcKo57OkVAhZkZz4NjqtRaIaBQdbcHOI&google_hm=HdQhpGZHjMyiDuTBR8C0C2Ey
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 1D42
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMregYNcyKImyqDyFnGme0k&google_cver=1&google_push=AXcoOmRW5DOENaRekWl1Wv8k-IXwZSLrigQBZd5liV4inIGt7q75lGMtkpgKwbaX8N0OvSRL21x4kJUlNpac...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRW5DOENaRekWl1Wv8k-IXwZSLrigQBZd5liV4inIGt7q75lGMtkpgKwbaX8N0OvSRL21x4kJUlNpac5rpkF4UXccTbB0Kt
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRW5DOENaRekWl1Wv8k-IXwZSLrigQBZd5liV4inIGt7q75lGMtkpgKwbaX8N0OvSRL21x4kJUlNpac5rpkF4UXccTbB0Kt
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRW5DOENaRekWl1Wv8k-IXwZSLrigQBZd5liV4inIGt7q75lGMtkpgKwbaX8N0OvSRL21x4kJUlNpac5rpkF4UXccTbB0Kt
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 1D42 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOVLttxj6GBfA8TiBz3sUx4&google_cver=1&google_push=AXcoOmTu2omngeyYiGo-bOW7pM8tAx6WnJYlHZDQMDBGbbPyYqSfxWDUDPHww-q1u2BLYbrPZIAvpuLTl0tgVZZT7devPQd1rwVGkw
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.211.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-211-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 1D42 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KzBd503maSSMosWILVajeopbTOibXSFCFXHVAvKetTy97p0Kl22Vb5ZEav9oTovD7Xh3g9-Q
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:05 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
css
fonts.googleapis.com/ Frame 1092 		30 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,200,300,regular,500,600,700,800,900,100italic,200italic,300italic,italic,500italic,600italic,700italic,800italic,900italic
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9407729109653520384/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
00f0ca5978af7f577f3bb245b52f5b98546fca77cbf7b2b42838fddc2b53cd59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 09 Oct 2023 12:49:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 11:51:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 09 Oct 2023 12:49:05 GMT
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame 1092 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9407729109653520384/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9407729109653520384/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 07:13:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20143
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Oct 2023 07:13:22 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A9CF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
277817
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 07:38:48 GMT
expires
Sat, 05 Oct 2024 07:38:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 046F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 12:49:05 GMT
server
Kestrel
server-processing-duration-in-ticks
703584
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 10 Oct 2023 12:49:06 GMT
bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
pagead2.googlesyndication.com/bg/ Frame F958 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 10:33:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
353752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 10:33:14 GMT
sid
mug.criteo.com/ Frame 046F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=4mLZOHwwazhla3FRd3pwTWlkVncydGg5OTR0a2xRTDV3VHRSR3Fmc1dqMU9qb2ZCT21UUkZwM1pvQjQvczRobjdlWkJ4NmR4Q2xGdGc3Y0J4V2dqTjU4NXFvMlpveDd0dVBQejUvTktZL2EyZ1FlUVpobGRPTnMzSFBLdE...
436 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=4mLZOHwwazhla3FRd3pwTWlkVncydGg5OTR0a2xRTDV3VHRSR3Fmc1dqMU9qb2ZCT21UUkZwM1pvQjQvczRobjdlWkJ4NmR4Q2xGdGc3Y0J4V2dqTjU4NXFvMlpveDd0dVBQejUvTktZL2EyZ1FlUVpobGRPTnMzSFBLdEVCUGt3bTZoOVhXNjNOK3dvSDVhMFhOM1RESG1aczBacWJUWmpkZU54Sm81RnlWVUN3WWNBdVAxZ0RudmxEdkRmNGRrdTZOUEVudHhWdGV2dEp5K21tN2IvWW5OYjNqcFl0VjBFd0Jaa09hR0Y2SGF4ajhhUWRNUmx4R1FJVmZBbk9rbUtMY3VHL3ZDS2VmUG5sb1pQaldkektZcmtMQT09fA&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6c2f7cd0b4874a74f3848a6be48daac6486942b163bf3a0accbef3b65c4b8ab5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
898488
expires
0

