urlscan.io logo urlscan.io
SecurityTrails logo

www.walla.co.il Open in urlscan Pro
52.222.236.97  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://walla.com/home
Effective URL: https://www.walla.co.il/home
Submission: On December 04 via api from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 75 IPs in 11 countries across 60 domains to perform 233 HTTP transactions. The main IP is 52.222.236.97, located in United States and belongs to AMAZON-02, US. The main domain is www.walla.co.il. The Cisco Umbrella rank of the primary domain is 223211.
TLS certificate: Issued by Amazon on April 27th 2022. Valid for: a year.
This is the only time www.walla.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 143.204.89.105 16509 (AMAZON-02)
1 1 143.204.89.4 16509 (AMAZON-02)
21 52.222.236.97 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:223... 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
1 205.185.216.42 20446 (STACKPATH...)
2 2606:2800:234... 15133 (EDGECAST)
5 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:224... 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
3 23.35.237.86 16625 (AKAMAI-AS)
1 34.199.154.34 14618 (AMAZON-AES)
1 104.19.150.54 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 216.58.212.162 15169 (GOOGLE)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 151.101.193.44 54113 (FASTLY)
1 104.244.42.72 13414 (TWITTER)
4 8 37.252.171.149 29990 (ASN-APPNEX)
1 63.33.172.116 16509 (AMAZON-02)
4 2001:4860:480... 15169 (GOOGLE)
3 151.101.114.132 54113 (FASTLY)
4 34.251.43.14 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f12... 32934 (FACEBOOK)
1 6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 64.202.112.223 22075 (AS-OUTBRAIN)
2 141.226.228.48 200478 (TABOOLA-AS)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 185.255.84.151 200271 (IGUANE-)
1 51.89.9.254 16276 (OVH)
1 3.65.169.1 16509 (AMAZON-02)
1 3.224.217.10 14618 (AMAZON-AES)
1 2a02:2638:1::1a 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 213.227.153.221 60781 (LEASEWEB-...)
1 34.98.64.218 396982 (GOOGLE-CL...)
2 5.135.209.96 16276 (OVH)
1 11 172.67.10.198 13335 (CLOUDFLAR...)
2 2602:803:c003... 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
32 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 23.35.236.201 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
8 14 142.250.74.194 15169 (GOOGLE)
3 5 185.80.39.216 27381 (CASALE-MEDIA)
9 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 172.217.18.2 15169 (GOOGLE)
1 1 2.16.107.129 20940 (AKAMAI-ASN1)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 2620:116:800d... 16509 (AMAZON-02)
1 2 34.91.62.186 396982 (GOOGLE-CL...)
1 34.96.105.8 396982 (GOOGLE-CL...)
2 2 104.18.33.19 13335 (CLOUDFLAR...)
1 1 2600:9000:223... 16509 (AMAZON-02)
1 1 37.252.171.21 29990 (ASN-APPNEX)
1 52.28.133.172 16509 (AMAZON-02)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 185.86.137.110 201081 (SMARTADSE...)
2 2 99.81.20.134 16509 (AMAZON-02)
1 69.173.144.139 26667 (RUBICONPR...)
1 185.64.190.78 62713 (AS-PUBMATIC)
3 4 37.157.3.30 198622 (ADFORM)
2 2 185.29.134.248 30419 (MEDIAMATH...)
3 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.167 1299 (TWELVE99 ...)
3 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
1 2 67.220.226.233 16509 (AMAZON-02)
1 198.47.127.20 3257 (GTT-BACKB...)
2 2 51.222.80.231 16276 (OVH)
2 2 34.254.143.3 ()
1 2 2606:4700:10:... ()
1 35.71.131.137 16509 (AMAZON-02)
233 75
1    143.204.89.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-105.fra50.r.cloudfront.net
walla.com
1    143.204.89.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-4.fra50.r.cloudfront.net
walla.com
21    52.222.236.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-97.fra56.r.cloudfront.net
www.walla.co.il
3    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2600:9000:223c:9400:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
7    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.valuad.cloud
2    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
5    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2240:e000:11:da61:a100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.dxmcdn.com
1    2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
3    23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
1    34.199.154.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-154-34.compute-1.amazonaws.com
ping.chartbeat.net
1    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    2600:9000:223e:4c00:4:1c73:c740:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2r08ja41ypc0t.cloudfront.net
3    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
www.googleadservices.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
8    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    63.33.172.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-172-116.eu-west-1.compute.amazonaws.com
ledger.crowdad.io
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
mv.outbrain.com
4    34.251.43.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-43-14.eu-west-1.compute.amazonaws.com
khn.crowdad.io
8    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
adservice.google.de
1    2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    64.202.112.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
mcdp-nydc1.outbrain.com
2    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
4    2a00:1450:4001:831::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
hb-dot-valuad.appspot.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
1    3.65.169.1 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-169-1.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    3.224.217.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-217-10.compute-1.amazonaws.com
hb.minutemedia-prebid.com
1    2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    213.227.153.221 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce14.ams-01.nl.leaseweb.net
b1h-euc1.zemanta.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
2    5.135.209.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-5-135-209.eu
prg.smartadserver.com
11    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
2    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
13    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
32    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
14    142.250.74.194 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
5    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
9    2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2.16.107.129 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-129.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    2600:9000:223f:b200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    52.28.133.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-133-172.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    2606:4700:10::6816:36ce (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
2    185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
2    99.81.20.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-20-134.eu-west-1.compute.amazonaws.com
ice.360yield.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.167 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-167.teliacarrier-cust.com
d5p.de17a.com
3    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    67.220.226.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
2    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-1.cloudy.ovh
pixel.onaudience.com
2    34.254.143.3 (None, )

