urlscan.io logo urlscan.io
SecurityTrails logo

www.walla.co.il Open in urlscan Pro
108.157.4.94  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.walla.co.il//
Effective URL: https://www.walla.co.il//
Submission: On May 27 via api from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 67 IPs in 12 countries across 52 domains to perform 276 HTTP transactions. The main IP is 108.157.4.94, located in United States and belongs to AMAZON-02, US. The main domain is www.walla.co.il. The Cisco Umbrella rank of the primary domain is 158315.
TLS certificate: Issued by Amazon on April 27th 2022. Valid for: a year.
This is the only time www.walla.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 108.157.4.94 16509 (AMAZON-02)
1 205.185.216.42 20446 (STACKPATH...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
2 23.35.237.86 16625 (AKAMAI-AS)
5 172.217.23.98 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.184.226 15169 (GOOGLE)
3 2a03:2880:f02... 32934 (FACEBOOK)
1 104.19.150.54 13335 (CLOUDFLAR...)
1 2600:9000:20e... 16509 (AMAZON-02)
1 23.35.229.181 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
4 52.211.40.189 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f12... 32934 (FACEBOOK)
3 2.20.157.2 16625 (AKAMAI-AS)
4 104.22.68.131 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.29.205.29 16509 (AMAZON-02)
2 6 37.252.173.215 29990 (ASN-APPNEX)
1 185.255.84.150 200271 (IGUANE-)
2 51.89.9.254 16276 (OVH)
1 178.250.2.131 44788 (ASN-CRITE...)
6 35.244.159.8 15169 (GOOGLE)
1 147.75.38.124 54825 (PACKET)
2 213.227.153.220 60781 (LEASEWEB-...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 151.101.14.132 54113 (FASTLY)
16 2a00:1450:400... 15169 (GOOGLE)
1 64.202.112.31 23352 (SERVERCEN...)
3 2a00:1450:400... 15169 (GOOGLE)
10 22 142.250.186.66 15169 (GOOGLE)
4 6 23.35.236.247 16625 (AKAMAI-AS)
53 2a00:1450:400... 15169 (GOOGLE)
2 2 3.123.250.203 16509 (AMAZON-02)
3 3 103.229.206.240 30419 (MEDIAMATH...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 52.210.88.151 16509 (AMAZON-02)
2 2 213.19.147.44 3356 (LEVEL3)
1 185.86.137.122 201081 (SMARTADSE...)
6 142.250.74.194 15169 (GOOGLE)
4 104.89.28.165 16625 (AKAMAI-AS)
1 2 54.246.237.93 16509 (AMAZON-02)
2 3 169.50.137.182 36351 (SOFTLAYER)
4 3.33.220.150 16509 (AMAZON-02)
2 66.155.71.149 13768 (COGECO-PEER1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:21f... 16509 (AMAZON-02)
8 2600:1f13:800... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
3 178.250.2.146 44788 (ASN-CRITE...)
1 2.20.156.240 16625 (AKAMAI-AS)
1 13.248.245.213 16509 (AMAZON-02)
1 185.64.190.78 62713 (AS-PUBMATIC)
3 4 37.157.4.23 198622 (ADFORM)
2 2 213.155.156.164 1299 (TWELVE99 ...)
5 185.64.189.110 62713 (AS-PUBMATIC)
3 104.36.113.107 62713 (AS-PUBMATIC)
1 1 178.250.0.163 44788 (ASN-CRITE...)
2 185.64.190.81 62713 (AS-PUBMATIC)
1 1 51.210.112.63 16276 (OVH)
1 1 2620:116:800d... 16509 (AMAZON-02)
276 67
17    108.157.4.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-94.dus51.r.cloudfront.net
www.walla.co.il
1    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.valuad.cloud
2    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:20eb:6c00:11:da61:a100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.dxmcdn.com
2    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
5    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googleadservices.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    2600:9000:20eb:e00:4:1c73:c740:21 (United States)

ASN16509 (AMAZON-02, US)
d2r08ja41ypc0t.cloudfront.net
1    23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
4    2a00:1450:4001:82f::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
hb-dot-valuad.appspot.com
8    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
4    52.211.40.189 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-40-189.eu-west-1.compute.amazonaws.com
khn.crowdad.io
1    2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2.20.157.2 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-2.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
prebid.smilewanted.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    52.29.205.29 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-205-29.eu-central-1.compute.amazonaws.com
tlx.3lift.com
6    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
2    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
6    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
1    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    213.227.153.220 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce13.ams-01.nl.leaseweb.net
b1h-euc1.zemanta.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
27    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
2    151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
16    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    64.202.112.31 (Harrodsburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
mcdp-nydc1.outbrain.com
3    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
22    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
6    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
53    2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    3.123.250.203 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-250-203.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    103.229.206.240 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    85.114.159.118 (Sankt Georgen im Schwarzwald, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    52.210.88.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-88-151.eu-west-1.compute.amazonaws.com
match.360yield.com
2    213.19.147.44 (Utrecht, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
1    185.86.137.122 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
6    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
googleads4.g.doubleclick.net
4    104.89.28.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-28-165.deploy.static.akamaitechnologies.com
sync.teads.tv
2    54.246.237.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-237-93.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
3    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
4    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2600:9000:21f3:b400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
8    2600:1f13:800:7782:859c:b9f:89d9:fa61 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2.20.156.240 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-156-240.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.164 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com
d5p.de17a.com
5    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
3    104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-3.cloudy.ovh
pixel.onaudience.com
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
Apex Domain
Subdomains		 Transfer
53 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 242
2 MB
47 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
252 KB
41 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 173
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
cm.g.doubleclick.net — Cisco Umbrella Rank: 191
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 271
281 KB
17 walla.co.il
www.walla.co.il — Cisco Umbrella Rank: 158315
681 KB
15 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 413
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 416
image6.pubmatic.com — Cisco Umbrella Rank: 564
image2.pubmatic.com — Cisco Umbrella Rank: 819
simage2.pubmatic.com — Cisco Umbrella Rank: 566
image4.pubmatic.com — Cisco Umbrella Rank: 784
simage4.pubmatic.com — Cisco Umbrella Rank: 1054
108 KB
13 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 738
static.adsafeprotected.com — Cisco Umbrella Rank: 548
dt.adsafeprotected.com — Cisco Umbrella Rank: 482
97 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 730
gum.criteo.com — Cisco Umbrella Rank: 358
mug.criteo.com — Cisco Umbrella Rank: 2958
dis.criteo.com — Cisco Umbrella Rank: 679
10 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 70
2 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 214
acdn.adnxs.com — Cisco Umbrella Rank: 550
28 KB
6 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 518
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 494
5 KB
6 openx.net
u.openx.net — Cisco Umbrella Rank: 699
us-u.openx.net — Cisco Umbrella Rank: 348
887 B
5 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1257
widget-pixels.outbrain.com — Cisco Umbrella Rank: 2649
odb.outbrain.com — Cisco Umbrella Rank: 1404
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 4827
87 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 539
2 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
1 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 918
688 B
4 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 3720
prebid.smilewanted.com — Cisco Umbrella Rank: 6133
387 B
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
657 B
4 google.de
www.google.de — Cisco Umbrella Rank: 6117
adservice.google.de — Cisco Umbrella Rank: 8526
2 KB
4 crowdad.io
khn.crowdad.io — Cisco Umbrella Rank: 109898
209 B
4 appspot.com
hb-dot-valuad.appspot.com — Cisco Umbrella Rank: 82761
122 B
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 758
2 KB
3 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 409
2 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 163
126 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1742
mp.4dex.io — Cisco Umbrella Rank: 2245
24 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 144
201 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4853
637 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 578
56 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 91
53 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 277
92 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 556
382 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 499
1 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 3818
789 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 802
2 KB
2 zemanta.com
b1h-euc1.zemanta.com — Cisco Umbrella Rank: 30471
296 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 741
362 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 533
eb2.3lift.com — Cisco Umbrella Rank: 372
647 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
136 KB
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 412
539 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2969
419 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 206
34 KB
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1156
75 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1476
584 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1087
444 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4424
885 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 419
2 KB
1 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 3983
464 B
1 cloudfront.net
d2r08ja41ypc0t.cloudfront.net
5 KB
1 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2232
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 114
17 KB
1 dxmcdn.com
cf.dxmcdn.com — Cisco Umbrella Rank: 78037
2 KB
1 valuad.cloud
cdn.valuad.cloud — Cisco Umbrella Rank: 108587
253 KB
276 52
Domain Requested by
53 s0.2mdn.net www.walla.co.il
s0.2mdn.net
27 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
www.googletagservices.com
22 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
17 www.walla.co.il www.walla.co.il
16 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
s0.2mdn.net
8 dt.adsafeprotected.com
7 googleads.g.doubleclick.net www.googleadservices.com
48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
www.walla.co.il
6 googleads4.g.doubleclick.net www.walla.co.il
6 ib.adnxs.com 2 redirects cdn.valuad.cloud
googleads.g.doubleclick.net
acdn.adnxs.com
6 www.google.com www.walla.co.il
tpc.googlesyndication.com
48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
5 image2.pubmatic.com ads.pubmatic.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 securepubads.g.doubleclick.net www.walla.co.il
securepubads.g.doubleclick.net
4 c1.adform.net 3 redirects ads.pubmatic.com
4 gum.criteo.com 2 redirects static.criteo.net
4 match.adsrvr.org 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
ads.pubmatic.com
4 sync.teads.tv googleads.g.doubleclick.net
4 us-u.openx.net googleads.g.doubleclick.net
4 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.facebook.com www.walla.co.il
4 khn.crowdad.io d2r08ja41ypc0t.cloudfront.net
4 hb-dot-valuad.appspot.com cdn.valuad.cloud
3 simage2.pubmatic.com ads.pubmatic.com
3 mug.criteo.com
3 static.adsafeprotected.com fw.adsafeprotected.com
48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 sync.mathtag.com 3 redirects
3 www.googletagservices.com 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
3 ads.pubmatic.com cdn.valuad.cloud
ads.pubmatic.com
3 connect.facebook.net www.walla.co.il
connect.facebook.net
2 d5p.de17a.com 2 redirects
2 static.criteo.net cdn.valuad.cloud
static.criteo.net
2 www.youtube.com s0.2mdn.net
www.youtube.com
2 ajax.googleapis.com s0.2mdn.net
2 pixel-sync.sitescout.com 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
2 fw.adsafeprotected.com 1 redirects www.walla.co.il
2 sync.1rx.io 2 redirects
2 match.360yield.com 2 redirects
2 pm.w55c.net 2 redirects
2 odb.outbrain.com widgets.outbrain.com
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 b1h-euc1.zemanta.com cdn.valuad.cloud
2 u.openx.net cdn.valuad.cloud
2 prebid.smilewanted.com cdn.valuad.cloud
2 onetag-sys.com cdn.valuad.cloud
2 script.4dex.io cdn.valuad.cloud
script.4dex.io
2 csync.smilewanted.com cdn.valuad.cloud
2 www.google.de www.walla.co.il
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.walla.co.il
1 simage4.pubmatic.com ads.pubmatic.com
1 pixel.quantserve.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dis.criteo.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 eb2.3lift.com cdn.valuad.cloud
1 acdn.adnxs.com cdn.valuad.cloud
1 cdnjs.cloudflare.com s0.2mdn.net
1 ssbsync.smartadserver.com 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
1 ssum-sec.casalemedia.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 mcdp-nydc1.outbrain.com widgets.outbrain.com
1 mp.4dex.io cdn.valuad.cloud
1 hbopenbid.pubmatic.com cdn.valuad.cloud
1 prebid.a-mo.net cdn.valuad.cloud
1 bidder.criteo.com cdn.valuad.cloud
1 hb-api.omnitagjs.com cdn.valuad.cloud
1 tlx.3lift.com cdn.valuad.cloud
1 cdn.jsdelivr.net cdn.valuad.cloud
1 stats.g.doubleclick.net www.google-analytics.com
1 widget-pixels.outbrain.com www.walla.co.il
1 tcheck.outbrainimg.com widgets.outbrain.com
1 d2r08ja41ypc0t.cloudfront.net cf.dxmcdn.com
1 cdn.permutive.com cf.dxmcdn.com
1 www.googleadservices.com www.googletagmanager.com
1 widgets.outbrain.com www.walla.co.il
1 cf.dxmcdn.com www.walla.co.il
1 cdn.valuad.cloud www.walla.co.il
276 80
Subject Issuer Validity Valid
*.walla.co.il
Amazon		 2022-04-27 -
2023-05-25		 a year crt.sh
valuad.cloud
E1		 2022-05-03 -
2022-08-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
cf.dxmcdn.com
Amazon		 2022-04-26 -
2023-05-25		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-03-05 -
2022-06-03		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2022-02-26 -
2023-02-25		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
crowdad.io
Amazon		 2021-10-28 -
2022-11-26		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-18 -
2022-07-17		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.a-mo.net
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-29 -
2022-08-29		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
teads.tv
R3		 2022-03-23 -
2022-06-21		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-11-19 -
2022-12-18		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh

This page contains 34 frames:

Primary Page: https://www.walla.co.il//
Frame ID: EE3B774CB67528A731D0EDD78F79B5BD
Requests: 80 HTTP requests in this frame

Frame: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 39C8D40E5FB96C6CF0E6BEF68E890C33
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7AD39DA296566547E0DCE3D20FC9EFC9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7A5764B74E9DA62CBA9CA07D4988E095
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0A850B03E2C763C5079A772A8B6AB467
Requests: 1 HTTP requests in this frame

Frame: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FE4C9C43988AC4D0F07CF5FC0AC89EEF
Requests: 15 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8764BF0D32C884BDC73C0E507B112F5C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNXWyDrC2xcNm9EDmWWBcYkQDWX53hPAZ8pirRFReu-Cw6G7hauBq_ZqTCVBksBXAcy7ot7yNOh4ISb6kajvYD-MX9tTVy_DvkZVC3_tqssJNTm3Jbq9Sm44ISvel9aRw9zlXbrBc3mNdL7B0_RhyWqhB2utyycoS9tNLmg7-XQL1RUQkbA
Frame ID: B6803369C872FE45E190CC55514073F0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 53CE644D34315F57FEB9F12CE678DE02
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0BE95C754A5CA5E5CE40DED1905FBAD1
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/index.html
Frame ID: 1E217040E690BCAC1440960DFC0143E3
Requests: 11 HTTP requests in this frame

Frame: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 742FEDB2A1E909ED61F65DBA9F385EE4
Requests: 15 HTTP requests in this frame

Frame: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 400257F18ED17FF4E7479B438BD51357
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIYrLuLCzAB&v=APEucNUn2ny6s9pchurGS2_Yv7YTt5TKaYt6UTv_q3_Sn4THZFQFJY16CA57R8BAdpgym3GmnM8BA1HbjiCMFzRO3nK-nRuJNh35AiGkmXtxbF6XF2wiyyJDN9ISeLHeSqioozHO1lFTtiYclvRFdN2uEsilypZAdYqypqJwCM1WfhbuDdFrYHU
Frame ID: E94BE3DCC75BAB5DB5ED18919F5E9CDA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQ2OPDowMY0tLNxgEwAQ&v=APEucNXA7pu1Qz0MGFg5gCA7gZPQnKN0qIJuhMg9PPKzy6TX8fBjtU_8ednpnaQ3BxICItBhoTDKeuxAsP5yaHFOu7QehFO3i9aSwy15H_hig870kY2W0eq4VsnaZhecmuj8C4aCYAzYJyLer6rO6p-NOWQx7BdvFCGJ_GDnTHsRXOyfzn0nJuQ
Frame ID: DE8B5DD77C93906E733510E7974E90AE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BC897F5B0F2913AEE8F971F05A2EC057
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/10176755/1628770995716/index.html
Frame ID: B7F9DAFF77B70945386EF447AE0B5D21
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 86A9B25382AAE50989CE8E984E4229AF
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AC43DC7F8C76573051915EDA7DF308B2
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5074865056437501952/creative.html?e=69&leftOffset=0&topOffset=0&c=YSZFVjmZqJ&t=1&renderingType=2&ev=01_247
Frame ID: 3C4BA1362968750F275A336E1D6378F4
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 49856AF2F4BA54764D9C683F596B589D
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 4437233E3F84A062D757E7A584EB6D0A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
Frame ID: B5E92BEFFB5C55B628F262C0FEF6E323
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il
Frame ID: 9D2EE1EC85EFB45433E479B65AA1AD34
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E00C49E353F1C135414B489E99FDCC46
Requests: 3 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: EFB364456ACD619E0AB7B6E598C352A4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Frame ID: 23809E5D2498BFF0206EE3DA88E32808
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1653632851472
Frame ID: A54064ADAA2DD2F497A12A505EB73CB6
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: D4E1D98B69754C8910272845B710BC5C
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 783F2A79AF89718DAD80FCF45CFDC26D
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B56505BB-A886-4047-B102-69F0C35AFA63
Frame ID: 93299A383D7A0015AF427A4362950204
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5841112478438565726
Frame ID: 89764EC9479ED09DA9716E8AB85F34BA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:362f6290-6f54-4600-aef4-470af8567009&gdpr=0&gdpr_consent=
Frame ID: E9E415A2E8A949052662E7127CBD1583
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: E733AD2D205A9C2623FF8E0902AF76EA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • TweenMax(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

276
Requests

90 %
HTTPS

39 %
IPv6

52
Domains

80
Subdomains

67
IPs

12
Countries

4757 kB
Transfer

10851 kB
Size

54
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2PbrMgSiLqeF6Tli7DdOc&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2PbrMgSiLqeF6Tli7DdOc&google_cver=1&C=1
Request Chain 93
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YpBvUwRFmvApq1bjQ4ZEmQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2PbrMgSiLqeF6Tli7DdOc&google_cver=1
Request Chain 94
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFC10JlV--pzEYJuM7LIR5w&google_cver=1
Request Chain 95
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU4MzU2MzY0MDU0Mjc5NjYzOA%3D%3D
Request Chain 103
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEL_-ZLag9Jc6w6pyY8otQz0&google_cver=1&google_push=AYg5qPKxdBR33Ckev_0UZ8wm1-AOUegkzBNfObsL_cH0cyeqwIFuzqST9mLnC0J2p9BaXpAd4ZDKQICxm-ZGtzHZRzB7V9Qr6jNM HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEL_-ZLag9Jc6w6pyY8otQz0&google_cver=1&google_push=AYg5qPKxdBR33Ckev_0UZ8wm1-AOUegkzBNfObsL_cH0cyeqwIFuzqST9mLnC0J2p9BaXpAd4ZDKQICxm-ZGtzHZRzB7V9Qr6jNM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SG0xNjVrQWIxTlV0ckM1&google_gid=CAESEL_-ZLag9Jc6w6pyY8otQz0&google_cver=1&google_push=AYg5qPKxdBR33Ckev_0UZ8wm1-AOUegkzBNfObsL_cH0cyeqwIFuzqST9mLnC0J2p9BaXpAd4ZDKQICxm-ZGtzHZRzB7V9Qr6jNM
Request Chain 104
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJm43ARUAjbOWiGtYP3Vgl8&google_cver=1&google_push=AYg5qPIFz_8PCQ1S0XvFZSIlXC1a2YSbactSzeqsGiiI9E4i0TLhEQWcaVAiUmYuDjst48HbK0LAq7A0bE5-Pm8_QIrlGagtx9Wu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIFz_8PCQ1S0XvFZSIlXC1a2YSbactSzeqsGiiI9E4i0TLhEQWcaVAiUmYuDjst48HbK0LAq7A0bE5-Pm8_QIrlGagtx9Wu
Request Chain 105
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEC0rqMiLIWEPnGUgyIx7s94&google_cver=1&google_push=AYg5qPJIjYim5R7AWM8LJPnjPp12_GcxJwmMV6uXCJEUfxO_Pv7jnv73UENchJ_tz7fQlAsQZ6IXknzKO5cVuK1Z3hYW0G9W8c4I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwMjI5OTAxODkzMjMyMDQwMg%3D%3D&google_push=AYg5qPJIjYim5R7AWM8LJPnjPp12_GcxJwmMV6uXCJEUfxO_Pv7jnv73UENchJ_tz7fQlAsQZ6IXknzKO5cVuK1Z3hYW0G9W8c4I
Request Chain 106
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENV-La5NXaiIJNT0_ULD-uw&google_cver=1&google_push=AYg5qPI2SRed2ZUWams9ujrKq8O6KdfnQ-sBjzCTvPeBC1BS06jCttsCu7as1BzqntGeLA_ZLBSr8MhBdgJsl8Gc3FJDaRFg98E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpBvUwRFmvApq1bjQ4ZEmQAABLkAAAIB&google_push=AYg5qPI2SRed2ZUWams9ujrKq8O6KdfnQ-sBjzCTvPeBC1BS06jCttsCu7as1BzqntGeLA_ZLBSr8MhBdgJsl8Gc3FJDaRFg98E&google_cver=1&google_gid=CAESENV-La5NXaiIJNT0_ULD-uw
Request Chain 107
  • https://match.360yield.com/match/ebda?google_gid=CAESEEi6crGr7zIAWTXlO4Km474&google_cver=1&google_push=AYg5qPLdeqLjMeprePBx06jasq-CFNhZKzNnrQtczDJLzqLezAL3Qyd0j_ss0X7G6UQNeqN7uHlE4-LUykitoZ7MoySYwCbznGR- HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEi6crGr7zIAWTXlO4Km474&google_cver=1&google_push=AYg5qPLdeqLjMeprePBx06jasq-CFNhZKzNnrQtczDJLzqLezAL3Qyd0j_ss0X7G6UQNeqN7uHlE4-LUykitoZ7MoySYwCbznGR- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=v3xiBLw_RWKg7vHjihZ0jw&google_push=AYg5qPLdeqLjMeprePBx06jasq-CFNhZKzNnrQtczDJLzqLezAL3Qyd0j_ss0X7G6UQNeqN7uHlE4-LUykitoZ7MoySYwCbznGR-
Request Chain 108
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEBX4xcgbHhcbEgM6f7Njbeg&google_cver=1&google_push=AYg5qPKjsILRrS6qVFCuf-zQWHYNuKvi88nlJo7u4atACdalPpRFU-I2yjnJg572kNywc-usNFjg7vZVDh9t5u4509MRA8cf15uQ HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPKjsILRrS6qVFCuf-zQWHYNuKvi88nlJo7u4atACdalPpRFU-I2yjnJg572kNywc-usNFjg7vZVDh9t5u4509MRA8cf15uQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1653632852078 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKjsILRrS6qVFCuf-zQWHYNuKvi88nlJo7u4atACdalPpRFU-I2yjnJg572kNywc-usNFjg7vZVDh9t5u4509MRA8cf15uQ&google_hm=
Request Chain 143
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHNhzewbEMxRPw5GLeLF084&google_cver=1
Request Chain 145
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESENtSxRloSZ5KnpLhEL6Hr2M&google_cver=1
Request Chain 147
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHNhzewbEMxRPw5GLeLF084&google_cver=1
Request Chain 149
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESENtSxRloSZ5KnpLhEL6Hr2M&google_cver=1
Request Chain 169
  • https://um.simpli.fi/gp_match?google_gid=CAESEGbvDXKpAjjsQpmF5dLarmM&google_cver=1&google_push=AYg5qPJ1TTthaJR2AjYuxYXWEx_KJUS60mfxmJK-LBd5inZncMygqnj_Awt-4IlLnXtPg2UDEvbB8oCuC4rT0Zz7MHDD55wmau8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CF08894BE5494FED9084E97478196D03&google_push=AYg5qPJ1TTthaJR2AjYuxYXWEx_KJUS60mfxmJK-LBd5inZncMygqnj_Awt-4IlLnXtPg2UDEvbB8oCuC4rT0Zz7MHDD55wmau8
Request Chain 185
  • https://um.simpli.fi/gp_match?google_gid=CAESEGbvDXKpAjjsQpmF5dLarmM&google_cver=1&google_push=AYg5qPKlHiqAYnYYYP_jgkOffXGt0eaMIk_KSHVPfxRQ5AeoFL0ZM1p7wNl94xR5iP1kaF6iAAd57LKbDSzFsOFHGoJ78m8pI30H6A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CD17E7182EC741838BAB0394A0B44C68&google_push=AYg5qPKlHiqAYnYYYP_jgkOffXGt0eaMIk_KSHVPfxRQ5AeoFL0ZM1p7wNl94xR5iP1kaF6iAAd57LKbDSzFsOFHGoJ78m8pI30H6A
Request Chain 212
  • https://fw.adsafeprotected.com/rfw/st/996673/61756196/skeleton.js?adsafe_url=https%3A%2F%2Fwww.walla.co.il%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:fd641c4b-da98-a1bd-fdf5-c891615593af,c:dNgiKy,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-58499bf7cc-fp6sx,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:154,fm:t70SVtY+11%7C12%7C131%7C132%7C133%7C134%7C141%7C142%7C143%7C144%7C15*.996673-61756196%7C151%7C152%7C153%7C1541,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:169,oid:170aea62-dd86-11ec-bfa8-6ed18ad9e128,v:19.8.309,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 247
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=53CP43xHVDB5UU5IUFREcjJBQWNEclVBaTJnbzU1amhGcGthMEt4cENrc2NGRUMxYmRSVEU4QW95TExqYlI0TzgwTDlLbk1MOXRxVC9Ka1oycHc4dVQxNXBJK0NRbnpVNlNNVXVwVWphQU53NTEwY1hnSDFua3paZndhbXB3ZTdrYVplZEVYbjNRenRVNjczU1BJT1NKVHRQQkRhY29rUFVYNERQc1JCdlVNNk51V0l0cEduOFdxNTAram1RWXdPWUV2dkVWbFJkMjUwWXYvTDRFZ2kyajlmRUF1ZUFKSFhLTTNJVW51RkthaVFUWjZiajM1bjErL2s2ajVwOFo1N3M0amUwSVpUOUV5NG5iYWNPcVliQ1NpSnpidz09fA&cppv=2
Request Chain 248
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=A6t29nxWSEIycGRJakR5a1ZPODZWVit4Y2NObnlNRjkwcDY1Q21aeXh1Y1A1MXEwVEhNNlBhWTVHbjM5b2VJbFBnYTJWLzMvdWZqQjdVZXdyWWNiZHVTYnFaUHdmUEJTTnU1MW5KWENFSUd0NkVpVzltUlVLZkpBUWo1RjRMTWFybklqdXJhWmZLTmxIenNWZVlrRHpLWEtDTE56QmFuRFczUDhhbGlDMXJQV3NETmcyOHZLbE9VMHVDVUxZRnE1cGxCMXlQbkxzMm5rYVFUeUs5Vm83b3pjMERudHJuYXJYSk1idnpKK0ZTZjQ1bDk1WnNIUjYzTURNYnJGMWdQcUs0SEF6emtEZm9ibkZhMlU1YnJ0cGV3OUxHSnp0QTRpK1orNUVQZUNJc0loaGFRMD18&cppv=2
Request Chain 260
  • https://c1.adform.net/serving/cookie/match?party=14&cid=B56505BB-A886-4047-B102-69F0C35AFA63 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B56505BB-A886-4047-B102-69F0C35AFA63
Request Chain 261
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5841112478438565726
Request Chain 262
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:362f6290-6f54-4600-aef4-470af8567009&gdpr=0&gdpr_consent=
Request Chain 263
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tWUFu6iGQEexAmnww1r6Yw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 265
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=362f6290-6f54-4600-aef4-470af8567009
Request Chain 266
  • https://pixel.onaudience.com/?partner=214&mapped=B56505BB-A886-4047-B102-69F0C35AFA63 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 267
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjU2NTA1QkItQTg4Ni00MDQ3LUIxMDItNjlGMEMzNUFGQTYz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 268
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI-A01r1ic62yfxYghKn8-0&google_cver=1
Request Chain 270
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6408984468864717544
Request Chain 272
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8583563640542796638&gdpr=0&gdpr_consent=
Request Chain 273
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kDWeTJBhkkuLMcYenjGKS8c0xkiLNcVEkzdSjPb3

276 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.walla.co.il// 		98 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-94.dus51.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
613bce7bfcdcd518049f0b4355baed0e549f83fe809c72d50f3d05f703fc00a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 27 May 2022 06:27:30 GMT
etag
W/"18893-1masG7WgFPssHIXu9Asn//ZkNJA"
server
openresty/1.15.8.1
vary
Accept-Encoding
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
x-amz-cf-id
u-yKyoGVQ_nJf3sh5-9lPHY147CL52a7hD55nYmQPuPs_U2bl2HaqA==
x-amz-cf-pop
DUS51-P2
x-cache
Error from cloudfront
logo_new.svg
www.walla.co.il/public/assets/logo/ 		1 KB
957 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/logo/logo_new.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-94.dus51.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a6cbbfde0f8fa5053ac3b8a87d712870edae2c840f56df167e4c33f31e61e84b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:05:27 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 08:35:10 GMT
server
openresty/1.15.8.1
age
163323
etag
W/"4bf-180fa5b0230"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
UtYWv6_D3iAAvGugf_1KSjK3o30l_QeYHKVFCYSb6MbB04YO9XZu_g==
x-cached
MISS
yad2.png
www.walla.co.il/public/assets/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/yad2.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-94.dus51.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:05:26 GMT
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
last-modified
Wed, 25 May 2022 08:35:10 GMT
server
openresty/1.15.8.1
age
163324
etag
W/"488-180fa5b0230"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
1160
x-cached
MISS
x-amz-cf-id
OI2RIcfqOZ9MQfeK2d5J_rfMkKWRsEpx4wAWTEvdCoODBL6wfvte1Q==
vod.png
www.walla.co.il/public/assets/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/vod.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-94.dus51.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
7ff6e89ef0a4dcb72ed72196173642deb38c4b539baf3d7030ba8e122c284475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:05:27 GMT
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
last-modified
Wed, 25 May 2022 08:35:10 GMT
server
openresty/1.15.8.1
age
163323
etag
W/"4a6-180fa5b0230"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
1190
x-cached
MISS
x-amz-cf-id
fus3wmEH5MxX2cXzqIJiq-vRn1PDtAOxWi5E4uZTnFoiWv6xmTgHig==
new-logo-walla-negativ.png
www.walla.co.il/public/assets/icons/ 		636 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/new-logo-walla-negativ.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-94.dus51.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
f6a69ae74374cd68efa0256c89a99d1cccbb7095e33ffb88d1ae54ee900d4741

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:05:26 GMT
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
last-modified
Wed, 25 May 2022 08:35:10 GMT
server
openresty/1.15.8.1
age
163324
etag
W/"27c-180fa5b0230"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
636
x-cached
MISS
x-amz-cf-id
PJuRgZ-qFek2HwIpfbybHwqajCZhBuysBsZz4iEFerHJOmYvgsSPEQ==
110_e9d534b15412cfd26fe4_e9d534b15412cfd26fe4_walla.js
www.walla.co.il/public/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/110_e9d534b15412cfd26fe4_e9d534b15412cfd26fe4_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-94.dus51.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
d9f04ec55812dcbc4eb1c5aa2623c73f1f7ec563308d4ad6ea25ace914194a9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:05:25 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 08:37:33 GMT
server
openresty/1.15.8.1
age
163325
etag
W/"2afd-180fa5d30c8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
KTHTSgmp35w-zfTivGzivNbQ80ZDNZeGfxiCWNBZ0DEE5x0Vs902Lw==
x-cached
MISS
128_ac4f90fb5897bbd4a28f_ac4f90fb5897bbd4a28f_walla.js
www.walla.co.il/public/ 		307 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/128_ac4f90fb5897bbd4a28f_ac4f90fb5897bbd4a28f_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-94.dus51.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a7f82d2398f97c791578e2348b2e4979c7c5e75ccee7f51f89d6837662aa7f56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:05:24 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 08:37:33 GMT
server
openresty/1.15.8.1
age
163326
etag
W/"4cb58-180fa5d30c8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
hYqSOJhGJUG9st314QmnspCHnfUo6WJPqCIaNIx_F0HkwlzpkRPA9A==
x-cached
MISS
main_44ec9a0487e311adf7f3_44ec9a0487e311adf7f3_walla.js
www.walla.co.il/public/ 		1 MB
244 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/main_44ec9a0487e311adf7f3_44ec9a0487e311adf7f3_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-94.dus51.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
465f446bb2f2c6ab1e90e1d9378035f386096a1f0e7a8ed9a0c9c2c53541a762