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=4mLZOHwwazhla3FRd3pwTWlkVncydGg5OTR0a2xRTDV3VHRSR3Fmc1dqMU9qb2ZCT21UUkZwM1pvQjQvczRobjdlWkJ4NmR4Q2xGdGc3Y0J4V2dqTjU4NXFvMlpveDd0dVBQejUvTktZL2EyZ1FlUVpobGRPTnMzSFBLdEVCUGt3bTZoOVhXNjNOK3dvSDVhMFhOM1RESG1aczBacWJUWmpkZU54Sm81RnlWVUN3WWNBdVAxZ0RudmxEdkRmNGRrdTZOUEVudHhWdGV2dEp5K21tN2IvWW5OYjNqcFl0VjBFd0Jaa09hR0Y2SGF4ajhhUWRNUmx4R1FJVmZBbk9rbUtMY3VHL3ZDS2VmUG5sb1pQaldkektZcmtMQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
262773
content-length
0
expires
0
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame BB5D 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,200,300,regular,500,600,700,800,900,100italic,200italic,300italic,italic,500italic,600italic,700italic,800italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 18:17:59 GMT
x-content-type-options
nosniff
age
325867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 18:17:59 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 1092 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,200,300,regular,500,600,700,800,900,100italic,200italic,300italic,italic,500italic,600italic,700italic,800italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 18:17:59 GMT
x-content-type-options
nosniff
age
325867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 18:17:59 GMT
bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
pagead2.googlesyndication.com/bg/ Frame A9CF 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 10:33:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
353752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 10:33:14 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame ACCF 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,200,300,regular,500,600,700,800,900,100italic,200italic,300italic,italic,500italic,600italic,700italic,800italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 18:17:59 GMT
x-content-type-options
nosniff
age
325867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 18:17:59 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5746 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssgI_QtM7koWu3IXDzSQH9oFyhiZ8xywG4cKe2NoCEqDNYbcRW2QHEMnK8f8tnLKaT9Ve7gvFKVwJyKnIxcltOZtpvgkWXdInYKZ9h2XFjiv70yWtrEPjbogSwe8hOgLPmqgZstI-BOSWI4WaLrOf49b6pe5Gq6eeDN-hgApVIitNiDs8mygsjbpUS5pCgkATNkgaCDkvX_qABkDJmC4yHKZf4vF_sAHF5Bf4kZLFiZJYHmCeU7tCQRDwPZxwbfA6VZKCP6l0lqZIGWP0pcLpkm-K-r8giMYmp-EjvI_qxJZH9Jg1frHbFrqmawRr3a2Afx66j1SoPlHRitw-710XDkYoz8TW4cPqyqnRqxZJkPgJkVjdMRLPWYS6WN7U6nnD3LcBMvNei_lVGKl-k8Fl_hL150kMbF0o1oSKTom1GPy8pPHYEmohE1nhp9f-EW1sXWbYgKZH95nbvHbZf3vy7jAt1aBKIg9YATlDtnmzxbPzWHEpdd4JUGB7pNhjdeKBSu6xQGJbfyOSLXQKb-mZab52TKF4YLjENdYMlWFI9lU-lgo36VslxBASYlTcgkD_sLHMpzgwFst_XruArhksJGGwW4aQNzp7CA8oL3sqo7_c5RPCKJJ5g4tKDu_FDr7oinuWYlAGs7pzr-gZbdv5f9nOLQO5Kn6-EBMldCEou_hFDFUmaMz4ryjE_Ixr9W7EBJXDH2pIAHri-HBPs_7LLD8JG3rHi3J9HQlUAnz0kctTLyA32lqXhRst-z78xlOKSeDkSVEpnp-jyRa2YXSIdGsZsSefmNBcQ4hZjm_JN842FQXemy5Iiz5_hcfwlN8vo0LyREXKqlgIWNvop3amwc1uNtVJ2KlzcOkPjuFpuAtfXIYUEbrF6qNlCNkSYj2GWVU9w4x5hGHtrLGsKFrAl3W6HMGh8izQ5UEts_Ud8Pir88ipeMncuRPFEwMCxHFNcZl-X_sYRSlwqU1WGxJSZEuX_QjF0Zo-F0kmiEnWz2HVKOtzK27UpiliQFrz9NvxBWN9KXveqTQPjRzNAbLvda8Bj5adm8nPmji04zCn6OWfOyV1hwN44dt3uZO763tP1vpsU6xNo7s-MN5r1vGoXqXaAd-xZJWUf9QhTntDACy_AFoNjY7BO9ucev75cWZ9Oj_JM2CxQ7I8YO9r5CDqBp0JFQnNa21QlEe8q9U6pZLWd_ze4N6zhTy62yIK6P1aEzONI1mHPlmVMLHWSW3EnbfDFNla1VWfC9L_2a0KFo7ul0bp9EVDbl2sQVmP6SVvi5k-eT8EKqYu4UNtcawddZuJA8L4sNF1PL5-lt2l6ILm-yBDgxaQz_ZkQ41eYU22aLYqNrQvtid0j8soo4f8Fep0dfiK36830ItNpJ6Y7cGw&sai=AMfl-YSYCwKimLqV-LvnX017OYjhaSkmHksVbQDkmlfu2H1ffzPObwtX4BDyqVVgBaFTpKCASV-JKclTkIu42j2wpgSrXCUnk22IQUWEx3D2Fucn1E1TB01sotKOmLNtK9dpOZlC0T6MSzm9t_DP4XYD8isJfwPcw4YMDAqk9zuf-rYJ7HYLocNTKEgOvvdtdureLIWY8XjtJmjiwrI4_m0lp1IwSfGeeezKUkwtzq242VoadbcZKtRLWvqN93-FVn1DWdvbv5g&sig=Cg0ArKJSzDz4Jms6sJx0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=493&vt=11&dtpt=375&dett=3&cstd=117&cisv=r20231004.21382&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame B4B8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstliODqMKkcwEjmscsiuVIKOtS78aQaRF6G43vxUvRhoh1oZIF8nzJLVANpg-Ehlmz-10vx6c-xFFakQlDq1I-I7l4OyLbNmhQwBT3N95V3pqZPaxs9J3Kt49jxftTbCAYDo9wSxg4zo4-BuvvkWvT2ygiF_pyUzzy_akXnNTQ4zefmfXeaPxqWcrMx6pEKPQUxIv2dYHd6k_xLi1YI1l4_JUQiSIkqA5Cohy6aBaPqMPji0DWfHsGlWPR0xfNv7UhtzehXz1uMSOq4eFot6tOr9mFe72WwfU6KJKFnLjT_MizW3C-x6YEUzmXFQgPQUl-6j_pHJb8-ZENCyD6f9Uqh5cGQ1hKr5MciccPesnvGOI5hQls9TtLn3Ud6r85SwDIddwoNEsghLrj2UuWOJ4aKHHqnXF4EASNCm35hdehgbnd3XwlXzs75rk8FhhniwTJdNsopc-jIGxpQ4HDfiaJiJHBQ5PJEt1kK-BHfljdEeAsv1mZcEyQlQ5DcDUGSeEl1kI6x4pwFRDxSIHu32xmf2oOm11iKwMj49whEcqHRKn_zhDERu-Ag7cCGpNyLa6WJCOrRisOZ_8toLGxPDmnZ7i4fVaiRHj23wZtGjFW4PyO5koTi-nE7g1b7qqXFJ5mkKv681mwLE9QPaZFu4rgN0QI0by7omtgwxzgOSKIXh9nrBeVYlUT_6UGWPJIMXZb1CIIXxe38FE2HehXnb19GB3vRs0ccl8yzqNxaGFB4IxFldNWqGYAvktGMiEPT8KP8Cj7j0E3N7olchJ5Vj0kE_sczSJTX7yWlqha9gqEEpsgsntgk0aE9w8NOlSVsRPkvZpdm-oD7dpFIN72kN34JPFk_AlTqJVHf4AqYPwHFXVKKtsCIpmREUZhW0kUlPKNMB67fUtK_fBTIti2jjMceIwt2wD5aBpAUqdpoyagu0eOASxIndUb9SSP4K34eqbsApU8UDEeRlu95Ch10JKFCllMOxMzBlRt2EnpopTdZuvKLwnUo8BQoL6yUswTF50HD-sQYZcOyCOQlWvjaIIVlHc1Pza9IQQKQWasb12CdFv28L2jxPl8a9SeQ9iH2vgIyacKo_sZrSaUqVSSbOJBN_apU5gei047dZ4veLqwEFiubSoxDknpe-Jd6Yt4Hx4XH8P0tCkgwSZctePgkZ_1FsslBy3SCN0kK_yZe_RdAv1bQgCovugLB9D1tH6H9UJs5rjDrEu2oyX4sNsdnVhf5aOIvPGL-GM2u3QdAihB0OeqVm1c8gEAtgUWmy4dlgal-7Cy-kD-f90B0uG_YiYcGwJA-yjQ7deuNB3UftuOwxtNLdaAFSUgISpnx5TG5osHUilYEfUzqQhvV9HOX31PRNuTL116mcev_OlihJWLw5g&sai=AMfl-YRv8ZLOwLsihfE4CnSJ5Y9VIKyFeqySPlNDOp_160ICnNeGeg_-SQrBxbMiIYfT-sBRY2uEGCNlayk4xrEmzs0pQp4BO-I4OAh0ZhKETFujvpHFpJX8f2vHj3nOVkxDm1BkvGkgr_zrFhvg0vfntvBxarMAIhEzTpPjINg0CGjJ6mZj-ZjWE-wtBcY0gXnQqjdm8ZkaHxHUDAebs8eoZ31pUipTyRF2Nn_l9Hi2RiGTG8VvVb37QwEhdBpB2Q8dCWcGBl8&sig=Cg0ArKJSzMGOgA-PmSTkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=451&vt=11&dtpt=335&dett=3&cstd=114&cisv=r20231004.57584&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 84AE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuke87M28B3WpAQ1k7Ewo8a7h-t-ZqUsqT4AMPeRrxosUYeiIAy9Co3yZs9UCI-feRpF8wSsjl5GywOeCdE3yyOsc5ciGYuAyLHquf3g4NPqELtLssGXZ0CBms_59DTHulTMvYQzu3bAh3KZLksS55czRm8fmLJjCm1b2vS4YyZEEUboVUgqwT86At4RJ3ixh-CNNl0Ga9kSvDl0lDjwN2Z8-wCtYdRRFC6ZhouVR5Bx79OyNmxLpOCrOWnaozHZvGYFDxai9y6t7NTrut0JQw89V_q017TiHzt8ilR6mUsZc065Yh9GDjzBTEzpD5IY20xdm5cqLoNM77_sjMjqFO_Qa-usj6qTrDroKjjEKe_qqNLJmPquMDRArDznbFcCcj5vPcmMxTvcsypFMmuIgXS_17jAfBXOIiU2YOIZRgg60CY-ZIvBHITb4EUHKBiynlJNP4tnGMd8sYcxpkQ2C5O4M-flpdSIzauhCkh5vBLUiyu8EUrYSSk0MUPVrGBcj9NPaqWmVYBnx6pSIdOgxMmYkj2RUhTWzmwu-xXQs_OKkBHYPueMwEGR-dAelBsoE7VGkRJSq8m9pa0FE93OIljm-WqtdA_TmS3L68RrD-RZpj_nFPgTBAFQfwuufHF0kmJ8RAdmS22BQK7G7SdPWs_J3-zvglmaJcCLPmWRcYCHkKEd6W0Xxq4KyDHx_5gyBewBjyhCaEw6O4jZ2vy5Cy5AplPE91Xm2E95XHIvFuwizfRr7pgLNyDL3X13GXKiNY1HkrWoW8DCNnR4kZcdEuv5NUrq4asbcojDRS1Gt2nZVJ_vD3ByVIMA4hD3Fa-2-2LZsUH--7gFZNLa3UsgecdMlmB8tbKeuMGlthbGqQfuX-ztbTAjUGKvRORRPQ_SAm7-jBXJyxD4cBcPGV-m7qC_GYXVO053gke5zQmquvPe7zDFtx4LLZHUnxcdBcc4uc4YVru9Dlld4yZaWkYGxGrXTEk1w1tpmXZYauqwhXRpl7-VPtk7ORfP7Yl_DoMu48IlPtGWELnyFGALU9Hk3qR3LbG4TRG_rA7YEVrPaCYzVrgJ7Y4RKAR0e4vm4nt3YIDRz_bf8fqrVzav2xyBEUX2NIQkmARsUD0ul7ZuPmyIPyTrZx8JdeoXNzl7Bbw2gPSj5UDbIPgqPgtckV_noz4IeK90y9Xq3j238QGoFfsGYCjpBdy-ALLeK9Wb6smZHpu7EAbygULnyDiLsZdmrUGLxbzhEWXLXbcdciWX3xnoTsYPolDt_OjPJLlIhk2YiXtjND9U9KK9TARcKhEGbcMG9INf8sCufbOrbpAg86CRcqhJtRvwpugwKAtmYGnK38Dg_Yb5SN1euZFGZc_lCOTgSSc-X5X_X1lud225RbChA&sai=AMfl-YSo_vM4-BEuXdrdsoMo0aIvuF1UX47Y-beO2csClV6UBAZsp8vb4OAgAWVbcoAS5VEIjztfQfZP9aAScQWg91o2oF53kbQenYczRXtQyzEiuUq3gP2Zxla_t_ka7jatchD3dK1d07N05CtthmlJpWA3CCXDEZFTXVB57s2pkiOmW3T9f_h3iDmbSJi9QB-VXTz-7n1fc8QJUeEKwlk41Vjmn83ECIbnJbAECE81nlHnDk76EMv3cH9Zdh-dCJ1JUKFnW2c&sig=Cg0ArKJSzCkRPgrzYjPVEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=588&vt=11&dtpt=423&dett=3&cstd=161&cisv=r20231004.09385&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
White-BYD-logo-lowres.png
s0.2mdn.net/sadbundle/9407729109653520384/ Frame BB5D 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9407729109653520384/White-BYD-logo-lowres.png
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de9a2f99188a52b158254c0c7de8f7540560725e74b0342f2329101c00897b28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9407729109653520384/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 07:52:56 GMT
x-content-type-options
nosniff
age
17770
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13170