ASN- ()
loada.exelator.com
2    2606:4700:10::6816:1957 (None, )

ASN- ()
spl.zeotap.com
mwzeom.zeotap.com
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
Apex Domain
Subdomains		 Transfer
48 googlesyndication.com
f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 109
tpc.googlesyndication.com — Cisco Umbrella Rank: 144
363 KB
29 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 316
250 KB
21 walla.co.il
www.walla.co.il — Cisco Umbrella Rank: 223211
720 KB
12 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
ads.pubmatic.com — Cisco Umbrella Rank: 533
image6.pubmatic.com — Cisco Umbrella Rank: 734
simage2.pubmatic.com — Cisco Umbrella Rank: 723
image2.pubmatic.com — Cisco Umbrella Rank: 1051
image4.pubmatic.com — Cisco Umbrella Rank: 982
108 KB
11 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5349
csync.smilewanted.com — Cisco Umbrella Rank: 4332
static.smilewanted.com — Cisco Umbrella Rank: 9881
17 KB
9 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 288
143 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
secure.adnxs.com — Cisco Umbrella Rank: 486
21 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 87
2 KB
7 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 588
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 467
6 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 38
region1.google-analytics.com — Cisco Umbrella Rank: 2448
20 KB
7 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1408
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3188
odb.outbrain.com — Cisco Umbrella Rank: 1598
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 6006
mv.outbrain.com — Cisco Umbrella Rank: 2930
129 KB
6 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 378
126 KB
5 crowdad.io
ledger.crowdad.io — Cisco Umbrella Rank: 154856
khn.crowdad.io — Cisco Umbrella Rank: 136711
247 B
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
349 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 718
2 KB
4 gstatic.com
fonts.gstatic.com
93 KB
4 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1555
sync.smartadserver.com — Cisco Umbrella Rank: 1667
1 KB
4 appspot.com
hb-dot-valuad.appspot.com — Cisco Umbrella Rank: 96802
122 B
4 google.de
www.google.de — Cisco Umbrella Rank: 5234
adservice.google.de — Cisco Umbrella Rank: 7808
1 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
233 B
4 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1044
trc.taboola.com — Cisco Umbrella Rank: 735
trc-events.taboola.com — Cisco Umbrella Rank: 1641
20 KB
3 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 498
pixel.rubiconproject.com — Cisco Umbrella Rank: 351
6 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2005
mp.4dex.io — Cisco Umbrella Rank: 2214
25 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
196 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 883
syndication.twitter.com — Cisco Umbrella Rank: 1187
133 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1329
mab.chartbeat.com — Cisco Umbrella Rank: 2580
25 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
122 KB
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
827 B
2 exelator.com
loada.exelator.com
2 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3226
895 B
2 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1057
2 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5758
562 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 509
1 KB
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 2178
645 B
2 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 5304
sync-eu.connectad.io — Cisco Umbrella Rank: 4153
824 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 598
728 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 985
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 936
r.turn.com — Cisco Umbrella Rank: 3843
869 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 51
2 KB
2 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 763
dis.criteo.com — Cisco Umbrella Rank: 752
676 B
2 walla.com
walla.com — Cisco Umbrella Rank: 497117
631 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 364
265 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 557
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 733
439 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2262
174 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 721
464 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 682
612 B
1 openx.net
u.openx.net — Cisco Umbrella Rank: 738
378 B
1 zemanta.com
b1h-euc1.zemanta.com — Cisco Umbrella Rank: 18610
145 B
1 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3641
406 B
1 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 562
507 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 847
363 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3896
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 435
2 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 170
17 KB
1 cloudfront.net
d2r08ja41ypc0t.cloudfront.net
6 KB
1 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2761
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1215
201 B