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:05:24 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 08:37:33 GMT
server
openresty/1.15.8.1
age
163326
etag
W/"10d694-180fa5d30c8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
vh6qPwIAUKzgOkJje3q6f7nM8PUVEyIbJ_X0knaxiNv370SHVmmqdw==
x-cached
MISS
homepage_b67a7948aa9c805cbcaa_b67a7948aa9c805cbcaa_walla.js
www.walla.co.il/public/ 		224 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/homepage_b67a7948aa9c805cbcaa_b67a7948aa9c805cbcaa_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-94.dus51.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
9e81fcb9b19405a907a8951cb432da707392903a6e7194ca1484f49a8029068a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:05:24 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 08:37:33 GMT
server
openresty/1.15.8.1
age
163326
etag
W/"37e11-180fa5d30c8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
jMNZlgIKaPsP4D0MQHGp9fUQHhdYg2Ypoph5P2LL7vxFpYuDl7Q4Yg==
x-cached
MISS
walla-v2-prod.js
cdn.valuad.cloud/hb/ 		926 KB
253 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
856210611103e164b4c4ef32c3e09ebf087e13a585984c64e062bec0d1949a92
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 27 May 2022 06:27:30 GMT
Content-Encoding
gzip
Connection
Keep-Alive
Last-Modified
Tue, 24 May 2022 15:02:57 GMT
x-amz-request-id
tx0000000000000335fd7a8-0062900f59-25922570-fra1a
etag
"7abbf9caddec1190c81c5ffae0f912f3"
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1653632850.dop208.lo4.t,1653632850.cds278.lo4.shn,1653632850.dop208.lo4.t,1653632850.cds067.lo4.c
Content-Type
application/javascript
cache-control
public, max-age=86400
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
258050
gtm.js
www.googletagmanager.com/ 		372 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ba8c40c945679314ac7d634c9133e9f51a59a26e6ab18e5efee126aeba11f65f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73111
x-xss-protection
0
last-modified
Fri, 27 May 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 27 May 2022 06:27:30 GMT
gtm.js
www.googletagmanager.com/ 		430 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
93600ad2b1edcc96781b1c001930e71675004e0e7b778b9c5109215a8e677718
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65085
x-xss-protection
0
last-modified
Fri, 27 May 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 27 May 2022 06:27:30 GMT
wallawb.js
cf.dxmcdn.com/dta/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/wallawb.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:6c00:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
626a9f5e33b58fb37aaa0c3229b9b04cbc75c40d0482dccf42fabf06fc2db766

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:00:13 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 14:11:46 GMT
server
AmazonS3
age
1638
etag
W/"e674347ec035ef711de82547bab57d5c"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
x-amz-version-id
BAYsiksJejo_kfxTWiBYgxoOP9ZARkC_
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
wuUBA2hwmzt912H7TXPwuwN9NYBuPwrclVOYvxv92BVsnoXpPI9aTg==
almoni-neue-aaa-600.woff
www.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-94.dus51.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://www.walla.co.il//
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:05:25 GMT
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
last-modified
Wed, 25 May 2022 08:35:10 GMT
server
openresty/1.15.8.1
age
163325
etag
W/"e954-180fa5b0230"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
59732
x-cached
HIT
x-amz-cf-id
AH3wLMbBbEkBSIOv85j1TPKed0sHfsOd4yCuCbgUAsFq9VTDvvPC5g==
outbrain.js
widgets.outbrain.com/ 		200 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dd24a60238b03577452bc7b15665e2f6f4a56e75f3ecaaed40fbff0b769b9314

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:30 GMT
content-encoding
gzip
last-modified
Thu, 26 May 2022 14:29:37 GMT
etag
"15-U2etAAnbcZ9HapL6hNkjfaqhA1w"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah-stg
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
7a0780f83ece3a80266cd889368bf072
timing-allow-origin
*, *
content-length
70493
wallaicons.woff
www.walla.co.il/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-94.dus51.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://www.walla.co.il//
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:05:25 GMT
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
last-modified
Wed, 25 May 2022 08:35:10 GMT
server
openresty/1.15.8.1
age
163325
etag
W/"3bdc-180fa5b0230"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
15324
x-cached
HIT
x-amz-cf-id
OIjpAIe2psQR_McFTYXBFj2_c3BWUDaLPh4Xz_QP66ODbzjqSvHqZw==
almoni-neue-aaa-700.woff
www.walla.co.il/public/font/almoni/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-700.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-94.dus51.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1

Request headers

Referer
https://www.walla.co.il//
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:05:25 GMT
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
last-modified
Wed, 25 May 2022 08:35:10 GMT
server
openresty/1.15.8.1
age
163325
etag
W/"ea00-180fa5b0230"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
59904
x-cached
MISS
x-amz-cf-id
MxUueLSgaoQsDxbojbERpMO7VT0DwHVULVgrMwqeaTggizcIfBmEKA==
almoni-neue-aaa-400.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-400.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-94.dus51.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086

Request headers

Referer
https://www.walla.co.il//
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:05:24 GMT
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
last-modified
Wed, 25 May 2022 08:35:10 GMT
server
openresty/1.15.8.1
age
163326
etag
W/"e770-180fa5b0230"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
59248
x-cached
MISS
x-amz-cf-id
9mfNehhL2jbp4htT0_sFRa0vyeDJ-ouTV8VHtgu78MdC0m8VpWD0Ag==
391_5493cd4ce05861fc6e3c_5493cd4ce05861fc6e3c_walla.js
www.walla.co.il/public/ 		122 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/391_5493cd4ce05861fc6e3c_5493cd4ce05861fc6e3c_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_44ec9a0487e311adf7f3_44ec9a0487e311adf7f3_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-94.dus51.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
df17a038604f387fabc1e3cc8994aba8394be245d7e3caaa989a629547803c0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:05:25 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 08:37:33 GMT
server
openresty/1.15.8.1
age
163325
etag
W/"1e60c-180fa5d30c8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
L5h7QeYDeMKcOykLJs3KAR5yeKPhYLir2eIL7NJQLyhr4jSB1PffkQ==
x-cached
MISS
PikudInner_8c1991b5dc442b6a04da_8c1991b5dc442b6a04da_walla.js
www.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/PikudInner_8c1991b5dc442b6a04da_8c1991b5dc442b6a04da_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_44ec9a0487e311adf7f3_44ec9a0487e311adf7f3_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-94.dus51.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
c6163b79541e39dee513e65dbe9879c888d980c1884cce20d2ce25f225542320

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:05:25 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 08:37:33 GMT
server
openresty/1.15.8.1
age
163325
etag
W/"cfc-180fa5d30c8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
xO-D3GgEK2lHBXOJfQTLeRPBss7n3owEZvC45C1QHP8CpEnoj86bxQ==
x-cached
MISS
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/128_ac4f90fb5897bbd4a28f_ac4f90fb5897bbd4a28f_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
sffe /
Resource Hash
771d8ed932d9483cfb806a8a7da6eb171167c989fee58ec04d2c9112d0ae6dad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28157
x-xss-protection
0
server
sffe
etag
"1227 / 882 of 1000 / last-modified: 1653602811"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 27 May 2022 06:27:31 GMT
close.png
www.walla.co.il/public/assets/ads/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/ads/close.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-94.dus51.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:05:25 GMT
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
last-modified
Wed, 25 May 2022 08:35:10 GMT
server
openresty/1.15.8.1
age
163326
etag
W/"46c-180fa5b0230"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
1132
x-cached
MISS
x-amz-cf-id
hN6VJCjdvD-_Mljfj8FD5nMDnOtiVj6-psv83XNNB0uj4hld7fYeaQ==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
503
date
Fri, 27 May 2022 06:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 27 May 2022 08:19:08 GMT
conversion.js
www.googleadservices.com/pagead/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
6b6dc0c6cb6db4cc3693a4bedc8e0ee24bbfb2d861da6039ae6a20c436410882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16851
x-xss-protection
0
server
cafe
etag
9111538430463144330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 27 May 2022 06:27:31 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26310
x-xss-protection
0
pragma
public
x-fb-debug
22plGEMqytt6uEDd7WtawK/IJiq8OCURMQm82O4T9aW2MudnfBxoUQDdC1EnP1YRtZIikt05eKR+qUjt8K7JcQ==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 27 May 2022 06:27:31 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js
cdn.permutive.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2022-05-27
Requested by
Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
kahoona-idx-live.js
d2r08ja41ypc0t.cloudfront.net/WALLA/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Requested by
Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:e00:4:1c73:c740:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee3f5afe9e1b71c09e0f27fad062214fdd560fec9ce2b7e3ba7d8aaa2b7766d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
hMpKv4LDSyFWvWZ2YXTqiQwRE.jGLejG
content-encoding
gzip
last-modified
Wed, 18 May 2022 11:13:54 GMT
server
AmazonS3
age
76167
etag
W/"31cbd5c3707c9565a7c26200bea7a88a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
date
Thu, 26 May 2022 09:18:16 GMT
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
xH1MlT7DBTw4ugwg4myh99aK2cmWuiW33ZmWe_2fgwwZYZsBLaD36w==
d3d3LndhbGxhLmNvLmls
tcheck.outbrainimg.com/tcheck/check/ 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3LndhbGxhLmNvLmls
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 27 May 2022 06:27:31 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=29222
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
33823247fe7b6eb1f1ce3565c2b90ad6
Content-Length
16
Expires
Fri, 27 May 2022 14:34:33 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:31 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Sun, 26 Jun 2022 06:27:31 GMT
init
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init?d=pubsub
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Fri, 27 May 2022 06:27:31 GMT
server
Google Frontend
x-cloud-trace-context
3dc0a107c060ed3b51a0c3f34a1d7d20
x-request-id
undefined
init
hb-dot-valuad.appspot.com/ 		38 B
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Accept
application/json
Referer
https://www.walla.co.il/
x-request-id
8850d0cb-998f-4142-8911-425f06160aa3
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
x-vad-version
0.5.24
Content-Type
application/json

Response headers

date
Fri, 27 May 2022 06:27:31 GMT
content-encoding
gzip
server
Google Frontend
etag
W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
91a6996799c38b80216a187175d684e8
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64
x-request-id
undefined
logo.png
www.walla.co.il/public/assets/pikud/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/pikud/logo.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-94.dus51.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il//
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:05:25 GMT
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
last-modified
Wed, 25 May 2022 08:35:10 GMT
server
openresty/1.15.8.1
age
163326
etag
W/"558e-180fa5b0230"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
21902
x-cached
MISS
x-amz-cf-id
dVvaAfbUBitFzk4COZmh-WigNCEHUWQhhkvGCqJB9VytV-tkVNx2qA==
pubads_impl_2022052501.js
securepubads.g.doubleclick.net/gpt/ 		365 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067809
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
sffe /
Resource Hash
19e0cfeae6e0bdd6aecd6fc545877f22b49c71a2c577205964a2d09f9b2133c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 11:09:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69461
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126602
x-xss-protection
0
last-modified
Wed, 25 May 2022 08:34:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 May 2023 11:09:50 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		843 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
5fd6e1b2782564a59206f88f30e52cfbf69758d0649141b126027e775b3b0553
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 May 2022 06:27:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
278
x-xss-protection
0
expires
Fri, 27 May 2022 06:27:31 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1419826065&t=pageview&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1604728806&gjid=369727802&cid=1687894118.1653632851&tid=UA-4780630-1&_gid=2029512444.1653632851&_r=1&gtm=2wg5p1T728TH&cd1=&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd10=0&cd20=no&cd22=0&cd23=0&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=1&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=&cd116=0&z=1932869372
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1653632851195&cv=9&fst=1653632851195&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff91390c6cf78e05bd1e622856667dd65ed39acae7fa24b4a93d9a235747a9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
977
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1616785908557850
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1616785908557850?v=2.9.61&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
08ce26ba77d9b54d09e7fa9f8d8202cdbc2508cfc6ec2f438c19d9811d5682be
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89214
x-xss-protection
0
pragma
public
x-fb-debug
h+ZNOtLgT1VYBJkXGr/KBCoTjDxnQjE/A6bumtyDJc8A3nOXxS4zTROBVafe8rjIh/SB1UITHuPbZNczdZNpGw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 27 May 2022 06:27:31 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
handshakes
khn.crowdad.io/ 		0
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/handshakes
Requested by
Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.40.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-40-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Fri, 27 May 2022 06:27:31 GMT
access-control-allow-credentials
true
content-length
0
handshakes
khn.crowdad.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/handshakes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.40.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-40-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.walla.co.il
content-length
0
date
Fri, 27 May 2022 06:27:31 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-4780630-1&cid=1687894118.1653632851&jid=1604728806&gjid=369727802&_gid=2029512444.1653632851&_u=YEBAAEAAAAAAAC~&z=507938736
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 27 May 2022 06:27:31 GMT
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/964224610/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/964224610/?random=1653632851195&cv=9&fst=1653631200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F%2F&fmt=3&is_vtc=1&random=4020392740&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/964224610/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/964224610/?random=1653632851195&cv=9&fst=1653631200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F%2F&fmt=3&is_vtc=1&random=4020392740&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
170717926997655
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/170717926997655?v=2.9.61&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6f42b594160112e945a08e1bba5d6bd8f379df09b37f1627f87263bb3da93392
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88801
x-xss-protection
0
pragma
public
x-fb-debug
YfaVs8MDHKvBVqdsF2NjWDzq4ZEADevm18OR85R11yZhd6dnb3caVkG7ncyDKUV4R/121F08BjOaoFeo6DG/PQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 27 May 2022 06:27:31 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F%2F&rl=&if=false&ts=1653632851272&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.2.1653632851270.1379204697&it=1653632851205&coo=false&exp=p1&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 27 May 2022 06:27:31 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4780630-1&cid=1687894118.1653632851&jid=1604728806&_u=YEBAAEAAAAAAAC~&z=772936268
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4780630-1&cid=1687894118.1653632851&jid=1604728806&_u=YEBAAEAAAAAAAC~&z=772936268
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F%2F&rl=&if=false&ts=1653632851293&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.2.1653632851270.1379204697&it=1653632851205&coo=false&exp=p1&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 27 May 2022 06:27:31 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 		262 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.2 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-2.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:31 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 08:22:46 GMT
server
Apache/2.2.15 (CentOS)
etag
"1481c32-41771-5c7110f340cdf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=101203
accept-ranges
bytes
content-type
text/javascript
content-length
82748
expires
Sat, 28 May 2022 10:34:14 GMT
/
csync.smilewanted.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220527
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9946aac3f8ccd2c67e53596de1353b5200e78cb45ddbba5691453aa2b3d6daf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 27 May 2022 06:27:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12392
x-jsd-version
1.0.1353
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19121-FRA, cache-iad-kiad7000027-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"668-xj7cvE41AnUnUjStY304rJi9ow4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XHktSM9grX%2FkQjuFKrXfQNW89iKacUSO4Cyqx%2FG0c3yklHqB5cz3Cp3Zdx1wdbIuBXf4UBS7QbmLsoD8Y6b8IQBcNcMTYMkTwWGggT30N%2BWzrx9OatpzMejQySy0j7bgv5FJHOnP9zHf23risI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
711caf68fb232397-ZRH
access-control-expose-headers
*
localstore.js
script.4dex.io/ 		483 B
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
212208
x-amz-request-id
tx868aa8ceaf494ff0b1336-00627a3731
x-amz-id-2
tx868aa8ceaf494ff0b1336-00627a3731
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jWz1nw%2F%2F37RgCVqpCtl%2FvOuwZDBVlAn%2Bw9FunNEsTpN40mL4FFe2Vae7VNi%2BKs%2BIc%2BjrwZN2r8sW1mlTrZgjAY7%2BgB7HlcJMa1%2BeH8k9qfwLoOksXCIWhjef2Tk89Kp2%2Bo33rJeAtBT9viBP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1652176652152482
cf-ray
711caf692a3b59cb-MXP
auction
tlx.3lift.com/header/ 		19 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.14.0&referrer=https%3A%2F%2Fwww.walla.co.il%2F%2F&tmax=3000
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.205.29 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-205-29.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:31 GMT
accept-ch
sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		23 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
53b3d6d88a2a3bf4dc27064e81be609ef2afe83e2de5e7a7627363266235d18e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 27 May 2022 06:27:31 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9abaf1e0-5455-48ff-b113-cde8390786f3
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.walla.co.il
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		535 B
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.walla.co.il%2F%2F&PublisherDomain=www.walla.co.il
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
5febe5c3d4fe4260963530c97481352bb86abc3d9b0445108375b061a5c7691e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:31 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
77
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
535
expires
0
prebid-request
onetag-sys.com/ 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.walla.co.il
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		18 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.14.0&cb=14936899805
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 27 May 2022 06:27:31 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
/
prebid.smilewanted.com/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 27 May 2022 06:27:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
cf-ray
711caf68fb619128-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 27 May 2022 06:27:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
cf-ray
711caf68fb649128-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
arj
u.openx.net/w/1.0/ 		74 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.walla.co.il%2F%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=adda15c4-3faf-4104-a690-c2294189a922%2C2bc1f851-0d92-40b0-9ebc-ecd2d1e2d00a&nocache=1653632851349&ph=699eab9c-3b10-4094-afdb-80584fcca830&schain=1.0%2C1!valuad.io%2C15113%2C1%2C%2C%2C&aus=120x600%2C160x600%7C970x90%2C970x250&divids=adSlot-1%2CadSlot-17&aucs=43010785%252Fwallanews%252Fmain%252Fskyscraper_desktop%2C43010785%252Fwallanews%252Fmain%252Fproducts_footer_desktop&auid=544104782%2C544104782
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/873204b /
Resource Hash
cdbda8881d89c98cddc00fc93962e3fd5d8aa4c93f80ae4880150057f246ea2f

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:31 GMT
content-encoding
gzip
server
OXGW/873204b
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.walla.co.il
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ 		0
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Fri, 27 May 2022 06:27:31 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
168
vary
origin, Accept-Encoding
/
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Connection
keep-alive
Access-Control-Allow-Origin
https://www.walla.co.il
Access-Control-Allow-Credentials
true
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Fri, 27 May 2022 06:27:29 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		114 B
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
649ccfda4c5382400fa3e29d6d33f2d0ce77fdc993eab12c3902156ffd0509cd

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
711caf694b4c23f7-ZRH
pragma
no-cache
date
Fri, 27 May 2022 06:27:31 GMT
via
1.1 google
cf-cache-status
DYNAMIC
x-warn
Preparing candidates. No matching rules and/or Bids disallowed and/or Invalid predictions
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
server
cloudflare
expires
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 May 2022 06:27:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 May 2022 06:27:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1542594095260746&correlator=297634392838403&eid=31067809%2C31067640%2C31061165%2C31065401%2C21065724&output=ldjh&gdfp_req=1&vrg=2022052501&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Ctop_desktop%2Cnickbar_desktop%2Cprestitial_desktop%2Cvideo_slider_desktop%2Crm1_desktop%2Crm2_desktop%2Crm3_desktop%2Crm4_desktop%2Crm5_desktop%2Crm6_desktop%2Crm7_desktop%2Crm8_desktop%2Crm9_desktop%2Crm10_desktop%2Crm11_desktop%2Crm12_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17%2C0%2F1%2F2%2F18&prev_iu_szs=1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%2C970x40%7C970x50%7C970x80%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ifi=1&adks=3131741070%2C1593069613%2C2746968372%2C2837879538%2C581680292%2C3350566117%2C947382955%2C1039085789%2C1445159051%2C3423946700%2C941261744%2C3384287599%2C2655517675%2C199863101%2C41169740%2C2603141500&sfv=1-0-38&ecs=20220527&ists=12287&fsapi=false&prev_scp=slot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dprestitial_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dvideo_slider_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm2_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm3_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm4_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm5_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm6_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm7_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm8_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm9_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm10_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm11_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm12_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1653632851380&lmt=1653632851&dlt=1653632850685&idt=532&biw=1600&bih=1200&adxs=805%2C315%2C-12245933%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800&adys=98%2C1200%2C-12245933%2C113%2C887%2C887%2C887%2C887%2C887%2C887%2C887%2C887%2C887%2C887%2C887%2C887&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=970x0%7C0x-1%7C0x-1%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0&msz=480x0%7C970x-1%7C0x-1%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0&fws=132%2C644%2C640%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132&ohw=970%2C0%2C0%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=1687894118.1653632851&ga_sid=1653632851&ga_hid=1419826065&ga_fc=true&btvi=0%7C1%7C-1%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067809
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
e22e4720a3de5c50901c505d7c84cb178abfe6fcd532c3d4ed93efa5a35b295c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9839
x-xss-protection
0
google-lineitem-id
-1,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022052501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4641e93c3d267764085127aba50849f2dff6adf1a7ce6dae442f7bfa0e959991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 May 2022 06:27:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10596
x-xss-protection
0
container.html
48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 39C8 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 May 2022 06:27:31 GMT
expires
Sat, 27 May 2023 06:27:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
get
odb.outbrain.com/utils/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F%2F&idx=0&rand=90186&key=NANOWDGT01&widgetJSId=AR_57&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=0&py=38&vpd=0&cw=1600&activeTab=true&darkMode=false&settings=true&recs=true&version=2000739&sig=K9gndrQV&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
14adcf5c39f8504c6d447e6ade75d144ba588e0d175ce24d0ce11545ee1b79d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:31 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1653632851.494365,VS0,VE166
accept-ranges
bytes
x-served-by
cache-lga21982-LGA, cache-fra19136-FRA
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
db05f0e4513106ae01e437b1f0852178
content-encoding
gzip
content-length
1056
expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 27 May 2022 06:27:31 GMT
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1456158
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txaad52b19d7834141a4a06-00627a3733
x-amz-id-2
txaad52b19d7834141a4a06-00627a3733
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Gm%2BHZkkeRgarWhbbcrxiJScJus8v69wDIFw0ogeC3RGlg6OGg0foOnQ%2BHgSa%2Bme9msXevn5of%2FZ%2B3ithkxtqSoaFnMUlZsJyhQdqI9c7Op1RneIF5fD75IJA63AN956kBt67gQehhhSvfnl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
711caf6a0d4a59dd-MXP
access-control-allow-headers
Authorization
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7AD3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
38906
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 May 2022 19:39:05 GMT
expires
Fri, 26 May 2023 19:39:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7A57 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
73086c45add34f373a8dff3d3baf76d1ed73d273ca5ee13e749f6248d7ee0a6e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-V6F8PWv3EkvmFWoMehqXDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-V6F8PWv3EkvmFWoMehqXDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 27 May 2022 06:27:31 GMT
expires
Fri, 27 May 2022 06:27:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
pagead2.googlesyndication.com/bg/ Frame 7AD3 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 18:48:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
128326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13841
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 May 2023 18:48:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7A57 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022052501&jk=1542594095260746&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 7AD3 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?s0hOFQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=21cf18537cb94df564f7de93ee06731e_1769_1653632851584&tm=575&eT=6&wRV=2000739&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.31 Harrodsburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Fri, 27 May 2022 06:27:32 GMT
content-encoding
gzip
X-TraceId
cbc9b7d083fece5cde18f00ce4f77967
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
get
odb.outbrain.com/utils/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2F%2F&idx=1&rand=92333&key=NANOWDGT01&widgetJSId=AR_25&va=true&et=true&format=html&pdobuid=-1&t=MjFjZjE4NTM3Y2I5NGRmNTY0ZjdkZTkzZWUwNjczMWU=&adblck=false&abwl=false&px=0&py=2452&vpd=1252&cw=1600&activeTab=true&darkMode=false&settings=true&recs=true&version=2000739&sig=K9gndrQV&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2F%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2bf2fd36508b1d23670e375eaf89ea61885c3b252a8804f73fc3e265d283f925

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:31 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1653632852.678936,VS0,VE202
accept-ranges
bytes
x-served-by
cache-lga21941-LGA, cache-fra19136-FRA
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
0bec17aa5bf355d55fc4cb3fc2673e69
content-encoding
gzip
content-length
15489
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ Frame 0A85 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.walla.co.il
Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 27 May 2022 06:27:31 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
container.html
48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FE4C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067809
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 May 2022 06:27:31 GMT
expires
Sat, 27 May 2023 06:27:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ Frame 8764 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.walla.co.il
Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 27 May 2022 06:27:31 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Fri, 27 May 2022 06:27:31 GMT
server
Google Frontend
x-cloud-trace-context
3d26fb016c78ad0d3366a9406626bdc6
x-request-id
undefined
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Accept
application/json
Referer
https://www.walla.co.il/
x-request-id
11fa5d0b-d77f-4675-aecd-6bcded4ea117
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
x-vad-version
0.5.24
Content-Type
application/json

Response headers

date
Fri, 27 May 2022 06:27:32 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
6b4de53ba783303b701c57ecaa4abf1e
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16
x-request-id
undefined
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067809
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 May 2022 06:27:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067809
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 May 2022 06:27:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1542594095260746&correlator=2013935919268019&eid=31067809%2C31067640%2C31061165%2C31065401%2C21065724&output=ldjh&gdfp_req=1&vrg=2022052501&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cskyscraper_desktop%2Cproducts_footer_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4&prev_iu_szs=120x600%7C160x600%2C970x90%7C970x250%7C970x550&ifi=17&adks=2273020715%2C2878636598&sfv=1-0-38&ecs=20220527&fsapi=false&prev_scp=slot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dproducts_footer_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&eri=1&cust_params=permutive%3D&sc=1&cookie=ID%3Dbd220d5706bdeb48%3AT%3D1653632851%3AS%3DALNI_Mb_VTd43zvwFji0MbLZiHlF9GGgAg&abxe=1&dt=1653632851865&lmt=1653632851&dlt=1653632850685&idt=532&biw=1600&bih=1200&adxs=1480%2C315&adys=185%2C1037&ucis=h%7Ci&oid=2&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C0x0&msz=120x-1%7C970x0&fws=644%2C132&ohw=0%2C0&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1687894118.1653632851&ga_sid=1653632851&ga_hid=1419826065&ga_fc=true&btvi=0%7C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067809
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
891918e992d33b82384f6f5e6d30837db100f35f41e18866a5435eb29d6cc6e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12663
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B680 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNXWyDrC2xcNm9EDmWWBcYkQDWX53hPAZ8pirRFReu-Cw6G7hauBq_ZqTCVBksBXAcy7ot7yNOh4ISb6kajvYD-MX9tTVy_DvkZVC3_tqssJNTm3Jbq9Sm44ISvel9aRw9zlXbrBc3mNdL7B0_RhyWqhB2utyycoS9tNLmg7-XQL1RUQkbA
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 27 May 2022 06:27:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame FE4C 		77 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cxi6BBlNoPd-_0xt1CK2juCiBF9a6eJse1q7dCVOf1XYpgKZqz6itD5HH7fRvnjzw_NpGplPiDsWf8YJFYz9O12so4ebnD4dTrFbSC3W-bRlzxMrVV1PHRa61LrrdwEUWs2h8yhiSCsC78zNCXNCxMYBCOdA&dbm_d=AKAmf-AC_GJUp6dW1DqgIhCjEMsiqMH2rv0QuWt1WRMLbUGnG8ydDN0Zx8PLWZfd87Xes8MGUOtSjOkmsKEhgfH4XBr7W-bFtH01RUmi_XrGtYYObQ92FjTsVUf3AdBaDdX1xjr-KVl5slnu4N7YIR4xFdapM40qy0mPN2tvQWSS7DwWddpiIGXe14wZer3Wt50z_hJXoNOnMeYM3R7fTMcD315-_axpOA0Z3sCcUTk1MoeuiISc9VScCXd2EW7VpfJ5lTtlMGfH_ekqj9Z-1dBOuX89_2ylv-M1Z1bKsReflukKHGFNxMbJKkFV5BF1Ftstilr28nqHYaMFk2zEjyFP2M_VltYi5_mtxdJnyMEwrJ04Kw_AejMhrgt77oQrKMIvL7bbxcRnR-IKzelZOYrHQWC0nn_SYR4BFr2AbukjP4ZLmucSoku9ASIPNtOFo9M8i3n_PsCb1Vl70P_C0w5xyuQl3WFdwdSQtlVOgyiy3_J4yevr4Er2oEkpZnLYOub8YQ3PV0vNHDLzlQkEe5ulhfHRslXFEeqIw0Jhl8ZVKOwT7mYJKEoFFNIFTHS2OsonIw9zJ5jLMS_2lE4184AKS8HNg7zOV3eZNs-wBmMW7kn64BjMTLchvldZ1_Fo38s7XQRqRGrcK20qb_di2lSxhNXC_8i16oCmMOH_IZVU1TN7wMqbD9pmXQdZgA1Xb33Zhh92WCYZhPvUoVAVtU6GFhfa4A32QuTh18LOIdCkAg2I_gph5JAgdr39Yad76ESHhbpYoGOC6LSVTU-TEfeo7GLEHVg6PT6H65-KH1PM0HghDu89sr0SN9paHGQVW2JsJKkmN4yo99dcaHnog7o_asVTDF-L3snU0KV2fcLmbLgf8ojyuoiLc4O_2AQPqER0NOZsf0cn1mR9zcHDwNL_FgeRZDnKb4_APBaIv5fU4FmTI8fIzDmIiGRzUjYhBQVEaPkPV7BPZNNBD-bOAfgHeo8i1VN_yea3EfcmY0W8zjcEOTLvYLhb7tkwPCrBtSlMrrJXga3XsymSIEq5gW4q3CjPsPve8LW6RzG9vH0cUvfyc2hxUU6sZwndOVi1qZTxtmfSGgs3-SFa0OINeS-qshL9lWQHT-u854bDHVkGfimdfrsI1MgpLSPA7-dfrluZwTkWBOkYOeAd3NqLUvv3j8fn3IJoTDmk2kA406gSam3LhlgaMtEbpG8ctl3_Nn0Ykz-7emotf45bogDoZwdyH3pRQlS-uGJahtRkFTWZQPKnO7XaBjsdlVJdtZ4-uqGmiolV-90Vl1QtKAUJU-VXbRfHDr7WpsPY8cfwQPwmmBgEPrjHcdG-Fm1rsnN9MQvDqOzNaH9sF4XHywzXQO-Z1niu2RLNRkV7SE498OaS-R3HgjA990kvXQL5KjvkGgbywXpnMWs8zfJ796ZstCSfUG9KsPz9wS_9HjelR1541hPooDptl4_330kIOw_AD5hCQbhJPzwEj60ZDTNOqSuQZ96XexRSDBAihVGDlHpzeizA7lJD-_wVwXY6936QGKRdEr8tqg6w4gu4pkXiCOwkbcUnRZ2hBUKvDd1LPgjwTjX2jTj3tEbq8zKJ-dE3S_PaVhlj7eG5XJo4inJ4tGbxrYm4mHQ2RCLuobM-axslsK94wjSI7J7AvqpCpfwK-Z3N-xVuS3le5EGHM_t7FyWs5-cZiGZKofBvDxYYVgAjYY7WwUmi3qyCHNCAi7HG7hYdJi0J8EsvYnWLvrglsN8B8xw3jW7CZRhnSOa25kIGxExdZ102sKc05Df0U4dv8X39TM2gy9jhurVFB2mbvLaJaHUj2SsZHpk8di1JQOHAIb9bY9MoV4LUfNGWPEdjixDoJlin8fr68m3iTQm8s-W9NNfuAeCxeLKqAQJXNARV3tWv0rkbhFz8z5wN3NJBTikTIZO0RE-jE7um8G7TxAyKMhYr0lbEXsIbQ92rpznFQd0shq_PbmI0Kc_1sSecadz-XKlEm_5lO5QN45O1FVV321--9N7hJeAOWVq7TxfMymQ1CF8bFL6QEG-8IV6T7f5VoRXP6caa7v0LuXHGiPEURdEvzcF2x0JYxkFozlZSld3tlCI4Mg-rxXS2U253Y7Pe4TPP31XmnSFT4Io_-n_Yx3Lo6hmt6NdZnnXG08exm29DcqKqEekb37M52sxILpcbspfj6qHjVx1tJal_10q9PXTO1EEk3GZDu8YQag7_2gzRyMbkB_aX9POY-dIovLfRoBJVmFC9JvePH930Go59T2nlj9ohvnJnt2UYAooAgA13JvI2QQBZsGHKhV0KSFsKL3AZ-fcuE_HTgxjfdC97RaehHhsLtXyzk6x0trFz5dXBqpcMVQAK1zq7maLATa6xgr15L6rdp5r8E8sAps_osvaS3ZyLz0EcirJGGMvkLKZZKeApseprP9yIUud6n3G8YeaR1BmUZC_gY518Jvz9P3VH7eXLE1_Qo3P-HrsfjSE8_koWijhcZDOLSQTawpGAxFfaOFXaiISkU3T82PEDm9MQTeu_4CxRRMI6rLyd5Pj7_OSzs6DYRpXdmM-TW5P6sSGFf7pRFElsyD3m11wd7E1RuZ-tkk4WlDHC1L4p2G5EDLPvTBUmzHy60sGsZrfLkvWWG_S7Kfhr7MDRcb9qvTzvUZ6BZuB1MjoUjSTcGQB8zHr_WnH-gIbpwbwhcVf50Df5SnjQ4Hoylkhr_cmG5RNaXuX_5qNBmweFLgkBG9KEvCGWOmo0r6Og2j67Jt72Hpm58WadZV0h4K2MdIaB895jcd8jo2SistRvM28jif4vme6jY38yNW_m0wZ-UmpOVmHbzesbgbIcVK01jqjX1AaI7HdLVRZU2FFsIJLSNhHgLhiI760RnQoR5AbeE_M4U6wYntURYDa-ELu7RRXtVy9aXoXMFFhVS3Vn4-UbGBzdLIfLjDSqa1oxTXwWIGGLr_W4yGaLIFjGNiM-yo2LNxDDrEmjibnRUVKF7QuHkk4Wc1AfVKhDNapc1VXLUmsvmGfy-MZkA6FRUfKuKCncy12dTVppp0xdfT_k_VH0qJqXt62-AvfcYf_HFtQu_4vMvj3pIfPqpguHQUwmPDyPBaworyTPjf7ymGW-G85iXQ1YD9qnCPAPvTYw8C5CqCsriIv5laGmQQ4khDIlp-E3UJ4FCf73UF1wDk1fXgD64A-Lj-57qBTpqMXuvjJGJRihaZ0I6EphbaqNTn55TcJhNy-Qk70zIK2GqMTzDRTzSu60mI62a04&cid=CAASJeRosSQ4gbY_SUTn1m8jS0vL0c21qYYautVO4y_eug5j-u7lyMo&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3545831e5f34ae355c1d9bce9854a56ff891ce7c1fbeff61fccd65a466badc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32833
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FE4C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CNT3fp2f9KQVZzfBZiT1VjkJ_mZJRkTNz6guXBoqxo4j2MW3WaWzQSiNuGf00H87B_S6wRUFkUqY24fdevxttAnYryOmucft5dtH3yXSfiLBhd0jI
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame FE4C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus_fy2019.js
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:00:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Jun 2022 06:00:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FE4C 		136 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42680
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1653478767633683"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 27 May 2022 06:27:31 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame FE4C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd6bae3cabfa6f6e2381af0d19e0a2c17d00a727e414564df6898d6dc0355cad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:03:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1458
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
8365041023519634061
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Jun 2022 06:03:13 GMT
l
www.google.com/ads/measurement/ Frame FE4C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSudRPT8etlvwS7Rc6Gh34m14tC6LALPrYfzDpXSqYk1SkWP77sm3lYT4k-Hz_XiQe2ZFlLXKvAOSq_pQtP8b6q8Ee0Kw
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame B680
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2PbrMgSiLqeF6Tli7DdOc&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2PbrMgSiLqeF6Tli7DdOc&google_cver=1&C=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2PbrMgSiLqeF6Tli7DdOc&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNXWyDrC2xcNm9EDmWWBcYkQDWX53hPAZ8pirRFReu-Cw6G7hauBq_ZqTCVBksBXAcy7ot7yNOh4ISb6kajvYD-MX9tTVy_DvkZVC3_tqssJNTm3Jbq9Sm44ISvel9aRw9zlXbrBc3mNdL7B0_RhyWqhB2utyycoS9tNLmg7-XQL1RUQkbA
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 06:27:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 27 May 2022 06:27:32 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 27 May 2022 06:27:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2PbrMgSiLqeF6Tli7DdOc&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Fri, 27 May 2022 06:27:32 GMT
rum
dsum-sec.casalemedia.com/ Frame B680
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YpBvUwRFmvApq1bjQ4ZEmQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2PbrMgSiLqeF6Tli7DdOc&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2PbrMgSiLqeF6Tli7DdOc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNXWyDrC2xcNm9EDmWWBcYkQDWX53hPAZ8pirRFReu-Cw6G7hauBq_ZqTCVBksBXAcy7ot7yNOh4ISb6kajvYD-MX9tTVy_DvkZVC3_tqssJNTm3Jbq9Sm44ISvel9aRw9zlXbrBc3mNdL7B0_RhyWqhB2utyycoS9tNLmg7-XQL1RUQkbA
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 06:27:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 27 May 2022 06:27:32 GMT