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 06:28:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 07:52:56 GMT
_DSF8703_Edited_v4__1_.jpg
s0.2mdn.net/sadbundle/9407729109653520384/ Frame BB5D 		142 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9407729109653520384/_DSF8703_Edited_v4__1_.jpg
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43a7eeb1b1c628406be8c1f4d7abbb6a326284b489115bb2e07d0425a362a99b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9407729109653520384/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 10:06:23 GMT
x-content-type-options
nosniff
age
268963
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145479
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 06:28:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 05 Oct 2024 10:06:23 GMT
White-BYD-logo-lowres.png
s0.2mdn.net/sadbundle/9407729109653520384/ Frame ACCF 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9407729109653520384/White-BYD-logo-lowres.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9407729109653520384/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de9a2f99188a52b158254c0c7de8f7540560725e74b0342f2329101c00897b28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9407729109653520384/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 07:52:56 GMT
x-content-type-options
nosniff
age
17770
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13170
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 06:28:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 07:52:56 GMT
_DSF8703_Edited_v4__1_.jpg
s0.2mdn.net/sadbundle/9407729109653520384/ Frame ACCF 		142 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9407729109653520384/_DSF8703_Edited_v4__1_.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9407729109653520384/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43a7eeb1b1c628406be8c1f4d7abbb6a326284b489115bb2e07d0425a362a99b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9407729109653520384/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 10:06:23 GMT
x-content-type-options
nosniff
age
268963
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145479
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 06:28:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 05 Oct 2024 10:06:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6384 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bb39uwfYjZeawJPuTjuwP9Zu5qAIAAAAAOAHgBAI&bg=!JiWlJWrNAAYMG8UMLBs7ADQBe5WfOGDkIg9LNt_EbnSuCV5JMEXRY_wttfwukroKqrB2GSO9OcssxjTpyY7-3la69f9OAgAAAX9SAAAACWgBBwoAcma0FYhGjXwKYcbX8pt6G5AVLoB1QqN-FVDB8Es5G9TUJRRlTI7Csg8JEfbw7fVvowmzqVCqWNtrMEh7HSPQdmk1VFzr0JsZ34JOIo9WUmFbFIIjTEQvQfbT0ZxiXHP6scMbnaH-OazEzN0OMj41YjH6IJkC_AzrDteMyyd-BZPCjxXTpy3X2U2zUsPg0vyqOlzgmbYaQK46-_OOPQqBVaoiLfH-w7Yyeop43VddtSFjpC5YiUf0y5-GD4FiTVlIMvlZMYLack1a5QWw2D6tV5yS54IRF0a-39Z9UwiozUxh56n04B1G__L43zsUBe4HCqbSt14sUPIJSafPnZ4FQqcelhkYCv3BHryGo9pqsTgufFHye6-nSUWM23YvcO_eFYuqVmRhNI7eApNefTGEC6FAFQzYJ918aK0UtTPOBItocrwcSVHMeF97X-ECoF8k4G8cnQbrGMV-_v_v6iVam13O7wMGKVg61I7iPlymOrKk5vEXNxNUD0L4fdOOJTMC39R003TYx8e6CYJrtzmi5iy4KWWIJDVGP1-Ub_aTe-KvS9DsQboacZpyWZW9-LmWjv8zqcujhxC0uThsl-ODpJ5vxZBqetfj3iHlUlCTrbqqrOzbh4442Il-E7DMi838mo23DsfKcQqIHaO8WDoSH66MKyaCWgDphHzA8NjBg2lFAVl5L1ImYSb5Gnv8q7cIATLilYYg09_jYwP0AdtFrUthdeJObK0n7ai3y-i9_6zeF-vHxWGDgt4T9aBklyKT7jGd3yuEa7Kkb-cuK44UXxO-1-2FgN8ypJM40XxcU9jxnNqdRkzR1wF69ijjaEHCe-x6OleijOLMcsbtLTPA_hzHkdLFu7gC2RZ94sMdFtDyCBhzdtlM_UHau1AB1Bcu6oLs89DbL8sn-_X0oWNyIIY8JJGB02xCCXYIDPlSgwB6NODE0GLyzTOtGM2QRvxCBnBLcpcwgTJKFRpTrizM1KA2Bk9vExgPoEIYqB7Q-u7PQaCbGKDR_NSFjU8G2BGuALmoCPuH_b0ffO_BAOqjP12j2L-tIjDynwGw172jm3yp4z2CNx33AH4zcmcz6-ot5Y6mtaHlhFCI2KaEmcIjOVnNlCMvjdhRDvLejl3QWxgtZy3eDFVsE5YsgP8xJlTJfwxtSLluJ8HSXo6FvvKMewNC
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F958 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6yT3wfYjZb-VJ_S89u8P2t-6uA0AAAAAOAHgBAI&bg=!AgGlAU7NAAYMG8UMLBs7ADQBe5WfOOTql8csE3-MTLVSGBXCU8qx5Gt3GI1TykBaCD0aWMy7tldubWXSgzf5fkmncEGIAgAAAQ1SAAAAB2gBB5kDEzxEl3-5Lx1QszBaA76vayvy8T4FJgHV78f_Z1tef_Fc2e4WDpmTYrO_rmG72eRdQaHbkH2JF8eOkp4uXbPV1sinHRoxR_7bn14Gtt_GBy5jOBIZdsL0Msda3PRTg0FOIM0kQeRhSgnLXeSDL3_KBcGUXHS9tAW_tIO5kEJszKkGdSiabfh43x7lkqpHtpGY2bz4GTLl5ZoJ2d4fuDMzCYtxOlOWGxfewL1qQF2lL5wyT5bq8S850bsTa6ClyyY4UgfSgukckGb7uoK6KsB-6xdEyxC9EN43-1WFZGehjUL3SiWBOI3otcPvxFI2vF_HPWehR38AA0kOb2Oyv7ltAOAOHVw4pJKhJYc54WJ72XfKEAQXof1ofCDCUXT1nR-AsoTNY32zrtF6FA_Y_J-nYpJpZmJqwDNCAJ8r1HH96vIMkyTnzDH13p5RsRc7ymqlnxQaAnp-VN53q5XYOcNehmAElPKBj-WjbRtSopVMhrI0_A0icQOI8_OUfsANABCcbc4D-XozXlBxHMRc9iTMlLvMfXpCYNWfGOygpjg0sai4Ok9EwWXKlcJyL02NV4TdbORTquiWeojqq3MSdr_FI2n_s-J-PDw8f2k35oEEj2H2X2zfF4dQIn-THJWiN3HB_06MOegbpJ0XI9nitW5H0UG-ySdkCi3QNuuTPOI0ltJtrZxcOn_Vh6XpstaPSKgMksitMiqDb6UKWkh1myf_fmBZE5K3eVC_F2O7jPwyk3htp8o2BYZavalCH4k2ikuXpnftyE0zgd9cxFySit_RdeF8O_LCqxMzVXm5wFn7I7hISs6NMDCBgAbLU8uxKd6UKd_KnkGmiWl9WVviMn5eybubg-2Hssn5ONieNDExlN9SRvddCRG0yPVVNgLzhUojh09508GWBw4tIIJWEPsXXrVeVzXtRQ1wIxjjOjlVsuX_jQz5rxkjKgsfL5ROIahaoqUuUiU-x9D1aZI-bot6eg_4LqgVY9wP6CYX3hH4HILgqcQC87s7yh9bkTuztzGwUD9DtD4vE03XB8vh--tXSBHbeQw
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A9CF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BToe-wfYjZeiWKMOPjuwPjpSMmAEAAAAAOAHgBAI&bg=!QUKlQg3NAAYMG8UMLBs7ADQBe5WfONBrjhzSHKLbENyvze69pHeI9WOcouyphkxoPKGLVUBQEdD4f2cgE-bm73Qshz3cAgAAAPpSAAAACGgBB5kDB0r2QfW7C-W1wjyjG4309kfEAO8HgKlKBLlEXAC6LpROehO_yl6M1O-yVFS-yaXI-8zyIbKHbtEg5dirmrk5A3sd9IFQshJLlG1gI1xw7s6jEEoP1yQHjdGxr8oZTXl4tjC_ETIrV8LcVbdxDytOrNzJRisppVzc40Nm153SjVka0ByrVuCTtBRyCLej8E2hEfj90S8ngU6Zs2VyZ2tRoSdfUfWTQ_Kd9MqUrM39vC3N1xO4W7LITImUFdTCfUm8BiO7zNjD7qbF5l16Q38i6mYoADFD0viDOPx7eJrGOIlrukBMtqZfSOktFBoVifX3LIU6-VEbQ-q4Hkj5mGna-siZev4vwVwRuH0S4pZK8JQn6x4uL0jwOQC0df-XmxPdB4YGemqd0XWGNsEv5RwN0bDWn8heU3NqSkt-VlkqHqzWSuwhpDn36L6MJLnPVIfo_F-EleGbWONeyEiCQZGtezDOr-DfEz78G-xHISR6DKO2JgpIwLenZ-x9RhGtfvydlEIT5o_cXFwQpuSgtUoosawSOJbsBfiP2UcYI7YJcL4Rc_gV7S6gUwaEDhZkWjLM_F_4bXEXXXFwH-Fks7nXQVERl4o1aQP6zkRa7cicVHXLeTcCbexqv7vikumXDnDQjiGBOICQusFGmEJYpl0ek7siTTLeU3dcnymIEEAlC0AIER4LOqEuwznifKGi0U_1si4SSm8-VB8zRc6SuhxLVg26G9JSahtC4qWMCnyWgQxRy114-5FCBzBtsmY_hewuMGxQIgPfD-GBaq2imlhhwqAYl-6vdOpMsCioVAhB0AFvgGJqxviOwYiG0b5s74O_ExAa1PUJwQqg0_lqlQeQxHH-FtcQZ5sRjq-HZu8xsE0R4NSM7O6lTyX4A0O37RauvtxAPxE1vu_vaLQDf0m2hZxs4iiUCelP4PaYfOzcf1_PhsyOMqSGOExsCpXGfxbsQRFPGJ9Hkwzmwun6aEBwiXDRMeaPZfPrDgYBNrMay2S0J1A-9z9_toYekAnvwAU7F9MUHXxFSYw
Requested by
Host: d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
URL: https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3611542-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/3/6/1/1/ 		144 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/3/6/1/1/3611542-46.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
bc62f36db70e76bc7ba37ebff9db8a7f7204b6e8f4e288b0ea78dd6443844aae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:38:25 GMT
via
1.1 google
age
641
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147170
3611139-46.png
images.wcdn.co.il/f_auto,q_auto,w_800,t_18/3/6/1/1/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_800,t_18/3/6/1/1/3611139-46.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
371098e3d88da8afca83eacff757f9fe936b8277b4d84f7e07504ec19b70a95b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 03:36:56 GMT
via
1.1 google
age
33130
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40048
playlistY_360P_670371.ts
amg01742-walla-wallanews-ono-btlna.amagi.tv/ Frame 7E44
Redirect Chain
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/beacon/amg01742-walla-wallanews-ono/cb50341f657b60909fd43c60f2b53dff915f3edd062fd12b6fba4cf02c9f4b06c2ffe1bd895bee68429f14ce06533357596cdb51d8781...
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_670371.ts
445 KB
446 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_670371.ts
Protocol
H2
Server
99.86.4.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-37.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
454a7af46dc6cd54bc0cc67368ee00f06be6a8324fa2de7d43cecd4a8afa7ba5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:42 GMT
via
1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
26
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
455336
last-modified
Mon, 09 Oct 2023 12:48:20 GMT
server
AmazonS3
etag
"eda9b2d3884e87888ce60a6cb67794f1"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
video/MP2T
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
XUzdM6ZaXAl1pzHxnNpeK-4gspIwx9PCjbRJxwMEiwiXBxcT5_gKHA==