1 dxmcdn.com
cf.dxmcdn.com — Cisco Umbrella Rank: 140768
2 KB
1 valuad.cloud
cdn.valuad.cloud — Cisco Umbrella Rank: 132982
245 KB
233 60
Domain Requested by
32 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.walla.co.il
f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
21 www.walla.co.il www.walla.co.il
14 cm.g.doubleclick.net 8 redirects googleads.g.doubleclick.net
f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
13 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
9 s0.2mdn.net www.walla.co.il
s0.2mdn.net
8 csync.smilewanted.com 1 redirects cdn.valuad.cloud
csync.smilewanted.com
ads.pubmatic.com
8 ib.adnxs.com 4 redirects cdn.valuad.cloud
googleads.g.doubleclick.net
csync.smilewanted.com
7 securepubads.g.doubleclick.net www.googletagservices.com
www.walla.co.il
securepubads.g.doubleclick.net
6 cdn.ampproject.org securepubads.g.doubleclick.net
6 www.google.com 1 redirects www.walla.co.il
tpc.googlesyndication.com
f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 googleads.g.doubleclick.net www.googleadservices.com
f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
www.walla.co.il
5 www.googletagmanager.com www.walla.co.il
www.googletagmanager.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 fonts.gstatic.com fonts.googleapis.com
4 hb-dot-valuad.appspot.com cdn.valuad.cloud
4 www.facebook.com www.walla.co.il
4 khn.crowdad.io d2r08ja41ypc0t.cloudfront.net
4 region1.google-analytics.com www.googletagmanager.com
3 image2.pubmatic.com ads.pubmatic.com
3 simage2.pubmatic.com ads.pubmatic.com
3 ads.pubmatic.com cdn.valuad.cloud
csync.smilewanted.com
ads.pubmatic.com
3 f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 connect.facebook.net www.walla.co.il
connect.facebook.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagservices.com www.walla.co.il
f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 sync.mathtag.com 2 redirects
2 ice.360yield.com 2 redirects
2 sync.smartadserver.com 1 redirects csync.smilewanted.com
2 creativecdn.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 googleads4.g.doubleclick.net www.walla.co.il
2 fonts.googleapis.com tpc.googlesyndication.com
s0.2mdn.net
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 fastlane.rubiconproject.com cdn.valuad.cloud
2 prebid.smilewanted.com cdn.valuad.cloud
2 prg.smartadserver.com cdn.valuad.cloud
2 script.4dex.io cdn.valuad.cloud
script.4dex.io
2 trc-events.taboola.com cdn.taboola.com
2 www.google.de www.walla.co.il
2 odb.outbrain.com widgets.outbrain.com
2 widgets.outbrain.com www.walla.co.il
widgets.outbrain.com
2 platform.twitter.com www.walla.co.il
platform.twitter.com
2 static.chartbeat.com www.walla.co.il
2 walla.com 2 redirects
1 match.adsrvr.org ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 pixel.rubiconproject.com csync.smilewanted.com
1 sync-eu.connectad.io cdn.connectad.io
1 cdn.connectad.io csync.smilewanted.com
1 match.sharethrough.com csync.smilewanted.com
1 secure.adnxs.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 tr.blismedia.com f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
1 cms.quantserve.com f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
1 r.turn.com f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 ads.stickyadstv.com 1 redirects
1 static.smilewanted.com csync.smilewanted.com
1 mv.outbrain.com widgets.outbrain.com
1 u.openx.net cdn.valuad.cloud
1 b1h-euc1.zemanta.com cdn.valuad.cloud
1 hbopenbid.pubmatic.com cdn.valuad.cloud
1 mp.4dex.io cdn.valuad.cloud
1 bidder.criteo.com cdn.valuad.cloud
1 hb.minutemedia-prebid.com cdn.valuad.cloud
1 tlx.3lift.com cdn.valuad.cloud
1 onetag-sys.com cdn.valuad.cloud
1 hb-api.omnitagjs.com cdn.valuad.cloud
1 cdn.jsdelivr.net cdn.valuad.cloud
1 mcdp-nydc1.outbrain.com widgets.outbrain.com
1 trc.taboola.com cdn.taboola.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ledger.crowdad.io www.walla.co.il
1 syndication.twitter.com platform.twitter.com
1 cdn.taboola.com www.walla.co.il
1 www.googleadservices.com www.googletagmanager.com
1 widget-pixels.outbrain.com www.walla.co.il
1 d2r08ja41ypc0t.cloudfront.net cf.dxmcdn.com
1 cdn.permutive.com cf.dxmcdn.com
1 ping.chartbeat.net www.walla.co.il
1 mab.chartbeat.com static.chartbeat.com
1 cf.dxmcdn.com www.walla.co.il
1 cdn.valuad.cloud www.walla.co.il
233 94
Subject Issuer Validity Valid
*.walla.co.il
Amazon		 2022-04-27 -
2023-05-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
valuad.cloud
E1		 2022-11-29 -
2023-02-27		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
cf.dxmcdn.com
Amazon		 2022-04-26 -
2023-05-25		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2022-02-26 -
2023-02-25		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-12 -
2022-12-11		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
crowdad.io
Amazon		 2022-09-28 -
2023-10-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.appspot.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
hb.minutemedia-prebid.com
Amazon		 2022-02-03 -
2023-03-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-10-16 -
2023-01-14		 3 months crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh