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL2PbrMgSiLqeF6Tli7DdOc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B680
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFC10JlV--pzEYJuM7LIR5w&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFC10JlV--pzEYJuM7LIR5w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNXWyDrC2xcNm9EDmWWBcYkQDWX53hPAZ8pirRFReu-Cw6G7hauBq_ZqTCVBksBXAcy7ot7yNOh4ISb6kajvYD-MX9tTVy_DvkZVC3_tqssJNTm3Jbq9Sm44ISvel9aRw9zlXbrBc3mNdL7B0_RhyWqhB2utyycoS9tNLmg7-XQL1RUQkbA
Protocol
HTTP/1.1
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 06:27:32 GMT
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2cb99ab6-0af5-46e9-8dda-7c4ae994c9cd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFC10JlV--pzEYJuM7LIR5w&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B680
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU4MzU2MzY0MDU0Mjc5NjYzOA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU4MzU2MzY0MDU0Mjc5NjYzOA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNXWyDrC2xcNm9EDmWWBcYkQDWX53hPAZ8pirRFReu-Cw6G7hauBq_ZqTCVBksBXAcy7ot7yNOh4ISb6kajvYD-MX9tTVy_DvkZVC3_tqssJNTm3Jbq9Sm44ISvel9aRw9zlXbrBc3mNdL7B0_RhyWqhB2utyycoS9tNLmg7-XQL1RUQkbA
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 27 May 2022 06:27:31 GMT
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
39da403f-e1ad-438b-b67f-d0553ea31d51
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU4MzU2MzY0MDU0Mjc5NjYzOA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame FE4C 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
Origin
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:02:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1531
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 28 May 2022 06:02:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/ Frame FE4C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cxi6BBlNoPd-_0xt1CK2juCiBF9a6eJse1q7dCVOf1XYpgKZqz6itD5HH7fRvnjzw_NpGplPiDsWf8YJFYz9O12so4ebnD4dTrFbSC3W-bRlzxMrVV1PHRa61LrrdwEUWs2h8yhiSCsC78zNCXNCxMYBCOdA&dbm_d=AKAmf-AC_GJUp6dW1DqgIhCjEMsiqMH2rv0QuWt1WRMLbUGnG8ydDN0Zx8PLWZfd87Xes8MGUOtSjOkmsKEhgfH4XBr7W-bFtH01RUmi_XrGtYYObQ92FjTsVUf3AdBaDdX1xjr-KVl5slnu4N7YIR4xFdapM40qy0mPN2tvQWSS7DwWddpiIGXe14wZer3Wt50z_hJXoNOnMeYM3R7fTMcD315-_axpOA0Z3sCcUTk1MoeuiISc9VScCXd2EW7VpfJ5lTtlMGfH_ekqj9Z-1dBOuX89_2ylv-M1Z1bKsReflukKHGFNxMbJKkFV5BF1Ftstilr28nqHYaMFk2zEjyFP2M_VltYi5_mtxdJnyMEwrJ04Kw_AejMhrgt77oQrKMIvL7bbxcRnR-IKzelZOYrHQWC0nn_SYR4BFr2AbukjP4ZLmucSoku9ASIPNtOFo9M8i3n_PsCb1Vl70P_C0w5xyuQl3WFdwdSQtlVOgyiy3_J4yevr4Er2oEkpZnLYOub8YQ3PV0vNHDLzlQkEe5ulhfHRslXFEeqIw0Jhl8ZVKOwT7mYJKEoFFNIFTHS2OsonIw9zJ5jLMS_2lE4184AKS8HNg7zOV3eZNs-wBmMW7kn64BjMTLchvldZ1_Fo38s7XQRqRGrcK20qb_di2lSxhNXC_8i16oCmMOH_IZVU1TN7wMqbD9pmXQdZgA1Xb33Zhh92WCYZhPvUoVAVtU6GFhfa4A32QuTh18LOIdCkAg2I_gph5JAgdr39Yad76ESHhbpYoGOC6LSVTU-TEfeo7GLEHVg6PT6H65-KH1PM0HghDu89sr0SN9paHGQVW2JsJKkmN4yo99dcaHnog7o_asVTDF-L3snU0KV2fcLmbLgf8ojyuoiLc4O_2AQPqER0NOZsf0cn1mR9zcHDwNL_FgeRZDnKb4_APBaIv5fU4FmTI8fIzDmIiGRzUjYhBQVEaPkPV7BPZNNBD-bOAfgHeo8i1VN_yea3EfcmY0W8zjcEOTLvYLhb7tkwPCrBtSlMrrJXga3XsymSIEq5gW4q3CjPsPve8LW6RzG9vH0cUvfyc2hxUU6sZwndOVi1qZTxtmfSGgs3-SFa0OINeS-qshL9lWQHT-u854bDHVkGfimdfrsI1MgpLSPA7-dfrluZwTkWBOkYOeAd3NqLUvv3j8fn3IJoTDmk2kA406gSam3LhlgaMtEbpG8ctl3_Nn0Ykz-7emotf45bogDoZwdyH3pRQlS-uGJahtRkFTWZQPKnO7XaBjsdlVJdtZ4-uqGmiolV-90Vl1QtKAUJU-VXbRfHDr7WpsPY8cfwQPwmmBgEPrjHcdG-Fm1rsnN9MQvDqOzNaH9sF4XHywzXQO-Z1niu2RLNRkV7SE498OaS-R3HgjA990kvXQL5KjvkGgbywXpnMWs8zfJ796ZstCSfUG9KsPz9wS_9HjelR1541hPooDptl4_330kIOw_AD5hCQbhJPzwEj60ZDTNOqSuQZ96XexRSDBAihVGDlHpzeizA7lJD-_wVwXY6936QGKRdEr8tqg6w4gu4pkXiCOwkbcUnRZ2hBUKvDd1LPgjwTjX2jTj3tEbq8zKJ-dE3S_PaVhlj7eG5XJo4inJ4tGbxrYm4mHQ2RCLuobM-axslsK94wjSI7J7AvqpCpfwK-Z3N-xVuS3le5EGHM_t7FyWs5-cZiGZKofBvDxYYVgAjYY7WwUmi3qyCHNCAi7HG7hYdJi0J8EsvYnWLvrglsN8B8xw3jW7CZRhnSOa25kIGxExdZ102sKc05Df0U4dv8X39TM2gy9jhurVFB2mbvLaJaHUj2SsZHpk8di1JQOHAIb9bY9MoV4LUfNGWPEdjixDoJlin8fr68m3iTQm8s-W9NNfuAeCxeLKqAQJXNARV3tWv0rkbhFz8z5wN3NJBTikTIZO0RE-jE7um8G7TxAyKMhYr0lbEXsIbQ92rpznFQd0shq_PbmI0Kc_1sSecadz-XKlEm_5lO5QN45O1FVV321--9N7hJeAOWVq7TxfMymQ1CF8bFL6QEG-8IV6T7f5VoRXP6caa7v0LuXHGiPEURdEvzcF2x0JYxkFozlZSld3tlCI4Mg-rxXS2U253Y7Pe4TPP31XmnSFT4Io_-n_Yx3Lo6hmt6NdZnnXG08exm29DcqKqEekb37M52sxILpcbspfj6qHjVx1tJal_10q9PXTO1EEk3GZDu8YQag7_2gzRyMbkB_aX9POY-dIovLfRoBJVmFC9JvePH930Go59T2nlj9ohvnJnt2UYAooAgA13JvI2QQBZsGHKhV0KSFsKL3AZ-fcuE_HTgxjfdC97RaehHhsLtXyzk6x0trFz5dXBqpcMVQAK1zq7maLATa6xgr15L6rdp5r8E8sAps_osvaS3ZyLz0EcirJGGMvkLKZZKeApseprP9yIUud6n3G8YeaR1BmUZC_gY518Jvz9P3VH7eXLE1_Qo3P-HrsfjSE8_koWijhcZDOLSQTawpGAxFfaOFXaiISkU3T82PEDm9MQTeu_4CxRRMI6rLyd5Pj7_OSzs6DYRpXdmM-TW5P6sSGFf7pRFElsyD3m11wd7E1RuZ-tkk4WlDHC1L4p2G5EDLPvTBUmzHy60sGsZrfLkvWWG_S7Kfhr7MDRcb9qvTzvUZ6BZuB1MjoUjSTcGQB8zHr_WnH-gIbpwbwhcVf50Df5SnjQ4Hoylkhr_cmG5RNaXuX_5qNBmweFLgkBG9KEvCGWOmo0r6Og2j67Jt72Hpm58WadZV0h4K2MdIaB895jcd8jo2SistRvM28jif4vme6jY38yNW_m0wZ-UmpOVmHbzesbgbIcVK01jqjX1AaI7HdLVRZU2FFsIJLSNhHgLhiI760RnQoR5AbeE_M4U6wYntURYDa-ELu7RRXtVy9aXoXMFFhVS3Vn4-UbGBzdLIfLjDSqa1oxTXwWIGGLr_W4yGaLIFjGNiM-yo2LNxDDrEmjibnRUVKF7QuHkk4Wc1AfVKhDNapc1VXLUmsvmGfy-MZkA6FRUfKuKCncy12dTVppp0xdfT_k_VH0qJqXt62-AvfcYf_HFtQu_4vMvj3pIfPqpguHQUwmPDyPBaworyTPjf7ymGW-G85iXQ1YD9qnCPAPvTYw8C5CqCsriIv5laGmQQ4khDIlp-E3UJ4FCf73UF1wDk1fXgD64A-Lj-57qBTpqMXuvjJGJRihaZ0I6EphbaqNTn55TcJhNy-Qk70zIK2GqMTzDRTzSu60mI62a04&cid=CAASJeRosSQ4gbY_SUTn1m8jS0vL0c21qYYautVO4y_eug5j-u7lyMo&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:23:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Jun 2022 06:23:02 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame FE4C 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cxi6BBlNoPd-_0xt1CK2juCiBF9a6eJse1q7dCVOf1XYpgKZqz6itD5HH7fRvnjzw_NpGplPiDsWf8YJFYz9O12so4ebnD4dTrFbSC3W-bRlzxMrVV1PHRa61LrrdwEUWs2h8yhiSCsC78zNCXNCxMYBCOdA&dbm_d=AKAmf-AC_GJUp6dW1DqgIhCjEMsiqMH2rv0QuWt1WRMLbUGnG8ydDN0Zx8PLWZfd87Xes8MGUOtSjOkmsKEhgfH4XBr7W-bFtH01RUmi_XrGtYYObQ92FjTsVUf3AdBaDdX1xjr-KVl5slnu4N7YIR4xFdapM40qy0mPN2tvQWSS7DwWddpiIGXe14wZer3Wt50z_hJXoNOnMeYM3R7fTMcD315-_axpOA0Z3sCcUTk1MoeuiISc9VScCXd2EW7VpfJ5lTtlMGfH_ekqj9Z-1dBOuX89_2ylv-M1Z1bKsReflukKHGFNxMbJKkFV5BF1Ftstilr28nqHYaMFk2zEjyFP2M_VltYi5_mtxdJnyMEwrJ04Kw_AejMhrgt77oQrKMIvL7bbxcRnR-IKzelZOYrHQWC0nn_SYR4BFr2AbukjP4ZLmucSoku9ASIPNtOFo9M8i3n_PsCb1Vl70P_C0w5xyuQl3WFdwdSQtlVOgyiy3_J4yevr4Er2oEkpZnLYOub8YQ3PV0vNHDLzlQkEe5ulhfHRslXFEeqIw0Jhl8ZVKOwT7mYJKEoFFNIFTHS2OsonIw9zJ5jLMS_2lE4184AKS8HNg7zOV3eZNs-wBmMW7kn64BjMTLchvldZ1_Fo38s7XQRqRGrcK20qb_di2lSxhNXC_8i16oCmMOH_IZVU1TN7wMqbD9pmXQdZgA1Xb33Zhh92WCYZhPvUoVAVtU6GFhfa4A32QuTh18LOIdCkAg2I_gph5JAgdr39Yad76ESHhbpYoGOC6LSVTU-TEfeo7GLEHVg6PT6H65-KH1PM0HghDu89sr0SN9paHGQVW2JsJKkmN4yo99dcaHnog7o_asVTDF-L3snU0KV2fcLmbLgf8ojyuoiLc4O_2AQPqER0NOZsf0cn1mR9zcHDwNL_FgeRZDnKb4_APBaIv5fU4FmTI8fIzDmIiGRzUjYhBQVEaPkPV7BPZNNBD-bOAfgHeo8i1VN_yea3EfcmY0W8zjcEOTLvYLhb7tkwPCrBtSlMrrJXga3XsymSIEq5gW4q3CjPsPve8LW6RzG9vH0cUvfyc2hxUU6sZwndOVi1qZTxtmfSGgs3-SFa0OINeS-qshL9lWQHT-u854bDHVkGfimdfrsI1MgpLSPA7-dfrluZwTkWBOkYOeAd3NqLUvv3j8fn3IJoTDmk2kA406gSam3LhlgaMtEbpG8ctl3_Nn0Ykz-7emotf45bogDoZwdyH3pRQlS-uGJahtRkFTWZQPKnO7XaBjsdlVJdtZ4-uqGmiolV-90Vl1QtKAUJU-VXbRfHDr7WpsPY8cfwQPwmmBgEPrjHcdG-Fm1rsnN9MQvDqOzNaH9sF4XHywzXQO-Z1niu2RLNRkV7SE498OaS-R3HgjA990kvXQL5KjvkGgbywXpnMWs8zfJ796ZstCSfUG9KsPz9wS_9HjelR1541hPooDptl4_330kIOw_AD5hCQbhJPzwEj60ZDTNOqSuQZ96XexRSDBAihVGDlHpzeizA7lJD-_wVwXY6936QGKRdEr8tqg6w4gu4pkXiCOwkbcUnRZ2hBUKvDd1LPgjwTjX2jTj3tEbq8zKJ-dE3S_PaVhlj7eG5XJo4inJ4tGbxrYm4mHQ2RCLuobM-axslsK94wjSI7J7AvqpCpfwK-Z3N-xVuS3le5EGHM_t7FyWs5-cZiGZKofBvDxYYVgAjYY7WwUmi3qyCHNCAi7HG7hYdJi0J8EsvYnWLvrglsN8B8xw3jW7CZRhnSOa25kIGxExdZ102sKc05Df0U4dv8X39TM2gy9jhurVFB2mbvLaJaHUj2SsZHpk8di1JQOHAIb9bY9MoV4LUfNGWPEdjixDoJlin8fr68m3iTQm8s-W9NNfuAeCxeLKqAQJXNARV3tWv0rkbhFz8z5wN3NJBTikTIZO0RE-jE7um8G7TxAyKMhYr0lbEXsIbQ92rpznFQd0shq_PbmI0Kc_1sSecadz-XKlEm_5lO5QN45O1FVV321--9N7hJeAOWVq7TxfMymQ1CF8bFL6QEG-8IV6T7f5VoRXP6caa7v0LuXHGiPEURdEvzcF2x0JYxkFozlZSld3tlCI4Mg-rxXS2U253Y7Pe4TPP31XmnSFT4Io_-n_Yx3Lo6hmt6NdZnnXG08exm29DcqKqEekb37M52sxILpcbspfj6qHjVx1tJal_10q9PXTO1EEk3GZDu8YQag7_2gzRyMbkB_aX9POY-dIovLfRoBJVmFC9JvePH930Go59T2nlj9ohvnJnt2UYAooAgA13JvI2QQBZsGHKhV0KSFsKL3AZ-fcuE_HTgxjfdC97RaehHhsLtXyzk6x0trFz5dXBqpcMVQAK1zq7maLATa6xgr15L6rdp5r8E8sAps_osvaS3ZyLz0EcirJGGMvkLKZZKeApseprP9yIUud6n3G8YeaR1BmUZC_gY518Jvz9P3VH7eXLE1_Qo3P-HrsfjSE8_koWijhcZDOLSQTawpGAxFfaOFXaiISkU3T82PEDm9MQTeu_4CxRRMI6rLyd5Pj7_OSzs6DYRpXdmM-TW5P6sSGFf7pRFElsyD3m11wd7E1RuZ-tkk4WlDHC1L4p2G5EDLPvTBUmzHy60sGsZrfLkvWWG_S7Kfhr7MDRcb9qvTzvUZ6BZuB1MjoUjSTcGQB8zHr_WnH-gIbpwbwhcVf50Df5SnjQ4Hoylkhr_cmG5RNaXuX_5qNBmweFLgkBG9KEvCGWOmo0r6Og2j67Jt72Hpm58WadZV0h4K2MdIaB895jcd8jo2SistRvM28jif4vme6jY38yNW_m0wZ-UmpOVmHbzesbgbIcVK01jqjX1AaI7HdLVRZU2FFsIJLSNhHgLhiI760RnQoR5AbeE_M4U6wYntURYDa-ELu7RRXtVy9aXoXMFFhVS3Vn4-UbGBzdLIfLjDSqa1oxTXwWIGGLr_W4yGaLIFjGNiM-yo2LNxDDrEmjibnRUVKF7QuHkk4Wc1AfVKhDNapc1VXLUmsvmGfy-MZkA6FRUfKuKCncy12dTVppp0xdfT_k_VH0qJqXt62-AvfcYf_HFtQu_4vMvj3pIfPqpguHQUwmPDyPBaworyTPjf7ymGW-G85iXQ1YD9qnCPAPvTYw8C5CqCsriIv5laGmQQ4khDIlp-E3UJ4FCf73UF1wDk1fXgD64A-Lj-57qBTpqMXuvjJGJRihaZ0I6EphbaqNTn55TcJhNy-Qk70zIK2GqMTzDRTzSu60mI62a04&cid=CAASJeRosSQ4gbY_SUTn1m8jS0vL0c21qYYautVO4y_eug5j-u7lyMo&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:13:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
845
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10525
x-xss-protection
0
server
cafe
etag
5993959114622819781
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Jun 2022 06:13:26 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FE4C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 11:10:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69424
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 May 2023 11:10:27 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 53CE 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
61279
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 26 May 2022 13:26:12 GMT
etag
48472445140208031
expires
Fri, 27 May 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame FE4C 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36753198be46af84bf6f87d6c83e83e024b6d2b3547358960f152d2587319046