Redirect headers

date
Mon, 09 Oct 2023 12:49:07 GMT
via
1.1 google, 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
GET, OPTIONS
content-type
video/mp2t
location
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_670371.ts
access-control-allow-origin
https://www.walla.co.il
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
vMbjtuH34vB571N94_zsy0JEedsZwCA750rYetMI7xP9YgOiA8ePLA==
playlistY_360P_670372.ts
amg01742-walla-wallanews-ono-btlna.amagi.tv/ Frame 7E44
Redirect Chain
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/beacon/amg01742-walla-wallanews-ono/cb50341f657b60909fd43c60f2b53dff915f3edd062fd12b6fba4cf02c9f4b06c2ffe1bd895bee68429f14ce06533357596cdb51d8781...
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_670372.ts
446 KB
447 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_670372.ts
Protocol
H2
Server
99.86.4.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-37.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
415b2a97d20f24e296c99cf21681bb3150eb36dc55f438e255c05126723050d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:46 GMT
via
1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
22
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
456464
last-modified
Mon, 09 Oct 2023 12:48:26 GMT
server
AmazonS3
etag
"9f281ad0f1de5ec8f89310bf99898b37"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
video/MP2T
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
7BP0NelcWhNctjDcipY720SRIsQ3zOfWJh7GsRrlXJcIc-UUNg-f1g==

Redirect headers

date
Mon, 09 Oct 2023 12:49:07 GMT
via
1.1 google, 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
GET, OPTIONS
content-type
video/mp2t
location
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_670372.ts
access-control-allow-origin
https://www.walla.co.il
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
_zlahNzZKFRSVrdkR_YBBxMystbxDXLvLPwZ1_dCz0Yf_dtj5lLpFw==
playlistY_360P_670373.ts
amg01742-walla-wallanews-ono-btlna.amagi.tv/ Frame 7E44
Redirect Chain
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/beacon/amg01742-walla-wallanews-ono/cb50341f657b60909fd43c60f2b53dff915f3edd062fd12b6fba4cf02c9f4b06c2ffe1bd895bee68429f14ce06533357596cdb51d8781...
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_670373.ts
447 KB
448 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_670373.ts
Protocol
H2
Server
99.86.4.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-37.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
22fd80ae74a5c7d5284c7c4bc45173e8d25cac9039a1de6c4375e265666ad77f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:54 GMT
via
1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
14
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
457968
last-modified
Mon, 09 Oct 2023 12:48:32 GMT
server
AmazonS3
etag
"32144cc6e1c20db94e3a88a4dae2c970"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
video/MP2T
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
jNOM8pS9TctQhR4c0pXeAAL5vIMu7BfI3MAQj7VIe7r_Wc9sZsHKKA==

Redirect headers

date
Mon, 09 Oct 2023 12:49:07 GMT
via
1.1 google, 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
GET, OPTIONS
content-type
video/mp2t
location
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_670373.ts
access-control-allow-origin
https://www.walla.co.il
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
qqDuJIXA01PNpkvLl6TzDxhgizqZjAj0SNSZceIExvELmFfXjXsthA==
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=454211236&t=event&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=ForcedPlay&el=Google&_u=aHDAAEABEAAAACAUI~&jid=&gjid=&cid=1859869165.1696855740&tid=UA-4780630-1&_gid=606652621.1696855740&gtm=45He3a40n71T728TH&cd1=1859869165.1696855740&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=0&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&cd122=GTM%20video%20event%20To%20GA&cd123=https%3A%2F%2Fwww.walla.co.il%2F&cd124=&cd35=editorial&cd38=Live&cd39=Live&cd44=true&cd45=Google&cd47=Live&cd49=&cd50=Live&cd72=true&cm9=1&z=882570686
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 00:36:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43972
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
playlistY_360P_670374.ts
amg01742-walla-wallanews-ono-btlna.amagi.tv/ Frame 7E44
Redirect Chain
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/beacon/amg01742-walla-wallanews-ono/cb50341f657b60909fd43c60f2b53dff915f3edd062fd12b6fba4cf02c9f4b06c2ffe1bd895bee68429f14ce06533357596cdb51d8781...
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_670374.ts
431 KB
432 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_670374.ts
Protocol
H2
Server
99.86.4.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-37.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5ca9cec8340f336f587f036283e462be274c08eec33a2269b9064b3ce0572cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:48:57 GMT
via
1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
11
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
441424
last-modified
Mon, 09 Oct 2023 12:48:38 GMT
server
AmazonS3
etag
"d53848abf641ca1afb3f96215a9c98dc"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
video/MP2T
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
4KasbigzKImGNT-02p0yMzMHnrN6hjML325t76VHGcv_VXSbFwICTg==

Redirect headers

date
Mon, 09 Oct 2023 12:49:07 GMT
via
1.1 google, 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
GET, OPTIONS
content-type
video/mp2t
location
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_670374.ts
access-control-allow-origin
https://www.walla.co.il
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
AVjGzd7CFyZLti8uSR7FzhfIowWt2hXZHnhBkuuIU6hGP_9-U4ctBA==
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C9-sAwPYjZY22Lcy99u8PhIah-Ae-1Jetc_rvjJ34EWQQASDRk8MqYJWCgICYB6ABldi1yAPIAQmpAiQmUY76cLQ-4AIAqAMByAPLBKoEtwJP0IheErkAtpc2CSjIA1O-BL0oPHsOIvxMcNJkyLS0aHCsXXHg7bDv4VMzbmc8rIdtsVfYRtkU5mDPviR9l9UzjePQlB-YfQnzNoqyGU76Z7vSnGJrsxNKnGYFdcz_mb_7x6EVJsfzhV8mWdHT5z80OOO1jnXuJgtMG6BRK-IrCBsu2EhbiGZuT1B5jZ3L1ArarOGoHTqaHHgLp6adkeXs3DXBo5WPh7lcBvZRzF1XAdC15r1TT42A3vbwoZjnx7GFeOvvq-fahfdNN5l6zWJsila38yp97sbDxXzZ7QhLOvIDYRcYMEMekOC2phjvQI6wHEwG4KSMLx-zFJDoSfT4JamGWqLPez51TjuZG-cyLCtNj8TJiei9KjOGBDAldIFDehmP8vwQ1jJJ-U-QMEX6l2Sx-SvGE8AEv7exnIYE4AQBiAWCuafIQ5IFBAgEGAGSBQQIBRgEoAYugAfx3OuEAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDfxgvSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgl1aHR0cHM6Ly93d3cuY2Fyd293LmRlLz91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWRpc3BsYXkmdXRtX2NhbXBhaWduPWdvb2dsZV9wZXJmb3JtYW5jZS1tYXhfZ2VuZXJpYyZnY2xzcmM9YXcuZHMmgAoDyAsB4g0TCJTNmJ-A6YEDFcye_QcdBEMIf9gTC9AVAYAXAbIXHgocCAASFHB1Yi03NjI3NjUwMDg2ODk1NTkwGPHmEw&sigh=KYmPcUebGCk&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNp-rn5xVx1zDPxKDum3PtBYrHXHir6KFxsXxdB5_ygu5tolXJgk2du7vuSGIaMBSYV9I3c71_nRgB&template_id=494&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 12:49:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 6396
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=C9-sAwPYjZY22Lcy99u8PhIah-Ae-1Jetc_rvjJ34EWQQASDRk8MqYJWCgICYB6ABldi1yAPIAQmpAiQmUY76cLQ-4AIAqAMByAPLBKoEtwJP0IheErkAtpc2CSjIA1O-BL0oPHsOIvxM...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212290115495598837040%22,%22debug_reporting%22:true,%22destination%22:%22https://carwow.de%22,%22event_report_window%22:%22...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212290115495598837040%22,%22debug_reporting%22:true,%22destination%22:%22https://carwow.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22957180949%22],%224%22:[%2210-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222998234084152821873%22}&andc=true
Protocol
H2
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:07 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"12290115495598837040","debug_reporting":true,"destination":"https://carwow.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["957180949"],"4":["10-09"],"6":["true"]},"priority":"500","source_event_id":"2998234084152821873"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 09 Oct 2023 12:49:07 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 09 Oct 2023 12:49:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12290115495598837040","debug_reporting":true,"destination":"https://carwow.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["957180949"],"4":["10-09"],"6":["true"]},"priority":"500","source_event_id":"2998234084152821873"}&andc=true
access-control-allow-origin
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 941B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvY53XYaiPAjd3D-1hAUasYqdbLeIK5eWXb_06DlI3vlpa0I2jGoic_Q1UN6o29h5hcet7fknEt_IlDBm2mudOigwbkjnfbHL0vCF_cyn1fAjSPK-MpvYKPNIlfOCtICCaf16W7T7YYdQkYezFN_Wwato-lcT0rbc1c8boeAkvkfWzJlBWT9HPky-YZ1z0Trq0xE3jTl7-TDWUAnH5ucpB4f8rilIj3swO3b4Y1RHYhW7_V5RR_OgWTH0WuZtpyf7kBL-xZS8HzifUUSqpVOxlBVZYPP6dHOUDugjp-RPFsZ8p_JX8ZMkJhNQ8le2W9jrtz58B6Ivn6cZ3hrGYiYPxrvEn7xg&sai=AMfl-YTx5J4eWP2rHfPbVUCtRi9iyoEoRfdKZOBqZCBWenhaIxIt2ZsmiN2DHPQ-TzQL8gI11V1xOrF5lOlpOXPG6QodG8braFgK8JLNk0hvJBRbNNlJzOTzrHGhv5yubJM&sig=Cg0ArKJSzMUjT1rMHM3zEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 09 Oct 2023 12:49:07 GMT
bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
pagead2.googlesyndication.com/bg/ Frame FE5A 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 10:33:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
353753
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14735
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 10:33:14 GMT
json
gum.criteo.com/sid/ 		2 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:06 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
185959
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 09 Oct 2023 12:49:07 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
203893
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5E60 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 09 Oct 2023 12:49:07 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame B835 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13421168
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Mon, 09 Oct 2023 12:49:07 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap1ams1
/
onetag-sys.com/usync/ Frame A156 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1696855743213
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4527 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 09 Oct 2023 12:49:07 GMT
ETag
"623de86a-cf34"
Expires
Tue, 10 Oct 2023 12:49:09 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 8D61 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 09 Oct 2023 12:49:07 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 4859 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
747
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8136bde8387b1e6a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 12:49:07 GMT
expires
Mon, 09 Oct 2023 16:49:07 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
csync.smilewanted.com/ Frame D496 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38bebece8366505f40a87e83e0746ff5746f1c352c95a66fa9f95ac3ec71db7e