This page contains 35 frames:

Primary Page: https://www.walla.co.il/home
Frame ID: 1AB404FE7D23C55950EDDC94F1BCBA4B
Requests: 106 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.walla.co.il
Frame ID: 1DE35DA083116E1D56AB96B59932DCC9
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A49D3C0B6AA864B8F9AF3BF35BE6C350
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E26E6F3E424BAEE194D01ED86BCD9A8E
Requests: 1 HTTP requests in this frame

Frame: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7C34FACB2216BDB8D5BB3E976E91219B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F9858A843086571871E559FA7C2CD18C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 90D9EAA126A3DC8EF1633447146B61AD
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 20D4C8D65692CFB5D624596448FB6DAE
Requests: 22 HTTP requests in this frame

Frame: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1DCC96877F18389719BED5694917EA1C
Requests: 7 HTTP requests in this frame

Frame: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 94CBF74EFF19D256CA63FD2B56508841
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html
Frame ID: 7CA1F38A7555CBC8CB048279D40E4937
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BEFCC1573A63EC9E83BB8F140680B704
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNWJ7qij544xEmTw3E3rIFlXU4KyrP-XLAkvqL332m8MlAkXjIiv92SDkbxemQr-8xqimSU7kaTRCY5oKs29GYbAZ5jSORaQDCmv0WUDGMN0CsBpLuQYKhfMkmXP4TyabNq8aei4WiwgkDCopy8FMjMXVDVUDLGr0XgT8P140OaZ2NA88cY
Frame ID: 999E4F1C785BB4C9F58CD4EF7A100DA2
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9299586283340861618/index.html
Frame ID: 866BE1FC92604A165B44D75A0FD54C24
Requests: 12 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 997F524676C6285F67462414E047EED9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8215F2CD944F5FBE8C622C4E013358D7
Requests: 9 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/411abac7a13088d426e44a46fa99b1?gdpr_consent=&gdpr=0
Frame ID: B18D83613BA8013D08F83EC7C98F2859
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A88277D55C62AFA929AEEAC23F6BCC62
Requests: 3 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 1F01CB070BE96455C6FAC894FBC0D553
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/KznzEzjMum9a2Q5lixOZ?pi=smilewanted&tc=1
Frame ID: 964E237530E7DD45210395376D900338
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=191ee3e318bf3b91c5e46b985335bace
Frame ID: 866DAE2E84DC49DEC2CEE8BC990B55BA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 190CA3764236C1454AB8D5E1310B7569
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 81E10BE44CBAFBD012D3318518BF6AAE
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/56a95dcd-10f2-4880-8e1b-07f9ecf90025&partner_id=1010
Frame ID: 8D019C177D4221E87F1424578BF42BDB
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: AEDDA016F1A78DCEA21ADDCADC9E5C75
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 3BBE374E1EDB892FCE336FFFAF2602B9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: C8DD8D6F8A85CCA85C36A309C4A8382C
Requests: 10 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y4ydPtdbn9hsI04klMtawAAA%265128
Frame ID: 866672483BB8A5CA28D6F944E869A73C
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1D889444-ABE0-4271-809B-B49C4CB422CB&gdpr=0&gdpr_consent=
Frame ID: CB0ABC7EC39AF8761A7E9CDECD8D5909
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cadc638c-9d3f-4f00-84f9-dfa90d89e724&gdpr=0&gdpr_consent=
Frame ID: 97372341531F10743528EAC56F2390FB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1342292186260750491
Frame ID: 446A7A21C3EF563F95555FAD361FBAA2
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: BC9597AD950EFEFC2D6686B269A55176
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1D889444-ABE0-4271-809B-B49C4CB422CB&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: F6FF432700CE99512BA1558436826BFB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4145195386840364174&gdpr=0&gdpr_consent=
Frame ID: 546CBD41C71197110CAA3A9CEC6EED45
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/1D889444-ABE0-4271-809B-B49C4CB422CB
Frame ID: FEC84D95268BA23F4B1DD50AE2F65FDC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://walla.com/home HTTP 301
    https://walla.com/home HTTP 301
    https://www.walla.co.il/home Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