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0BE9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
69425
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 May 2022 11:10:27 GMT
expires
Fri, 26 May 2023 11:10:27 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 53CE
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEL_-ZLag9Jc6w6pyY8otQz0&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEL_-ZLag9Jc6w6pyY8otQz0&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SG0xNjVrQWIxTlV0ckM1&google_gid=CAESEL_-ZLag9Jc6w6pyY8otQz0&google_cver=1&google_push=AYg5qPKxdBR33Ckev_0UZ8wm1-AOUegkzBNfObsL_cH0cye...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SG0xNjVrQWIxTlV0ckM1&google_gid=CAESEL_-ZLag9Jc6w6pyY8otQz0&google_cver=1&google_push=AYg5qPKxdBR33Ckev_0UZ8wm1-AOUegkzBNfObsL_cH0cyeqwIFuzqST9mLnC0J2p9BaXpAd4ZDKQICxm-ZGtzHZRzB7V9Qr6jNM
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 27 May 2022 06:27:31 GMT
Server
PingMatch/bfc3242#bfc324243f5312950ec263cab8f0e25b6cfe09e3 i-05d046f5278a22b8b@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SG0xNjVrQWIxTlV0ckM1&google_gid=CAESEL_-ZLag9Jc6w6pyY8otQz0&google_cver=1&google_push=AYg5qPKxdBR33Ckev_0UZ8wm1-AOUegkzBNfObsL_cH0cyeqwIFuzqST9mLnC0J2p9BaXpAd4ZDKQICxm-ZGtzHZRzB7V9Qr6jNM
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 53CE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJm43ARUAjbOWiGtYP3Vgl8&google_cver=1&google_push=AYg5qPIFz_8PCQ1S0XvFZSIlXC1a2YSbactSzeqsGiiI9E4i0TLhEQWcaVAiUmYuDjst48HbK0LAq7A0bE5-Pm8_...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIFz_8PCQ1S0XvFZSIlXC1a2YSbactSzeqsGiiI9E4i0TLhEQWcaVAiUmYuDjst48HbK0LAq7A0bE5-Pm8_QIrlGagtx9Wu
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIFz_8PCQ1S0XvFZSIlXC1a2YSbactSzeqsGiiI9E4i0TLhEQWcaVAiUmYuDjst48HbK0LAq7A0bE5-Pm8_QIrlGagtx9Wu
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 27 May 2022 06:27:32 GMT
Server
MT3 4419 e1034d5 master hkg-pixel-x12 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPIFz_8PCQ1S0XvFZSIlXC1a2YSbactSzeqsGiiI9E4i0TLhEQWcaVAiUmYuDjst48HbK0LAq7A0bE5-Pm8_QIrlGagtx9Wu
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 27 May 2022 06:27:31 GMT
pixel
cm.g.doubleclick.net/ Frame 53CE
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEC0rqMiLIWEPnGUgyIx7s94&google_cver=1&google_push=AYg5qPJIjYim5R7AWM8LJPnjPp12_GcxJwmMV6uXCJEUfxO_Pv7jnv73UENchJ_tz7fQlAsQZ6IXknzKO5cVuK...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwMjI5OTAxODkzMjMyMDQwMg%3D%3D&google_push=AYg5qPJIjYim5R7AWM8LJPnjPp12_GcxJwmMV6uXCJEUfxO_Pv7jnv73UENchJ_tz7fQlAsQZ6IXknzKO5cVuK1Z3h...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwMjI5OTAxODkzMjMyMDQwMg%3D%3D&google_push=AYg5qPJIjYim5R7AWM8LJPnjPp12_GcxJwmMV6uXCJEUfxO_Pv7jnv73UENchJ_tz7fQlAsQZ6IXknzKO5cVuK1Z3hYW0G9W8c4I
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwMjI5OTAxODkzMjMyMDQwMg%3D%3D&google_push=AYg5qPJIjYim5R7AWM8LJPnjPp12_GcxJwmMV6uXCJEUfxO_Pv7jnv73UENchJ_tz7fQlAsQZ6IXknzKO5cVuK1Z3hYW0G9W8c4I
Date
Fri, 27 May 2022 06:27:32 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 53CE
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENV-La5NXaiIJNT0_ULD-uw&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpBvUwRFmvApq1bjQ4ZEmQAABLkAAAIB&google_push=AYg5qPI2SRed2ZUWams9ujrKq8O6KdfnQ-sBjzCTvPeBC1BS06jCttsCu7as1BzqntGeLA_ZLBSr8MhBdgJsl8Gc3F...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpBvUwRFmvApq1bjQ4ZEmQAABLkAAAIB&google_push=AYg5qPI2SRed2ZUWams9ujrKq8O6KdfnQ-sBjzCTvPeBC1BS06jCttsCu7as1BzqntGeLA_ZLBSr8MhBdgJsl8Gc3FJDaRFg98E&google_cver=1&google_gid=CAESENV-La5NXaiIJNT0_ULD-uw
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 27 May 2022 06:27:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpBvUwRFmvApq1bjQ4ZEmQAABLkAAAIB&google_push=AYg5qPI2SRed2ZUWams9ujrKq8O6KdfnQ-sBjzCTvPeBC1BS06jCttsCu7as1BzqntGeLA_ZLBSr8MhBdgJsl8Gc3FJDaRFg98E&google_cver=1&google_gid=CAESENV-La5NXaiIJNT0_ULD-uw
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
459
Expires
Fri, 27 May 2022 06:27:32 GMT
pixel
cm.g.doubleclick.net/ Frame 53CE
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEEi6crGr7zIAWTXlO4Km474&google_cver=1&google_push=AYg5qPLdeqLjMeprePBx06jasq-CFNhZKzNnrQtczDJLzqLezAL3Qyd0j_ss0X7G6UQNeqN7uHlE4-LUykitoZ7MoySYwC...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEi6crGr7zIAWTXlO4Km474&google_cver=1&google_push=AYg5qPLdeqLjMeprePBx06jasq-CFNhZKzNnrQtczDJLzqLezAL3Qyd0j_ss0X7G6UQNeqN7uHlE4-LUykitoZ7M...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=v3xiBLw_RWKg7vHjihZ0jw&google_push=AYg5qPLdeqLjMeprePBx06jasq-CFNhZKzNnrQtczDJLzqLezAL3Qyd0j_ss0X7G6UQNeqN7uHlE4-LUykitoZ7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=v3xiBLw_RWKg7vHjihZ0jw&google_push=AYg5qPLdeqLjMeprePBx06jasq-CFNhZKzNnrQtczDJLzqLezAL3Qyd0j_ss0X7G6UQNeqN7uHlE4-LUykitoZ7MoySYwCbznGR-
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=v3xiBLw_RWKg7vHjihZ0jw&google_push=AYg5qPLdeqLjMeprePBx06jasq-CFNhZKzNnrQtczDJLzqLezAL3Qyd0j_ss0X7G6UQNeqN7uHlE4-LUykitoZ7MoySYwCbznGR-
date
Fri, 27 May 2022 06:27:32 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 53CE
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPKjsILRrS6qVFCuf-zQWHYNuKvi88nlJo7u4atACdalPpRFU-I2yjnJg572kNywc-usNFjg7vZVDh9t5u4509MRA8cf15uQ&redir=https%3A%2F%2Fcm.g.doubl...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKjsILRrS6qVFCuf-zQWHYNuKvi88nlJo7u4atACdalPpRFU-I2yjnJg572kNywc-usNFjg7vZVDh9t5u4509MRA8cf15uQ&google_hm=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKjsILRrS6qVFCuf-zQWHYNuKvi88nlJo7u4atACdalPpRFU-I2yjnJg572kNywc-usNFjg7vZVDh9t5u4509MRA8cf15uQ&google_hm=
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKjsILRrS6qVFCuf-zQWHYNuKvi88nlJo7u4atACdalPpRFU-I2yjnJg572kNywc-usNFjg7vZVDh9t5u4509MRA8cf15uQ&google_hm=
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ssbsync.smartadserver.com/api/ Frame 53CE 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEL1pjgfgN1eBb335Pw0tJ38&google_cver=1&google_push=AYg5qPIj7KlJiPmMSQoXnsA7ApjWKO47x3bN5uKzKrk7nb15zGq_w5-yYTDkv84h29qrmaEyr_qeakYaUmBum2SDBc5id6bD3wHw
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:31 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 53CE 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JUogtYdQlrPJJ-zBZ-xO3paZ8cS7O7OsbQKQzs5XP0wOelDs8T_vLzrqWWhpb3ftYk2ilW
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/5282610795061509627/970x250/ Frame 1E21 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
564a22772cb2662573d984ddcff32a4c684248975696273319a21aa505811ce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
66562
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1473
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 26 May 2022 11:58:10 GMT
expires
Fri, 26 May 2023 11:58:10 GMT
last-modified
Tue, 19 Apr 2022 15:48:54 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame FE4C 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuhqgFJzmSx_n001X2s0zhzKsiF43KjuFX07czv0iguS9FBZJmKrKE6VyZX9cs90O_lZG7W0riqIWR-9q4eFtu7lIQKGMx5qIudg4bgnAeK_U0naqGX0EXpzqQzPa6N4_viTvzxTeNMqjSqpFpZHBjWi__vb80aQ4dcOoVtW6B2KAyosCuzy9YRyucZa7A-Cd_HoDabBgZHOMxgqdH05mJLpfhU31fQ-ude1_aGWH7AnL6YnvTDfJmLzJgOeIhgqlhqwONEzneXicUjtwaHtmnZmpQD219P545YIMuOfxzJqr51KiRYPCBM_CSWRsckwxXnNS3ILs0tlzgvckRxtsIUklV9-cH2a-ujU-8aTk2NQvtNe8qt-o8earPGpgN8_QDk_DZoPonRhf_jtjiGilZAtAK1G9x2-NipeLsU0rshd5Zsjc26nRQv63220fPG6M1Ksh015IwJpAydBB-PHX2rUhIQVPagezZ6puGe7yGBJLWySLSN2ZIMGWIYTITA2_GMblBGqX6j6Epls0ACfyEIzyhqUeYDTchwNSZf5RSzBD2XQdTFUdczLjcA0Fmp7R2Xe67MKmsR6idzheQhSIpJjDIjrylWjwdLMIbDSaFGk8tsLPfZNY9wFqNf4RbSKQmmaFrDPXI3_8Iov-wdSgK4FKZ1NWrcgRda8kN6Lws_REh8MeZa3cZ3hKiFhwPGWyS3jmcozBmQ85-5jVfIBAnPwvxJaOlQLmxAMnCmHlRP2M4awY9RGI4deNRpc6_YL9hSJPKgJFweP7vuXPv-viGO2gvKYFRvXfKzLY-lmxrzBv7t1Yo5gYnGFQ3DfoTKm8Mnov1kEfCvFTL2ncGlJ5ibxgY1Ys6NWsuZPO5tRb09N0m4QYrOH-eqNKZ9NYFOKj0qTQ2KW5Qt6IhyYU8OwNRYl0XH4pd_n8OPo5vpcD8Nr69KwpmSS3O1qsXtfzDe9YeCk6uEtpizmiZsJh0mAK-1Bbemb7JAgvUjXOxtePqJRtly_7JH-TqYj42DbrWMIepeXoDL-kFCcAgmgMq15mFWJWJCv-V52Wad5Tn8yautZNjLqfamsls_B5k_5kIYC-Xiyx4TXg4NVK2ZEB6WMJne-zyct2HCi_x56ML8FhRSXQuAYG9JFs4aVSPWJH4ZyEL-MJaqrA0BIdFIIXYTSaqBAMpvL2ORR8OoZcDm9PkrZdfWpj9vzOGiMDlLg3ZPvSwo8gAs_TM&sai=AMfl-YR6phvbqg7tnkmFVQRK1L0GbxHq5EWTAn3dsssz4r2ec4iA807xtKX-jJ4tcndne6wN7Dzx2cbFUjCIX8Y4ZBV4CpQNcaH742eWURKZfHb6UNfRQetgE7hfz3G393fmlwaP_NY2hF7E24fA_tr7aFFinyeCuCW5zBrwPguBtFAV9CpNkMbjm5TJuGHWqmSkhvpK7SsDMqENV2sBbVxDsYv3&sig=Cg0ArKJSzBHgA_6kcMhsEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=75&cbvp=1&cstd=71&cisv=r20220525.34063&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 27 May 2022 06:27:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
pagead2.googlesyndication.com/bg/ Frame 0BE9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 13:22:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
147909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13723
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 May 2023 13:22:23 GMT
style.css
s0.2mdn.net/sadbundle/5282610795061509627/970x250/css/ Frame 1E21 		2 KB
425 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c965d928427a463d529f61750f6e2fb9cf4f191b1abf8c9bba19f9a49c209466
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 11:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66561
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
396
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 15:48:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 May 2023 11:58:11 GMT
bg.jpg
s0.2mdn.net/sadbundle/5282610795061509627/970x250/images/ Frame 1E21 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/images/bg.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c2131dd95fe41aa1be74aa24d3f3439ae8a902d7c6b6270d3dbbeda5892050c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 11:58:11 GMT
x-content-type-options
nosniff
age
66561
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46265
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 15:48:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 May 2023 11:58:11 GMT
yellowBg.png
s0.2mdn.net/sadbundle/5282610795061509627/970x250/images/ Frame 1E21 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/images/yellowBg.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5cc9bfc58f21b71d785b288cac424336c48ca9681c7cb8ec231d89d9fc5a0075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 11:58:11 GMT
x-content-type-options
nosniff
age
66561
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5771
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 15:48:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 May 2023 11:58:11 GMT
legal.png
s0.2mdn.net/sadbundle/5282610795061509627/970x250/images/ Frame 1E21 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/images/legal.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cba34c3f8d9f83d6c9caa877b6390184c4bf570956475a13712bd2ca3748f43d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 11:58:11 GMT
x-content-type-options
nosniff
age
66561
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8603
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 15:48:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 May 2023 11:58:11 GMT
logo.png
s0.2mdn.net/sadbundle/5282610795061509627/970x250/images/ Frame 1E21 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/images/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87bac37f4c21a9f29fb9ab2cfd2ff2b10f6725b5bb7abc3c9c610f80be5252f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 11:58:11 GMT
x-content-type-options
nosniff
age
66561
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11518
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 15:48:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 May 2023 11:58:11 GMT
copy1.png
s0.2mdn.net/sadbundle/5282610795061509627/970x250/images/ Frame 1E21 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/images/copy1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91ece149e492155d61648e1027332f437d0d006ef0917c01fd660290dc6fea67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 11:58:11 GMT
x-content-type-options
nosniff
age
66561
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11078
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 15:48:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 May 2023 11:58:11 GMT
copy2.png
s0.2mdn.net/sadbundle/5282610795061509627/970x250/images/ Frame 1E21 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/images/copy2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8085ecc956491fa9a137ff0657713efc8201360543ccaf8605c0159043ebf08c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 11:58:11 GMT
x-content-type-options
nosniff
age
66561
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13695
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 15:48:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 May 2023 11:58:11 GMT
cta.png
s0.2mdn.net/sadbundle/5282610795061509627/970x250/images/ Frame 1E21 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/images/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70b71ef0bfe71ad181415e68b9bf5f89b6cd00d19ceeacec1d51254147af9015
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 11:58:11 GMT
x-content-type-options
nosniff
age
66561
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15065
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 15:48:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 May 2023 11:58:11 GMT
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 1E21 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 06:27:32 GMT
main.js
s0.2mdn.net/sadbundle/5282610795061509627/970x250/js/ Frame 1E21 		1 KB
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/js/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a18a79f1526e3433653d323bdeb87108a12dc8a0a5e32d679ca322fb9fea7966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5282610795061509627/970x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 11:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66561
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
397
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 15:48:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 May 2023 11:58:11 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FE4C 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuhqgFJzmSx_n001X2s0zhzKsiF43KjuFX07czv0iguS9FBZJmKrKE6VyZX9cs90O_lZG7W0riqIWR-9q4eFtu7lIQKGMx5qIudg4bgnAeK_U0naqGX0EXpzqQzPa6N4_viTvzxTeNMqjSqpFpZHBjWi__vb80aQ4dcOoVtW6B2KAyosCuzy9YRyucZa7A-Cd_HoDabBgZHOMxgqdH05mJLpfhU31fQ-ude1_aGWH7AnL6YnvTDfJmLzJgOeIhgqlhqwONEzneXicUjtwaHtmnZmpQD219P545YIMuOfxzJqr51KiRYPCBM_CSWRsckwxXnNS3ILs0tlzgvckRxtsIUklV9-cH2a-ujU-8aTk2NQvtNe8qt-o8earPGpgN8_QDk_DZoPonRhf_jtjiGilZAtAK1G9x2-NipeLsU0rshd5Zsjc26nRQv63220fPG6M1Ksh015IwJpAydBB-PHX2rUhIQVPagezZ6puGe7yGBJLWySLSN2ZIMGWIYTITA2_GMblBGqX6j6Epls0ACfyEIzyhqUeYDTchwNSZf5RSzBD2XQdTFUdczLjcA0Fmp7R2Xe67MKmsR6idzheQhSIpJjDIjrylWjwdLMIbDSaFGk8tsLPfZNY9wFqNf4RbSKQmmaFrDPXI3_8Iov-wdSgK4FKZ1NWrcgRda8kN6Lws_REh8MeZa3cZ3hKiFhwPGWyS3jmcozBmQ85-5jVfIBAnPwvxJaOlQLmxAMnCmHlRP2M4awY9RGI4deNRpc6_YL9hSJPKgJFweP7vuXPv-viGO2gvKYFRvXfKzLY-lmxrzBv7t1Yo5gYnGFQ3DfoTKm8Mnov1kEfCvFTL2ncGlJ5ibxgY1Ys6NWsuZPO5tRb09N0m4QYrOH-eqNKZ9NYFOKj0qTQ2KW5Qt6IhyYU8OwNRYl0XH4pd_n8OPo5vpcD8Nr69KwpmSS3O1qsXtfzDe9YeCk6uEtpizmiZsJh0mAK-1Bbemb7JAgvUjXOxtePqJRtly_7JH-TqYj42DbrWMIepeXoDL-kFCcAgmgMq15mFWJWJCv-V52Wad5Tn8yautZNjLqfamsls_B5k_5kIYC-Xiyx4TXg4NVK2ZEB6WMJne-zyct2HCi_x56ML8FhRSXQuAYG9JFs4aVSPWJH4ZyEL-MJaqrA0BIdFIIXYTSaqBAMpvL2ORR8OoZcDm9PkrZdfWpj9vzOGiMDlLg3ZPvSwo8gAs_TM&sai=AMfl-YR6phvbqg7tnkmFVQRK1L0GbxHq5EWTAn3dsssz4r2ec4iA807xtKX-jJ4tcndne6wN7Dzx2cbFUjCIX8Y4ZBV4CpQNcaH742eWURKZfHb6UNfRQetgE7hfz3G393fmlwaP_NY2hF7E24fA_tr7aFFinyeCuCW5zBrwPguBtFAV9CpNkMbjm5TJuGHWqmSkhvpK7SsDMqENV2sBbVxDsYv3&sig=Cg0ArKJSzBHgA_6kcMhsEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=179&vt=11&dtpt=104&dett=3&cstd=71&cisv=r20220525.34063&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 May 2022 06:27:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BE9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcLT2U2-QYrr1N5XP7_UPkNOf0AEAAAAAOAHgBAI&bg=!mZqlmt7NAAZ4vKt9WLw7ACkAdvg8Wu9eGMt8qQlDiYrT128e-E__1JSlm_aJNcxDrip74h3tVukiGQIAAABbUgAAAAFoAQeZAvFxKAapUQKMRbdkNbF-2JbwR8HlSKQvyYyoA38A79nFmgygiggugi8RhuW6hlpFZb4bZ94H7epfc4R-_ajzRm6VTG2esR4aphe7fOgPTmYUB-4awJKHiVBjFvwdoj43gTErOL_ubFF4UXgVeQEz-wMaMtEmsnDxd1ToIdcgZiUnQXUgnr1wOlfXEv92srERYlk0faBMiv1FoGXcM9Z4-z9QPD06_d3PfJV2CsiOl0fvqkQykq9yWUL93H3Kcpoqbqy9cVc0rTSJHvUqAkQAaLI4UjJDK22erCuGnPFQGJDmAUEThxUt9t4tCCPmfMLz96mNvwjopw-4gYvu5TS4BbdAaapqpPMG_rGt0Bqq6geQT6S8hJwuY-A8WjkEjISmT6fWN4pT0r-VJVGjAVneqIJlhokI0WAciFVNVESLI9xzvve0ncVJvSmLs1DDptWrm7YumQgA5bDOk8SVfMBGl2LOBQAz-oT94Xdhc04haBEqDs79lb35ZJdhX-QBlEKDkOTisk7p6FXkd1jI5zWBM2cq1oG8ruapW1QIOefA6wwQsX__5VUh1QMxm2xFC7YLDjMoM9pbFR-oqirarKkDNDEZ8TYaANewsXAPIH4Iq58xcWyeKOU8AJWCL-22Pgx-nZEpBcRF7OeR4i0DbwrxVktfHW3fq0gKolZEn6BQ-wzg7s4qgsx3khxJxeKYgFLORyJsf3vaa7vZJOhtwZFu_nwKhphw7ApRXjIUf7np7s9VcAnKAvdasejo7JxqUM4gOhWz_H6hDct6TDJfC_RJYEvGeb4Zkd2qb2wUdB2OtXDyLu8ROkGUK_GKJMtGstmhgdY_Z9X4I_iQFSjZh0ye3zVm-FXJEjuIVQSInJp3KndNXpRMI7fhi3wbd-3adh9dsb0oxR_Al6cBD74lEgaPI_ACXAYB6RZOtegYVcgxNQCGrWf0oGLh7aulsccTAAmwQWpny0lWgZDwaqWiiSRJ1bbpQucpU5IjtjvG02zxwk3g8Dg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 742F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067809
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 May 2022 06:27:31 GMT
expires
Sat, 27 May 2023 06:27:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4002 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067809
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 May 2022 06:27:31 GMT
expires
Sat, 27 May 2023 06:27:31 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame E94B 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIYrLuLCzAB&v=APEucNUn2ny6s9pchurGS2_Yv7YTt5TKaYt6UTv_q3_Sn4THZFQFJY16CA57R8BAdpgym3GmnM8BA1HbjiCMFzRO3nK-nRuJNh35AiGkmXtxbF6XF2wiyyJDN9ISeLHeSqioozHO1lFTtiYclvRFdN2uEsilypZAdYqypqJwCM1WfhbuDdFrYHU
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 27 May 2022 06:27:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 742F 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZcs-yXF0TIe2LNQ0-2-AIqbrcqMPeLC6IlwBeC2PkPRPHRQC8LTGfrfOREfBBDfHTkPi45b28Os2iLpV9-2Ta7DHkQn4dCZkzXnSzVc_KWH8I5wWFrY7_p8xwxwuZYKmicrfN22JrrqyE9wVH__77r10Lkw&dbm_d=AKAmf-DuVqmJF1chtBdeM-7mfudtjGETaV5rAf3certA2nFN0PNXcxBWwsiTB4o6Egj0DuRnY-ulK9Kg8ku79htiORoReegqEGLSGzVy2_yVwhJULLi4jee_ll1yA2Zvmj1M7MjEUGE0--t9JX8zaauTOAvUz8OZSAPWf4tYRoHHEtaJeTnF8zxFhqErt0TxzPfBUDva9uDgOFnln1VkoyZsjVpRuY6cmc1I2EvmktqBdkclfLPbJ96p9Lz_n3CEeGUXTyH5Xdjnh-aXuV_CMFwPBm8PhrVuMDl55AD1GG9lsMoVQ_ZUq0egXlnYvG07sf8zvlvjRbYOsqzm0qjHRsEASsQ6YgUeXZiVoGyWsk21N_CeD2XVPPfmWOypLVxoBiGJFQD1hDsXTOsdbBMLD7bStriozsbEXdevrPyPMAeBn2fwJ9o0VP9uOvzjX73MgfUgITII5KF3cNW5S08ozE52b7wVifqZ5-qmR2BYiTxNT1MfOfEI6ucIyR34vLjmitTTaFIB2oQM-xEnJely0VgPQU9bdMUpMl48d3BdNqZCU6FgcVuTVeIgLwDpSwg2up6k8NbXHKwtgabPD8Yc5NE1Zw2UsKxQfXKHiDM__Vwv88tVm6DlZHoerQRDvRWZdNj_J-9bTDKtVZqKz5xZTWzHynjk0sHBW6K_SJ_E3k5OLJ2sClbTU936dVvw18JLvk2sF1e3dhBxzzT0IS6F0tHYMVHR9K_qeq1USPEXTKshV3nvR6NTGy4LztEiwZCmv8FLl0LUFwsnuIsjoZNNLF9ZF9RwDGDFz8Xyv9sIFqDxPHDKv3sQdHfy8TAw5sv37XLDQsr9hFungrK636Vyox5jSDbcJDup38WZtaBQnrPNhPV4AG95Jged7czTWJC9KOTlXRuBvKlENj0Q4fLIHScA5vW2SUYDUsAUsWiSUHWvdZUgxbAdS9NHjznEEkdZZ086Fk8GmGzOZDJ8ysyekAYSji1YOzcQqQWpBUleR67aFch-b42yxrbxnjCkkmcdfEB9So4LDIYEz2b8uaQBSyO47Za76z1eBBDTP6EAmeelwDmvkULcJu8U1VyPCFPG7jzwC3OA9FL6jjuv2pcLKf0fWX414_SLMhneq0rrHbbNr9uMar78mjrCmTuzFyIvPSgA-F2tznyHWhoAHoNmYfO7NV3U0NXJ-myV4wfvqsLu2VVSaOsFRwlP0unKJc2ehj3O6uDcCqk4JQkUUYW5DVcZxMMhBrBnnphuV7LPP5Ptx9UUHE2X0C2NswPZ6u9-Sq0UCnixwM9X-qeI6WW6Er9eYHOMGBQ17YVx1jXlvPQIygbEn3_pBgO_u4WTfSdMEuIYMYKIUM_5-eAKA4K9EtXFlWMjR9VOwMR7F1RE2l6PzhPpT34WJw-C9tQYPQPjzUGwPPM7vM8khxbm91AWchUyvfss1lk-DYOLhFc2ETuREa-2xz2W49k2G8X1jXvBKMA_XaHpRj5rZYTGl28jidzGhWvNrZnfR-QxijSEiMRgamxIOjn3MfZn7hbczdhqcLU7OwEyf0Ks8ih5xLhaiqp_d2Qn3WTkMcBrvecWZZwPOD-p_xrkNzEH-BavQFdnVnvoq4P-sOO4fauLkWG81sHDBfyALi3OWPPEyHC49F84hRPQHLsL3IHg4NDrsQc0C8vTzZS9kIPqvDbfi-Oylx3hohP_JVuOWjQm3kmBgOxfYetv0NQgaMxml3wUJcuTZhrz11jbOKZnte2XLCz-oNEsSTY23dbDuQbiyhMPW4p9-JjTkjJ1LcBfpghsknpPZkjknF8qD0hXRf0WJMpmvkFvznvzZY34Y9Ac0KNlI4niiQrd17YooTrreMbnXIH1H5ew7J-_1BD8vt8Ta6SHaaest6H3cTn2s2B3TExtKnOH4HJDXF7AS7_zkEjo_CwY9z4G0Oh8Wu6CUDuuC5hnSplm5CXWDqNPuHtBpYZqizs0Sw7gk6tAkjzvaD2V4HVP_vOslo5H2qK3nX73U_IYKyLnZ1ML0ImEDErRUEbkoeiPGq-zDfIm74pX8t2v4hIm4xDi6XIBZRTNHPC7mGOmke0OZ2qNmMlQy3mFd9Z1kfqwINFe_igRoP3SoYc8HUmmBzVThz6ctvZgdnUmTVisXroswmIFLri3-cIra9__ysxiEX1BVut1CQSFU0YO4j7a6tzwqguLvOqmBfH4DTpstO6hCijBUL-hTg_b099aVmZtbpCW1eDBIAPMgM3iOb2_bOsMB_kxVXMNCKyGnNLIb9FBnESvspEVVVBrVT3A8IPRWN_J8DneI_Fn_naeRAZ41_IzKra9yPh_CdVUc4HGPNQKekbFKL8Uh20MKnCOmBji0VaZoT16TKetEBJw38zKOwc3FjX5_80mK4Kqew_tj4vsqBYgPh5EAcabj7nceoJ2l8s7M0u2J28370Yot-a0I7PmQjUNHqOpfXoI32O_SN5_Nsvxj1ffAHPO7HCU9HBWkgUPNBZBVw80x3lf1TtRJbpn3GJfS1xO0cg-5Xlz4oOAjhuNuCzAQiGWH7BEkp0R55FYjSo0DZolZ4q0sDPtkcRMfAFgjRD41gZMAveCq5LOpr6CUhpt0VOIqgAa3rJHWOqleWk8O1Xssszey66FbTx9EGe3MXD3pSoF2F0sx1kf8I6cZHMKP3NmFVdXdvKltaogvS_9ZqRXYrDauvfSN-Ud6pmSGZkUxyXvJpni_xGGHIqmns0J-Hda89MrLnwbSFf1qUmmwdl5hcM7RPENqDfCohl9EO88ffzlvEUrq-KSJySRYPxWMpLo7oQWyE-zwvdk8HDUE1ofQAZT7WFcwswAFEa1e_S2uA1xbYX0AMiD1S-EJx6Vv-eNg9HToOqBu5U5N7YSZ-rG9k9jZi8MJftg2dtHxyhcvc2ruhRwaPdklp6CeSBOMeTFJxEOGo6SQzSysLfvxEa3f8IixrJMADn_h0QiOFfDWyW-x14UV0DQiLpN37zjIK5uagEWyc6a_dVVDGK-Jltu-62Q55qqCiv1EC695r4sLNNDEGiNTqNylW8prJOCwgnO8_s-9IWnuZEo5fDmdqOa044EvcdJiGrCIGzwI6S36tMGEaUId-otikgQwTkQSw&cid=CAASJeRojYObnIsWls-BqVzR1mLzS1MH9eVEOaGarXoEpck_CXq7b4Q&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f92230d5f8844fd1051aebe1d9aa14f55125fac77e37c6bbf74608f1f37be2e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34591
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 742F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CeZccM-8AkyK9MVIij8GUMxmddVEYPN-se9mnyQckHAQ7dKgKAZLbjlEsR1m12PqVcYHoXoIrkfq_A9JRtixoArVgql4gMsYHfNrgAIB0KgbS7pGI
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 742F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus_fy2019.js
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:00:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1608
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Jun 2022 06:00:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 742F 		136 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42680
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1653478767633683"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 27 May 2022 06:27:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 742F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd6bae3cabfa6f6e2381af0d19e0a2c17d00a727e414564df6898d6dc0355cad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:03:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1459
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
8365041023519634061
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Jun 2022 06:03:13 GMT
l
www.google.com/ads/measurement/ Frame 742F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTxvpN4Ssmf4EVUtLFPSmLFZmBQ9AYXUBBlCltP_OvTiSPelLfARdnOHNvVssggTHXl3SFqoGIg-aEJQTRYsCHUWMfZog
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame DE8B 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQ2OPDowMY0tLNxgEwAQ&v=APEucNXA7pu1Qz0MGFg5gCA7gZPQnKN0qIJuhMg9PPKzy6TX8fBjtU_8ednpnaQ3BxICItBhoTDKeuxAsP5yaHFOu7QehFO3i9aSwy15H_hig870kY2W0eq4VsnaZhecmuj8C4aCYAzYJyLer6rO6p-NOWQx7BdvFCGJ_GDnTHsRXOyfzn0nJuQ
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 27 May 2022 06:27:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 4002 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CrCUeA6eWuTfvByJIMPlUDFOhna2JpV5YEkeHFqBALMtq-8GjAHFQgvCWO0HiDMge2mWmNJI5Qcc0HzAR3PvpRO2sfqn5f39hpoB3_Na4gi8NGizqpOSsCTw5wKg9HdyuMXxq6uoSzz3LTGxRNw-3gnSnW8A&dbm_d=AKAmf-BaN-hGTi5zk8OzfUgl4hzOsa2_6lt9GmEoZevUwxnrCuW92v1uPznen9HfFARCuRm82mWb_xl0HoiLx_HHE9KiLHzVjJVRqodYukWnbbj_Ad_epgfoCnWOFkVEtZSh984ANGnDTIQ6UnHqsRX27jjHoTbKHq2B5GXOPzO9EoDslSPkpyFLFmgTdvUkdobbLD0T6mVL5HSsbjY8bDHFvFlnUuzzCG6iiOdDzMonuErL_w-SVbE982q_q6x_nUMcMOocZWcLhRc9MfYeVwiSPG_90f1E8i-3KAHa7depIb6yxjuDrpBh371guCTEgAJvFvlqZR8E0ncp_UwzhpOJe9bn8DEhCleJEZqpDUnG92aCiqBiz-QSwMKkjX24uUc2vHBzlAKnuW7HScsleRaBYHs71KW6Ck39YPQrSM37G4QTieRuImkpp3DuAOr8EmzgdXbSr4IE5OaihwfXnlmNCNZG0c0LzQ0jmIvapSH2HKMQIip8t9zqnpdDknEg-UsDbM3Qg5XjsmsqVZABS6gfDe2MG2HO7bobexa25vUr8ici_EyJ5DQXxJRnCVsNqPNKfHY5cYxkinKPrAib0ZM6whW9nnuuvGYJLPnTKFq9kN-F9FM8s4XO4ZG3VVj5t_0w47L82k7S8a_aEhmMN4YVYJaTTpuMcwJ4AfI2Twon76pWz3zUFEqA98VuWijDiO_mZDeAXCPhG7ql_hQaN-9haPd8sIl_wkXFli79wmNOfVZjKru7eHbw6llB0iWygd0y32jFZmVzMCQjwW734S0ruuqhB1vj3UtWLCi-Lw_OwjYb8HwJDmYdRL4v45sBQnmDo21Pr2NTfUp65hyjlbR-yvK7vPzO60HbhgdBvCLXLVz101w06LRY-AqwF_xrCDTIGuxmFsrlDMxa5TJerxGCdHDKsBBapsMIFtEqoye0CUtIXmwpaFdkM3JZW2D14H4PNrOAd8umCsYu6d9Jwn-yhjW5vAR_do3hm1nY88aEy4HMqxxCr91t1brPxvEPzOHLZLaqmypawzNBL-8CxHCK6gutRrxgptufWlCoJVzYKXbD5DsUOr2Dx2LuoGdVG2n_W8gACfCzAJe0i3tfAcGYJC4FE6-KvdXAxhb7nfJsoTrr-4EW3yBGmsf8rQO9RzUeUnIncFuD2yBsEOgBuG8IoI_VQvBDGhmiCG124toU_GPjAcLxvGG6w7o49q72pml59YAeal1dt9fsaLu_pTA6fKPaiRmhT4tdYO9NAytOoUbj5s18Wfn_Gutza85P24rStdGq7IvReY_mzvw15EQ8s-YDX3jPklfP8RXEJckRT2lx4JA5MrWATQu9rJcFsHxbFddM8NAHK6bdpQdt9ki2tFkcUZ1130E25DGET1zEJOrKQO_Qn320dRVdo-6JJdUL7iHmTT_9IhdzxK0m-WPz6OxT457Mwd_YrdMbfWpEBrvf1kOuLbq1hi3GpcrEL2DQvTl6sIeHB-3Gy3Ri52wLJ7GVIefn7zqWA_hMAMR1_MzH2ej4_kYJa96vdjeH1s8KhxU1pIEDqxA-Eopeh27tdgfAwJTS3zd6UcD2EL_kzxuO6tW_gfeW64DQv9tjeX-Im63Iva7vgPtB3jJd-GFhFIFRiE1MJccQ9K9ROig-5sX0mjAco1NXbVwxODfjLtI3ZmNmcUlw4tBM-__qwhvmFHovI1HxwlDJYFtICbosNa4yHMpDAfHFDzA8gKGFobrl4yygIe-CW4qvhSEvd1hBhesiHrXZDTxszqYHPHp3C7gto5LNpOuQq-gK4zmUYBi0p4MRjTCD72yga8Kti9yr_H8N5mzF-2B93Ccl0tXvcLYZuy5wBXpK6M2PYMCuiS3v7wtqomRWB3Qrj6-6w3rbMLIT4yKQy_wMgnL0IXlA2D66AZnAXx9UqcwqBIxGcFAuS686T5SJOikQFVR_ltWthimOpnAN5mjnPMmgztUoloewdGp5l5_bw2Io_7Q39WKer4UC_sz0AMqoYe5Z1vNwYMiSVLHSlieThaoIVgoDOMJFTnfd71AOa9_YYw-sf51mufwpES5yNazMFTLAJzNVBz2zHBGxc_JD5oDjFiXTBqy7EAmG-0bLsdy-4WoWN7tkY8xkH4vBovXGClFzi57mo4mcAs_-3PlAxLWn2tqbCSEvNxBK3nZkdwZmMi9fbBP5D1Ae6UXTx_NqlJ3yt9nwY1Zr-VxehfelVQtDW6OGTZ3z1nP_ZwnKp98hp5DomkxfhfFMDxR5f8TRXXC7BTIZdPxClW8_gcXrjGwziTmeI95Qo31k4ba4VagTtiIymHjtSeH3s378PAp5zB5OuildXWQOH3b9EGIGA5EEId6RFo9qLXgxYP9dwIJx8e1TgBvxPgpy3BNhA-NN0-6ngjaByjX4y38ZRZ8XcZF9KJHAoE09HyK5lMRhINrioI5gid72I58QjOdV5d45V7wsK-7flwmNGg_nYLCMnI9j8ZuHM-C2-HKccmCWCrzGAvj4un2jniYgM81XJIskWlNcu4efCkbR72ZNLjVhGE1v_-CiX6f2QbaIQMLDotISRPDM41-DvfmpEMn1CU2oS5xAzHoB1hv4MmNSFlbaKTpC8Y5AyHXmodMzGTiAZhLQbSdGsAZoMgYkUB4T36rRZq-DpnSX1WaeNXSoaXjFzDfHJSrthDVmYPD-xCmSVJLW61KCL80QY6MDJHYOw_6_8zF3lY0yfzsuIxhYV7O_7Jfa6lS67CFY1GS4NLibhX9qi8ChnFIAft_JCKwlUAtSVQ-hVDlubKdFbXV-qKQ0F07gSNqDsVBwnNrJsxop28grq86kgK6EI-Pcs_u0KZVDAw45x6jtofo_dAoC6-9E7rhBs0ciTOfsnYELmLyL0H6rWQQzrC7p7RkUyqBO5VRJMVVQsovMxbz0D1fj_V2oYneNkp1gMQzH2LZXyYjw5VaOL0qUvZtUnuFvG7Eu-OxdkrHGLoBJ-ZTr87pYGVIPNRaOig2o_ee1HdnoG3rCQpkRJEKSuC6RH2PAWhORsZQpHjm2x-wz-bHE7m9bFRkFoGySCayoVIDuooWroKG-uEnKhjCO4ifxDdREbSpH2814ulgNJZFYP5O2xtCeezdUgv5O1Ulw6gm_QVSZSRzLPP8YcbVKHnhNIJaRnOGNoznbskQjAWqPNazYD2u-6w&cid=CAASJeRoi0yl6Q24jtZz3ufUvQVhPxJg4vU-NgGLNwoqrhKKda3FFCU&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3604186f1ceae4eb40c57e0b95a66f133b827f11649150adadb65dd96b309743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35638
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4002 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B_uuV9NtuiIsAWJ400OLY8hyGOFaOFXr9GmXDXUVPmiCAMQvNPB4JkOYpKUsVqC7H-SVgxIOF83x_Gi240euaaKw7nl6_TuKLdlpXtiulsksP4Huw
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 4002 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/window_focus_fy2019.js
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:00:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1608
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Jun 2022 06:00:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4002 		136 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42680
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1653478767633683"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 27 May 2022 06:27:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/ Frame 4002 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220525/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd6bae3cabfa6f6e2381af0d19e0a2c17d00a727e414564df6898d6dc0355cad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:03:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1459
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
8365041023519634061
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Jun 2022 06:03:13 GMT
l
www.google.com/ads/measurement/ Frame 4002 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQVAKMjDGsJY0Pmpd278J9Ol6vTVIqCa-yhyEIEdWE38JIek7FyvekUao0ncvlI31ug877Esu43eqm56s2DrOIwA3vrCA
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022052501&jk=1542594095260746&bg=!CAulC0_NAAao8wy8iPM7ACkAdvg8WrROvOEyamBrPq2gM3uiveywIE--Muml5Cj8GqDe602wA_TqcAIAAABSUgAAAAJoAQcKAP4HqltTpL4AQz4nmpaAA8wt2XOUBfK7tGSeve3A_Dec2sZ0Zcj2MN3F5_FBPCpfdgiJg7YAIbwqbmSkYv29XI2NMusFL7Wwk9AR7z52pkquNzXOnWceeo6FvLHvWRHuQBRFxgGNBuEF-BAwWwQVT0SRNWmuR03hc7En9CjvJMofZjpvu592iSQqEhsDf6SSVOby1spAOe8ncQze-SnBKNo3j_mZgbVZf0WvUHNaIrMpVfHQwOcg19Su4QU3kKyJU3xIh9pa79hXc75sOoqWIx0rs5rE42hDPf77UinfA1mX-S8pUN8DgqzBV5TFYgq12VIeFhQePeilc9bnOtyrnZkCm5RrLKNl6IJec2OC5Dfr50GWvyv3DteB00YsaZdN8CMwVdq0MyLO4yUo8gfLkx8mX1lTRdBYnj2_AZFAPL4OoLFhpdQcySyh6P1pAoVuVVM5r4bz2rT-lNnE048qCbRP-78Ih9R7SGPqYN7jwj6gwUuDkJOSTUe04tQ8uYTP4Qj4vTtvIUszCUp6s1kPx1GDKajBrb8nvc7bozsqAmYWq5ju-F6uSPqbFfjBfOOxHhB7dL2sbd8poo8Uhl8vhSzFZCCCZ1dBCBcm2p_wrhEe9Kp_3F8xH7jZ6DGSc_BIKUxqJpM90Of2SU6fMI4XpbCu_7-kJYyqKZM4mDALQ_Vt-ol_iOx418kiR6VSlmSSu5dkTNtExGP-mwVQsuIdVbtenYQhJh5z8Xrdo8pmgpIrtEoBo0QWsez8uo0W63MTG3HiXXve_RLR0dXiGDl0ftIBYb5AUGBPraaD9n2vX1xPKxx9-KvpsNLXufOQiYMmPUb6NBXJPXc6JNMmMlTVaR_pHQBCARBpaJjtvSxAnxArdpY1JB-kmFxyx72-ubOLg8oMcRO3_k2uX2qjGZwog2ygzekifhjbnv7V0AD_8dh9dBT7Eodh6a0cNo4n4-HNhl4TEHRa6q1_y2OIeOOEUU8Zmn2KpbiVrbQILjRRhuEu_zciC3rdjCWlQQM2feUhe-E-YuZtEnM5DiUgQrMEGVTm2ZXW_kRaTyD7oesN503wB4PLaHWl-4MdJgp4SH8tAnaTkk2kI2Q968RSjWF_Xu2kbO2P0E8bzefVqPD-EkSWiElpDTiElbUCsd7WYwa3gMvAyAISc5FkAcFl-3awYSD1WiTBTtER1ngkcvm5KI7EdkbI8eMNRV2wY-c456PAYR-UH7bO-z4boebMmQc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
sd
us-u.openx.net/w/1.0/ Frame E94B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHNhzewbEMxRPw5GLeLF084&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHNhzewbEMxRPw5GLeLF084&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIYrLuLCzAB&v=APEucNUn2ny6s9pchurGS2_Yv7YTt5TKaYt6UTv_q3_Sn4THZFQFJY16CA57R8BAdpgym3GmnM8BA1HbjiCMFzRO3nK-nRuJNh35AiGkmXtxbF6XF2wiyyJDN9ISeLHeSqioozHO1lFTtiYclvRFdN2uEsilypZAdYqypqJwCM1WfhbuDdFrYHU
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/873204b /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
via
1.1 google
server
OXGW/873204b
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHNhzewbEMxRPw5GLeLF084&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame E94B 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIYrLuLCzAB&v=APEucNUn2ny6s9pchurGS2_Yv7YTt5TKaYt6UTv_q3_Sn4THZFQFJY16CA57R8BAdpgym3GmnM8BA1HbjiCMFzRO3nK-nRuJNh35AiGkmXtxbF6XF2wiyyJDN9ISeLHeSqioozHO1lFTtiYclvRFdN2uEsilypZAdYqypqJwCM1WfhbuDdFrYHU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/873204b /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
content-encoding
gzip
server
OXGW/873204b
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame E94B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESENtSxRloSZ5KnpLhEL6Hr2M&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESENtSxRloSZ5KnpLhEL6Hr2M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIYrLuLCzAB&v=APEucNUn2ny6s9pchurGS2_Yv7YTt5TKaYt6UTv_q3_Sn4THZFQFJY16CA57R8BAdpgym3GmnM8BA1HbjiCMFzRO3nK-nRuJNh35AiGkmXtxbF6XF2wiyyJDN9ISeLHeSqioozHO1lFTtiYclvRFdN2uEsilypZAdYqypqJwCM1WfhbuDdFrYHU
Protocol
H2
Server
104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-28-165.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 27 May 2022 06:27:32 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESENtSxRloSZ5KnpLhEL6Hr2M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame E94B 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCD4EIYrLuLCzAB&v=APEucNUn2ny6s9pchurGS2_Yv7YTt5TKaYt6UTv_q3_Sn4THZFQFJY16CA57R8BAdpgym3GmnM8BA1HbjiCMFzRO3nK-nRuJNh35AiGkmXtxbF6XF2wiyyJDN9ISeLHeSqioozHO1lFTtiYclvRFdN2uEsilypZAdYqypqJwCM1WfhbuDdFrYHU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-28-165.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 27 May 2022 06:27:32 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame DE8B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHNhzewbEMxRPw5GLeLF084&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHNhzewbEMxRPw5GLeLF084&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQ2OPDowMY0tLNxgEwAQ&v=APEucNXA7pu1Qz0MGFg5gCA7gZPQnKN0qIJuhMg9PPKzy6TX8fBjtU_8ednpnaQ3BxICItBhoTDKeuxAsP5yaHFOu7QehFO3i9aSwy15H_hig870kY2W0eq4VsnaZhecmuj8C4aCYAzYJyLer6rO6p-NOWQx7BdvFCGJ_GDnTHsRXOyfzn0nJuQ
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/873204b /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
via
1.1 google
server
OXGW/873204b
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHNhzewbEMxRPw5GLeLF084&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame DE8B 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQ2OPDowMY0tLNxgEwAQ&v=APEucNXA7pu1Qz0MGFg5gCA7gZPQnKN0qIJuhMg9PPKzy6TX8fBjtU_8ednpnaQ3BxICItBhoTDKeuxAsP5yaHFOu7QehFO3i9aSwy15H_hig870kY2W0eq4VsnaZhecmuj8C4aCYAzYJyLer6rO6p-NOWQx7BdvFCGJ_GDnTHsRXOyfzn0nJuQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/873204b /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
content-encoding
gzip
server
OXGW/873204b
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame DE8B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESENtSxRloSZ5KnpLhEL6Hr2M&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESENtSxRloSZ5KnpLhEL6Hr2M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQ2OPDowMY0tLNxgEwAQ&v=APEucNXA7pu1Qz0MGFg5gCA7gZPQnKN0qIJuhMg9PPKzy6TX8fBjtU_8ednpnaQ3BxICItBhoTDKeuxAsP5yaHFOu7QehFO3i9aSwy15H_hig870kY2W0eq4VsnaZhecmuj8C4aCYAzYJyLer6rO6p-NOWQx7BdvFCGJ_GDnTHsRXOyfzn0nJuQ
Protocol
H2
Server
104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-28-165.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 27 May 2022 06:27:32 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESENtSxRloSZ5KnpLhEL6Hr2M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame DE8B 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPD8kAIQ2OPDowMY0tLNxgEwAQ&v=APEucNXA7pu1Qz0MGFg5gCA7gZPQnKN0qIJuhMg9PPKzy6TX8fBjtU_8ednpnaQ3BxICItBhoTDKeuxAsP5yaHFOu7QehFO3i9aSwy15H_hig870kY2W0eq4VsnaZhecmuj8C4aCYAzYJyLer6rO6p-NOWQx7BdvFCGJ_GDnTHsRXOyfzn0nJuQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-28-165.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 27 May 2022 06:27:32 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
skeleton.js
fw.adsafeprotected.com/rjss/st/996673/61756196/ Frame 4002 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/996673/61756196/skeleton.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.237.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-237-93.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
24954f3f1e11adc0d3968a3860084b3ab713ec5f1ab3db224f1bacf76106166e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 4002 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
Origin
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:02:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1532
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 28 May 2022 06:02:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/ Frame 4002 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CrCUeA6eWuTfvByJIMPlUDFOhna2JpV5YEkeHFqBALMtq-8GjAHFQgvCWO0HiDMge2mWmNJI5Qcc0HzAR3PvpRO2sfqn5f39hpoB3_Na4gi8NGizqpOSsCTw5wKg9HdyuMXxq6uoSzz3LTGxRNw-3gnSnW8A&dbm_d=AKAmf-BaN-hGTi5zk8OzfUgl4hzOsa2_6lt9GmEoZevUwxnrCuW92v1uPznen9HfFARCuRm82mWb_xl0HoiLx_HHE9KiLHzVjJVRqodYukWnbbj_Ad_epgfoCnWOFkVEtZSh984ANGnDTIQ6UnHqsRX27jjHoTbKHq2B5GXOPzO9EoDslSPkpyFLFmgTdvUkdobbLD0T6mVL5HSsbjY8bDHFvFlnUuzzCG6iiOdDzMonuErL_w-SVbE982q_q6x_nUMcMOocZWcLhRc9MfYeVwiSPG_90f1E8i-3KAHa7depIb6yxjuDrpBh371guCTEgAJvFvlqZR8E0ncp_UwzhpOJe9bn8DEhCleJEZqpDUnG92aCiqBiz-QSwMKkjX24uUc2vHBzlAKnuW7HScsleRaBYHs71KW6Ck39YPQrSM37G4QTieRuImkpp3DuAOr8EmzgdXbSr4IE5OaihwfXnlmNCNZG0c0LzQ0jmIvapSH2HKMQIip8t9zqnpdDknEg-UsDbM3Qg5XjsmsqVZABS6gfDe2MG2HO7bobexa25vUr8ici_EyJ5DQXxJRnCVsNqPNKfHY5cYxkinKPrAib0ZM6whW9nnuuvGYJLPnTKFq9kN-F9FM8s4XO4ZG3VVj5t_0w47L82k7S8a_aEhmMN4YVYJaTTpuMcwJ4AfI2Twon76pWz3zUFEqA98VuWijDiO_mZDeAXCPhG7ql_hQaN-9haPd8sIl_wkXFli79wmNOfVZjKru7eHbw6llB0iWygd0y32jFZmVzMCQjwW734S0ruuqhB1vj3UtWLCi-Lw_OwjYb8HwJDmYdRL4v45sBQnmDo21Pr2NTfUp65hyjlbR-yvK7vPzO60HbhgdBvCLXLVz101w06LRY-AqwF_xrCDTIGuxmFsrlDMxa5TJerxGCdHDKsBBapsMIFtEqoye0CUtIXmwpaFdkM3JZW2D14H4PNrOAd8umCsYu6d9Jwn-yhjW5vAR_do3hm1nY88aEy4HMqxxCr91t1brPxvEPzOHLZLaqmypawzNBL-8CxHCK6gutRrxgptufWlCoJVzYKXbD5DsUOr2Dx2LuoGdVG2n_W8gACfCzAJe0i3tfAcGYJC4FE6-KvdXAxhb7nfJsoTrr-4EW3yBGmsf8rQO9RzUeUnIncFuD2yBsEOgBuG8IoI_VQvBDGhmiCG124toU_GPjAcLxvGG6w7o49q72pml59YAeal1dt9fsaLu_pTA6fKPaiRmhT4tdYO9NAytOoUbj5s18Wfn_Gutza85P24rStdGq7IvReY_mzvw15EQ8s-YDX3jPklfP8RXEJckRT2lx4JA5MrWATQu9rJcFsHxbFddM8NAHK6bdpQdt9ki2tFkcUZ1130E25DGET1zEJOrKQO_Qn320dRVdo-6JJdUL7iHmTT_9IhdzxK0m-WPz6OxT457Mwd_YrdMbfWpEBrvf1kOuLbq1hi3GpcrEL2DQvTl6sIeHB-3Gy3Ri52wLJ7GVIefn7zqWA_hMAMR1_MzH2ej4_kYJa96vdjeH1s8KhxU1pIEDqxA-Eopeh27tdgfAwJTS3zd6UcD2EL_kzxuO6tW_gfeW64DQv9tjeX-Im63Iva7vgPtB3jJd-GFhFIFRiE1MJccQ9K9ROig-5sX0mjAco1NXbVwxODfjLtI3ZmNmcUlw4tBM-__qwhvmFHovI1HxwlDJYFtICbosNa4yHMpDAfHFDzA8gKGFobrl4yygIe-CW4qvhSEvd1hBhesiHrXZDTxszqYHPHp3C7gto5LNpOuQq-gK4zmUYBi0p4MRjTCD72yga8Kti9yr_H8N5mzF-2B93Ccl0tXvcLYZuy5wBXpK6M2PYMCuiS3v7wtqomRWB3Qrj6-6w3rbMLIT4yKQy_wMgnL0IXlA2D66AZnAXx9UqcwqBIxGcFAuS686T5SJOikQFVR_ltWthimOpnAN5mjnPMmgztUoloewdGp5l5_bw2Io_7Q39WKer4UC_sz0AMqoYe5Z1vNwYMiSVLHSlieThaoIVgoDOMJFTnfd71AOa9_YYw-sf51mufwpES5yNazMFTLAJzNVBz2zHBGxc_JD5oDjFiXTBqy7EAmG-0bLsdy-4WoWN7tkY8xkH4vBovXGClFzi57mo4mcAs_-3PlAxLWn2tqbCSEvNxBK3nZkdwZmMi9fbBP5D1Ae6UXTx_NqlJ3yt9nwY1Zr-VxehfelVQtDW6OGTZ3z1nP_ZwnKp98hp5DomkxfhfFMDxR5f8TRXXC7BTIZdPxClW8_gcXrjGwziTmeI95Qo31k4ba4VagTtiIymHjtSeH3s378PAp5zB5OuildXWQOH3b9EGIGA5EEId6RFo9qLXgxYP9dwIJx8e1TgBvxPgpy3BNhA-NN0-6ngjaByjX4y38ZRZ8XcZF9KJHAoE09HyK5lMRhINrioI5gid72I58QjOdV5d45V7wsK-7flwmNGg_nYLCMnI9j8ZuHM-C2-HKccmCWCrzGAvj4un2jniYgM81XJIskWlNcu4efCkbR72ZNLjVhGE1v_-CiX6f2QbaIQMLDotISRPDM41-DvfmpEMn1CU2oS5xAzHoB1hv4MmNSFlbaKTpC8Y5AyHXmodMzGTiAZhLQbSdGsAZoMgYkUB4T36rRZq-DpnSX1WaeNXSoaXjFzDfHJSrthDVmYPD-xCmSVJLW61KCL80QY6MDJHYOw_6_8zF3lY0yfzsuIxhYV7O_7Jfa6lS67CFY1GS4NLibhX9qi8ChnFIAft_JCKwlUAtSVQ-hVDlubKdFbXV-qKQ0F07gSNqDsVBwnNrJsxop28grq86kgK6EI-Pcs_u0KZVDAw45x6jtofo_dAoC6-9E7rhBs0ciTOfsnYELmLyL0H6rWQQzrC7p7RkUyqBO5VRJMVVQsovMxbz0D1fj_V2oYneNkp1gMQzH2LZXyYjw5VaOL0qUvZtUnuFvG7Eu-OxdkrHGLoBJ-ZTr87pYGVIPNRaOig2o_ee1HdnoG3rCQpkRJEKSuC6RH2PAWhORsZQpHjm2x-wz-bHE7m9bFRkFoGySCayoVIDuooWroKG-uEnKhjCO4ifxDdREbSpH2814ulgNJZFYP5O2xtCeezdUgv5O1Ulw6gm_QVSZSRzLPP8YcbVKHnhNIJaRnOGNoznbskQjAWqPNazYD2u-6w&cid=CAASJeRoi0yl6Q24jtZz3ufUvQVhPxJg4vU-NgGLNwoqrhKKda3FFCU&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:23:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Jun 2022 06:23:02 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame 4002 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CrCUeA6eWuTfvByJIMPlUDFOhna2JpV5YEkeHFqBALMtq-8GjAHFQgvCWO0HiDMge2mWmNJI5Qcc0HzAR3PvpRO2sfqn5f39hpoB3_Na4gi8NGizqpOSsCTw5wKg9HdyuMXxq6uoSzz3LTGxRNw-3gnSnW8A&dbm_d=AKAmf-BaN-hGTi5zk8OzfUgl4hzOsa2_6lt9GmEoZevUwxnrCuW92v1uPznen9HfFARCuRm82mWb_xl0HoiLx_HHE9KiLHzVjJVRqodYukWnbbj_Ad_epgfoCnWOFkVEtZSh984ANGnDTIQ6UnHqsRX27jjHoTbKHq2B5GXOPzO9EoDslSPkpyFLFmgTdvUkdobbLD0T6mVL5HSsbjY8bDHFvFlnUuzzCG6iiOdDzMonuErL_w-SVbE982q_q6x_nUMcMOocZWcLhRc9MfYeVwiSPG_90f1E8i-3KAHa7depIb6yxjuDrpBh371guCTEgAJvFvlqZR8E0ncp_UwzhpOJe9bn8DEhCleJEZqpDUnG92aCiqBiz-QSwMKkjX24uUc2vHBzlAKnuW7HScsleRaBYHs71KW6Ck39YPQrSM37G4QTieRuImkpp3DuAOr8EmzgdXbSr4IE5OaihwfXnlmNCNZG0c0LzQ0jmIvapSH2HKMQIip8t9zqnpdDknEg-UsDbM3Qg5XjsmsqVZABS6gfDe2MG2HO7bobexa25vUr8ici_EyJ5DQXxJRnCVsNqPNKfHY5cYxkinKPrAib0ZM6whW9nnuuvGYJLPnTKFq9kN-F9FM8s4XO4ZG3VVj5t_0w47L82k7S8a_aEhmMN4YVYJaTTpuMcwJ4AfI2Twon76pWz3zUFEqA98VuWijDiO_mZDeAXCPhG7ql_hQaN-9haPd8sIl_wkXFli79wmNOfVZjKru7eHbw6llB0iWygd0y32jFZmVzMCQjwW734S0ruuqhB1vj3UtWLCi-Lw_OwjYb8HwJDmYdRL4v45sBQnmDo21Pr2NTfUp65hyjlbR-yvK7vPzO60HbhgdBvCLXLVz101w06LRY-AqwF_xrCDTIGuxmFsrlDMxa5TJerxGCdHDKsBBapsMIFtEqoye0CUtIXmwpaFdkM3JZW2D14H4PNrOAd8umCsYu6d9Jwn-yhjW5vAR_do3hm1nY88aEy4HMqxxCr91t1brPxvEPzOHLZLaqmypawzNBL-8CxHCK6gutRrxgptufWlCoJVzYKXbD5DsUOr2Dx2LuoGdVG2n_W8gACfCzAJe0i3tfAcGYJC4FE6-KvdXAxhb7nfJsoTrr-4EW3yBGmsf8rQO9RzUeUnIncFuD2yBsEOgBuG8IoI_VQvBDGhmiCG124toU_GPjAcLxvGG6w7o49q72pml59YAeal1dt9fsaLu_pTA6fKPaiRmhT4tdYO9NAytOoUbj5s18Wfn_Gutza85P24rStdGq7IvReY_mzvw15EQ8s-YDX3jPklfP8RXEJckRT2lx4JA5MrWATQu9rJcFsHxbFddM8NAHK6bdpQdt9ki2tFkcUZ1130E25DGET1zEJOrKQO_Qn320dRVdo-6JJdUL7iHmTT_9IhdzxK0m-WPz6OxT457Mwd_YrdMbfWpEBrvf1kOuLbq1hi3GpcrEL2DQvTl6sIeHB-3Gy3Ri52wLJ7GVIefn7zqWA_hMAMR1_MzH2ej4_kYJa96vdjeH1s8KhxU1pIEDqxA-Eopeh27tdgfAwJTS3zd6UcD2EL_kzxuO6tW_gfeW64DQv9tjeX-Im63Iva7vgPtB3jJd-GFhFIFRiE1MJccQ9K9ROig-5sX0mjAco1NXbVwxODfjLtI3ZmNmcUlw4tBM-__qwhvmFHovI1HxwlDJYFtICbosNa4yHMpDAfHFDzA8gKGFobrl4yygIe-CW4qvhSEvd1hBhesiHrXZDTxszqYHPHp3C7gto5LNpOuQq-gK4zmUYBi0p4MRjTCD72yga8Kti9yr_H8N5mzF-2B93Ccl0tXvcLYZuy5wBXpK6M2PYMCuiS3v7wtqomRWB3Qrj6-6w3rbMLIT4yKQy_wMgnL0IXlA2D66AZnAXx9UqcwqBIxGcFAuS686T5SJOikQFVR_ltWthimOpnAN5mjnPMmgztUoloewdGp5l5_bw2Io_7Q39WKer4UC_sz0AMqoYe5Z1vNwYMiSVLHSlieThaoIVgoDOMJFTnfd71AOa9_YYw-sf51mufwpES5yNazMFTLAJzNVBz2zHBGxc_JD5oDjFiXTBqy7EAmG-0bLsdy-4WoWN7tkY8xkH4vBovXGClFzi57mo4mcAs_-3PlAxLWn2tqbCSEvNxBK3nZkdwZmMi9fbBP5D1Ae6UXTx_NqlJ3yt9nwY1Zr-VxehfelVQtDW6OGTZ3z1nP_ZwnKp98hp5DomkxfhfFMDxR5f8TRXXC7BTIZdPxClW8_gcXrjGwziTmeI95Qo31k4ba4VagTtiIymHjtSeH3s378PAp5zB5OuildXWQOH3b9EGIGA5EEId6RFo9qLXgxYP9dwIJx8e1TgBvxPgpy3BNhA-NN0-6ngjaByjX4y38ZRZ8XcZF9KJHAoE09HyK5lMRhINrioI5gid72I58QjOdV5d45V7wsK-7flwmNGg_nYLCMnI9j8ZuHM-C2-HKccmCWCrzGAvj4un2jniYgM81XJIskWlNcu4efCkbR72ZNLjVhGE1v_-CiX6f2QbaIQMLDotISRPDM41-DvfmpEMn1CU2oS5xAzHoB1hv4MmNSFlbaKTpC8Y5AyHXmodMzGTiAZhLQbSdGsAZoMgYkUB4T36rRZq-DpnSX1WaeNXSoaXjFzDfHJSrthDVmYPD-xCmSVJLW61KCL80QY6MDJHYOw_6_8zF3lY0yfzsuIxhYV7O_7Jfa6lS67CFY1GS4NLibhX9qi8ChnFIAft_JCKwlUAtSVQ-hVDlubKdFbXV-qKQ0F07gSNqDsVBwnNrJsxop28grq86kgK6EI-Pcs_u0KZVDAw45x6jtofo_dAoC6-9E7rhBs0ciTOfsnYELmLyL0H6rWQQzrC7p7RkUyqBO5VRJMVVQsovMxbz0D1fj_V2oYneNkp1gMQzH2LZXyYjw5VaOL0qUvZtUnuFvG7Eu-OxdkrHGLoBJ-ZTr87pYGVIPNRaOig2o_ee1HdnoG3rCQpkRJEKSuC6RH2PAWhORsZQpHjm2x-wz-bHE7m9bFRkFoGySCayoVIDuooWroKG-uEnKhjCO4ifxDdREbSpH2814ulgNJZFYP5O2xtCeezdUgv5O1Ulw6gm_QVSZSRzLPP8YcbVKHnhNIJaRnOGNoznbskQjAWqPNazYD2u-6w&cid=CAASJeRoi0yl6Q24jtZz3ufUvQVhPxJg4vU-NgGLNwoqrhKKda3FFCU&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:13:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
846
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10525
x-xss-protection
0
server
cafe
etag
5993959114622819781
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Jun 2022 06:13:26 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 742F 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
Origin
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 11:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68933
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 11:18:39 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/ Frame 742F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZcs-yXF0TIe2LNQ0-2-AIqbrcqMPeLC6IlwBeC2PkPRPHRQC8LTGfrfOREfBBDfHTkPi45b28Os2iLpV9-2Ta7DHkQn4dCZkzXnSzVc_KWH8I5wWFrY7_p8xwxwuZYKmicrfN22JrrqyE9wVH__77r10Lkw&dbm_d=AKAmf-DuVqmJF1chtBdeM-7mfudtjGETaV5rAf3certA2nFN0PNXcxBWwsiTB4o6Egj0DuRnY-ulK9Kg8ku79htiORoReegqEGLSGzVy2_yVwhJULLi4jee_ll1yA2Zvmj1M7MjEUGE0--t9JX8zaauTOAvUz8OZSAPWf4tYRoHHEtaJeTnF8zxFhqErt0TxzPfBUDva9uDgOFnln1VkoyZsjVpRuY6cmc1I2EvmktqBdkclfLPbJ96p9Lz_n3CEeGUXTyH5Xdjnh-aXuV_CMFwPBm8PhrVuMDl55AD1GG9lsMoVQ_ZUq0egXlnYvG07sf8zvlvjRbYOsqzm0qjHRsEASsQ6YgUeXZiVoGyWsk21N_CeD2XVPPfmWOypLVxoBiGJFQD1hDsXTOsdbBMLD7bStriozsbEXdevrPyPMAeBn2fwJ9o0VP9uOvzjX73MgfUgITII5KF3cNW5S08ozE52b7wVifqZ5-qmR2BYiTxNT1MfOfEI6ucIyR34vLjmitTTaFIB2oQM-xEnJely0VgPQU9bdMUpMl48d3BdNqZCU6FgcVuTVeIgLwDpSwg2up6k8NbXHKwtgabPD8Yc5NE1Zw2UsKxQfXKHiDM__Vwv88tVm6DlZHoerQRDvRWZdNj_J-9bTDKtVZqKz5xZTWzHynjk0sHBW6K_SJ_E3k5OLJ2sClbTU936dVvw18JLvk2sF1e3dhBxzzT0IS6F0tHYMVHR9K_qeq1USPEXTKshV3nvR6NTGy4LztEiwZCmv8FLl0LUFwsnuIsjoZNNLF9ZF9RwDGDFz8Xyv9sIFqDxPHDKv3sQdHfy8TAw5sv37XLDQsr9hFungrK636Vyox5jSDbcJDup38WZtaBQnrPNhPV4AG95Jged7czTWJC9KOTlXRuBvKlENj0Q4fLIHScA5vW2SUYDUsAUsWiSUHWvdZUgxbAdS9NHjznEEkdZZ086Fk8GmGzOZDJ8ysyekAYSji1YOzcQqQWpBUleR67aFch-b42yxrbxnjCkkmcdfEB9So4LDIYEz2b8uaQBSyO47Za76z1eBBDTP6EAmeelwDmvkULcJu8U1VyPCFPG7jzwC3OA9FL6jjuv2pcLKf0fWX414_SLMhneq0rrHbbNr9uMar78mjrCmTuzFyIvPSgA-F2tznyHWhoAHoNmYfO7NV3U0NXJ-myV4wfvqsLu2VVSaOsFRwlP0unKJc2ehj3O6uDcCqk4JQkUUYW5DVcZxMMhBrBnnphuV7LPP5Ptx9UUHE2X0C2NswPZ6u9-Sq0UCnixwM9X-qeI6WW6Er9eYHOMGBQ17YVx1jXlvPQIygbEn3_pBgO_u4WTfSdMEuIYMYKIUM_5-eAKA4K9EtXFlWMjR9VOwMR7F1RE2l6PzhPpT34WJw-C9tQYPQPjzUGwPPM7vM8khxbm91AWchUyvfss1lk-DYOLhFc2ETuREa-2xz2W49k2G8X1jXvBKMA_XaHpRj5rZYTGl28jidzGhWvNrZnfR-QxijSEiMRgamxIOjn3MfZn7hbczdhqcLU7OwEyf0Ks8ih5xLhaiqp_d2Qn3WTkMcBrvecWZZwPOD-p_xrkNzEH-BavQFdnVnvoq4P-sOO4fauLkWG81sHDBfyALi3OWPPEyHC49F84hRPQHLsL3IHg4NDrsQc0C8vTzZS9kIPqvDbfi-Oylx3hohP_JVuOWjQm3kmBgOxfYetv0NQgaMxml3wUJcuTZhrz11jbOKZnte2XLCz-oNEsSTY23dbDuQbiyhMPW4p9-JjTkjJ1LcBfpghsknpPZkjknF8qD0hXRf0WJMpmvkFvznvzZY34Y9Ac0KNlI4niiQrd17YooTrreMbnXIH1H5ew7J-_1BD8vt8Ta6SHaaest6H3cTn2s2B3TExtKnOH4HJDXF7AS7_zkEjo_CwY9z4G0Oh8Wu6CUDuuC5hnSplm5CXWDqNPuHtBpYZqizs0Sw7gk6tAkjzvaD2V4HVP_vOslo5H2qK3nX73U_IYKyLnZ1ML0ImEDErRUEbkoeiPGq-zDfIm74pX8t2v4hIm4xDi6XIBZRTNHPC7mGOmke0OZ2qNmMlQy3mFd9Z1kfqwINFe_igRoP3SoYc8HUmmBzVThz6ctvZgdnUmTVisXroswmIFLri3-cIra9__ysxiEX1BVut1CQSFU0YO4j7a6tzwqguLvOqmBfH4DTpstO6hCijBUL-hTg_b099aVmZtbpCW1eDBIAPMgM3iOb2_bOsMB_kxVXMNCKyGnNLIb9FBnESvspEVVVBrVT3A8IPRWN_J8DneI_Fn_naeRAZ41_IzKra9yPh_CdVUc4HGPNQKekbFKL8Uh20MKnCOmBji0VaZoT16TKetEBJw38zKOwc3FjX5_80mK4Kqew_tj4vsqBYgPh5EAcabj7nceoJ2l8s7M0u2J28370Yot-a0I7PmQjUNHqOpfXoI32O_SN5_Nsvxj1ffAHPO7HCU9HBWkgUPNBZBVw80x3lf1TtRJbpn3GJfS1xO0cg-5Xlz4oOAjhuNuCzAQiGWH7BEkp0R55FYjSo0DZolZ4q0sDPtkcRMfAFgjRD41gZMAveCq5LOpr6CUhpt0VOIqgAa3rJHWOqleWk8O1Xssszey66FbTx9EGe3MXD3pSoF2F0sx1kf8I6cZHMKP3NmFVdXdvKltaogvS_9ZqRXYrDauvfSN-Ud6pmSGZkUxyXvJpni_xGGHIqmns0J-Hda89MrLnwbSFf1qUmmwdl5hcM7RPENqDfCohl9EO88ffzlvEUrq-KSJySRYPxWMpLo7oQWyE-zwvdk8HDUE1ofQAZT7WFcwswAFEa1e_S2uA1xbYX0AMiD1S-EJx6Vv-eNg9HToOqBu5U5N7YSZ-rG9k9jZi8MJftg2dtHxyhcvc2ruhRwaPdklp6CeSBOMeTFJxEOGo6SQzSysLfvxEa3f8IixrJMADn_h0QiOFfDWyW-x14UV0DQiLpN37zjIK5uagEWyc6a_dVVDGK-Jltu-62Q55qqCiv1EC695r4sLNNDEGiNTqNylW8prJOCwgnO8_s-9IWnuZEo5fDmdqOa044EvcdJiGrCIGzwI6S36tMGEaUId-otikgQwTkQSw&cid=CAASJeRojYObnIsWls-BqVzR1mLzS1MH9eVEOaGarXoEpck_CXq7b4Q&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:23:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Jun 2022 06:23:02 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/ Frame 742F 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220525/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BZcs-yXF0TIe2LNQ0-2-AIqbrcqMPeLC6IlwBeC2PkPRPHRQC8LTGfrfOREfBBDfHTkPi45b28Os2iLpV9-2Ta7DHkQn4dCZkzXnSzVc_KWH8I5wWFrY7_p8xwxwuZYKmicrfN22JrrqyE9wVH__77r10Lkw&dbm_d=AKAmf-DuVqmJF1chtBdeM-7mfudtjGETaV5rAf3certA2nFN0PNXcxBWwsiTB4o6Egj0DuRnY-ulK9Kg8ku79htiORoReegqEGLSGzVy2_yVwhJULLi4jee_ll1yA2Zvmj1M7MjEUGE0--t9JX8zaauTOAvUz8OZSAPWf4tYRoHHEtaJeTnF8zxFhqErt0TxzPfBUDva9uDgOFnln1VkoyZsjVpRuY6cmc1I2EvmktqBdkclfLPbJ96p9Lz_n3CEeGUXTyH5Xdjnh-aXuV_CMFwPBm8PhrVuMDl55AD1GG9lsMoVQ_ZUq0egXlnYvG07sf8zvlvjRbYOsqzm0qjHRsEASsQ6YgUeXZiVoGyWsk21N_CeD2XVPPfmWOypLVxoBiGJFQD1hDsXTOsdbBMLD7bStriozsbEXdevrPyPMAeBn2fwJ9o0VP9uOvzjX73MgfUgITII5KF3cNW5S08ozE52b7wVifqZ5-qmR2BYiTxNT1MfOfEI6ucIyR34vLjmitTTaFIB2oQM-xEnJely0VgPQU9bdMUpMl48d3BdNqZCU6FgcVuTVeIgLwDpSwg2up6k8NbXHKwtgabPD8Yc5NE1Zw2UsKxQfXKHiDM__Vwv88tVm6DlZHoerQRDvRWZdNj_J-9bTDKtVZqKz5xZTWzHynjk0sHBW6K_SJ_E3k5OLJ2sClbTU936dVvw18JLvk2sF1e3dhBxzzT0IS6F0tHYMVHR9K_qeq1USPEXTKshV3nvR6NTGy4LztEiwZCmv8FLl0LUFwsnuIsjoZNNLF9ZF9RwDGDFz8Xyv9sIFqDxPHDKv3sQdHfy8TAw5sv37XLDQsr9hFungrK636Vyox5jSDbcJDup38WZtaBQnrPNhPV4AG95Jged7czTWJC9KOTlXRuBvKlENj0Q4fLIHScA5vW2SUYDUsAUsWiSUHWvdZUgxbAdS9NHjznEEkdZZ086Fk8GmGzOZDJ8ysyekAYSji1YOzcQqQWpBUleR67aFch-b42yxrbxnjCkkmcdfEB9So4LDIYEz2b8uaQBSyO47Za76z1eBBDTP6EAmeelwDmvkULcJu8U1VyPCFPG7jzwC3OA9FL6jjuv2pcLKf0fWX414_SLMhneq0rrHbbNr9uMar78mjrCmTuzFyIvPSgA-F2tznyHWhoAHoNmYfO7NV3U0NXJ-myV4wfvqsLu2VVSaOsFRwlP0unKJc2ehj3O6uDcCqk4JQkUUYW5DVcZxMMhBrBnnphuV7LPP5Ptx9UUHE2X0C2NswPZ6u9-Sq0UCnixwM9X-qeI6WW6Er9eYHOMGBQ17YVx1jXlvPQIygbEn3_pBgO_u4WTfSdMEuIYMYKIUM_5-eAKA4K9EtXFlWMjR9VOwMR7F1RE2l6PzhPpT34WJw-C9tQYPQPjzUGwPPM7vM8khxbm91AWchUyvfss1lk-DYOLhFc2ETuREa-2xz2W49k2G8X1jXvBKMA_XaHpRj5rZYTGl28jidzGhWvNrZnfR-QxijSEiMRgamxIOjn3MfZn7hbczdhqcLU7OwEyf0Ks8ih5xLhaiqp_d2Qn3WTkMcBrvecWZZwPOD-p_xrkNzEH-BavQFdnVnvoq4P-sOO4fauLkWG81sHDBfyALi3OWPPEyHC49F84hRPQHLsL3IHg4NDrsQc0C8vTzZS9kIPqvDbfi-Oylx3hohP_JVuOWjQm3kmBgOxfYetv0NQgaMxml3wUJcuTZhrz11jbOKZnte2XLCz-oNEsSTY23dbDuQbiyhMPW4p9-JjTkjJ1LcBfpghsknpPZkjknF8qD0hXRf0WJMpmvkFvznvzZY34Y9Ac0KNlI4niiQrd17YooTrreMbnXIH1H5ew7J-_1BD8vt8Ta6SHaaest6H3cTn2s2B3TExtKnOH4HJDXF7AS7_zkEjo_CwY9z4G0Oh8Wu6CUDuuC5hnSplm5CXWDqNPuHtBpYZqizs0Sw7gk6tAkjzvaD2V4HVP_vOslo5H2qK3nX73U_IYKyLnZ1ML0ImEDErRUEbkoeiPGq-zDfIm74pX8t2v4hIm4xDi6XIBZRTNHPC7mGOmke0OZ2qNmMlQy3mFd9Z1kfqwINFe_igRoP3SoYc8HUmmBzVThz6ctvZgdnUmTVisXroswmIFLri3-cIra9__ysxiEX1BVut1CQSFU0YO4j7a6tzwqguLvOqmBfH4DTpstO6hCijBUL-hTg_b099aVmZtbpCW1eDBIAPMgM3iOb2_bOsMB_kxVXMNCKyGnNLIb9FBnESvspEVVVBrVT3A8IPRWN_J8DneI_Fn_naeRAZ41_IzKra9yPh_CdVUc4HGPNQKekbFKL8Uh20MKnCOmBji0VaZoT16TKetEBJw38zKOwc3FjX5_80mK4Kqew_tj4vsqBYgPh5EAcabj7nceoJ2l8s7M0u2J28370Yot-a0I7PmQjUNHqOpfXoI32O_SN5_Nsvxj1ffAHPO7HCU9HBWkgUPNBZBVw80x3lf1TtRJbpn3GJfS1xO0cg-5Xlz4oOAjhuNuCzAQiGWH7BEkp0R55FYjSo0DZolZ4q0sDPtkcRMfAFgjRD41gZMAveCq5LOpr6CUhpt0VOIqgAa3rJHWOqleWk8O1Xssszey66FbTx9EGe3MXD3pSoF2F0sx1kf8I6cZHMKP3NmFVdXdvKltaogvS_9ZqRXYrDauvfSN-Ud6pmSGZkUxyXvJpni_xGGHIqmns0J-Hda89MrLnwbSFf1qUmmwdl5hcM7RPENqDfCohl9EO88ffzlvEUrq-KSJySRYPxWMpLo7oQWyE-zwvdk8HDUE1ofQAZT7WFcwswAFEa1e_S2uA1xbYX0AMiD1S-EJx6Vv-eNg9HToOqBu5U5N7YSZ-rG9k9jZi8MJftg2dtHxyhcvc2ruhRwaPdklp6CeSBOMeTFJxEOGo6SQzSysLfvxEa3f8IixrJMADn_h0QiOFfDWyW-x14UV0DQiLpN37zjIK5uagEWyc6a_dVVDGK-Jltu-62Q55qqCiv1EC695r4sLNNDEGiNTqNylW8prJOCwgnO8_s-9IWnuZEo5fDmdqOa044EvcdJiGrCIGzwI6S36tMGEaUId-otikgQwTkQSw&cid=CAASJeRojYObnIsWls-BqVzR1mLzS1MH9eVEOaGarXoEpck_CXq7b4Q&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:13:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
846
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10525
x-xss-protection
0
server
cafe
etag
5993959114622819781
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Jun 2022 06:13:26 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4002 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 11:10:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69425
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 May 2023 11:10:27 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BC89 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
61280
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 26 May 2022 13:26:12 GMT
etag
48472445140208031
expires
Fri, 27 May 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4002 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9472eba26c90a786dfde1646293da822c7c57c256c8e326beb8842f2d423a194