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8136bde7c97f364a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 12:49:07 GMT
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C1D6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=92991
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 09 Oct 2023 12:49:07 GMT
expires
Tue, 10 Oct 2023 14:38:58 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
pixelgroup-d.openx.net/w/1.0/ Frame D3BC 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixelgroup-d.openx.net/w/1.0/pd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 09 Oct 2023 12:49:07 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
ssc-cms.33across.com/ps/ Frame 8FC0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=cR0USG9OKr6ykwaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1696809600000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP014 /
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 09 Oct 2023 12:49:07 GMT
server
33XP014
x-33x-status
2000208
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212290115495598837040%22,%22debug_reporting%22:true,%22destination%22:%22https://carwow.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22957180949%22],%224%22:[%2210-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222998234084152821873%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 12:49:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
PugMaster
image6.pubmatic.com/AdServer/ Frame C1D6 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6008522&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3dd4a2f40ed2243817ff8db8ab4d903df30999ad0862211e56f5d5345968eff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 12:49:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 5E60 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e2b1353ec42c26a50c5f47ee2bacdc5cb8a964fb8ce6ab58c8da0d9eadf65570

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Mon, 09 Oct 2023 12:49:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Oct 2023 12:26:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=84995
Connection
keep-alive
Content-Length
10539
Expires
Tue, 10 Oct 2023 12:25:42 GMT
async_usersync
ib.adnxs.com/ Frame 4527 		0
590 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:08 GMT
an-x-request-uuid
2d8303f2-484c-4c33-a6e2-ca0c25c2f66a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 031C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4427ce2eb03437999fb0e842ace02ac027a688ada5915f03766a9f0b2461261

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8136bde92add1ca9-FRA
content-encoding
br
content-type
text/html
date
Mon, 09 Oct 2023 12:49:08 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwioQvJOvPGPR0XCz1uS%2FPeqFeEF1YrDq%2BpU1PyON17HtALPGHAVdGvXwwj%2FP9wqsFOP2OEU6%2Bi3wW5bjlTx3Bzmw4%2FfMqKphWHZNunpUhphGbKwALGviKH6rLm4SRy8RExpl9S1%2BbdCYg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame D496 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1023598
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
8136bde93bfc364a-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
khaos.json
token.rubiconproject.com/ Frame 5E60 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 24BF
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 09 Oct 2023 12:49:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 12:49:07 GMT
expires
Mon, 09 Oct 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
864395
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 2D79
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3A1A8BDC-E053-41E4-B009-9C4C11F95A04&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3A1A8BDC-E053-41E4-B009-9C4C11F95A04&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3A1A8BDC-E053-41E4-B009-9C4C11F95A04&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 09 Oct 2023 12:49:08 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
HPHPC11P7QGCD9RWC8Q0

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 09 Oct 2023 12:49:08 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3A1A8BDC-E053-41E4-B009-9C4C11F95A04&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
W90WXWZPNQ03CGYDVECY
Pug
image2.pubmatic.com/AdServer/ Frame 3E8C
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oUwfXPFPTl66HR5e8U8ACfZIHw66GBtXokEBA4Tt
42 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oUwfXPFPTl66HR5e8U8ACfZIHw66GBtXokEBA4Tt
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 09 Oct 2023 12:49:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 09 Oct 2023 12:49:08 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oUwfXPFPTl66HR5e8U8ACfZIHw66GBtXokEBA4Tt
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C1D6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OhqL3OBTQeSwCZxMEflaBA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:08 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=92990
accept-ranges
bytes
content-length
5606
expires
Tue, 10 Oct 2023 14:38:58 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame C1D6 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3A1A8BDC-E053-41E4-B009-9C4C11F95A04&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.255.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-255-105.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:08 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.7.59
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame C1D6
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1372065627
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3A1A8BDC-E053-41E4-B009-9C4C11F95A04
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3A1A8BDC-E053-41E4-B009-9C4C11F95A04
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:07 GMT
via
1.1 google
last-modified
Mon, 09 Oct 2023 12:49:08 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=3A1A8BDC-E053-41E4-B009-9C4C11F95A04
date
Mon, 09 Oct 2023 12:49:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame C1D6
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=3A1A8BDC-E053-41E4-B009-9C4C11F95A04
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YTlmRnhXVGtrRWdUdzZqUnFMSC11VjRhZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=240629070848000568&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
HTTP/1.1
Server
54.211.118.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-118-49.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Mon, 09 Oct 2023 12:49:08 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 09 Oct 2023 12:49:08 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame C1D6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0ExQThCREMtRTA1My00MUU0LUIwMDktOUM0QzExRjk1QTA0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 09 Oct 2023 12:49:07 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C1D6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECSvEljrhL26Gq2_YdFQBAY&google_cver=1
42 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECSvEljrhL26Gq2_YdFQBAY&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 09 Oct 2023 12:49:07 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECSvEljrhL26Gq2_YdFQBAY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame C1D6 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:08 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 08 Oct 2023 12:49:08 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C1D6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=240629070848000568
42 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=240629070848000568
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 09 Oct 2023 12:49:08 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=240629070848000568
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame C1D6 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:08 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58292/ Frame C1D6 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3A1A8BDC-E053-41E4-B009-9C4C11F95A04&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:08 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
3A1A8BDC-E053-41E4-B009-9C4C11F95A04
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C1D6 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/3A1A8BDC-E053-41E4-B009-9C4C11F95A04?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:18d0:4fce:99a6:af2f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 031C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSP2wYm16DuSk1qYHh4kpwAAFCgAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSP2wYm16DuSk1qYHh4kpwAAFCgAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSP2wYm16DuSk1qYHh4kpwAAFCgAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 09 Oct 2023 12:49:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QH887A0PCJBA41RVGBEY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 09 Oct 2023 12:49:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J6H146MMCPHAGVWKSGJF
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZSP2wYm16DuSk1qYHh4kpwAAFCgAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 031C 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:08 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame 031C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZSP2wYm16DuSk1qYHh4kpwAAFCgAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKzcOxFMGCPHj8Qt9A5aaOM&google_cver=1
43 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKzcOxFMGCPHj8Qt9A5aaOM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dm9snIFECRfaZ7kkX6JJk4QoOTsOn3VQG0Pb5And1ZFN7BWfyi5BimrJgm6RU837xiuLUefcnM9ss4M2YhkcoM4m1fhRg0zvDaGGkP%2Fws284WopKNnlW5yW3Kskbux4jAymBo6v6K2z4kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8136bde9dbe21ca9-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKzcOxFMGCPHj8Qt9A5aaOM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 031C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=102295683559728477
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=102295683559728477
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NW0jskrdkpFqM4bWvp1rs8y47X5cMSF3UgXB%2BH4pI7Kq7pftOKxiMGKfRPiFf%2FNUPPnv52ZKaktd%2FbPMJnD6WUCYcplcLOw2tzSv1PPvfdzeN4K53qkqQHnYfj%2BnyIK7S5tPzC0gkHzXSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8136bdea585e2c25-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:08 GMT
an-x-request-uuid
2491c17a-b96d-4ba6-bea4-811f2e654bee
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=102295683559728477
x-proxy-origin
81.95.5.36; 81.95.5.36; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 031C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSP2wYm16DuSk1qYHh4kpwAA%265160
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSP2wYm16DuSk1qYHh4kpwAA%265160&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=FdCqo5Pf28t0bQwiUnAo&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSP2wYm16DuSk1qYHh4kpwAA%265160&tc=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=FdCqo5Pf28t0bQwiUnAo&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSP2wYm16DuSk1qYHh4kpwAA%265160&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmCoiv82S6TXhPLdJwb1P5fmUXaOsHi0Kxx7T%2FfQCX8geqeODAHPyc8NtqwEAa2p8BnCc0UsYfG7%2BsJSjaazyHNATZrblmbyStFTYdClrHAlib1u314lCVkQFt9i%2BjJ%2FVpKm3M2DaxRZBA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8136bdea0fd72c25-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=FdCqo5Pf28t0bQwiUnAo&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZSP2wYm16DuSk1qYHh4kpwAA%265160&tc=1
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:08 GMT, Mon, 09 Oct 2023 12:49:08 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
501709.gif
idsync.rlcdn.com/ Frame 031C
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZSP2wYm16DuSk1qYHh4kpwAA%265160&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZSP2wYm16DuSk1qYHh4kpwAA%265160&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=bec62fdd4bdc464d91e2d67ff94e305f
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=bec62fdd-4bdc-464d-91e2-d67ff94e305f
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=ade059d1-75a9-4683-b160-50f10c785b1f%3A1696855748.7155998&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dade059d1-75a9-4683-b160-50f10c7...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322328894134515&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dade059d1-75a9-4683-b1...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=ade059d1-75a9-4683-b160-50f10c785b1f%3A1696855748.7155998&_=1696855748.7184358
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=ade059d1-75a9-4683-b160-50f10c785b1f%3A1696855748.7155998&_=1696855748.7184358
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:09 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Mon, 09 Oct 2023 12:49:09 GMT
via
1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
FRA56-C2
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=ade059d1-75a9-4683-b160-50f10c785b1f%3A1696855748.7155998&_=1696855748.7184358
content-length
447
x-amz-cf-id
uHeXIZcrwC3w15tEEScdUIFraFRv-y3zwVREhWn-H9zbujb8sonWOg==
crum
dsum-sec.casalemedia.com/ Frame 031C
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=7247ba5657ae4f49b8ff8bf797e85402&expiration=1699447748
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=7247ba5657ae4f49b8ff8bf797e85402&expiration=1699447748
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogAs4z6EVE8osdlzro1jphNu0bon9QYYtUzzTtn1pQZjfEYKZFuj1w342EJYo6z%2BMFpsJYQnk%2B68gQ0a9fxFLY6rjQeTTRs0%2FpVf3AIMTT%2F%2BP6bmTlQW64iel6cI8Hu7Afuh%2BHYrVtonng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8136bde9ffb42c25-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:07 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=7247ba5657ae4f49b8ff8bf797e85402&expiration=1699447748
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 031C
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZSP2wYm16DuSk1qYHh4kpwAAFCgAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=5faf2f8c39e7aa43735f5b7def5e7e1&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv1b41_7289066977536757671&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:08 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 09 Oct 2023 12:49:08 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1696855748237015-374
Expires
Mon, 09 Oct 2023 12:49:08 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 031C 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZSP2wYm16DuSk1qYHh4kpwAA%265160
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:08 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
69005
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8136bde9daf71e6a-FRA
content-length
43
expires
Tue, 10 Oct 2023 12:49:08 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 682A 		0
588 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8136bde9dcf1364a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 12:49:08 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 18CC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pixel
ap.lijit.com/ Frame 0E65 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 09 Oct 2023 12:49:08 GMT
X-Sovrn-Pod
ad_ap1ams1
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame F75B
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Mon, 09 Oct 2023 12:44:21 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 12:44:21 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx
x-powered-by
PHP/8.2.4
smwt256.gif
us.ck-ie.com/ Frame 24F9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Mon, 09 Oct 2023 12:49:08 GMT
Server
nginx
240629070848000568
csync.smilewanted.com/set_partner_userid_get/adform/ Frame E31E
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/240629070848000568
0
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/240629070848000568
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8136bdeb3f34364a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 12:49:08 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Mon, 09 Oct 2023 12:49:08 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/240629070848000568
server
nginx
v1
match.sharethrough.com/universal/ Frame 676D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.192.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-192-135.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 09 Oct 2023 12:49:08 GMT
smw888.gif
us.ck-ie.com/ Frame 74C9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Mon, 09 Oct 2023 12:49:08 GMT
Server
nginx
FdCqo5Pf28t0bQwiUnAo
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 547E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/FdCqo5Pf28t0bQwiUnAo?pi=smilewanted
0
644 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/FdCqo5Pf28t0bQwiUnAo?pi=smilewanted
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8136bdec2893364a-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 12:49:08 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 09 Oct 2023 12:49:08 GMT Mon, 09 Oct 2023 12:49:08 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/FdCqo5Pf28t0bQwiUnAo?pi=smilewanted
pragma
no-cache
setuid
ib.adnxs.com/prebid/ Frame B2F7
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=0f1d115b1a7ce9e2d55add1e1c7804a7
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=0f1d115b1a7ce9e2d55add1e1c7804a7
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
an-x-request-uuid
a3291a3f-2464-4846-9eac-e8a72d76ec9a
cache-control
no-store, no-cache, private
content-length
43
content-type
image/gif
date
Mon, 09 Oct 2023 12:49:08 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8136bdec58e9364a-FRA
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 12:49:08 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=0f1d115b1a7ce9e2d55add1e1c7804a7
server
cloudflare
getuid
sync.smartadserver.com/ Frame 4278
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 09 Oct 2023 12:49:08 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Mon, 09 Oct 2023 12:49:08 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
activeview
pagead2.googlesyndication.com/pcs/ Frame 6396 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvMcBvbHzBEVH5EPIquwCtyxpRiRp_SCZ00Q0TLzG55Uco-wcpumbkIH1UrUFF-uB9HQCXXIiXw0wlX2_dGsRoRY31NF2hcTk8OXOCGgDWx2Lar9zk-uQPMZGRbRxtnROaKHscnjxnoJS45&sai=AMfl-YROy2_NG-hyEyx5e3uMk7MeQ4nYuO8fGehkXRiWpKfyj4wXXLH6YDTRalO5fW3PY29R6cpFDgCZ6v6GfUjo19iwbfE2nd0kQuijhL5gUFQs2WjQmpP76ZixdVRG&sig=Cg0ArKJSzPqxh4M33Jg_EAE&cid=CAQSPADICaaNp-rn5xVx1zDPxKDum3PtBYrHXHir6KFxsXxdB5_ygu5tolXJgk2du7vuSGIaMBSYV9I3c71_nRgB&id=lidar2&mcvt=1000&p=161,1439,761,1599&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2273020715&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696855745161&rpt=2436&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 941B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnHKcJGwbvoS4ACC7MI6stnyLKebDzfDEzvlSpe6R5F3xcaETaNW-omTG8Cy21uURAH5_bbSc6PHj3_lNMB_GoRHpq4ywgteclkw8inSIzU4lNh78vRmoiIeO3Ju0t&sig=Cg0ArKJSzIRogVzh0B1dEAE&id=lidar2&mcvt=1000&p=173,315,423,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231004&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=885339186&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696855745171&rpt=2464&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 84AE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOeXf-Yc_ocmIjyT2yZBrdQLu20XeO38GyqciMLzd8hK9wEkP776TBTEegPPrcmxhoycqfqevjqT4vCqJrJVMg0ktHiy9XM-PfY1PDIGBuN__RnujJqg7lVH1_Xiz1ryNC4RxuYFqlxNg5&sai=AMfl-YSonNYN_jDlWLs9fv3HfMWh8ns7BfYoMt7zZh-MWl5e4qCxOt75TpdDcPIcBu2KabvOEwUmRLzPmKBHEWfK5RNdNh4gBF6f4TM6hrqW_RPyOGzn9KjO__yQpq4g&sig=Cg0ArKJSzOLG26EqPcSJEAE&cid=CAQSPADICaaNp-rn5xVx1zDPxKDum3PtBYrHXHir6KFxsXxdB5_ygu5tolXJgk2du7vuSGIaMBSYV9I3c71_nRgB&id=lidar2&mcvt=1000&p=1000,515,1250,815&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=0.79&if=1&vu=1&app=0&itpl=20&adk=1717219177&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696855745193&rpt=2490&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5746 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwiqp2Ni08NRFiTup7sO6ITSYvomwp1LPqjMx7al9JTtHAvLMiObbuknEFZX1HL_k1D0p25eH_Negbc7lOyu9z9atL2rKSsuZUJ9pDd-ys4CaA1ogRUR_BUnfiqGtxIbchWoQB20MqfD9m&sai=AMfl-YTZo69a_xqrreq7YvW7f1bzYok9PQ4ryUWaia-Nz_F5KvHxII3C4fSCamg5Xq6iR66WzAKwQXuR2FRSb3JbT-0uxBF8Gf7JCq8JJfL6ksDNLGZqJ4YxIxb6SuYG&sig=Cg0ArKJSzJegbOlh-RztEAE&cid=CAQSPADICaaNp-rn5xVx1zDPxKDum3PtBYrHXHir6KFxsXxdB5_ygu5tolXJgk2du7vuSGIaMBSYV9I3c71_nRgB&id=lidar2&mcvt=1001&p=1000,199,1250,499&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=0.79&if=1&vu=1&app=0&itpl=20&adk=1472875564&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696855745221&rpt=2509&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 84AE 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2059384266603&version=m202309260101&ct=119&x=1&cor=5099633516393192000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5746 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6536210826533&version=m202309260101&ct=119&x=1&cor=8846399749532909000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B4B8 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4197695620213&version=m202309260101&ct=119&x=1&cor=3213841707746351600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 4527 		0
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:09 GMT
an-x-request-uuid
6bbca85d-325a-430c-aeb7-8f2c6b35455b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
index.m3u8
amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb50341f657b60909fd43c60f2b53dff915f3edd062fd12b6fba4cf02c9f4b06c2ffe1bd895bee68429f14ce06533357596cdb51d87818d7af3... Frame 7E44 		13 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb50341f657b60909fd43c60f2b53dff915f3edd062fd12b6fba4cf02c9f4b06c2ffe1bd895bee68429f14ce06533357596cdb51d87818d7af3ae80d611b4226e1c1f664dc9a1517b1de1f3251cb1e632de21e49897e0632feec19038a74f55a0d01e7046b1963dcea47ad6857cc8302957e2d82bdbe306f2c180680585ee2be5da5edf55e4cd06ba5e74e4f882943b6805fc8d549ee9ddd099f419b22f746c8c6f0d8874481d091011e66884061ece6aff8f018e9ab799398fd4e3c8e7c2948072797c9f1db7b4c4ac3de3e8299eeaa77f003cbf34ae9e78e7461ea27a8358565a80cb5e60cddc5521d96204bc6e66c1b5582e4a48ff578041ebae9b6fdd87e7e9ce4133220a3088f73796ac9af887c80b26775168944b1413d41aebe8a6f98dac1cffae06f8937c5d7f1d71f475c6f0d0cbc8fc3f079f626c771a4c2126e090314edd262cd88dd5127710fa8b41e854355e980cbb4d6006d9e3b5b42be34901b247cdc38694be02fd2932823dc755dcb666bbb101ea876d19460b5abd2ee037b92dbc449f026af9602c0f90fac226d0855fda2620a1c1f259ebf3254704ac243e5c1c3ae225a57a2a49b8cb5395230301956039cf1a721cbfca7072956900368300e537df023d966d80c4c7a5eea16c1a30471c54b611aefa93b524d7fd4af958494ddde4ba575b19cab214ef8dca2f91417a9a22c6f8de3f43628f3/36/640x360_642400/index.m3u8
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/3589_26d30df0f2e2888527b1_26d30df0f2e2888527b1_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-37.fra6.r.cloudfront.net
Software
/
Resource Hash
bfec703c3a10336a555bc793ed9f23b4c7d41a111b77a3b558d4d88d8188c0f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:09 GMT
via
1.1 google, 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
content-encoding
br
last-modified
Mon, 09 Oct 2023 12:49:08 GMT
x-amz-cf-pop
FRA6-C1
x-cache-status
FRA-fa985ced, miss
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/x-mpegURL
access-control-allow-origin
https://www.walla.co.il
x-cache
Miss from cloudfront
cache-control
max-age=1
access-control-allow-credentials
true
accept-ranges
none
x-amz-cf-id
Iq_ei2VPRxddEm4lVILA-K5Qaf7X0qSZ1meYCBoUZ9b6NRgZF9n69A==
playlistY_360P_670375.ts
amg01742-walla-wallanews-ono-btlna.amagi.tv/ Frame 7E44
Redirect Chain
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/beacon/amg01742-walla-wallanews-ono/cb50341f657b60909fd43c60f2b53dff915f3edd062fd12b6fba4cf02c9f4b06c2ffe1bd895bee68429f14ce06533357596cdb51d8781...
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_670375.ts
449 KB
450 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_670375.ts
Protocol
H2
Server
99.86.4.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-37.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
852f7332594ca646bd9e2395cfdc7b2ad90aad3dff7d4fbc13180ab8560f8fd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:04 GMT
via
1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
6
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
459848
last-modified
Mon, 09 Oct 2023 12:48:44 GMT
server
AmazonS3
etag
"481e286239021a07af62817c4eb9dd01"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
video/MP2T
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
MRNGfgV9dN26PW91HRxC2isaCMN_gHNlLB1z5AG0uiR1UOfT7t5r9w==