233
Requests

93 %
HTTPS

41 %
IPv6

60
Domains

94
Subdomains

75
IPs

11
Countries

3149 kB
Transfer

10058 kB
Size

62
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://walla.com/home HTTP 301
    https://walla.com/home HTTP 301
    https://www.walla.co.il/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • https://ib.adnxs.com/getuid?https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=42f7bfb0-a873-41b6-b153-6a46d5536a68&adnxsUserId=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fledger.crowdad.io%2Fmap-id%3FpublisherId%3DWALLA%26publisherUserId%3D%26kaUserId%3D42f7bfb0-a873-41b6-b153-6a46d5536a68%26adnxsUserId%3D%24UID HTTP 302
  • https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=42f7bfb0-a873-41b6-b153-6a46d5536a68&adnxsUserId=4145195386840364174
Request Chain 157
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL6eL2Yue2ZXPZR9JVpyv2Y&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL6eL2Yue2ZXPZR9JVpyv2Y&google_cver=1&C=1
Request Chain 158
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4ydPtdbn9hsI04klMtawAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL6eL2Yue2ZXPZR9JVpyv2Y&google_cver=1
Request Chain 159
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBKrCqmlQ2M3RlB_p7FOpbg&google_cver=1
Request Chain 160
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE0NTE5NTM4Njg0MDM2NDE3NA%3D%3D
Request Chain 162
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 173
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/411abac7a13088d426e44a46fa99b1?gdpr_consent=&gdpr=0
Request Chain 176
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMJKCp4uH-caGFmJ_ThUzvU&google_cver=1&google_push=ASkJ3Fbj7PPk3JKq2jOmJfn_tBcC4K75cgMAHlJnlH3lFGv36n2IkFaJ6jo0pudG_RuwHhwANKEezZ8U-jCWNQEuMaIG4lW8l84e HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDU3OTg3ODY4NDc5MDcxMTU4OQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMJKCp4uH-caGFmJ_ThUzvU&google_cver=1
Request Chain 178
  • https://um.simpli.fi/gp_match?google_gid=CAESEPSeVSzL1pAi0efO4bBsZ3M&google_cver=1&google_push=ASkJ3FY8ysE03Iq5T5tW-dwaWoEnSpabaSSo4XziOLNVOnmNE2xsmNbppKN4BCl328rbcNfSeP-Ix--kYfZK7gM3RWEDmIhUA1CN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AB0BD8FFC041453D8E1790E2594F69F9&google_push=ASkJ3FY8ysE03Iq5T5tW-dwaWoEnSpabaSSo4XziOLNVOnmNE2xsmNbppKN4BCl328rbcNfSeP-Ix--kYfZK7gM3RWEDmIhUA1CN
Request Chain 180
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEF1oknxvi9aH79qV7YcjNHU&google_cver=1&google_push=ASkJ3FYsJZtbWpzL6HMHHIFHpGpk1lXdYpbTlz8vE7wY5Ibn0UCre6PEtYuJX8XkrSwgYNfoNyesdW0NN_5f4sUEipUxkHIgXkSv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEF1oknxvi9aH79qV7YcjNHU&google_hm=Y4ydPtdbn9hsI04klMtawAAAFAgAAAIB&google_nid=index&google_push=ASkJ3FYsJZtbWpzL6HMHHIFHpGpk1lXdYpbTlz8vE7wY5Ibn0UCre6PEtYuJX8XkrSwgYNfoNyesdW0NN_5f4sUEipUxkHIgXkSv
Request Chain 181
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIdziEG_Dkpj4H6f1Y6j8Jk&google_cver=1&google_push=ASkJ3FYs19RW4r6W50oTZxSC5FIWOMDmVjVNtl30hBiaRA-7-DZKotn1TW_DXtNp87ZAxjv7HAeS0WHlLNWK_3tC51EUlVHtPOM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FYs19RW4r6W50oTZxSC5FIWOMDmVjVNtl30hBiaRA-7-DZKotn1TW_DXtNp87ZAxjv7HAeS0WHlLNWK_3tC51EUlVHtPOM