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/10176755/1628770995716/ Frame B7F9 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10176755/1628770995716/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87a964d3ee57d64c5dfc1c04cadb738f8f6f87ede99e443201afa1715ac196b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
82148
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
1888
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 26 May 2022 07:38:24 GMT
expires
Fri, 27 May 2022 07:38:24 GMT
last-modified
Thu, 12 Aug 2021 12:23:15 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4002 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst1ek4-u-D0Vs6lS0LQsgfhzt8uNgQ1lMQUamsD4wiIjgXXFRRyKQhuj3B3epWeK7-P7umWCnUU1hnRJFfmW1UycbX7Dgd_fbPxp8U9c54nsdE-F-MatpoOLBQMievR-fuU_x7gVKxX8IVZrFkQrpsg5mUUzhjqCUBUcmpbDDU3NNP3P-O7BEbS83jZhorAGe4jGERXsr1PVtmgiRzV00j5_qpw4HKykX7lrgXXi4j4rPO3ziRryAMl0BaU8uz9a9JJANIpB-NQHhn6petrw_-WE7ylFiHGX2GdVirOjM8DgVmvTljdTRmYWZtOFzAgFk9K6f-IBOHEToYssmTU0f7wVS9XILPpgopKhNkW7INGXZWmMe_UOcyggHgq450oOLCfwuFtxHuy4UutZqLoI1TC_lbBrretEsulcBKYuCf5cCkXVwLfetBP8RjgnUCfEXbw61iWxWOdajNKsq44-V5NCotTCz9pC_YrNekPUTjT3fxJIDAJzAtw5hQCkBjsm7S5Ckb-DWMVT2juGU76oIzhDrJIQU6JZvkqwo27oTtf84gkW5xWH67-EHtGwNo-4jx3mMI4H73vpo937-5md9FgpkpT2UiHzMsz_wo-QLfj1-ojuW7VZkZ_0c8GSwnwLCeuOeIjFG0uCAajInKHEfK4enW4xOpnfdrUfytSUPy8--CY41rJv8aJeNtz2t4KoadKXO3F_e61xdQnZv-vVO2Est0T2zNxwNgREMRUjXM8WriK_J1SgPFaClUQX631oRwEii9vPVeFJb3SiHYORbQqhvJyks3VQwr90K9ddKhV2HcGuS7q5QjhVwpFF9inu7yYyVLki-mqDoC9ZVhaMgKl1YmVUF3punbPxDsboA7B_FZdH8IvuMJqJLEZGWoAnsSWNQWxnLdbCnIdRv3YeEMfeGVO__dW5l0dyy5Uyf2lch_6kJgXyBXtFFvO6bLIFmmaYglEwqq44zk0eKKRUTCi6pXPw6geuJDzVRfXdWl17LRLuAF44Y9CpvCIvZ5C3NJK1Q8-EXy86RQdurY1FEt-toVwD3xf6ZxNmRs6QGGNtQBWF11NOx87Fpjn-Rw9_ZVWAK4HXhqcah-dyOhEKsuSOSSIfna7kzkwybtOpmzbAZwxeDcC47cEUAicGPVvC5NviYGm4Vr4gTUsr3fplCtY0q-gH_TzevYx0uu-F0gGS8hAxI7jd2wVhedwRT1nt5hBuJE-qvkr4NoNRqlHvWlGXz8zLagKZYyDQw&sai=AMfl-YSwbZXAjTLNx2yhG2A8lyz7An-xlBNJH5hwhq6GUfP_lvHBfH4gwh9i9PLSwByAPtNqDCKdpTHwh5mv18daFy4jtR7MoSOqlf9FGyXqyOrAGD_1QKgWE5l8M7Ul1BT7BO9bY20T6E3bEinL2BmuM0yWBJRw9KFcXDLlQ8IrYIdidXXrH8bj5Y1Y3fJwIOEnEzJkaAO8ifKJJSXFl5EvsDbR&sig=Cg0ArKJSzOhsiZ2ATYbrEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=56&cbvp=1&cstd=55&cisv=r20220525.90725&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 27 May 2022 06:27:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 742F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 11:10:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69425
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 May 2023 11:10:27 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 86A9 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
61280
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 26 May 2022 13:26:12 GMT
etag
48472445140208031
expires
Fri, 27 May 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 742F 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86e8ebbb8add42c09a533f54322a4e9560ca52dad7b04a957a6ee8c38fd73249