Redirect headers

date
Mon, 09 Oct 2023 12:49:09 GMT
via
1.1 google, 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
GET, OPTIONS
content-type
video/mp2t
location
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_670375.ts
access-control-allow-origin
https://www.walla.co.il
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
u7_eB_nyt5OQAz29OLedYYiZROhENZSOdo3xbdiPno5Aj6awLuuodw==
playlistY_360P_670376.ts
amg01742-walla-wallanews-ono-btlna.amagi.tv/ Frame 7E44
Redirect Chain
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/beacon/amg01742-walla-wallanews-ono/cb50341f657b60909fd43c60f2b53dff915f3edd062fd12b6fba4cf02c9f4b06c2ffe1bd895bee68429f14ce06533357596cdb51d8781...
  • https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_670376.ts
446 KB
447 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_670376.ts
Protocol
H2
Server
99.86.4.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-37.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
873a30a6ac806b1aa9099549a8164ea25633cde6884d7a8cddea910c92d461e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:09 GMT
via
1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
457028
last-modified
Mon, 09 Oct 2023 12:48:50 GMT
server
AmazonS3
etag
"391fd61895f2b12855c27087666547ad"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
video/MP2T
access-control-allow-origin
*
cache-control
max-age=21600
accept-ranges
bytes
x-amz-cf-id
zUov4ckh71kQb9hMgZG5nrutCt17T5GRuwZgj73v0IWPdTKLzOFK4A==

Redirect headers

date
Mon, 09 Oct 2023 12:49:09 GMT
via
1.1 google, 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
access-control-allow-methods
GET, OPTIONS
content-type
video/mp2t
location
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlistY_360P_670376.ts
access-control-allow-origin
https://www.walla.co.il
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
QyaOfDm8Ywoxyqcd7JpXySjsbohkSxSvWIx_j9R1YSugBWyQaBoKJg==
SPug
simage4.pubmatic.com/AdServer/ Frame C1D6 		0
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160447&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:08 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame C1D6 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=62611971&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
7a823f78e2ccada94c08c84c3e909ffbb1b2b7b12ed93cab8d62e372097f97c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 12:49:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 62AD 		35 B
598 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=3A1A8BDC-E053-41E4-B009-9C4C11F95A04&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 09 Oct 2023 12:49:11 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame BF23
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=102295683559728477&gdpr=0&gdpr_consent=
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=102295683559728477&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 09 Oct 2023 12:49:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
108df74a-8d41-4040-b098-d4fab01470d5
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 09 Oct 2023 12:49:11 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=102295683559728477&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
81.95.5.36; 81.95.5.36; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 63DE
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7287939956580743311&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7287939956580743311&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 09 Oct 2023 12:49:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 09 Oct 2023 12:49:11 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7287939956580743311&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame FC6A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=7ec546d4-1c80-4ba7-8cf3-ee4fa20bc9cd&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=7ec546d4-1c80-4ba7-8cf3-ee4fa20bc9cd&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=5ff4cd82-5796-4cbb-8352-784981bb1d66&ssp=pubmatic&gdpr=0
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7ec546d4-1c80-4ba7-8cf3-ee4fa20bc9cd&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7ec546d4-1c80-4ba7-8cf3-ee4fa20bc9cd&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 09 Oct 2023 12:49:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 09 Oct 2023 12:49:11 GMT
location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7ec546d4-1c80-4ba7-8cf3-ee4fa20bc9cd&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Pug
simage2.pubmatic.com/AdServer/ Frame 558B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JnR7gpP_UZlFj4vJHde1l1FfBSQ&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JnR7gpP_UZlFj4vJHde1l1FfBSQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 09 Oct 2023 12:49:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 09 Oct 2023 12:49:11 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=JnR7gpP_UZlFj4vJHde1l1FfBSQ&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 5458 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 09 Oct 2023 12:49:11 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230080-FRA
x-timer
S1696855751.143814,VS0,VE88
Pug
image2.pubmatic.com/AdServer/ Frame 35B7
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFGM1cwN0tSLTRBQUJoYlZKQWZydw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAF3W07KR-4AABhbVJAfrw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAF3W07KR-4AABhbVJAfrw&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAF3W07KR-4AABhbVJAfrw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4030770805725241773&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAF3W07KR-4AABhbVJAfrw&gdpr=0&gdpr_consent=
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAF3W07KR-4AABhbVJAfrw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 09 Oct 2023 12:49:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 09 Oct 2023 12:49:11 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAF3W07KR-4AABhbVJAfrw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 4604
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 09 Oct 2023 12:49:10 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 09 Oct 2023 12:49:11 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
mw
mwzeom.zeotap.com/ Frame C1D6 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=3A1A8BDC-E053-41E4-B009-9C4C11F95A04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:11 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
8136bdfcd9db1e64-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame C1D6
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3A1A8BDC-E053-41E4-B009-9C4C11F95A04&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3A1A8BDC-E053-41E4-B009-9C4C11F95A04&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3A1A8BDC-E053-41E4-B009-9C4C11F95A04&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.122 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:20 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:20 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=3A1A8BDC-E053-41E4-B009-9C4C11F95A04&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame C1D6
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=3A1A8BDC-E053-41E4-B009-9C4C11F95A04&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=e8da85106aa5adf369847b73e1a4f60f&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 12:49:11 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame C1D6 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
ddos.com
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:10 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame C1D6 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3A1A8BDC-E053-41E4-B009-9C4C11F95A04&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 12:49:11 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame C1D6
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3522402999126292583&gdpr=0&gdpr_consent=&us_privacy=
1 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3522402999126292583&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 09 Oct 2023 12:49:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3522402999126292583&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 09 Oct 2023 12:49:11 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
2979578-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/2/9/7/9/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/2/9/7/9/2979578-46.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
3611139-46.png
images.wcdn.co.il/f_auto,q_auto,w_800,t_18/3/6/1/1/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_800,t_18/3/6/1/1/3611139-46.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
371098e3d88da8afca83eacff757f9fe936b8277b4d84f7e07504ec19b70a95b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 03:36:56 GMT
via
1.1 google
age
33135
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40048