Request Chain 182
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHZR-35m8K3bvqtKONx2NnU&google_cver=1&google_push=ASkJ3FYx51jar_jPgMpq1cGyUr-j46ZjsPn2CKqnOq9oGO5DtPILk_HHRCBFrHMNTWHn0oHyuKOcDc54FSIVYpInzA0OHoXKjvCciA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE0NTE5NTM4Njg0MDM2NDE3NA%3D%3D&google_gid=CAESEHZR-35m8K3bvqtKONx2NnU&google_cver=1&google_push=ASkJ3FYx51jar_jPgMpq1cGyUr-j46ZjsPn2CKqnOq9oGO5DtPILk_HHRCBFrHMNTWHn0oHyuKOcDc54FSIVYpInzA0OHoXKjvCciA
Request Chain 199
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/KznzEzjMum9a2Q5lixOZ?pi=smilewanted&tc=1
Request Chain 205
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=191ee3e318bf3b91c5e46b985335bace
Request Chain 208
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 209
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/56a95dcd-10f2-4880-8e1b-07f9ecf90025&partner_id=1010
Request Chain 215
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y4ydPtdbn9hsI04klMtawAAA%265128
Request Chain 216
  • https://c1.adform.net/serving/cookie/match?party=14&cid=1D889444-ABE0-4271-809B-B49C4CB422CB&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1D889444-ABE0-4271-809B-B49C4CB422CB&gdpr=0&gdpr_consent=
Request Chain 217
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cadc638c-9d3f-4f00-84f9-dfa90d89e724&gdpr=0&gdpr_consent=
Request Chain 218
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1342292186260750491
Request Chain 220
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1D889444-ABE0-4271-809B-B49C4CB422CB&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1D889444-ABE0-4271-809B-B49C4CB422CB&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 221
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4145195386840364174&gdpr=0&gdpr_consent=
Request Chain 223
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HYiURKvgQnGAm7ScTLQiyw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 224
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=754f638c-9d3f-4200-b843-32f5c7905033
Request Chain 225
  • https://pixel.onaudience.com/?partner=214&mapped=1D889444-ABE0-4271-809B-B49C4CB422CB&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=0c77400775348ff2b9785fd49357b27d&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=060103195f90aa44 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8de485fc-b01a-4076-6898-cb0a14babf85&reqId=b1727862-13fd-4479-7a2c-5f4320a24c19&zcluid=060103195f90aa44&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGXhuX3K8zi1VaoVXLuS2Uk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8de485fc-b01a-4076-6898-cb0a14babf85&reqId=b1727862-13fd-4479-7a2c-5f4320a24c19&zcluid=060103195f90aa44&zdid=1332
Request Chain 226
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUQ4ODk0NDQtQUJFMC00MjcxLTgwOUItQjQ5QzRDQjQyMkNC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECajH95V_N5nwtMTof2jFGE&google_cver=1
Request Chain 229
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5673640727577580083