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AC43 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
69425
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 May 2022 11:10:27 GMT
expires
Fri, 26 May 2023 11:10:27 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
creative.html
s0.2mdn.net/sadbundle/5074865056437501952/ Frame 3C4B 		1 KB
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5074865056437501952/creative.html?e=69&leftOffset=0&topOffset=0&c=YSZFVjmZqJ&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b224d2c4feaca936ca63f7bc30353f4226613f73d5a947cb5622cb6d8a7dfe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
445
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 27 May 2022 06:27:32 GMT
expires
Sat, 27 May 2023 06:27:32 GMT
last-modified
Fri, 01 Apr 2022 08:26:50 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 742F 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstXgv0fuhwr_VCflKQnflkezl3YC1tALkCmjwAt1FKMAMp-N4iaCP3wyX3fXY__UJ7cxqPwBFnTq4U076HthA_Dm-N5UR3ekD5DKFw0Oc--hWP2YGZSc8Gu6Z9w7mYJN5QCMrdYqS9eqNYShrNvTAUkmGWIEic8jGId5r47J_chU2GT3YastqFJM7Kw46jQ96sVWIa2dinnCFa3G1R3cxaokDVFFEacfCtRsdCzcubALKa9kgP8vJ5rNKXHgpqy6t06rsvKG0fjEVyeDo3i4RxDwFWW2DBXV-g4snr5RkeFOHWQrhOatZS-vT0hS0KxEHBfw_iCkF88VW7GoaAWo6p6_0C9Cx1D9GbpvoeQNRDUUyrSdgPWquf_LyhMtRnqMQH3xaV_IOM56lYqcRlc4hXt6Qid_yeA84Pkpfd2PyZnX5kPaqdeIAogJpZ9NDmcEA1HSoYlHK5JUzCMF7Zo-YrK0_r7evglBCI8x0j6XmU7GtopXC9ohlPWuw2PcBh1qrjPDiyxy3OFIHoaMH7necjqchdYNcYex13Uw6A6BZPDQZcj2qn6nQu68Gq83ax0XJY7ucJ8Wbq-P4_7dDFxTWaxU52Awo_puJ9mH8NZs3W0Iastp_hRovnT0NZI5zxtr3BhJ1X4d5Qs6OdtHIbzi8R_ZHVD5nB0lT-cnk3Im8vHe_JT8FhJEJyuA9L0K8XeUyPj2MutC58ZiqpgmSIbhJVehmYASUGmr8YAF7xtwHjm5anzVzVE2MRDnWdHFuHq56-YKEXm5eiL8PpBSC7l3IT3-zEoXMcEKnekIgaYPcb4LaSyM1K6CUtZ6P7ANTbnlldlKHBIW6J8sLrEWN3sjckOnTNoPOjQLvGBclv6TBCTk79XnBHs0-IzYpl5RX53Scsxt2lxqUxiONOjEIU-GBeYbTzo0Ey0YxispweGL2WxsHEvV0isIOUjaTP3vbU4jExJ-U1ghhthDkbyV5bwohQn4UIEweqaNpRKe28gH8_pwzMzL1NvQpB6tRKZfhxKJBxNZylBJDH1BLQ6IPZBZRyc9Q_Stz0mELN6puXPcv8dS52jElSWgkQsMToU7w3ItLyCk7npLVBGHoNrVh8PLt1ZHonez6BkIwH9h6mdVI_PCQbi9au9mSEoMCrZjFnr1RfI01WDo5G1J39GHpv_eVcJ9WsOyCtiZVLcsyM&sai=AMfl-YSnmDFcI0R8ESVzhksdTqSwLBRUWgqxHlaAqP6Yg_mlUlZbNH-9yWZnv9TOyH4VcHQgRbmUkEwXE8MBjS1nlFUZXlhzWdaGMkU3W5X0WWtqq339q9jVSY_GcIGb21-lyJAGXJ5At0iYNeWGQFl7M5dJOkWl860MluyLozUJ6Slwtc6zdxvsUc3mVNsK4kceX1LbmgbZ7b4NwqXAhTN4J22B&sig=Cg0ArKJSzLINakJ4AGykEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=99&cbvp=1&cstd=94&cisv=r20220525.83477&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Fri, 27 May 2022 06:27:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
cm.g.doubleclick.net/ Frame BC89
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGbvDXKpAjjsQpmF5dLarmM&google_cver=1&google_push=AYg5qPJ1TTthaJR2AjYuxYXWEx_KJUS60mfxmJK-LBd5inZncMygqnj_Awt-4IlLnXtPg2UDEvbB8oCuC4rT0Zz7MHDD55wmau8
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CF08894BE5494FED9084E97478196D03&google_push=AYg5qPJ1TTthaJR2AjYuxYXWEx_KJUS60mfxmJK-LBd5inZncMygqnj_Awt-4IlLnXtPg2UDEvbB8oCuC4rT0Zz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CF08894BE5494FED9084E97478196D03&google_push=AYg5qPJ1TTthaJR2AjYuxYXWEx_KJUS60mfxmJK-LBd5inZncMygqnj_Awt-4IlLnXtPg2UDEvbB8oCuC4rT0Zz7MHDD55wmau8
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 27 May 2022 06:27:32 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CF08894BE5494FED9084E97478196D03&google_push=AYg5qPJ1TTthaJR2AjYuxYXWEx_KJUS60mfxmJK-LBd5inZncMygqnj_Awt-4IlLnXtPg2UDEvbB8oCuC4rT0Zz7MHDD55wmau8
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 26 May 2022 06:27:32 GMT
google
match.adsrvr.org/track/cmf/ Frame BC89 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBx2fL1iMJ6P0x-cpTHgkBw&google_cver=1&google_push=AYg5qPJO3G-4g87MO_u4MZkrTpKcRa21FnHsQBFhtIWC5kRXBCNvLdGeKGj9xcAR-DBIycLz3yh-GI5-MaUVBKpogBSwIsxmt3KA
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame BC89 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEBZnM1wyXXCBp0kGlIU0s-M&google_cver=1&google_push=AYg5qPLlZH-UKppnNwaxl3ZSF0guP55VDfsVjyhULg7dPILpxGFSKs5q-tRD3zoOMirzxQhllsRJ7_BNWEmsugi1FSqdULLiRd8F
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
attr
cm.g.doubleclick.net/pixel/ Frame BC89 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jd-aNHapZWo_pGRZq_RYUUKwqiuDLFmLwbqmYGtXCodQ
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
style.css
s0.2mdn.net/10176755/1628770995716/stylesheets/ Frame B7F9 		3 KB
813 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4e05219a918031b351cbbf52978d47b5bb356d33ed2a84e783b76d54159c5d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10176755/1628770995716/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 07:38:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82148
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
787
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 12:23:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 07:38:24 GMT
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/ Frame B7F9 		113 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/TweenMax.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3977356
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33534
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-1c274"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpRBNQVZ3OrN47WBNoiJGnepKv5yUFj1k5MRLupWkS6zTQWAuMHeqL6n0mz4zgAWX0%2BlSV%2BeA7nyHoBP5gKamjbkJ09CUIS0vSuJs4pbhLNHLCCIYW1ynos%2FmT3OSCgTC04b44%2BwEjA8ajJ%2BdGtTOrE6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
711caf6fdf830200-ZRH
expires
Wed, 17 May 2023 06:27:32 GMT
main.js
s0.2mdn.net/10176755/1628770995716/javascripts/ Frame B7F9 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10176755/1628770995716/javascripts/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81366b8d555eac429c5b14198573523f55757a94d93d60c83980d38c00225e07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10176755/1628770995716/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 07:38:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82148
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1088
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 12:23:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 07:38:24 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4985 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
69425
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 May 2022 11:10:27 GMT
expires
Fri, 26 May 2023 11:10:27 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
initial.css
s0.2mdn.net/sadbundle/5074865056437501952/assets/css/ Frame 3C4B 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5074865056437501952/assets/css/initial.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5074865056437501952/creative.html?e=69&leftOffset=0&topOffset=0&c=YSZFVjmZqJ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
beee53adafbc60e3db6e6a5687997644ccbe64ba8f1ea73287debd663e271fb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5074865056437501952/creative.html?e=69&leftOffset=0&topOffset=0&c=YSZFVjmZqJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 24 May 2022 08:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
250927
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1027
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 08:26:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 24 May 2023 08:45:25 GMT
Enabler_01_248.js
s0.2mdn.net/879366/ Frame 3C4B 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_248.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5074865056437501952/creative.html?e=69&leftOffset=0&topOffset=0&c=YSZFVjmZqJ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5074865056437501952/creative.html?e=69&leftOffset=0&topOffset=0&c=YSZFVjmZqJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 09:38:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74918
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41094
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:45:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 09:38:54 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ Frame 3C4B 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5074865056437501952/creative.html?e=69&leftOffset=0&topOffset=0&c=YSZFVjmZqJ&t=1&renderingType=2&ev=01_247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 09:39:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74881
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 May 2023 09:39:31 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/ Frame 3C4B 		233 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/jquery-ui.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5074865056437501952/creative.html?e=69&leftOffset=0&topOffset=0&c=YSZFVjmZqJ&t=1&renderingType=2&ev=01_247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 23 May 2022 20:25:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
295302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63865
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 May 2023 20:25:50 GMT
initial.js
s0.2mdn.net/sadbundle/5074865056437501952/assets/js/ Frame 3C4B 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5074865056437501952/assets/js/initial.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5074865056437501952/creative.html?e=69&leftOffset=0&topOffset=0&c=YSZFVjmZqJ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d0545960d6ef260bb87b548d42c91da3ba474568edbf04faf158ed880c328d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5074865056437501952/creative.html?e=69&leftOffset=0&topOffset=0&c=YSZFVjmZqJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 20 May 2022 08:33:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
597265
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2923
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 08:26:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 08:33:07 GMT
logo.jpg
s0.2mdn.net/sadbundle/5074865056437501952/assets/images/ Frame 3C4B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5074865056437501952/assets/images/logo.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5074865056437501952/creative.html?e=69&leftOffset=0&topOffset=0&c=YSZFVjmZqJ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
794d61e219331f90223f84b6f7806082dd2fb5388d3c74af6bab63ad2ce022bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5074865056437501952/creative.html?e=69&leftOffset=0&topOffset=0&c=YSZFVjmZqJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 13:18:08 GMT
x-content-type-options
nosniff
age
148164
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2754
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 08:26:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 May 2023 13:18:08 GMT
spinner.gif
s0.2mdn.net/sadbundle/5074865056437501952/assets/images/ Frame 3C4B 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5074865056437501952/assets/images/spinner.gif
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5074865056437501952/creative.html?e=69&leftOffset=0&topOffset=0&c=YSZFVjmZqJ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcc5de0f53784c98bf4b3345b43f7d95736bd096e7ce0b8132a0555624adc13a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5074865056437501952/creative.html?e=69&leftOffset=0&topOffset=0&c=YSZFVjmZqJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 13:18:08 GMT
x-content-type-options
nosniff
age
148164
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6841
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 08:26:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 May 2023 13:18:08 GMT
main.gr.19.8.309.js
static.adsafeprotected.com/ Frame 4002 		191 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.309.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/996673/61756196/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f2e24b95c962fffb41eede228d0c5c7681cf9bc3dd3ece2440412ec4246d84e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 05 May 2022 20:42:44 GMT
content-encoding
gzip
age
1849489
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 05 May 2022 17:31:51 GMT
server
AmazonS3
etag
W/"25d0c2239b60642eaeddad303e621bd4"
vary
Accept-Encoding
x-amz-version-id
mjEd7PtHn1L574wGfHZ2vjRyhTR.v7IU
via
1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA2-C2
content-type
application/javascript
x-amz-cf-id
DsvU-sCvl3Mp8POGaecwcA4_tozKq9avuR3EPJ1jBLcK4DNFB3S_Jg==
pixel
cm.g.doubleclick.net/ Frame 86A9
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGbvDXKpAjjsQpmF5dLarmM&google_cver=1&google_push=AYg5qPKlHiqAYnYYYP_jgkOffXGt0eaMIk_KSHVPfxRQ5AeoFL0ZM1p7wNl94xR5iP1kaF6iAAd57LKbDSzFsOFHGoJ78m8pI30H6A
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CD17E7182EC741838BAB0394A0B44C68&google_push=AYg5qPKlHiqAYnYYYP_jgkOffXGt0eaMIk_KSHVPfxRQ5AeoFL0ZM1p7wNl94xR5iP1kaF6iAAd57LKbDSzFsOF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CD17E7182EC741838BAB0394A0B44C68&google_push=AYg5qPKlHiqAYnYYYP_jgkOffXGt0eaMIk_KSHVPfxRQ5AeoFL0ZM1p7wNl94xR5iP1kaF6iAAd57LKbDSzFsOFHGoJ78m8pI30H6A
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 27 May 2022 06:27:32 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CD17E7182EC741838BAB0394A0B44C68&google_push=AYg5qPKlHiqAYnYYYP_jgkOffXGt0eaMIk_KSHVPfxRQ5AeoFL0ZM1p7wNl94xR5iP1kaF6iAAd57LKbDSzFsOFHGoJ78m8pI30H6A
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 26 May 2022 06:27:32 GMT
google
match.adsrvr.org/track/cmf/ Frame 86A9 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBx2fL1iMJ6P0x-cpTHgkBw&google_cver=1&google_push=AYg5qPLDIAsl9clss-pDhvrp9aImXBxZZ1aM1GrlFBOgkTfGUV3wrpYpRoL4vvMk-bR26NyicubR0w7Xl3MlNPKTCVZNd1ujxt01uA
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 86A9 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEBZnM1wyXXCBp0kGlIU0s-M&google_cver=1&google_push=AYg5qPJ77fGFyj26cssCv8eQZEDS5rRidRLdotgVPmPg_2uBBUkkqObycs54SrGZC-VBBRZE53kRAb2Jh0hBgORky7Ogvy_zmBtn
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:31 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 86A9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I9Bvqlsv_LVCPZvZB6DBToQtUabftb14zGE7vDGFq5Ew
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
bg.jpg
s0.2mdn.net/10176755/1628770995716/images/ Frame B7F9 		315 KB
315 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176755/1628770995716/images/bg.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad3020772c580601a51fa9053ce4ca8155c12db4fc08d125852f951d30596fff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10176755/1628770995716/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 07:38:21 GMT
x-content-type-options
nosniff
age
82151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
322422
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 12:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 07:38:21 GMT
6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
pagead2.googlesyndication.com/bg/ Frame AC43 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 13:22:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
147909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13723
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 May 2023 13:22:23 GMT
push0.png
s0.2mdn.net/10176755/1628770995716/images/ Frame B7F9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176755/1628770995716/images/push0.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2488b6c3e67b8ec04994779823578a5d7b74a0d814bdee7049a62e9ec97166cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 07:38:21 GMT
x-content-type-options
nosniff
age
82151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3175
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 12:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 07:38:21 GMT
push1.png
s0.2mdn.net/10176755/1628770995716/images/ Frame B7F9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176755/1628770995716/images/push1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bd7df5c99615e79a156eb2e81f6f6f0ff72ed5085b80d95c2f88f7160f80304
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 07:38:20 GMT
x-content-type-options
nosniff
age
82152
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3213
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 12:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 07:38:20 GMT
bg1b.jpg
s0.2mdn.net/10176755/1628770995716/images/ Frame B7F9 		196 KB
196 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176755/1628770995716/images/bg1b.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e52b26b48dad0ceba58fabaa61a50167088c658243866f4356e85df897f5e7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 07:38:21 GMT
x-content-type-options
nosniff
age
82151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201134
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 12:23:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 07:38:21 GMT
push2.png
s0.2mdn.net/10176755/1628770995716/images/ Frame B7F9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176755/1628770995716/images/push2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c07c4280af0101109ac899ccd91d9b539d927fe58ae715fdb58617aa54ca2bf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 07:38:21 GMT
x-content-type-options
nosniff
age
82151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4191
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 12:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 07:38:21 GMT
logo_intro.png
s0.2mdn.net/10176755/1628770995716/images/ Frame B7F9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176755/1628770995716/images/logo_intro.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1671067cd3dbc4d9bd94120e1f24ce195123451fa87547713a272485f9c34a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 07:38:21 GMT
x-content-type-options
nosniff
age
82151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 12:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 07:38:21 GMT
bg2.jpg
s0.2mdn.net/10176755/1628770995716/images/ Frame B7F9 		168 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176755/1628770995716/images/bg2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9b946481c32f4369373d2e4a287d25404305f730eaf798f4355846d597f8f61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 07:38:21 GMT
x-content-type-options
nosniff
age
82151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
171571
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 12:23:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 07:38:21 GMT
bg2b.png
s0.2mdn.net/10176755/1628770995716/images/ Frame B7F9 		174 KB
174 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176755/1628770995716/images/bg2b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f96c607e65e9265b8426aa1e30a0c7fa19dcfe5147a488c985df06787b10b61e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 07:38:21 GMT
x-content-type-options
nosniff
age
82151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
178089
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 12:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 07:38:21 GMT
push3.png
s0.2mdn.net/10176755/1628770995716/images/ Frame B7F9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176755/1628770995716/images/push3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efeed59204d2eb15bc97b127681e3cfe55684a996433151d37dbe0550a89a505
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 07:38:21 GMT
x-content-type-options
nosniff
age
82151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3879
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 12:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 07:38:21 GMT
bg3.jpg
s0.2mdn.net/10176755/1628770995716/images/ Frame B7F9 		400 KB
400 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176755/1628770995716/images/bg3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ea717cca2b878742523fac75fe0037c265e93eb6a96057e685bc411ff833046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 07:38:21 GMT
x-content-type-options
nosniff
age
82151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
409724
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 12:23:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 07:38:21 GMT
bg3b.png
s0.2mdn.net/10176755/1628770995716/images/ Frame B7F9 		264 KB
264 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176755/1628770995716/images/bg3b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a7e36aaa9181f128dfc877190a075b2bc236dbbd0662833b6def460e16d09fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 07:38:21 GMT
x-content-type-options
nosniff
age
82151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
269855
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 12:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 07:38:21 GMT
push4.png
s0.2mdn.net/10176755/1628770995716/images/ Frame B7F9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176755/1628770995716/images/push4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6eb002be030feee5606908eda31af0f2fc5e9cfb811c12d233d42245606ea3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 07:38:21 GMT
x-content-type-options
nosniff
age
82151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4171
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 12:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 07:38:21 GMT
push6.png
s0.2mdn.net/10176755/1628770995716/images/ Frame B7F9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176755/1628770995716/images/push6.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0258b9d875d5ae4c5d76ccc1a60327957fb59c70a38528c4ed5c896f6caa78b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 22:06:12 GMT
x-content-type-options
nosniff
age
30080
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2011
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 12:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 22:06:12 GMT
push6b.png
s0.2mdn.net/10176755/1628770995716/images/ Frame B7F9 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176755/1628770995716/images/push6b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d355d98734b9724ce1261cf64834e3257c32c5130992c3aebdd84c8e4133aa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 07:38:21 GMT
x-content-type-options
nosniff
age
82151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30226
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 12:23:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 07:38:21 GMT
push6c.png
s0.2mdn.net/10176755/1628770995716/images/ Frame B7F9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176755/1628770995716/images/push6c.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f0a2702bff0e0c90397d6d2e4f4aba9656e38bea1063ad88935ba676511df16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 07:38:21 GMT
x-content-type-options
nosniff
age
82151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3296
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 12:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 07:38:21 GMT
push6d.png
s0.2mdn.net/10176755/1628770995716/images/ Frame B7F9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176755/1628770995716/images/push6d.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adf5e7c37f8621ab815d3b78f9f7fe3da104218bac09111b06ece7e1e17b0230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 07:38:21 GMT
x-content-type-options
nosniff
age
82151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2123
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 12:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 07:38:21 GMT
push7.png
s0.2mdn.net/10176755/1628770995716/images/ Frame B7F9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176755/1628770995716/images/push7.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f11172b57df67c7b2e272803e6e949fafd06fc5aeabda8fb4c2563f67f3d645f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 07:38:21 GMT
x-content-type-options
nosniff
age
82151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3225
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 12:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 07:38:21 GMT
cta.png
s0.2mdn.net/10176755/1628770995716/images/ Frame B7F9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176755/1628770995716/images/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e4f4bcbfca2de071c3d74e3aae1ab2c4df2533bea9bc5cbf0d1059f8c0512af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 08:45:52 GMT
x-content-type-options
nosniff
age
78100
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2287
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 12:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 08:45:52 GMT
arrow.png
s0.2mdn.net/10176755/1628770995716/images/ Frame B7F9 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176755/1628770995716/images/arrow.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9c5debd991646f8914a934d73a168313f43a10e008c90543525f82c26071bb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 07:38:21 GMT
x-content-type-options
nosniff
age
82151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1414
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 12:23:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 07:38:21 GMT
cta_hover.png
s0.2mdn.net/10176755/1628770995716/images/ Frame B7F9 		99 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10176755/1628770995716/images/cta_hover.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae829f91c5894fabf92675d9ccf31d618cd5e4d9a518274c532a727d71e8b3ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/10176755/1628770995716/stylesheets/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 08:45:52 GMT
x-content-type-options
nosniff
age
78100
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 12:23:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 08:45:52 GMT
6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
pagead2.googlesyndication.com/bg/ Frame 4985 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6cqjaYtYR5p4aS5jA8U1PYkQZtxk_S9KNOFLKIL9tps.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 13:22:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
147909
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13723
x-xss-protection
0
last-modified
Tue, 17 May 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 May 2023 13:22:23 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4002 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst1ek4-u-D0Vs6lS0LQsgfhzt8uNgQ1lMQUamsD4wiIjgXXFRRyKQhuj3B3epWeK7-P7umWCnUU1hnRJFfmW1UycbX7Dgd_fbPxp8U9c54nsdE-F-MatpoOLBQMievR-fuU_x7gVKxX8IVZrFkQrpsg5mUUzhjqCUBUcmpbDDU3NNP3P-O7BEbS83jZhorAGe4jGERXsr1PVtmgiRzV00j5_qpw4HKykX7lrgXXi4j4rPO3ziRryAMl0BaU8uz9a9JJANIpB-NQHhn6petrw_-WE7ylFiHGX2GdVirOjM8DgVmvTljdTRmYWZtOFzAgFk9K6f-IBOHEToYssmTU0f7wVS9XILPpgopKhNkW7INGXZWmMe_UOcyggHgq450oOLCfwuFtxHuy4UutZqLoI1TC_lbBrretEsulcBKYuCf5cCkXVwLfetBP8RjgnUCfEXbw61iWxWOdajNKsq44-V5NCotTCz9pC_YrNekPUTjT3fxJIDAJzAtw5hQCkBjsm7S5Ckb-DWMVT2juGU76oIzhDrJIQU6JZvkqwo27oTtf84gkW5xWH67-EHtGwNo-4jx3mMI4H73vpo937-5md9FgpkpT2UiHzMsz_wo-QLfj1-ojuW7VZkZ_0c8GSwnwLCeuOeIjFG0uCAajInKHEfK4enW4xOpnfdrUfytSUPy8--CY41rJv8aJeNtz2t4KoadKXO3F_e61xdQnZv-vVO2Est0T2zNxwNgREMRUjXM8WriK_J1SgPFaClUQX631oRwEii9vPVeFJb3SiHYORbQqhvJyks3VQwr90K9ddKhV2HcGuS7q5QjhVwpFF9inu7yYyVLki-mqDoC9ZVhaMgKl1YmVUF3punbPxDsboA7B_FZdH8IvuMJqJLEZGWoAnsSWNQWxnLdbCnIdRv3YeEMfeGVO__dW5l0dyy5Uyf2lch_6kJgXyBXtFFvO6bLIFmmaYglEwqq44zk0eKKRUTCi6pXPw6geuJDzVRfXdWl17LRLuAF44Y9CpvCIvZ5C3NJK1Q8-EXy86RQdurY1FEt-toVwD3xf6ZxNmRs6QGGNtQBWF11NOx87Fpjn-Rw9_ZVWAK4HXhqcah-dyOhEKsuSOSSIfna7kzkwybtOpmzbAZwxeDcC47cEUAicGPVvC5NviYGm4Vr4gTUsr3fplCtY0q-gH_TzevYx0uu-F0gGS8hAxI7jd2wVhedwRT1nt5hBuJE-qvkr4NoNRqlHvWlGXz8zLagKZYyDQw&sai=AMfl-YSwbZXAjTLNx2yhG2A8lyz7An-xlBNJH5hwhq6GUfP_lvHBfH4gwh9i9PLSwByAPtNqDCKdpTHwh5mv18daFy4jtR7MoSOqlf9FGyXqyOrAGD_1QKgWE5l8M7Ul1BT7BO9bY20T6E3bEinL2BmuM0yWBJRw9KFcXDLlQ8IrYIdidXXrH8bj5Y1Y3fJwIOEnEzJkaAO8ifKJJSXFl5EvsDbR&sig=Cg0ArKJSzOhsiZ2ATYbrEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=307&vt=11&dtpt=251&dett=3&cstd=55&cisv=r20220525.90725&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 May 2022 06:27:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
skeleton.js
static.adsafeprotected.com/ Frame 4002
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/996673/61756196/skeleton.js?adsafe_url=https%3A%2F%2Fwww.walla.co.il%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googl...
  • https://static.adsafeprotected.com/skeleton.js
17 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Protocol
H2
Server
2600:9000:21f3:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
via
1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
age
8699369
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
7RNlgC5PGLTyrhj6nL8JSMOtTA1S-W00e5JiTJiaDKbbsvBTgIgYUw==