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tr.dxmcdn.com
URL
https://tr.dxmcdn.com/rest/api/v1/survey-executed

Verdicts & Comments Add Verdict or Comment

257 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 function| addScriptPromise object| _0x1a15 function| _0x14cd object| googletag object| WallaTargeting string| _taboolaOS object| twttr string| isAAB string| pageNumberInSession string| fatherSessionInSession object| dataLayer object| wallaGlobalEventData object| wallaEnv object| slotslist function| gtag function| ga object| _sf_async_config string| loadDataState function| smartlook boolean| isMobile undefined| showInterstitial undefined| interstitialData undefined| timestamp undefined| attempts undefined| served undefined| hourPassed undefined| url undefined| ref undefined| refFits undefined| adunit undefined| getInterstitialData object| google_tag_data object| gaplugins function| _ object| dmp object| IDXSurvey function| postscribe object| google_tag_manager_external object| google_tag_manager function| _typeof object| TRC object| _taboola object| _tblConsole object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| __twttrll object| __twttr function| fbq function| _fbq string| GoogleAnalyticsObject object| gaGlobal object| gaData object| GooglebQhCsO object| google_conversion_id object| google_custom_params object| google_remarketing_only object| adoric object| ggeac object| google_js_reporting_queue object| _0x4595 function| _0x53c5 object| _vadHb object| vadprebidChunk object| vadprebid object| _pbjsGlobals object| ADAGIO object| __LOADABLE_LOADED_CHUNKS__ object| _cbm object| regeneratorRuntime string| __strip_step__ boolean| WallaA11 string| pm_pgtp undefined| msg function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| __adoric__ boolean| IS_ADORIC_LOADED undefined| google_measure_js_timing number| google_unique_id function| PlayerSdk object| WallaPlayerApi boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id string| trc_item_url object| TRCImpl number| taboola_view_id object| webpackChunk_smartlook_recorder function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| Ah object| _pm_mcg object| image number| google_global_correlator object| GoogleGcLKhOms object| Criteo string| nam object| placementData object| closure_lm_507239 object| owpbjsChunk object| owpbjs object| PWT object| cmTag object| a object| sw_consent object| sas object| apntag object| _ADAGIO object| google_image_requests object| ONFOCUS object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136

91 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CggKBgiiARCbFg
.walla.co.il/ Name: _cb
Value: BaJ0hKBGXbD2du34P
.walla.co.il/ Name: _chartbeat2
Value: .1696855740256.1696855740256.1.C-iF7_DFzNHv87bdx67rP8pDWe3.1
.walla.co.il/ Name: _cb_svref
Value: null
.walla.co.il/ Name: _gcl_au
Value: 1.1.866940080.1696855740
.walla.co.il/ Name: _gid
Value: GA1.3.606652621.1696855740
.walla.co.il/ Name: _gat_UA-4780630-1
Value: 1
.walla.co.il/ Name: _t_tests
Value: eyJYUmRNTnFCN3JXTzNDIjp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJDNGdsbzIiXX0sIjZyWmpvTnVMYmJMb1UiOnsiY2hvc2VuVmFyaWFudCI6IkIiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIjQxbkZ2Il19LCJPcVllZ3ltZk15Wk5yIjp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJCTzMzZkIiXX0sIk9XRXdnYWRoWmEzSkUiOnsiY2hvc2VuVmFyaWFudCI6IkIiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkNKQlhmTyJdfSwiS1hVRlB3OWtiRG41NCI6eyJjaG9zZW5WYXJpYW50IjoiQiIsInNwZWNpZmljTG9jYXRpb24iOlsiQ29ndVd2Il19LCJuWmZGTTJHV0x2cVNvIjp7ImNob3NlblZhcmlhbnQiOiJCIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJEc2t6XzEiXX0sInVlTVhLRDhSaEM5STgiOnsiY2hvc2VuVmFyaWFudCI6IkIiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkNLNzNHWCJdfSwidmJDQmFDUkFtRHdVdSI6eyJjaG9zZW5WYXJpYW50IjoiQSIsInNwZWNpZmljTG9jYXRpb24iOlsiQmNKbldZIl19LCJlV1pVSTIyTzJhN2tGIjp7ImNob3NlblZhcmlhbnQiOiJBIiwic3BlY2lmaWNMb2NhdGlvbiI6WyJEbGR5Q2YiXX0sIjUzMlRxUkJoZ05oWjgiOnsiY2hvc2VuVmFyaWFudCI6IkIiLCJzcGVjaWZpY0xvY2F0aW9uIjpbIkNLbEg0RiJdfSwiOXV4d3NEd0toSkFmOSI6eyJjaG9zZW5WYXJpYW50IjoiQiIsInNwZWNpZmljTG9jYXRpb24iOlsiQk9fV3I0Il19LCJsaWZ0X2V4cCI6Im0ifQ==
www.walla.co.il/ Name: strip_step
Value: 2
.walla.co.il/ Name: _wpnis
Value: 2
.walla.co.il/ Name: _wfsis
Value: https://www.walla.co.il
.doubleclick.net/ Name: IDE
Value: AHWqTUm5O5gg8jKZM5TleTZ1RE656qHWJNJteQWMyOqpTLT72-6_HQE2ebYbGcVX
.walla.co.il/ Name: _ga_TSQY5YTYZ0
Value: GS1.1.1696855741.1.0.1696855741.0.0.0
.walla.co.il/ Name: _ga_RYD7X7E8VN
Value: GS1.1.1696855741.1.0.1696855741.60.0.0
.walla.co.il/ Name: vad-loc-code
Value: de
.walla.co.il/ Name: _ga
Value: GA1.3.1859869165.1696855740
.dxmdp.com/ Name: dmpid
Value: 750a2b4c-00fe-42b2-9a4c-deefe46500a3
.walla.co.il/ Name: __gads
Value: ID=b87cec4a34b635e9:T=1696855741:RT=1696855741:S=ALNI_MbclvPU_51s-bXoJg7ba196jFfh-A
.walla.co.il/ Name: __gpi
Value: UID=00000c931ae61db7:T=1696855741:RT=1696855741:S=ALNI_MZQAKTPkMRyfGx7JWhrflDDIIsyhg
.walla.co.il/ Name: _fbp
Value: fb.2.1696855741977.1187203357
.dxmdp.com/ Name: audids
Value:
www.walla.co.il/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.walla.co.il/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D1325017b-8e75-4532-adc8-7bce57d968e3-tuctc1d7c3d
.rubiconproject.com/ Name: khaos
Value: LNIW3IQ1-Z-2751
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qolYt1rEjW0wl4C1LCtWBX9mfsNIvv6QtosxPxU5qr+6OWJIzdRXWabuOYdOTdJHhkjwJGYVf1/R+BxGCOXoSK1/sl3J0mLRJa+xUA9sgf/4b7FQD2yB//h
.adnxs.com/ Name: icu
Value: ChgIgKNkEAoYASABKAEwvu2PqQY4AUABSAEQvu2PqQYYAA..
.adnxs.com/ Name: uuid2
Value: 102295683559728477
.script.ac/ Name: __cf_bm
Value: LQCxEC2.UMbA4GLdL8eAIEFExHeRHOBn6CZ0MIXMggw-1696855743-0-AbKjWwIugjxNvqjzr2cDu1EuA6Lcn9KNPOcMjNkdvGE3oykGF9e1oiPBizlrrTp78iET67vZ7kceYK6IBvHFYwE=
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 24aacee7-37a4-521a-a588-3004c0abc6bb
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: ZSP2vwALNxiFr8xMlx9wzP2wWL2S0Cl4qKLykg==
.ads.stickyadstv.com/ Name: UID
Value: 5faf2f8c39e7aa43735f5b7def5e7e1
.criteo.com/ Name: uid
Value: 0169fda1-4764-4448-91ab-3ac8a4cd0ae6
.bidswitch.net/ Name: tuuid
Value: 7ec546d4-1c80-4ba7-8cf3-ee4fa20bc9cd
.bidswitch.net/ Name: c
Value: 1696855744
.bidswitch.net/ Name: tuuid_lu
Value: 1696855744
.turn.com/ Name: uid
Value: 3522402999126292583
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-48b4ce40-3445-43a9-bf60-f7d9a1ccc49e-003%22%2C%22nxtrdr%22%3Afalse%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-48b4ce40-3445-43a9-bf60-f7d9a1ccc49e-003%22%7D
.casalemedia.com/ Name: CMID
Value: ZSP2wYm16DuSk1qYHh4kpwAA
.casalemedia.com/ Name: CMPS
Value: 5160
.casalemedia.com/ Name: CMPRO
Value: 5160
.ctnsnet.com/ Name: gid_CAESEPF7ihEQPsSwqkyJbhedw90
Value: 1
.csync.loopme.me/ Name: viewer_token
Value: c6cbd4af-8eaa-4bc8-ba25-8bb21e07e6e5
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 3A1A8BDC-E053-41E4-B009-9C4C11F95A04
.doubleclick.net/ Name: APC
Value: AfxxVi6SBAKqW4jHVRwEXmbDrH9men2yFxXs4bkrNarB7-RWhoEywA
.lijit.com/ Name: ljt_reader
Value: HdQhpGZHjMyiDuTBR8C0C2Ey
.quantserve.com/ Name: mc
Value: 6523f6c1-d31f6-fa12a-a6858
.adform.net/ Name: C
Value: 1
.simpli.fi/ Name: suid
Value: ADE3A19A26A14F01A6DEAAC1D7252C03
.adform.net/ Name: uid
Value: 240629070848000568
.yahoo.com/ Name: A3
Value: d=AQABBMH2I2UCEHQJCvYhhCXesvoHJlzW9PAFEgEBAQFIJWUtZQAAAAAA_eMAAA&S=AQAAAvyDJizzJQbVY49cz1q0it0
.de17a.com/ Name: guid
Value: 1.3223178320348184982
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZSP2wgATQ9eS8QBV
.walla.co.il/ Name: cto_bundle
Value: o9hAnV9uc1BWc2luMWNtQnRJZ0s3akFCTjM3Y3RmeXpLTHR1Zm1BSSUyRnhZWmt6eVZqczgzWkRsc2ZaYVZNeW12Q0VudiUyQlRlazYyRE5DeXR2WERCVHNrZWpCc2ZyTTNubFVDYzd1YyUyQiUyRjBpRFJOaGd0dVBJUEZZM3ZsMW8lMkZlYyUyQnJnOXR0M2tqYjljUlp2aGNtJTJCa3kzN3RTc1VWUSUzRCUzRA
.googleadservices.com/ Name: ar_debug
Value: 1
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 160447:3
.pubmatic.com/ Name: DPSync3
Value: 1698019200%3A245_241_235_201
.pubmatic.com/ Name: SyncRTB3
Value: 1698019200%3A54_71_220_13_56_21_251_8%7C1697414400%3A223%7C1698105600%3A35
.quantserve.com/ Name: d
Value: EOABDgGSKoEO-TA
.weborama.fr/ Name: AFFICHE_W
Value: ecPjSkyukf5597
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZSP2wYm16DuSk1qYHh4kpwAAFCgAAAIB
.creativecdn.com/ Name: u
Value: FdCqo5Pf28t0bQwiUnAo
.creativecdn.com/ Name: ts
Value: 1696855748
.ctnsnet.com/ Name: cid
Value: 7247ba5657ae4f49b8ff8bf797e85402
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-oUwfXPFPTl66HR5e8U8ACfZIHw66GBtXokEBA4Tt&KRTB&19420-oUwfXPFPTl66HR5e8U8ACfZIHw66GBtXokEBA4Tt&KRTB&22979-oUwfXPFPTl66HR5e8U8ACfZIHw66GBtXokEBA4Tt&KRTB&23403-oUwfXPFPTl66HR5e8U8ACfZIHw66GBtXokEBA4Tt
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESECSvEljrhL26Gq2_YdFQBAY&KRTB&23025-CAESECSvEljrhL26Gq2_YdFQBAY&KRTB&23386-CAESECSvEljrhL26Gq2_YdFQBAY
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-240629070848000568&KRTB&23263-240629070848000568&KRTB&23481-240629070848000568
.pubmatic.com/ Name: PugT
Value: 1696855748
.fwmrm.net/ Name: _uid
Value: umv1b41_7289066977536757671
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: umv1b41_7289066977536757671
.ads.stickyadstv.com/ Name: MRM_UID
Value: umv1b41_7289066977536757671
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.liadm.com/ Name: lidid
Value: bec62fdd-4bdc-464d-91e2-d67ff94e305f
.smilewanted.com/ Name: sw_user_params_infos
Value: 8YHAB65xV63n4hvlBXVDfR7GMFIlUluwFp3YXxB8KDIolJlOEIrZDVEe65ADFE93C3ZpNjQOKiPvKIiHlNS%2BAOdndiRlaMT0f92JTNvk3vB7qfACgV9vux32HTRo97anzPdK7OoiG1EviHI2u2nGAzmC9qSacJgw%2B8sxshz4lmlxSv4wuuDCxVSegSTzMK4Ad4OILRJa5uLn8o2g0C%2BMS4gylR1YmgFrM4arCL7Kl1m68Va8PU15Le%2FzQIO9wFtna73hYOIxz0PFQY42vETGpuJi0OAv5co5%2BRq1DweFw69FnpgepTyghVFC%2BZfhiTiz6fOwDOrA9%2BN%2FeGeb3cyv3Qckk%2BMttG6jfE%2FD%2FfZZvFFyGRlfN%2Be8xH8YuqyG5veMtYo0C9tammgbUZqt9HI4ZA3x6AKfwBR8CGy0%2BT8AHYMaVoDTlKPPt80nu4myMoEU%2BpbApUqCMvm2wEWSWufII37HRPACthQAuoQVr4PFydhcg%2F7Rs0Yd0LoNSbsXYte%2FCf8gJRKVLODCbqVxTJPYaA%3D%3D
.audrte.com/ Name: arcki2
Value: a9fFxWTkkEgTw6jRqLH-uV4ag!20220908!1696855748473!ip#81.95.5.36
.audrte.com/ Name: arcki2_pubmatic
Value: 3A1A8BDC-E053-41E4-B009-9C4C11F95A04!20220908!1696855748476
.adnxs.com/ Name: anj
Value: dTM7k!M40<EVNsVF']wIg2HaPLnB@7!A#Eo(<j<dINiYhTyXnfi8FW/6Ul8/_fj2TfQhI)`-qv7Y.J!g42Utjlb!MW(j#iP(Md<0-%'cBB%QGAFsj)pP<MSxQ@?u_UHrB(ZTb5!1BJlZfq]CG0Eloi:o.:]*g0D(kA@1o
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiIwZjFkMTE1YjFhN2NlOWUyZDU1YWRkMWUxYzc4MDRhNyIsImV4cGlyZXMiOiIyMDI0LTAxLTA3VDEyOjQ5OjA4WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTEwLTA5VDEyOjQ5OjA4WiJ9
.amazon-adsystem.com/ Name: ad-id
Value: AyYnlhU1EUifk_4y93gWKAk
.audrte.com/ Name: arcki2_ddp2
Value: a9fFxWTkkEgTw6jRqLH-uV4ag!20220908!1696855748601
.audrte.com/ Name: arcki2_adform
Value: 240629070848000568!20220908!1696855748727
.rezync.com/ Name: zync-uuid
Value: ade059d1-75a9-4683-b160-50f10c785b1f:1696855748.7155998
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XIsQ2AMAwEwAmoMoeRLfL2m20SQgaipGRSSkR5d5Vo41TkMAm0lOrcpJurQKfpEUS3uZunE4jKNQzI5F2WL5l8_s4Xsyxbb1oAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2srCwNDE0NjE1NBXiM9Q1rErMNnRPdjROMs4AAD5zVH8lAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2srCwNDE0NjE1NBXiM9Q1rErMNnRPdjROMs4AAD5zVH8lAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAIAwEwI_txMmNXHKxGxAphMrZ3Vf2-TtrwpK9rIUeGwg3-oJ_KQ6sF1EhMpvuBFmlAw-h1Yw6AAAA
live.rezync.com/ Name: sd-session-id
Value: .eJwNylEOgyAMANC79FsWChRaLmNUakI22SLuZ8a7z8-XvBPGj-7b1LQdkI_9qwMsr3qrQz6h19-mT8hA6IJ3zjtmCegDIcE1QNfe67uNtdxnKmpJCppEk5gQ2ZsZozVkV7RLYppxzRglMlEK_EhIJMJw_QGjmCVP.ZSP2xQ.f7y5ZkGVKX_4O6AHieyg92KYdU4
.pubmatic.com/ Name: SPugT
Value: 1696855748