233 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request home
www.walla.co.il/
Redirect Chain
  • http://walla.com/home
  • https://walla.com/home
  • https://www.walla.co.il/home
131 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-97.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
f991a6f2a1afe2d8fafe1dd3218d13bff5a7b1227b2b954d4c283c7840882871

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 04 Dec 2022 13:14:34 GMT
etag
W/"20bca-N93XTaJBiwFrxqmE/buaRxMVOGo"
server
openresty/1.15.8.1
vary
Accept-Encoding
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
x-amz-cf-id
g965g-bhPcKYyDGouyxzyrhPQytQX4SqUbAiFEtzXtiVO3OEb5Qlbg==
x-amz-cf-pop
FRA56-P4
x-cache
Error from cloudfront

Redirect headers

content-length
0
date
Sun, 04 Dec 2022 13:14:35 GMT
location
https://www.walla.co.il/home
server
AmazonS3
via
1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
x-amz-cf-id
fQwQaLjFC1gb1zBUeEaqhY4Q4niUrlNPuETl-f_fMZyIXIlVaV-JHA==
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03934c8c4af46d1ccac0264b05179da73d1e1659069e1dae283e09cc9ed1b2d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27507
x-xss-protection
0
server
sffe
etag
"1411 / 597 of 1000 / last-modified: 1670022507"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 04 Dec 2022 13:14:34 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 11:54:02 GMT
content-encoding
gzip
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
4832
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
W0DFeFanz2UmN_WeXrQTQRaWCiZTWpcj5A7m9C8GMwq__Wxi925dPg==
expires
Sun, 04 Dec 2022 13:54:02 GMT
logo_new.svg
www.walla.co.il/public/assets/logo/ 		1 KB
957 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/logo/logo_new.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-97.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a6cbbfde0f8fa5053ac3b8a87d712870edae2c840f56df167e4c33f31e61e84b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:55:49 GMT
content-encoding
gzip
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Sun, 04 Dec 2022 09:36:21 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA56-P4
age
11925
etag
W/"4bf-184dc7e6208"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
nqZnhtJ9D5Lf9WwdGRMMUOBMUrcXeaXaVqOG_dkouz72sfdW3BlWZw==
x-cached
MISS
new-logo.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/new-logo.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-97.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:55:48 GMT
content-encoding
gzip
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Sun, 04 Dec 2022 09:36:21 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA56-P4
age
11926
etag
W/"492-184dc7e6208"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
EFlH5s_UEoKqOqF1zbybJ9tQks4ZPnQwrjQvgu15CExqyB-qg_OTjw==
x-cached
MISS
yad2.png
www.walla.co.il/public/assets/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/yad2.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-97.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:55:48 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Sun, 04 Dec 2022 09:36:21 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA56-P4
age
11927
etag
W/"488-184dc7e6208"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1160
x-cached
MISS
x-amz-cf-id
WlPdMPfpDMfqGphBpWpoXdQcH3vArfej1Qi12ZvNFivBEGpjUnwaiw==
allay-icon.svg
www.walla.co.il/public/assets/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/allay-icon.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-97.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:55:48 GMT
content-encoding
gzip
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Sun, 04 Dec 2022 09:36:21 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA56-P4
age
11927
etag
W/"c00-184dc7e6208"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
wReExpsqG2ctQX8OLVkYdWR2Z7tHjRcTc3kJ5ErRRK2j1ZLoY44Djg==
x-cached
MISS
vod.png
www.walla.co.il/public/assets/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/vod.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-97.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
7ff6e89ef0a4dcb72ed72196173642deb38c4b539baf3d7030ba8e122c284475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:55:49 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Sun, 04 Dec 2022 09:36:21 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA56-P4
age
11926
etag
W/"4a6-184dc7e6208"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1190
x-cached
MISS
x-amz-cf-id
RLo71vMXxmy6_EztDIka-DsFrWqGkUP-AD30YxLYZWNfkpUA57xSrA==
new-logo-walla-negativ.png
www.walla.co.il/public/assets/icons/ 		636 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/icons/new-logo-walla-negativ.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-97.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
f6a69ae74374cd68efa0256c89a99d1cccbb7095e33ffb88d1ae54ee900d4741