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
x-server-name
app06.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 4437 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
URL: https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:b400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 05 May 2022 17:40:00 GMT
content-encoding
gzip
age
1860453
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA2-C2
content-type
application/javascript
x-amz-cf-id
jhup8xiLZfiljC5TTsE7fAwAyrIsvMmDrDRUSPUHZuNG42QPfl6row==
view
googleads4.g.doubleclick.net/pcs/ Frame 742F 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstXgv0fuhwr_VCflKQnflkezl3YC1tALkCmjwAt1FKMAMp-N4iaCP3wyX3fXY__UJ7cxqPwBFnTq4U076HthA_Dm-N5UR3ekD5DKFw0Oc--hWP2YGZSc8Gu6Z9w7mYJN5QCMrdYqS9eqNYShrNvTAUkmGWIEic8jGId5r47J_chU2GT3YastqFJM7Kw46jQ96sVWIa2dinnCFa3G1R3cxaokDVFFEacfCtRsdCzcubALKa9kgP8vJ5rNKXHgpqy6t06rsvKG0fjEVyeDo3i4RxDwFWW2DBXV-g4snr5RkeFOHWQrhOatZS-vT0hS0KxEHBfw_iCkF88VW7GoaAWo6p6_0C9Cx1D9GbpvoeQNRDUUyrSdgPWquf_LyhMtRnqMQH3xaV_IOM56lYqcRlc4hXt6Qid_yeA84Pkpfd2PyZnX5kPaqdeIAogJpZ9NDmcEA1HSoYlHK5JUzCMF7Zo-YrK0_r7evglBCI8x0j6XmU7GtopXC9ohlPWuw2PcBh1qrjPDiyxy3OFIHoaMH7necjqchdYNcYex13Uw6A6BZPDQZcj2qn6nQu68Gq83ax0XJY7ucJ8Wbq-P4_7dDFxTWaxU52Awo_puJ9mH8NZs3W0Iastp_hRovnT0NZI5zxtr3BhJ1X4d5Qs6OdtHIbzi8R_ZHVD5nB0lT-cnk3Im8vHe_JT8FhJEJyuA9L0K8XeUyPj2MutC58ZiqpgmSIbhJVehmYASUGmr8YAF7xtwHjm5anzVzVE2MRDnWdHFuHq56-YKEXm5eiL8PpBSC7l3IT3-zEoXMcEKnekIgaYPcb4LaSyM1K6CUtZ6P7ANTbnlldlKHBIW6J8sLrEWN3sjckOnTNoPOjQLvGBclv6TBCTk79XnBHs0-IzYpl5RX53Scsxt2lxqUxiONOjEIU-GBeYbTzo0Ey0YxispweGL2WxsHEvV0isIOUjaTP3vbU4jExJ-U1ghhthDkbyV5bwohQn4UIEweqaNpRKe28gH8_pwzMzL1NvQpB6tRKZfhxKJBxNZylBJDH1BLQ6IPZBZRyc9Q_Stz0mELN6puXPcv8dS52jElSWgkQsMToU7w3ItLyCk7npLVBGHoNrVh8PLt1ZHonez6BkIwH9h6mdVI_PCQbi9au9mSEoMCrZjFnr1RfI01WDo5G1J39GHpv_eVcJ9WsOyCtiZVLcsyM&sai=AMfl-YSnmDFcI0R8ESVzhksdTqSwLBRUWgqxHlaAqP6Yg_mlUlZbNH-9yWZnv9TOyH4VcHQgRbmUkEwXE8MBjS1nlFUZXlhzWdaGMkU3W5X0WWtqq339q9jVSY_GcIGb21-lyJAGXJ5At0iYNeWGQFl7M5dJOkWl860MluyLozUJ6Slwtc6zdxvsUc3mVNsK4kceX1LbmgbZ7b4NwqXAhTN4J22B&sig=Cg0ArKJSzLINakJ4AGykEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=370&vt=11&dtpt=271&dett=3&cstd=94&cisv=r20220525.83477&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 May 2022 06:27:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dt
dt.adsafeprotected.com/ Frame 4002 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=fd641c4b-da98-a1bd-fdf5-c891615593af&tv=%7Bc:dNgiLE,pingTime:-3,time:236,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:168%7D,%7Bpiv:0,vs:o,r:l,t:235%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:237,n:235,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:168,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B79~1,0~0%5D,as:%5B79~970.250%5D%7D%7D,%7Bsl:o,t:235,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t70SVtY+11%7C12%7C131%7C132%7C133%7C134%7C141%7C142%7C143%7C144%7C15*.996673-61756196%7C151%7C152%7C153%7C1541,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:859c:b9f:89d9:fa61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:33 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 4002 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=fd641c4b-da98-a1bd-fdf5-c891615593af&tv=%7Bc:dNgiLG,pingTime:-6,time:238,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:238,n:235,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:168,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B79~1,0~0%5D,as:%5B79~970.250%5D%7D%7D,%7Bsl:o,t:235,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t70SVtY+11%7C12%7C131%7C132%7C133%7C134%7C141%7C142%7C143%7C144%7C15*.996673-61756196%7C151%7C152%7C153%7C1541,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&tpiLookup=ao:www.walla.co.il*&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:859c:b9f:89d9:fa61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:33 GMT
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3C4B 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
236ecab5ca59616641062dcf0916c67dd939fb958456b210f3eb78eb58b5fcc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 May 2022 06:27:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5527
x-xss-protection
0
style.css
s0.2mdn.net/sadbundle/5074865056437501952/assets/css/ Frame 3C4B 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5074865056437501952/assets/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5074865056437501952/assets/js/initial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16ae5ab5e6f38c4ead17b0e718fe4a8e38c681c603e12d5ccb5c569017b4ddb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5074865056437501952/creative.html?e=69&leftOffset=0&topOffset=0&c=YSZFVjmZqJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 20 May 2022 08:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
597262
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2154
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 08:26:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 08:33:10 GMT
jquery.textfit.min.js
s0.2mdn.net/sadbundle/5074865056437501952/assets/js/ Frame 3C4B 		1 KB
686 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5074865056437501952/assets/js/jquery.textfit.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5074865056437501952/assets/js/initial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2c5aae989ebecc48aa3e455d9e066b4f90add7ecafef55cef8fce5a5823a735
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5074865056437501952/creative.html?e=69&leftOffset=0&topOffset=0&c=YSZFVjmZqJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 20 May 2022 08:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
597262
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
648
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 08:26:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 08:33:10 GMT
nhdynamic.js
s0.2mdn.net/sadbundle/5074865056437501952/assets/js/ Frame 3C4B 		33 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5074865056437501952/assets/js/nhdynamic.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5074865056437501952/assets/js/initial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19d87eafea67aa82b5b990da2019228128e34afea0237c5e9d63c3c9b24781bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5074865056437501952/creative.html?e=69&leftOffset=0&topOffset=0&c=YSZFVjmZqJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 20 May 2022 08:33:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
597262
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5500
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 08:26:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 08:33:10 GMT
youtubeApi.js
s0.2mdn.net/sadbundle/5074865056437501952/assets/js/ Frame 3C4B 		1 KB
483 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5074865056437501952/assets/js/youtubeApi.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5074865056437501952/assets/js/initial.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
590c9c8a499bf5bd52784c2bbbe0c69bc4f2f8c2ed0cc0e44c3cdaa62e1d672b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5074865056437501952/creative.html?e=69&leftOffset=0&topOffset=0&c=YSZFVjmZqJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 13:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
148164
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
445
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 08:26:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 May 2023 13:18:08 GMT
dt
dt.adsafeprotected.com/ Frame 4002 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=fd641c4b-da98-a1bd-fdf5-c891615593af&tv=%7Bc:dNgiM4,pingTime:-2,time:262,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:82,bdZ:208,beA:245,beZ:246,mfA:398,cmA:399,inA:400,inZ:403,prA:403,prZ:408,si:414,poA:414,poZ:428,cmZ:428,mfZ:428,loA:482,loZ:484,ltA:507,ltZ:507%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:168%7D,%7Bpiv:0,vs:o,r:l,t:235%7D,%7Bpiv:64,vs:pp,r:,t:261%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:261,n:235,pp:1,pm:0%7D,slEvents:%5B%7Bsl:n,t:168,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B79~1,0~0%5D,as:%5B79~970.250%5D%7D%7D,%7Bsl:o,t:235,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B26~0%5D,as:%5B26~970.250%5D%7D%7D,%7Bsl:pp,t:261,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:64,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~50%5D,as:%5B1~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t70SVtY+11%7C12%7C131%7C132%7C133%7C134%7C141%7C142%7C143%7C144%7C15*.996673-61756196%7C151%7C152%7C153%7C1541,idMap:15*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,sinceFw:92,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:859c:b9f:89d9:fa61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:33 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3C4B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 27 May 2022 06:27:32 GMT
iframe_api
www.youtube.com/ Frame 3C4B 		980 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5074865056437501952/assets/js/youtubeApi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
090bc5011ebd3f27b097a4a40ee605faaaadeb234a89cead3124b0e3e409a126
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Fri, 27 May 2022 06:27:32 GMT
63009_20220325045313506_background_160x600_1.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame 3C4B 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20220325045313506_background_160x600_1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08e659c0d1d23140e4f5dd78b001a01031160cad6912f761e90011a00276b33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5074865056437501952/creative.html?e=69&leftOffset=0&topOffset=0&c=YSZFVjmZqJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 05:12:05 GMT
x-content-type-options
nosniff
age
4527
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30827
x-xss-protection
0
last-modified
Fri, 25 Mar 2022 11:53:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 28 May 2022 05:12:05 GMT
63009_20220325045316694_background_160x600_2.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame 3C4B 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20220325045316694_background_160x600_2.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08e659c0d1d23140e4f5dd78b001a01031160cad6912f761e90011a00276b33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5074865056437501952/creative.html?e=69&leftOffset=0&topOffset=0&c=YSZFVjmZqJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 05:12:05 GMT
x-content-type-options
nosniff
age
4527
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30827
x-xss-protection
0
last-modified
Fri, 25 Mar 2022 11:53:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 28 May 2022 05:12:05 GMT
63009_20220325045319522_background_160x600_3.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame 3C4B 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20220325045319522_background_160x600_3.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f08e659c0d1d23140e4f5dd78b001a01031160cad6912f761e90011a00276b33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5074865056437501952/creative.html?e=69&leftOffset=0&topOffset=0&c=YSZFVjmZqJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 05:12:05 GMT
x-content-type-options
nosniff
age
4527
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30827
x-xss-protection
0
last-modified
Fri, 25 Mar 2022 11:53:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 28 May 2022 05:12:05 GMT
GothamNarrow-Bold.woff
s0.2mdn.net/sadbundle/5074865056437501952/assets/fonts/ Frame 3C4B 		80 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5074865056437501952/assets/fonts/GothamNarrow-Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5074865056437501952/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a7b3c6dd66c88e7db6eeb6ca64342e2256a61bcd96889b2f6337aca61a0237a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5074865056437501952/assets/css/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 20 May 2022 08:33:03 GMT
x-content-type-options
nosniff
age
597269
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81884
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 08:26:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 08:33:03 GMT
GothamNarrow-Medium.woff
s0.2mdn.net/sadbundle/5074865056437501952/assets/fonts/ Frame 3C4B 		81 KB
81 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5074865056437501952/assets/fonts/GothamNarrow-Medium.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5074865056437501952/assets/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5d958be76e970124b20b9d17b84962fae1ad78a436652cf10194ac5fb3ab27f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5074865056437501952/assets/css/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 13:18:09 GMT
x-content-type-options
nosniff
age
148163
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82744
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 08:26:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 May 2023 13:18:09 GMT
flecha.png
s0.2mdn.net/sadbundle/5074865056437501952/assets/images/ Frame 3C4B 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5074865056437501952/assets/images/flecha.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c105e09261837014bfa09a76c87ebcb5dc83606c1ce6f8bae7049b6037c6bed8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5074865056437501952/creative.html?e=69&leftOffset=0&topOffset=0&c=YSZFVjmZqJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 20 May 2022 08:33:03 GMT
x-content-type-options
nosniff
age
597269
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1061
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 08:26:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 May 2023 08:33:03 GMT
Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
pagead2.googlesyndication.com/bg/ Frame B5E9 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ad9jBBPkK9vi9bAgcuLyu1_QvBg-YOqOKxt2_RJMMQM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 18:48:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
128327
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13841
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 May 2023 18:48:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AC43 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0t6eVG-QYqfTDrmA9u8PtdOAgAsAAAAAOAHgBAI&bg=!NzSlNHDNAAZ4vKt9WLw7ACkAdvg8WkEcnR0bwnXivf3JN0HHqApUnF-Xc-JNlYnimcKqFfrv8iCNtAIAAAE5UgAAAAJoAQcKAKhVQwm6pezujCB8T_dHX9dUUj5VlQVlEuWCbips1ZJM8maN5Fbx8UrDCIjHX_OQ_DpDeCUizJvj1-bGfaiwAOJfhMP1fYEkoycXxVSoQTmjTGOAZQSwIDOWb1sXKhl20yqz4tXU9y0XVza0aDxTSEpHzvR9Rp7Qmh05McGkCdZDwGIgoWkbEd-p02fF64KD_MI1b5kzffm2RpTawMSBpbX7PcvGHPiyUJeZAuLtTcNIVsCxvuibIsJhCdxmN5ifm4FMxyZL3RK3dLIbdhuFUppv3VPKpJtMJJey3V_7VkmmjZbANRjS--JjBEvW7wqO113bQkkuitxmrCKXQ5H2B8QEF0kRGvnbO_Z9noE__x1wmy5q7CNs0D07Z4d08vC2tAqoLMSg-qlmfbyxL8q28ygu_uG7g9-nmSbncLanAz-lg3_fpzWsGI_3FZl9TPN3Mrl_S2ZIOlygJ1aRGNmddWrkgeDqdKSl6-wBAZBlKdqWw3l1mFGDFWd-64QIMWaccj1DbTXy4nQNfBv-cOIy_CQVvqXPGKRc1tCh6vZi3HBXxXrXBSC_n_1qC38O6Uir16pNNQXfbsj3BUPYsTYIZPQmiwQEPeFV9wSET7ilJ_Ts97OTQTbJNQRt7By5QdgcmXmq3IMh4K6y0rGRa_LPythTCGS2vIbmP7hzMOCCh5AjmdZ5_YNccZVXT_-CPynXABAm6K56HQpNwbcoCFiaHrXAg9YUMTZWkQeDWKfzXykKyI-mWorczfsOxBn39GNPVGkU3QRErqFoYwn5KzRPy0-Cq1GGukQjmUb3V_954ja6ipV8cZtQx1WZS9LxJ7uEWeb9U1l6o3kyN9ZVQVjAIw2qxHnjlbOhkpeS902ezK4F5uMl7gXo7bBLJ5K7TAvxs27eYbFj2NW2pY9g_A4MN9oFMvZXRy9GPdgTqyd-UYtTFaINLgPY5qYIFsHlOjCtw_uHPFtKrsxdboefdgzWZfv1x4GAIUa4eKKCal3bNMymjEkmQnBMRnbySUgAAuqX7VXvIh-zQDjGd3d2LWbP2iGMsgqPvSbm7RcpHdh-zbUnvj9eCCAkSYVbtiEEdpeWSxru0Apoe2ucOBjvg-7RBRw_SvTGXhFroU_F-Nndi0d7XrDUAXHQpkwztnWGSTKW6HPhSooljifbqMxmQAGphgcQoTK0DtbXlg6TD3JwW6SxonWxt9G-q2gM00oeZFU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/c403842a/www-widgetapi.vflset/ Frame 3C4B 		157 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c403842a/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9409940ebe92590826c7f44e6ba42d9cdf6b5c04c967583aff7e13dca590b433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 05:38:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
2925
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52130
x-xss-protection
0
last-modified
Thu, 26 May 2022 00:19:27 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 27 May 2023 05:38:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4985 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUjVTVG-QYte8DqLP7_UPy-6D6AsAAAAAOAHgBAI&bg=!TE-lTwvNAAZ4vKt9WLw7ACkAdvg8WhvAZ6isjcO4C3JKO2NSnpvd06pLLz_lqVpEllJg0a28xVPbJQIAAADFUgAAAAJoAQcKADr8HOXes9YseUQ9iFk6e20SqkuiUkcS0ttoRSL89KDxQS_EYS9PoO25FbE8e6Aqg3kXhqlCiWqXzA1fmQLoWO_hApvYkXZccASufX-Qrebqqgw0gyzJDrYY5o2eSyv4wbHLg4Sq-3W1p0wk4SvmLI7BHeCcZBTcaRuYNUNTNWQsJXsK2WADv_5xOk-AN1-bXwNVEJVqTUgdPa6b9MUrrtoJmJGUG0ym-mYErZp80H_dB4lfdU75uiSg5Tvw6fJM_8E8o8mbqhM-8dBO5aSaLGTMjBgHAoINb3mOwUuQ0CelvYM-IpkEq-P035kpetE_19tinbx0Vgnv-hBTfBbIYyJSVxfSS-ptsJBOl9cL8H2k78KZCYSlT94XwbOS80rzUyuSNykFNJwvK7bn6CDlhqpCPkVspnK8RIweghwebEsE7cHJ5AnKLZe7PzZye-eqNHwwrEvVoY5PdKVmv_BxGDbFeuAvhLIUbWcY-4D4ASEeyu9LvYy7kxFycxse9v8BvI6ok9cLSIPgVL5wG2yf1_W6sCOVEJ7XRR0kKMEeiuegucK_VBx8IVc_Rmy3FtcPzpem6D4GMxXjEIT5VY4m1tN5lnqcR3c7OwhmR3oaeELbP-p2MQnXMEpbtCfzjeuQksqL_2IwEwb92HE3lDyFtPGl6BjP3qpRR4wxLKJQHTF7QYdoiVshcr9pXEvp4Au7LnEGX-9sALBnQ15pjEmsZ2EnBFckvKg6ZPAEVvcqfXGkShtMIgEuBNM-jQLahqL7slCnNpA39gqfaXieNI6tk9RXK9XsldZPHOupM3gPQYPkZwsGD9dgt7rxh_gTFHYS6x7gF2Vxs1qQp-b2dG4k3W2sYiL3VZbMqJj2isq_qKhn9sv6cIgvQb3q1jfuInccCXWntmkflobn0EZD977pzANoCgjwxpxqSYBR4bbn_WTlvQcESt3X3nKSp6V6vT0cZAMAwNHEg4OW8rcMjvJoVCGexqQ4H2Sns1CKk2LUG6N67P5cx7_b-XHdu4l_VSFhE6NnGthLa1DBW9XGVQoG7iYNeBkmOb0INROZaMfpYQPaKnRtsm2N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 4002 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=fd641c4b-da98-a1bd-fdf5-c891615593af&tv=%7Bc:dNgiPH,time:487,type:e,im:%7Bimprf:%7Bttecl:458,ecd:78,tsecr:48%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:261,n:235,pp:226,pm:0%7D,slEvents:%5B%7Bsl:n,t:168,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B79~1,0~0%5D,as:%5B79~970.250%5D%7D%7D,%7Bsl:o,t:235,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B26~0%5D,as:%5B26~970.250%5D%7D%7D,%7Bsl:pp,t:261,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:64,obst:0,th:0,reas:,bkn:%7Bpiv:%5B225~50%5D,as:%5B225~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t70SVtY+11%7C12%7C131%7C132%7C133%7C134%7C141%7C142%7C143%7C144%7C15*.996673-61756196%7C151%7C152%7C153%7C1541,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:859c:b9f:89d9:fa61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:33 GMT
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame FE4C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvoF5r-Cr6nWcA6gM2oayMG0SEVbpU9KkxKdaFQPtQf0kbqxHaX7G9ogf-enkcmhxbRd5wpjovnw34-HQycnD9-MZaV0luCxub-S_tMO9lA6QJTqIGG_5NaF5Ku&sai=AMfl-YRSaSWT9-3q5Ka4V6zWguXSvkAOCAmviJPz4P7VJrrcIt744o0rn4gX0qgoyVKrrkZrRKZy2pAxvhRjdIm1mcvFu1pcpIiwA3ilg4fhszXj4j-azftejHWj6_0Z&sig=Cg0ArKJSzK4z9ugVGl3sEAE&cid=CAASJeRosSQ4gbY_SUTn1m8jS0vL0c21qYYautVO4y_eug5j-u7lyMo&id=lidar2&mcvt=1019&p=99,314,349,1284&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3131741070&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653632851842&rpt=155&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 4002 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=fd641c4b-da98-a1bd-fdf5-c891615593af&tv=%7Bc:dNgiRG,pingTime:-10,time:610,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDIuMC41MDA1LjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1653632853048%7C%7C424aca725d01f3d4264c61439cb2f488%7C%7C964e3af713011c1f80eb8ddd3aa7991e%7C%7Cc0bc3f531d0cb80b280eec80b5e1ad2d%7C%7C586d996cd76d37d40efd67bd55805f67%7C%7C9c5822b97e12695b6898124f8e7cf0d7%7C%7Cf640edf013fa693cfc8316bf152c6f6e%7C%7Ca19faabceea709170f4e1f6b2f350008%7C%7C1629390669%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:859c:b9f:89d9:fa61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:33 GMT
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
events
khn.crowdad.io/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/events
Requested by
Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.40.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-40-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Fri, 27 May 2022 06:27:33 GMT
access-control-allow-credentials
true
content-length
0
events
khn.crowdad.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.40.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-40-189.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.walla.co.il
content-length
0
date
Fri, 27 May 2022 06:27:33 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4002 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9OdCJH4SrhtqeQXdR0XrjPtesFr46OLmLXHjtTevBIu-gYelyOn0AZoajHeLrwG2zB1iMxLN_2eeWeeMWaHRL2q7LJK0lB0_38uiVgBYXDeKc82VKrB3RmUwM&sai=AMfl-YQ8lZY-mbEHJQaoLm8ogQeTHBsX_jB9wd8biwxSCoDwNkWWa4FnpxyUDJ16WrDCkhSr580aI2T5RJSb2WklDd6UDCiUr61Sv13TY9j3oILO8MTfx_lsEJWb8p1i&sig=Cg0ArKJSzMpNvxffet0jEAE&cid=CAASJeRoi0yl6Q24jtZz3ufUvQVhPxJg4vU-NgGLNwoqrhKKda3FFCU&id=lidar2&mcvt=1002&p=1039,315,1289,1285&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=0.64&if=1&vu=1&app=0&itpl=20&adk=2878636598&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653632852194&rpt=124&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 742F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstanJvsOQx8VTw4RmLG7qU8vN28nsj7OVSvlDnlIWf82ixuVbqmYdQHphF16s9IwBMfeV4LCza5uqET67bvt9umylw1TrS-UlIwtSrssqfR2bHEZNIJDSXocbhu&sai=AMfl-YQncilG8zDWlf7IH9IN9UtRE6JBNACnY8tBikbxcDudEKiYyfvcRZi7y5D1p6zmdc6oCWbOqg04dJ0cSSHu0IRKYZdDccQj-RrcyrjasYlLZjp5BoE_sOi5nYd7&sig=Cg0ArKJSzF1NDPELaF4ZEAE&cid=CAASJeRojYObnIsWls-BqVzR1mLzS1MH9eVEOaGarXoEpck_CXq7b4Q&id=lidar2&mcvt=1011&p=186,1558,226,1599&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2273020715&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653632852190&rpt=167&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 4002 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=fd641c4b-da98-a1bd-fdf5-c891615593af&tv=%7Bc:dNgj2l,pingTime:1,time:1271,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:168%7D,%7Bpiv:0,vs:o,r:l,t:235%7D,%7Bpiv:64,vs:pp,r:,t:261%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:261,n:235,pp:1010,pm:0%7D,slEvents:%5B%7Bsl:n,t:168,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B79~1,0~0%5D,as:%5B79~970.250%5D%7D%7D,%7Bsl:o,t:235,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B26~0%5D,as:%5B26~970.250%5D%7D%7D,%7Bsl:pp,t:261,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:64,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1009~50%5D,as:%5B1009~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:310,fm:t70SVtY+11%7C12%7C131%7C132%7C133%7C134%7C141%7C142%7C143%7C144%7C15*.996673-61756196%7C151%7C152%7C153%7C1541,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:859c:b9f:89d9:fa61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:33 GMT
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 4002 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=fd641c4b-da98-a1bd-fdf5-c891615593af&tv=%7Bc:dNgj2m,pingTime:1,time:1272,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:168%7D,%7Bpiv:0,vs:o,r:l,t:235%7D,%7Bpiv:64,vs:pp,r:,t:261%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:261,n:235,pp:1011,pm:0%7D,slEvents:%5B%7Bsl:n,t:168,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B79~1,0~0%5D,as:%5B79~970.250%5D%7D%7D,%7Bsl:o,t:235,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B26~0%5D,as:%5B26~970.250%5D%7D%7D,%7Bsl:pp,t:261,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:64,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1010~50%5D,as:%5B1010~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:310,fm:t70SVtY+11%7C12%7C131%7C132%7C133%7C134%7C141%7C142%7C143%7C144%7C15*.996673-61756196%7C151%7C152%7C153%7C1541,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:859c:b9f:89d9:fa61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:33 GMT
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:34 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 28 May 2022 06:27:34 GMT
syncframe
gum.criteo.com/ Frame 9D2E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4f6703cd54650cdd75f59266d630970479d273471a330e272cdaaef9481c55cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6123
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 27 May 2022 06:27:33 GMT
server-processing-duration-in-ticks
1884
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:34 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 28 May 2022 06:27:34 GMT
sid
mug.criteo.com/ Frame 9D2E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=53CP43xHVDB5UU5IUFREcjJBQWNEclVBaTJnbzU1amhGcGthMEt4cENrc2NGRUMxYmRSVEU4QW95TExqYlI0TzgwTDlLbk1MOXRxVC9Ka1oycHc4dVQxNXBJK0NRbnpVNlNNVXVwVWphQU53NTEwY1hnSDFua3paZndhbX...
419 B
629 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=53CP43xHVDB5UU5IUFREcjJBQWNEclVBaTJnbzU1amhGcGthMEt4cENrc2NGRUMxYmRSVEU4QW95TExqYlI0TzgwTDlLbk1MOXRxVC9Ka1oycHc4dVQxNXBJK0NRbnpVNlNNVXVwVWphQU53NTEwY1hnSDFua3paZndhbXB3ZTdrYVplZEVYbjNRenRVNjczU1BJT1NKVHRQQkRhY29rUFVYNERQc1JCdlVNNk51V0l0cEduOFdxNTAram1RWXdPWUV2dkVWbFJkMjUwWXYvTDRFZ2kyajlmRUF1ZUFKSFhLTTNJVW51RkthaVFUWjZiajM1bjErL2s2ajVwOFo1N3M0amUwSVpUOUV5NG5iYWNPcVliQ1NpSnpidz09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
1d904094c938531923ce11ef05431f5227962794bf8c75ee782c3be01378cbb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:33 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4779
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:34 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=53CP43xHVDB5UU5IUFREcjJBQWNEclVBaTJnbzU1amhGcGthMEt4cENrc2NGRUMxYmRSVEU4QW95TExqYlI0TzgwTDlLbk1MOXRxVC9Ka1oycHc4dVQxNXBJK0NRbnpVNlNNVXVwVWphQU53NTEwY1hnSDFua3paZndhbXB3ZTdrYVplZEVYbjNRenRVNjczU1BJT1NKVHRQQkRhY29rUFVYNERQc1JCdlVNNk51V0l0cEduOFdxNTAram1RWXdPWUV2dkVWbFJkMjUwWXYvTDRFZ2kyajlmRUF1ZUFKSFhLTTNJVW51RkthaVFUWjZiajM1bjErL2s2ajVwOFo1N3M0amUwSVpUOUV5NG5iYWNPcVliQ1NpSnpidz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1728
content-length
541
expires
0
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=A6t29nxWSEIycGRJakR5a1ZPODZWVit4Y2NObnlNRjkwcDY1Q21aeXh1Y1A1MXEwVEhNNlBhWTVHbjM5b2VJbFBnYTJWLzMvdWZqQjdVZXdyWWNiZHVTYnFaUHdmUEJTTnU1MW5KWENFSUd0NkVpVzltUlVLZkpBUWo1Rj...
422 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=A6t29nxWSEIycGRJakR5a1ZPODZWVit4Y2NObnlNRjkwcDY1Q21aeXh1Y1A1MXEwVEhNNlBhWTVHbjM5b2VJbFBnYTJWLzMvdWZqQjdVZXdyWWNiZHVTYnFaUHdmUEJTTnU1MW5KWENFSUd0NkVpVzltUlVLZkpBUWo1RjRMTWFybklqdXJhWmZLTmxIenNWZVlrRHpLWEtDTE56QmFuRFczUDhhbGlDMXJQV3NETmcyOHZLbE9VMHVDVUxZRnE1cGxCMXlQbkxzMm5rYVFUeUs5Vm83b3pjMERudHJuYXJYSk1idnpKK0ZTZjQ1bDk1WnNIUjYzTURNYnJGMWdQcUs0SEF6emtEZm9ibkZhMlU1YnJ0cGV3OUxHSnp0QTRpK1orNUVQZUNJc0loaGFRMD18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
994cba2db47446a714414f150a34dd94e68f7e9701e19dfc619c7d92f229eb58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:34 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2741
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:34 GMT
location
https://mug.criteo.com/sid?cpp=A6t29nxWSEIycGRJakR5a1ZPODZWVit4Y2NObnlNRjkwcDY1Q21aeXh1Y1A1MXEwVEhNNlBhWTVHbjM5b2VJbFBnYTJWLzMvdWZqQjdVZXdyWWNiZHVTYnFaUHdmUEJTTnU1MW5KWENFSUd0NkVpVzltUlVLZkpBUWo1RjRMTWFybklqdXJhWmZLTmxIenNWZVlrRHpLWEtDTE56QmFuRFczUDhhbGlDMXJQV3NETmcyOHZLbE9VMHVDVUxZRnE1cGxCMXlQbkxzMm5rYVFUeUs5Vm83b3pjMERudHJuYXJYSk1idnpKK0ZTZjQ1bDk1WnNIUjYzTURNYnJGMWdQcUs0SEF6emtEZm9ibkZhMlU1YnJ0cGV3OUxHSnp0QTRpK1orNUVQZUNJc0loaGFRMD18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1425
content-length
567
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 27 May 2022 06:27:34 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1238
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame E00C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.156.240 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-156-240.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 27 May 2022 06:27:34 GMT
ETag
"623de86a-cf34"
Expires
Sat, 28 May 2022 06:27:36 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
/
csync.smilewanted.com/ Frame EFB3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
711caf7f0e1a9128-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 27 May 2022 06:27:34 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2380 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.2 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-2.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=168660
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 27 May 2022 06:27:34 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 29 May 2022 05:18:34 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame A540 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1653632851472
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pd
u.openx.net/w/1.0/ Frame D4E1 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/873204b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Fri, 27 May 2022 06:27:34 GMT
server
OXGW/873204b
vary
Accept, Accept-Encoding
via
1.1 google
sync
eb2.3lift.com/ Frame 783F 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1653609600000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 27 May 2022 06:27:34 GMT
prebid
b1h-euc1.zemanta.com/usersync/ 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1h-euc1.zemanta.com/usersync/prebid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 27 May 2022 06:27:34 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=A6t29nxWSEIycGRJakR5a1ZPODZWVit4Y2NObnlNRjkwcDY1Q21aeXh1Y1A1MXEwVEhNNlBhWTVHbjM5b2VJbFBnYTJWLzMvdWZqQjdVZXdyWWNiZHVTYnFaUHdmUEJTTnU1MW5KWENFSUd0NkVpVzltUlVLZkpBUWo1RjRMTWFybklqdXJhWmZLTmxIenNWZVlrRHpLWEtDTE56QmFuRFczUDhhbGlDMXJQV3NETmcyOHZLbE9VMHVDVUxZRnE1cGxCMXlQbkxzMm5rYVFUeUs5Vm83b3pjMERudHJuYXJYSk1idnpKK0ZTZjQ1bDk1WnNIUjYzTURNYnJGMWdQcUs0SEF6emtEZm9ibkZhMlU1YnJ0cGV3OUxHSnp0QTRpK1orNUVQZUNJc0loaGFRMD18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 27 May 2022 06:27:34 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1078
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 2380 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=64998641&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7f596ed4c19db84c4372e8401f8bfdbf2e331cc6fb653c5864d59052ca22e0ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:34 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
async_usersync
ib.adnxs.com/ Frame E00C 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 06:27:35 GMT
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
60d3d45a-fe0d-4866-b32d-853398c20ae6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 9329
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=B56505BB-A886-4047-B102-69F0C35AFA63
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B56505BB-A886-4047-B102-69F0C35AFA63
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B56505BB-A886-4047-B102-69F0C35AFA63
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 27 May 2022 06:27:35 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 27 May 2022 06:27:35 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B56505BB-A886-4047-B102-69F0C35AFA63
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 8976
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5841112478438565726
42 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5841112478438565726
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 27 May 2022 06:27:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5841112478438565726
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame E9E4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:362f6290-6f54-4600-aef4-470af8567009&gdpr=0&gdpr_consent=
42 B
406 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:362f6290-6f54-4600-aef4-470af8567009&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 27 May 2022 06:27:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 27 May 2022 06:27:35 GMT
Expires
Fri, 27 May 2022 06:27:34 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4419 e1034d5 master hkg-pixel-x2 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:362f6290-6f54-4600-aef4-470af8567009&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame E733
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 27 May 2022 06:27:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Fri, 27 May 2022 06:27:34 GMT
expires
Fri, 27 May 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
2098641
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2380
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tWUFu6iGQEexAmnww1r6Yw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
2.20.157.2 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-2.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:35 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=168659
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Sun, 29 May 2022 05:18:34 GMT