5 Console Messages

Source Level URL
Text
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3A1A8BDC-E053-41E4-B009-9C4C11F95A04&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=ade059d1-75a9-4683-b160-50f10c785b1f%3A1696855748.7155998&_=1696855748.7184358
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript error URL: https://www.walla.co.il/
Message:
Access to fetch at 'https://tr.dxmcdn.com/rest/api/v1/survey-executed' from origin 'https://www.walla.co.il' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://tr.dxmcdn.com/rest/api/v1/survey-executed
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/2/9/7/9/2979578-46.jpg
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12890047.adoric-om.com
1f2e7.v.fwmrm.net
a.audrte.com
a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
ads.stickyadstv.com
am-trc-events.taboola.com
amg01742-walla-wallanews-ono-btlna.amagi.tv
ap.lijit.com
app.adoric-om.com
bh.contextweb.com
bidder.criteo.com
bs.yandex.ru
c1.adform.net
cadmus.script.ac
cdn-uw2-prod.tsv2.amagi.tv
cdn.indexww.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.valuad.cloud
cds.taboola.com
cf.dxmcdn.com
cm.adform.net
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cr.frontend.weborama.fr
creativecdn.com
csi.gstatic.com
csync.loopme.me
csync.smilewanted.com
d5p.de17a.com
d9dab4a5577a3832152e4182a91a4abe.safeframe.googlesyndication.com
dal.walla.co.il
dclk-match.dotomi.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
event.dxmdp.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hb-dot-valuad.appspot.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
i.liadm.com
ib.adnxs.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
images.taboola.com
images.wcdn.co.il
imasdk.googleapis.com
js-sec.indexww.com
live.rezync.com
loada.exelator.com
mab.chartbeat.com
mabping.chartbeat.net
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pixelgroup-d.openx.net
platform.twitter.com
pm-widget.taboola.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.smilewanted.com
prg.smartadserver.com
pro.ip-api.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
region1.analytics.google.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
s0.2mdn.net
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssc-cms.33across.com
ssc.33across.com
ssp-sync.criteo.com
ssum-sec.casalemedia.com
static.adoric.com
static.chartbeat.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.richaudience.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
syndication.twitter.com
tags.dxmdp.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.dxmcdn.com
trc-events.taboola.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
vidstat.taboola.com
walla.co.il
web-sdk.smartlook.com
web.hb.ad.cpe.dotomi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.walla.co.il
x.bidswitch.net
tr.dxmcdn.com
104.18.25.18
104.18.26.193
104.18.27.193
104.22.69.131
104.244.42.136
13.224.189.38
13.32.27.113
13.32.27.118
13.32.27.57
141.226.224.32
141.226.228.48
141.94.171.214
142.250.186.162
151.101.193.44
151.101.66.49
162.55.236.224
178.250.1.9
178.250.7.13
18.185.192.135
18.192.43.30
18.66.147.111
185.184.8.90
185.255.84.151
185.64.189.112
185.64.191.210
185.86.138.124
185.86.139.103
185.89.210.46
188.42.191.196
193.0.160.131
198.47.127.19
198.47.127.20
2.16.241.18
2.16.97.41
2001:4860:4802:32::36
205.185.216.42
208.93.169.131
213.155.156.185
216.239.32.21
216.52.2.91
216.58.212.130
216.58.212.162
23.21.139.150
23.32.184.192
23.35.236.188
2600:9000:2057:3600:18:1fcd:353:c61
2600:9000:211e:5c00:1a:1d58:31c0:93a1
2600:9000:2240:4400:11:da61:a100:93a1
2602:803:c003:200::45
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:1857
2606:4700:20::681a:9a9
2606:4700::6810:5714
2606:4700::6812:1791
2606:4700::6812:372
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:800::2003
2a00:1450:4001:800::2006
2a00:1450:4001:806::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:810::2014
2a00:1450:4001:811::2003
2a00:1450:4001:813::2001
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c00::5e
2a00:1450:400c:c07::9a
2a02:2638:3::6
2a02:2638:3::c
2a02:2638:d::2
2a02:2638:d::a
2a02:6b8::90
2a02:6ea0:c700::17
2a02:fa8:8806:12::1400
2a02:fa8:8806:13::1460
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:200::714
2a05:d018:d29:3602:18d0:4fce:99a6:af2f
2a06:98c1:3120::3
2a06:98c1:3121::3
3.127.138.223
3.69.181.182
3.75.62.37
34.111.129.221
34.111.131.239
34.111.199.139
34.120.218.58
34.149.20.76
34.160.198.118
34.95.69.49
34.98.64.218
35.157.211.238
35.186.193.173
35.186.253.211
35.204.74.118
35.214.129.161
35.244.174.68
35.71.131.137
37.157.6.243
37.252.173.215
44.205.93.51
46.228.164.11
46.228.174.117
51.77.64.70
51.89.9.254
52.46.128.147
52.5.118.137
52.50.109.207
52.6.76.142
52.94.223.167
54.211.118.49
54.217.255.105
54.72.191.61
54.78.254.47
67.202.105.24
69.173.144.139
76.223.111.18
77.243.51.122
8.2.110.114
85.114.159.118
95.101.149.233
95.101.149.35
98.98.134.242
99.86.4.37
00f0ca5978af7f577f3bb245b52f5b98546fca77cbf7b2b42838fddc2b53cd59
02b9a34773ec700d23a92657536ca41b37bdd6012f2604ed935ebc25b5cbccd0
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0a84ac483ad8a095286f649c7e4d654c3d08fb52e49cf601fb393919ca71f5ff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0d064a29640bfd997ce38d1861ebcd5c6ebe721972e5c0030a7cbb297b162c29
1256979ccdf90db5278202b6df7472bc0ace9c2ec097f903f3077000dc93ea02
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
134e8c304f3fa0a6bb741b085624f496d9d697da80836f8b9ed65c412a2f8efb
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1725cffde4f68a25fb09c871457575634b14513cd8a364145974e8897afe233c
17fc159664a481670c9f5ca2f4650c2e7f7369aad81910ae3d89ddef3631666f
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1aad1ba2fbd5bbadf1f95f9655c4ae102c95fd6572104d78b5ddf51b8ee3a597
1c4dcf3b62662f4aa2a585956c0a77eb845c6bb99dbc5d71263f742286d79c18
1c90f4fa10a90d240c6dcd2d798e6c528ae91f104d232870fb6f1453967a7066
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
229e400458da09038771f0974640be7bc3fb91571e41b8c0af3f323d89bfc3a9
22fd80ae74a5c7d5284c7c4bc45173e8d25cac9039a1de6c4375e265666ad77f
23382b9534161712a2dee8f93216a483bb32997e1ecb9ca3dbab7079553cc75d
23e2409494818d5a7bbcf232f0818db8599da2d9c3c1856572f95ffc7b4b1d2e
2475efef46b7613b6b5091754d56b3260ac77a17197fbe545a4fcb3a2a0fba0e
261811deab7f71d8e1e8c54e7a7ca0183f4750fbf30d6064ca49cc561b1904be
26318d88d486abac38f9e0d2051f727b555d5b339368f135349e6f4e2f594c7b
26f431af7024210d31fca970d3ee633c8beab47d56e4a0fb17d832e0615c9cab
2813c0a3f00a8267102a747c6b27144547f554641850a3aeef02879ab83b5c6e
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b80e7ccf19c1d6e809fa9c550c7a948fdd9591a4d0fde880dc95f35f23d5d08
2bffee38e24dd95aa44e2b6dd53b5fa3e3ee5a537d356e17368555f513539fed
2d86cc573c7a00d81cce15384441babc5e61f895ab1cd96812b86989ce1c8873
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f9dacf0a2ff7b38244d273910d5bdbf00048ec13daa199ebb7ce53d56315007
301bf90c72cd880946376981a30c087ebfdb02bf1a96780e311b7c48a0ed03a2
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
371098e3d88da8afca83eacff757f9fe936b8277b4d84f7e07504ec19b70a95b
3830d364bd7e1323e0c98acb5c9849d90670822dbb77a5588c61d4baed17ac08
38bebece8366505f40a87e83e0746ff5746f1c352c95a66fa9f95ac3ec71db7e
38df94ec98f3e97f36a6a80b2e58776f9053ffecf8b140f68e83f3f748918063
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dfcf027cca62240f42b3725b7a0010763ac3203519bc12a0db9cb36f4a89de8
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40083197f6c3fad2ef5d99095c72f3a60072e92bdfcd920dd91299f3679027b7
40938ff6e6b641eab9e5691988d4d870a97680dadd628ac5e07c30066218797b
415b2a97d20f24e296c99cf21681bb3150eb36dc55f438e255c05126723050d8
43a7eeb1b1c628406be8c1f4d7abbb6a326284b489115bb2e07d0425a362a99b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4449cdc719bb24acb48af09de341dc48cf9ef811f14a2c8855526fa3bf3bcb44
454a7af46dc6cd54bc0cc67368ee00f06be6a8324fa2de7d43cecd4a8afa7ba5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c0c57a2ff350ffc914dc5b5724d8f7df76a8345fd089398d353a0b6979a149
4ab4b55c7eb822be8b29202439c3ab043da8e1e82e6eb3ed929e92fd46931ccf
4ad4ea14298dd60b6bf1481bd42fad48dc018c78c2547823d3fcb7e73555f954
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c3fe6dff461732e9b4c89a81ec3df9f80bde820f4a24f58afc45406b1a4a655
4c468db15d8fe102a7ad9df8328342478d16a43b1f8e85ca9fb83ae36f535dad
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fcbd9b339d1bc8b72c3d698a6c4bb856516c41b52a3be330313cb6a51be99df
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5065bc418cee9a1f1841747f1715792a75f298cb394929741870519a1697a78e
50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
5123513035c30f44e20d93f8bc9fda7ba74ec7c315add4883b5aa3ccd220503b
51f3359dfda7f7e3bb7ca5440eba096f6b170c38da65853d53fc56bdd65f396a
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5
53dfbcd0f8210d6934618a336f5e00049f4595f7dba0743f8477a3804dea5ce6
5472eea2427b39c06a2f4f89c9d78d4f4d8b7fcd0d1cdb9e9b38a09e6703dc92
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e1bb5ac96493124163d21acdc1a9e620d826d6654f94a9fab30cd8a648c0b3
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd
57137b03b3a9f62b57ef6bd7c6d0624142aed707cdfa0ac01e77a19e653b7bc0
57b29ec6f2a022e39a851846bcd096861fa98ab8ee4f07ced17554ef84568425
591baf010115e00d276211c893b9814efb01a67cebfb08bb58540e0c6bf52ebf
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a
5a95d0861fc3b1f3c39e7bc7cd83f6d83e57376d9596ae5a0b070ae1965cec16
5ac127188e6475f95cf602b5aeacfaf667081820adc57b78e9d46b9cb9149776
5d0577359952b714e119cc1aa6e318656f7d7c642adb87cc84ff00e87c949dde
5d2840fc0bf868ec7e60c9e2f14a0f623b865ee0a7f8459fbfb25881709f7838
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086
5f1a782224ffa91d993bfd2833b9187414fe2c0acc508f3259b2432bb78d195e
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
62e8dfa5a5c097491130bc38964c77a5b98dc71aa04929163676db756cca4097
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
636fa83efec532ea5b901c05157edc09d1b51c0a281cfbcb231423c5ab19e1ff
650ae8f7c90ede05991a1fab60aaf04c8f04d82f9470c1b37f9e46af27793002
66121d68eddb3357644f5ab01e376a5c330f5b8eb7698b915f657d01397fa5b5
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6c2f7cd0b4874a74f3848a6be48daac6486942b163bf3a0accbef3b65c4b8ab5
6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd
6cf347395f2adc7bbe97b062140bcfa0ae98c25d7fc2dc4bb8d32bef162a3452
6dba6e329dfb9cefab40d65bd87209b0f98f585e82f455bff4ffb75e99573a23
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
7391fb91118d48d2079a6c90710ec9d61d8047bc70ac666b5fdf8b0f7ff44534
742f69d5a3dc576df86c9845acf047bcd745d266f40900c95706badecfafe2e3
744955188c8bf50c64bb2d9095eec5fe3df45dad12b40c7444ef86d94218fd4d
7455f093e10ad855982456bdd10cfcd51d0cff859356cec3ffb5c9317b8294ae
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
781492fe72ae0b0a0f15647d57d43309ec8aa99145ed208106a4943ff105e5d8
782d0736ef185ea212091405c65374f1208ddc1fd62f7291b9efc1aecd444b4a
790639da95dbf7cec2a99aa03d9fd9ddeda2c2f5e4769b71f1bd015472266c9b
79e4e27e77cde7c4d1f68c5ede06875086d9b995af24b12a22a9eb2cdb406fcc
7a823f78e2ccada94c08c84c3e909ffbb1b2b7b12ed93cab8d62e372097f97c5
801d6ff0dd3191cc7e44d8060ed2336706e8301bf4478df935f1ef87a82c11de
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83838167ee7428fb56e2b7d15e9ee4f6f8075841a875e426646522043848eacb
848d870cb178bcc65bf826a05e1086d21d9d42f8930bee1b076e2c1f26d26b60
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852f7332594ca646bd9e2395cfdc7b2ad90aad3dff7d4fbc13180ab8560f8fd6
873a30a6ac806b1aa9099549a8164ea25633cde6884d7a8cddea910c92d461e7
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
8a586c2fc381aff16e0a97127c11587201cc6fec7e3c7cf1b12b541e29ccfd95
8b88789866707cc2a66343215919e4ecdcc01fbee1d6e8e79a95f9401775d11e
8b976b4e0138f7b918382760a95c63f0f6cb058ddfa7ab8e3dfcd70bb6caf33c
8bbe9554acdc9fc122c3aad62ead41c1a503320adc8b145e67b1f37de5740db8
8cce178d2af1945d796fb0f59a956e2d51086ed8d5dd8152efc951c05ecf1f6b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ef2e4b14f9970a0f7951a3938bb6e73348d1f4b23fe7bb6573a0917cce75b9c
92264c925f0b6212d5009dd403ab653ee0b31cd697d0900d68bbbdd266e5ecc1
9321434a2cc9d78ee0a6cd3cddea2d83e239c28ff76a02c36b9b7e9a2e8ee09a
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94a5c243f2cc1837a4367a5561cc0fcf4a84cbf19ca49cf00583a0c015c8dcdb
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
967be818fa6a98d2fb65c23d2dd18e5a7ae174b0c878cb2b78b27e2c6dcf677d
969b284ff7a34f9a834506d2ba14344ff96d016be460e027a0474fc89adb3ba7
96d72b285136f08d1566b81a25e30d474d27225a4589d101f12a9640a938b178
9792e2a0d3d94a3cc858a6aa1a097f3959f0f1dd663ab47535c23630dd13d531
98fa96669f1c1e20102e4101636ed3b684bad2766a69eab9195a191815bc65d3
99357389be347481ea6b9b77d94643ffc97cbf51c4be1b801b635496c70e9927
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab1e5ef8baed1d906b9e8ea4126ad958556881a46150cd6712ad5ebc40f4e46
9c1e1ebe0653101ab71f18e0bb7c914ba2f850c71618d76214da492ecc0f5a01
9c304344eff955b3da1e3ab3ffc88dea0fe128903e53895978136eb4f431abfb
9d4e281396b31c49f11066c0b5b6b4df80952f7d9cbe8debd41777e06ddab070
9e3035b7f5b0074bf8401e498b2160a29e3f13741f03e537ad98e9a1836a701f
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3b23c1b85f6e4a797e4a6098cb721285753bd1e6105a341d70d86755d147855
a5289a98c8c4bffd882eb2137df9dd31ae80c12cd20e42c60dc62ff083649b3a
a6f3a6f02c6f855a32890b10af7a3287a502f9a3836caf846df7fa14220358d7
a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336
a97cc502f748b97196cdb2e6c0431c5763654ea22d4fa44e18ceccd8a4c3785b
aa13c715a970ff152c581c582d0d11959260c439601eef5aca942f3b8b79ae9a
aba40d0a8b9ed406a9836f4e0427edb20fda3ab6c21619e1dfb9aa38bc1ad009
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae8c3482d11bec7eff58f62a7e2e9cc39deeba854336ea0e9df67d98ec9776ab
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af4fac3d8408e8b646d05f939bed809992f07bcb71a8c14a7239dfe58b47cd01
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b194ec6f02131053688eee2371fecd9165f8687b55e60a850b357f5cbb30fe24
b3c6e9b093e1de11e5aedf3eff96d11e3378419ca3fc1b997241f151618597a7
b3eac0550b379114427c1361eccd17319ca02132838d4f93b2d39666c2ba53a4
b5ca9cec8340f336f587f036283e462be274c08eec33a2269b9064b3ce0572cb
b68a8388bd08958e9820044b7202f54a4679029d7a88d99bdb9103a079afcfb2
b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817
b94a77fa0aa100733aaea38ce611cc70fd81ebf17c1727a8511cb2bde47e2106
b9fb86c0a40a010a70dc6dbff1129c6533b94c26282d6cb7e152a8af1f5ac166
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bc62f36db70e76bc7ba37ebff9db8a7f7204b6e8f4e288b0ea78dd6443844aae
bd769d1da98da1a60dc08258b017b34d6962b92ec431b17df51c69fbfb2c6abf
bdca4c018fb20efa8d1364cf4717d574dbb3833af43e68e4d09c328fbfdc88f4
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1
bfec703c3a10336a555bc793ed9f23b4c7d41a111b77a3b558d4d88d8188c0f2
c1ca35767d8b55c2c379ab6905bc382eac962b058b6d8753aecec75e145e17a2
c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c66aad39e5f74c6a167e2f744160835509283484fab456f0c6aca222ac0ab515
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
caef7ab77d76d0854cf0c1c2186b08ecdaccdbd1111fe4a1f891382138afc913
cb83104a5fa0331abe1dc6736659956bae6a6e16dc5927a381a1de3f7ad98a22
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cdbb9a4db5a7b025285ab368659b8023ae3bf0ab7b5606c7c846ffd4f2266aaa
ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8
ce57fe647f5402397fbf1bf49c69b573760d708ca99deb82464a4638736a221f
ce938204a8843c5524466f1c76831f9266f54ede2fbaf1d703374f50a45a4a18
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d23efe46ad3a605a1c4bfb6a2f62e07c792780d15e187f533c661038ac64b747
d4427ce2eb03437999fb0e842ace02ac027a688ada5915f03766a9f0b2461261
d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790
d685d349bc446d06cf68755fd4dbd95bb51f8913ad08cea281e371aa1fc284eb
d6dd9835e93ed8a65823c54f125f74962cf3640fb1422f0592c4d77af8e44af4
d7e2fbc7de982f503e7260215071ba4137098ac7f2c32655a1ea59e9dec18089
d914e564ecf0f0620ab21ce0365beb2901287fa5802d69f3f0fb5cfae2a8bad7
d9424633cf5a3fdbc122c8c300f196d1fdc57bb0459979f5f4abd9cf404716b5
da8356ea10c3ccaa5f0c89a0acfab206a79856452f5d67b22a088d90248d3877
dd5322d2a8576e402dd580efbf61ce9c007e786315b76393d740e64b3476e6dd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9a2f99188a52b158254c0c7de8f7540560725e74b0342f2329101c00897b28
df9a74ba55b4b89b027a8123540004258e9b4396f1bd73e258af6adfac037750
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e18ad703c8c2986a185ea56c44ca07a8832c1f696a29c6f2038cdd800783b568
e2b1353ec42c26a50c5f47ee2bacdc5cb8a964fb8ce6ab58c8da0d9eadf65570
e2bcacb9cb98bb24cffe93b912444a08931eb9e8ad25f7d7e51b1ca5402e974c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3dd4a2f40ed2243817ff8db8ab4d903df30999ad0862211e56f5d5345968eff
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ee7fafc2f935351d7d3693ca55f003d7cdfb39c0117defeacb43c06f44ce9b36
eef95c8826b63efba50492368a5d4d78ad91bf066de9de155e01956f5e50e40e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa66a94ef7122cf393e6b61e74ece6d790517eb7d901cc7a9a36aaebd16b076
f20aa3c1f32442a08428b3f922e78848c790294e3acb607322a235c1ad7fc9c6
f303b62315db68bdc95bac54c8e716a8dbb011122c3018fd70dde1fc0317b875
f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f687e3e0750df10cec91d55f97dd986a1d7d323fad0c877c609d90c305739c99
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb8638ba91a9476d05b8511457caf07926a7bd70d89917f7247ddecab875bba9
fba71319cb9a4f555589e26d093cb281d93c153d27e028f5c24bc3c0ebc36adc
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382
fd60f874f2b0b8658341f377e8e97d7d06b1a0b20a497c505fcb6bb6eb87831f
fdb3a5f6e3182c980503f12c3b7d7a6cbbf899db34df26816ac905acb58f7cdb
ff39b05a330da9795c207ed8e7e3f746055ceded893d8e429a5ac6d98de0ebb1