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 2380
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=362f6290-6f54-4600-aef4-470af8567009
0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=362f6290-6f54-4600-aef4-470af8567009
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 27 May 2022 06:27:35 GMT
Server
MT3 4419 e1034d5 master hkg-pixel-x17 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=362f6290-6f54-4600-aef4-470af8567009
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 27 May 2022 06:27:34 GMT
generic
match.adsrvr.org/track/cmf/ Frame 2380
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=B56505BB-A886-4047-B102-69F0C35AFA63
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 2380
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjU2NTA1QkItQTg4Ni00MDQ3LUIxMDItNjlGMEMzNUFGQTYz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 22:02:14 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2380
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI-A01r1ic62yfxYghKn8-0&google_cver=1
42 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI-A01r1ic62yfxYghKn8-0&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:34 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEI-A01r1ic62yfxYghKn8-0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 2380 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:35 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 26 May 2022 06:27:35 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2380
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6408984468864717544
42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6408984468864717544
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:35 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6408984468864717544
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 2380 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 2380
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8583563640542796638&gdpr=0&gdpr_consent=
42 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8583563640542796638&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 21:03:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 27 May 2022 06:27:35 GMT
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b8311dd4-388a-43ee-8b5f-705546064ff1
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8583563640542796638&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2380
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kDWeTJBhkkuLMcYenjGKS8c0xkiLNcVEkzdSjPb3
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kDWeTJBhkkuLMcYenjGKS8c0xkiLNcVEkzdSjPb3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:34 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=kDWeTJBhkkuLMcYenjGKS8c0xkiLNcVEkzdSjPb3
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
async_usersync
ib.adnxs.com/ Frame E00C 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 06:27:36 GMT
X-Proxy-Origin
217.64.151.32; 217.64.151.32; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1f77892f-540e-47b5-9a31-e303f35bb8eb
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 2380 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160447&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 06:27:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dt
dt.adsafeprotected.com/ Frame 4002 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=996673&asId=fd641c4b-da98-a1bd-fdf5-c891615593af&tv=%7Bc:dNgk4J,pingTime:5,time:5263,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:168%7D,%7Bpiv:0,vs:o,r:l,t:235%7D,%7Bpiv:64,vs:pp,r:,t:261%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:261,n:235,pp:5002,pm:0%7D,slEvents:%5B%7Bsl:n,t:168,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B79~1,0~0%5D,as:%5B79~970.250%5D%7D%7D,%7Bsl:o,t:235,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B26~0%5D,as:%5B26~970.250%5D%7D%7D,%7Bsl:pp,t:261,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:64,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~50%5D,as:%5B5001~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:183,fm:t70SVtY+11%7C12%7C131%7C132%7C133%7C134%7C141%7C142%7C143%7C144%7C15*.996673-61756196%7C151%7C152%7C153%7C1541,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:859c:b9f:89d9:fa61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 06:27:37 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| addScriptPromise object| googletag string| isAAB string| pageNumberInSession string| fatherSessionInSession object| dataLayer object| wallaGlobalEventData object| wallaEnv object| slotslist object| WallaTargeting string| loadDataState object| __LOADABLE_LOADED_CHUNKS__ string| __strip_step__ object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_conversion_id object| google_custom_params object| google_remarketing_only function| fbq function| _fbq object| ptag object| f object| ktag string| path object| z object| permutive object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| _0x45d8 function| _0x1711 object| _vadHb function| vadprebidChunk object| vadprebid object| _pbjsGlobals object| ADAGIO object| ggeac object| google_js_reporting_queue object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments undefined| google_measure_js_timing object| Criteo object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms function| owpbjsChunk object| owpbjs object| ucTag object| PWT object| OWT string| partnerName string| key object| sas object| apntag object| _ADAGIO object| ampInaboxIframes object| ampInaboxPendingMessages object| ONFOCUS object| google_image_requests object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

54 Cookies

Domain/Path Name / Value
www.walla.co.il/ Name: strip_step
Value: 2
.walla.co.il/ Name: _wpnis
Value: 2
.walla.co.il/ Name: _wfsis
Value: https://www.walla.co.il
.walla.co.il/ Name: _ga
Value: GA1.3.1687894118.1653632851
.walla.co.il/ Name: _gid
Value: GA1.3.2029512444.1653632851
.walla.co.il/ Name: _gat_UA-4780630-1
Value: 1
.walla.co.il/ Name: _fbp
Value: fb.2.1653632851270.1379204697
.facebook.com/ Name: fr
Value: 0cRRLtu1k6LVL5Cq0..BikG9T...1.0.BikG9T.
www.walla.co.il/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.walla.co.il/ Name: vad-loc-code
Value: de
.adnxs.com/ Name: icu
Value: ChgIgKNkEAoYASABKAEw097BlAY4AUABSAEQ097BlAYYAA..
.adnxs.com/ Name: uuid2
Value: 8583563640542796638
.doubleclick.net/ Name: IDE
Value: AHWqTUmdMVHZe5ZwwjF74BdhgxRz-JKmzANESQ-ojAVCKfj8bK5hQzWGekyH6yhHYEQ
prebid.a-mo.net/ Name: __amc
Value: 1_1653632851_1653632851
.walla.co.il/ Name: __gads
Value: ID=bd220d5706bdeb48:T=1653632851:S=ALNI_Mb_VTd43zvwFji0MbLZiHlF9GGgAg
.casalemedia.com/ Name: CMPS
Value: 5203
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GTtHyCVF!@wnfH8K6pQK`!5=E<*L5?%M*l!MQg0ZVYRX_X1C]78gZf#ykHBn@h@O5cHN*bpRz*qF1`*bfWD)dQK.
.casalemedia.com/ Name: CMID
Value: YpBvUwRFmvApq1bjQ4ZEmQAA
.casalemedia.com/ Name: CMPRO
Value: 1209
.casalemedia.com/ Name: CMST
Value: YpBvVGKQb1QA
.casalemedia.com/ Name: CMRUM3
Value: 2d62906f542760CAESEL2PbrMgSiLqeF6Tli7DdOc
.adfarm1.adition.com/ Name: UserID1
Value: 7102299018932320402
.w55c.net/ Name: wfivefivec
Value: Hm165kAb1NUtrC5
.w55c.net/ Name: matchgoogle
Value: 5
.360yield.com/ Name: tuuid
Value: bf7c6204-bc3f-4562-a0ee-f1e38a16748f
.360yield.com/ Name: tuuid_lu
Value: 1653632852
.simpli.fi/ Name: suid
Value: CD17E7182EC741838BAB0394A0B44C68
.mathtag.com/ Name: uuid
Value: 362f6290-6f54-4600-aef4-470af8567009
.mathtag.com/ Name: mt_mop
Value: 4:1653632852
.youtube.com/ Name: YSC
Value: wOlFaCggKGA
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: L2PLO698Iks
.criteo.com/ Name: uid
Value: 07a3b475-5554-45e9-b989-c7fdae852def
.walla.co.il/ Name: cto_bundle
Value: Nz_UNF8lMkJPYmp5aTU1YXFmJTJGVUVFM3Z4d3FBM29OaFlOc0ElMkZOJTJGdkNEMjUlMkZDazlaQ0VpRnprRFlwaU8wUGF5NkM5TE1NUkNDV3FaUElGSzlVVG9mT0NnZ3VVS3IxeGt4NzkwNHJhMmN0czRRSkU5MnlXZ1gzbWF0WTNCOUhXQXQ3RDAlMkZ1eGslMkJKQ01RQ3NiWW45WVBybElwUldsUSUzRCUzRA
.walla.co.il/ Name: cto_bidid
Value: DB2jKV80Y0NSTEtQRHptdCUyQlNLNkF4RXgxUGlGJTJGUnFReVVXbWFvbUZTNnZpMmQ4OGVrT2ZvVEhwWHRTMjdLQzFuaVBhbXdkJTJCblZvN1dLN3FyVlV6dSUyQjZQMzU2OXpySUt3QnczVG12WDBhTWZaTnE4JTNE
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B56505BB-A886-4047-B102-69F0C35AFA63
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 160447:2
.pubmatic.com/ Name: DPSync3
Value: 1654819200%3A219_201_197%7C1653696000%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1654905600%3A35%7C1654819200%3A8_13_161_7_56_220_21_54_3
.quantserve.com/ Name: d
Value: EPgBCwGeJvijAA
.quantserve.com/ Name: mc
Value: 62906f57-6ab86-7a3a4-2b850
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8583563640542796638&KRTB&23339-8583563640542796638
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEI-A01r1ic62yfxYghKn8-0&KRTB&16514-CAESEI-A01r1ic62yfxYghKn8-0&KRTB&23025-CAESEI-A01r1ic62yfxYghKn8-0
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-kDWeTJBhkkuLMcYenjGKS8c0xkiLNcVEkzdSjPb3&KRTB&19420-kDWeTJBhkkuLMcYenjGKS8c0xkiLNcVEkzdSjPb3&KRTB&22979-kDWeTJBhkkuLMcYenjGKS8c0xkiLNcVEkzdSjPb3
.onaudience.com/ Name: cookie
Value: f77d7b8799509a64
.onaudience.com/ Name: done_redirects147
Value: 1
.adform.net/ Name: C
Value: 1
.de17a.com/ Name: guid2
Value: 1.5841112478438565726
.adform.net/ Name: uid
Value: 6408984468864717544
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5841112478438565726
.pubmatic.com/ Name: PugT
Value: 1653632855
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:362f6290-6f54-4600-aef4-470af8567009&KRTB&16736-uid:362f6290-6f54-4600-aef4-470af8567009&KRTB&23019-uid:362f6290-6f54-4600-aef4-470af8567009&KRTB&23208-uid:362f6290-6f54-4600-aef4-470af8567009
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6408984468864717544&KRTB&23263-6408984468864717544
.pubmatic.com/ Name: SPugT
Value: 1653632856

5 Console Messages

Source Level URL
Text
network error URL: https://www.walla.co.il//
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2022-05-27
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://csync.smilewanted.com/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://csync.smilewanted.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

48fa0d8f163941af83cb2447e7bb8cd8.safeframe.googlesyndication.com
acdn.adnxs.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
b1h-euc1.zemanta.com
bidder.criteo.com
c1.adform.net
cdn.jsdelivr.net
cdn.permutive.com
cdn.valuad.cloud
cdnjs.cloudflare.com
cf.dxmcdn.com
cm.g.doubleclick.net
connect.facebook.net
csync.smilewanted.com
d2r08ja41ypc0t.cloudfront.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hb-dot-valuad.appspot.com
hbopenbid.pubmatic.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
khn.crowdad.io
match.360yield.com
match.adsrvr.org
mcdp-nydc1.outbrain.com
mp.4dex.io
mug.criteo.com
odb.outbrain.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pm.w55c.net
prebid.a-mo.net
prebid.smilewanted.com
s0.2mdn.net
script.4dex.io
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
sync.mathtag.com
sync.teads.tv
tcheck.outbrainimg.com
tlx.3lift.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
us-u.openx.net
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.walla.co.il
www.youtube.com
103.229.206.240
104.19.150.54
104.22.68.131
104.36.113.107
104.89.28.165
108.157.4.94
13.248.245.213
142.250.184.226
142.250.186.66
142.250.74.194
147.75.38.124
151.101.14.132
169.50.137.182
172.217.23.98
178.250.0.163
178.250.2.131
178.250.2.146
185.255.84.150
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.81
185.86.137.122
2.20.156.240
2.20.157.2
205.185.216.42
213.155.156.164
213.19.147.44
213.227.153.220
23.35.229.181
23.35.236.247
23.35.237.86
2600:1f13:800:7782:859c:b9f:89d9:fa61
2600:9000:20eb:6c00:11:da61:a100:93a1
2600:9000:20eb:e00:4:1c73:c740:21
2600:9000:21f3:b400:8:48e:53c0:93a1
2606:4700:20::681a:8a9
2606:4700::6810:5714
2606:4700::6811:180e
2606:4700::6812:272
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:809::2002
2a00:1450:4001:809::2004
2a00:1450:4001:809::2008
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::200a
2a00:1450:4001:812::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2014
2a00:1450:4001:830::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c08::9b
2a02:2638:1::13
2a02:2638:1::3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.123.250.203
3.33.220.150
35.244.159.8
37.157.4.23
37.252.173.215
51.210.112.63
51.89.9.254
52.210.88.151
52.211.40.189
52.29.205.29
54.246.237.93
64.202.112.31
66.155.71.149
85.114.159.118
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
01df630413e42bdbe2f5b02072e2f2bb5fd0bc183e60ea8e2b1b76fd124c3103
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
08ce26ba77d9b54d09e7fa9f8d8202cdbc2508cfc6ec2f438c19d9811d5682be
090bc5011ebd3f27b097a4a40ee605faaaadeb234a89cead3124b0e3e409a126
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14adcf5c39f8504c6d447e6ade75d144ba588e0d175ce24d0ce11545ee1b79d8
1671067cd3dbc4d9bd94120e1f24ce195123451fa87547713a272485f9c34a1c
16ae5ab5e6f38c4ead17b0e718fe4a8e38c681c603e12d5ccb5c569017b4ddb3
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19d87eafea67aa82b5b990da2019228128e34afea0237c5e9d63c3c9b24781bb
19e0cfeae6e0bdd6aecd6fc545877f22b49c71a2c577205964a2d09f9b2133c0
1a850cf507a53223c0142717a86857cf409bf1580ae1b5ad3809dac59271c6cd
1d904094c938531923ce11ef05431f5227962794bf8c75ee782c3be01378cbb1
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
236ecab5ca59616641062dcf0916c67dd939fb958456b210f3eb78eb58b5fcc1
2488b6c3e67b8ec04994779823578a5d7b74a0d814bdee7049a62e9ec97166cf
24954f3f1e11adc0d3968a3860084b3ab713ec5f1ab3db224f1bacf76106166e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2b224d2c4feaca936ca63f7bc30353f4226613f73d5a947cb5622cb6d8a7dfe5
2bd7df5c99615e79a156eb2e81f6f6f0ff72ed5085b80d95c2f88f7160f80304
2bf2fd36508b1d23670e375eaf89ea61885c3b252a8804f73fc3e265d283f925
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3545831e5f34ae355c1d9bce9854a56ff891ce7c1fbeff61fccd65a466badc1a
3604186f1ceae4eb40c57e0b95a66f133b827f11649150adadb65dd96b309743
36753198be46af84bf6f87d6c83e83e024b6d2b3547358960f152d2587319046
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c2131dd95fe41aa1be74aa24d3f3439ae8a902d7c6b6270d3dbbeda5892050c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
4641e93c3d267764085127aba50849f2dff6adf1a7ce6dae442f7bfa0e959991
465f446bb2f2c6ab1e90e1d9378035f386096a1f0e7a8ed9a0c9c2c53541a762
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
4d0545960d6ef260bb87b548d42c91da3ba474568edbf04faf158ed880c328d2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4f4bcbfca2de071c3d74e3aae1ab2c4df2533bea9bc5cbf0d1059f8c0512af
4e52b26b48dad0ceba58fabaa61a50167088c658243866f4356e85df897f5e7c
4f6703cd54650cdd75f59266d630970479d273471a330e272cdaaef9481c55cc
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5
53b3d6d88a2a3bf4dc27064e81be609ef2afe83e2de5e7a7627363266235d18e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564a22772cb2662573d984ddcff32a4c684248975696273319a21aa505811ce4
590c9c8a499bf5bd52784c2bbbe0c69bc4f2f8c2ed0cc0e44c3cdaa62e1d672b
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a
5cc9bfc58f21b71d785b288cac424336c48ca9681c7cb8ec231d89d9fc5a0075
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086
5ea717cca2b878742523fac75fe0037c265e93eb6a96057e685bc411ff833046
5fd6e1b2782564a59206f88f30e52cfbf69758d0649141b126027e775b3b0553
5febe5c3d4fe4260963530c97481352bb86abc3d9b0445108375b061a5c7691e
613bce7bfcdcd518049f0b4355baed0e549f83fe809c72d50f3d05f703fc00a4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626a9f5e33b58fb37aaa0c3229b9b04cbc75c40d0482dccf42fabf06fc2db766
649ccfda4c5382400fa3e29d6d33f2d0ce77fdc993eab12c3902156ffd0509cd
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6a7b3c6dd66c88e7db6eeb6ca64342e2256a61bcd96889b2f6337aca61a0237a
6b6dc0c6cb6db4cc3693a4bedc8e0ee24bbfb2d861da6039ae6a20c436410882
6f42b594160112e945a08e1bba5d6bd8f379df09b37f1627f87263bb3da93392
70b71ef0bfe71ad181415e68b9bf5f89b6cd00d19ceeacec1d51254147af9015
73086c45add34f373a8dff3d3baf76d1ed73d273ca5ee13e749f6248d7ee0a6e
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309
771d8ed932d9483cfb806a8a7da6eb171167c989fee58ec04d2c9112d0ae6dad
794d61e219331f90223f84b6f7806082dd2fb5388d3c74af6bab63ad2ce022bb
7f596ed4c19db84c4372e8401f8bfdbf2e331cc6fb653c5864d59052ca22e0ae
7ff6e89ef0a4dcb72ed72196173642deb38c4b539baf3d7030ba8e122c284475
8085ecc956491fa9a137ff0657713efc8201360543ccaf8605c0159043ebf08c
81366b8d555eac429c5b14198573523f55757a94d93d60c83980d38c00225e07
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856210611103e164b4c4ef32c3e09ebf087e13a585984c64e062bec0d1949a92
86e8ebbb8add42c09a533f54322a4e9560ca52dad7b04a957a6ee8c38fd73249
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
87a964d3ee57d64c5dfc1c04cadb738f8f6f87ede99e443201afa1715ac196b1
87bac37f4c21a9f29fb9ab2cfd2ff2b10f6725b5bb7abc3c9c610f80be5252f9
891918e992d33b82384f6f5e6d30837db100f35f41e18866a5435eb29d6cc6e4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91ece149e492155d61648e1027332f437d0d006ef0917c01fd660290dc6fea67
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
93600ad2b1edcc96781b1c001930e71675004e0e7b778b9c5109215a8e677718
9409940ebe92590826c7f44e6ba42d9cdf6b5c04c967583aff7e13dca590b433
9472eba26c90a786dfde1646293da822c7c57c256c8e326beb8842f2d423a194
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9946aac3f8ccd2c67e53596de1353b5200e78cb45ddbba5691453aa2b3d6daf0
994cba2db47446a714414f150a34dd94e68f7e9701e19dfc619c7d92f229eb58
9a7e36aaa9181f128dfc877190a075b2bc236dbbd0662833b6def460e16d09fb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d355d98734b9724ce1261cf64834e3257c32c5130992c3aebdd84c8e4133aa1
9e81fcb9b19405a907a8951cb432da707392903a6e7194ca1484f49a8029068a
9f0a2702bff0e0c90397d6d2e4f4aba9656e38bea1063ad88935ba676511df16
9f2e24b95c962fffb41eede228d0c5c7681cf9bc3dd3ece2440412ec4246d84e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a18a79f1526e3433653d323bdeb87108a12dc8a0a5e32d679ca322fb9fea7966
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d958be76e970124b20b9d17b84962fae1ad78a436652cf10194ac5fb3ab27f
a6cbbfde0f8fa5053ac3b8a87d712870edae2c840f56df167e4c33f31e61e84b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7f82d2398f97c791578e2348b2e4979c7c5e75ccee7f51f89d6837662aa7f56
ad3020772c580601a51fa9053ce4ca8155c12db4fc08d125852f951d30596fff
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
adf5e7c37f8621ab815d3b78f9f7fe3da104218bac09111b06ece7e1e17b0230
ae829f91c5894fabf92675d9ccf31d618cd5e4d9a518274c532a727d71e8b3ef
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4e05219a918031b351cbbf52978d47b5bb356d33ed2a84e783b76d54159c5d7
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
ba8c40c945679314ac7d634c9133e9f51a59a26e6ab18e5efee126aeba11f65f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcc5de0f53784c98bf4b3345b43f7d95736bd096e7ce0b8132a0555624adc13a
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
beee53adafbc60e3db6e6a5687997644ccbe64ba8f1ea73287debd663e271fb7
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1
c0258b9d875d5ae4c5d76ccc1a60327957fb59c70a38528c4ed5c896f6caa78b
c07c4280af0101109ac899ccd91d9b539d927fe58ae715fdb58617aa54ca2bf5
c105e09261837014bfa09a76c87ebcb5dc83606c1ce6f8bae7049b6037c6bed8
c6163b79541e39dee513e65dbe9879c888d980c1884cce20d2ce25f225542320
c6eb002be030feee5606908eda31af0f2fc5e9cfb811c12d233d42245606ea3f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c965d928427a463d529f61750f6e2fb9cf4f191b1abf8c9bba19f9a49c209466
cba34c3f8d9f83d6c9caa877b6390184c4bf570956475a13712bd2ca3748f43d
cdbda8881d89c98cddc00fc93962e3fd5d8aa4c93f80ae4880150057f246ea2f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d9b946481c32f4369373d2e4a287d25404305f730eaf798f4355846d597f8f61
d9f04ec55812dcbc4eb1c5aa2623c73f1f7ec563308d4ad6ea25ace914194a9b
dd24a60238b03577452bc7b15665e2f6f4a56e75f3ecaaed40fbff0b769b9314
dd6bae3cabfa6f6e2381af0d19e0a2c17d00a727e414564df6898d6dc0355cad
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df17a038604f387fabc1e3cc8994aba8394be245d7e3caaa989a629547803c0b
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
e22e4720a3de5c50901c505d7c84cb178abfe6fcd532c3d4ed93efa5a35b295c
e2c5aae989ebecc48aa3e455d9e066b4f90add7ecafef55cef8fce5a5823a735
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9c5debd991646f8914a934d73a168313f43a10e008c90543525f82c26071bb5
e9caa3698b58479a78692e6303c5353d891066dc64fd2f4a34e14b2882fdb69b
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee3f5afe9e1b71c09e0f27fad062214fdd560fec9ce2b7e3ba7d8aaa2b7766d4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efeed59204d2eb15bc97b127681e3cfe55684a996433151d37dbe0550a89a505
f08e659c0d1d23140e4f5dd78b001a01031160cad6912f761e90011a00276b33
f11172b57df67c7b2e272803e6e949fafd06fc5aeabda8fb4c2563f67f3d645f
f6a69ae74374cd68efa0256c89a99d1cccbb7095e33ffb88d1ae54ee900d4741
f92230d5f8844fd1051aebe1d9aa14f55125fac77e37c6bbf74608f1f37be2e3
f96c607e65e9265b8426aa1e30a0c7fa19dcfe5147a488c985df06787b10b61e
ff91390c6cf78e05bd1e622856667dd65ed39acae7fa24b4a93d9a235747a9ed