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:55:48 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Sun, 04 Dec 2022 09:36:21 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA56-P4
age
11927
etag
W/"27c-184dc7e6208"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
636
x-cached
MISS
x-amz-cf-id
5IteXF-ntF4DRWgbeuFwVp_-TIz56xAniaNiDynVKg2Hc0lYpRQsHA==
446_1865aef0cf6839db2ebc_1865aef0cf6839db2ebc_walla.js
www.walla.co.il/public/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/446_1865aef0cf6839db2ebc_1865aef0cf6839db2ebc_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-97.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e18c7f470c660da0fbb80b92916bd2f6d3b5c5c761d5dfa9008ab8fa3db1abc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:55:48 GMT
content-encoding
gzip
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Sun, 04 Dec 2022 09:39:08 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA56-P4
age
11927
etag
W/"2d69-184dc80ee60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
6xIKstRZ13Q_dSHi5g84YTcEjXyB0kD_Q7s5cCu_QU7lQ9At9q6-xg==
x-cached
HIT
504_501f616b9c3a6c070551_501f616b9c3a6c070551_walla.js
www.walla.co.il/public/ 		310 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/504_501f616b9c3a6c070551_501f616b9c3a6c070551_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-97.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
2a4495c734823c29cbc5635e42d09e525267911f7e48fd7ea37b1e82355a1691

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:55:47 GMT
content-encoding
gzip
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Sun, 04 Dec 2022 09:39:08 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA56-P4
age
11928
etag
W/"4d611-184dc80ee60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
YZOZS-GD2_9dqf8tFG0dFks_6cM5BM8nsXd36Ytk_9Z0AHduXkIO1g==
x-cached
MISS
main_704ad58af06de6b5fde6_704ad58af06de6b5fde6_walla.js
www.walla.co.il/public/ 		1 MB
260 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/main_704ad58af06de6b5fde6_704ad58af06de6b5fde6_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-97.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
ce7497d1dd1d9ce10416341b5027126ef63d34886391980e3a0418fd6a9820ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:55:47 GMT
content-encoding
gzip
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Sun, 04 Dec 2022 09:39:08 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA56-P4
age
11928
etag
W/"120842-184dc80ee60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
DsIIIyUdTmJgmxrY75YcpiSZ6ktLi6UQPhhc109f7tj_wOyJdkEoKQ==
x-cached
MISS
517_2b2d313a40b3cc8f9539_2b2d313a40b3cc8f9539_walla.js
www.walla.co.il/public/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/517_2b2d313a40b3cc8f9539_2b2d313a40b3cc8f9539_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-97.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5afc143e26bb47b3ef46fe9c2ce92093affafe0fad14bdea1450f3041e6c336f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:55:48 GMT
content-encoding
gzip
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Sun, 04 Dec 2022 09:39:08 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA56-P4
age
11927
etag
W/"4a4b-184dc80ee60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
lycnZRKc7QUUnQDqPIqJn8JGTDkFALZMGCE14vbJmzewJH3LAYnxyA==
x-cached
MISS
homepage_2dd87d2124d5ddde443e_2dd87d2124d5ddde443e_walla.js
www.walla.co.il/public/ 		287 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/homepage_2dd87d2124d5ddde443e_2dd87d2124d5ddde443e_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-97.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
2da118cee3bab2e8ae526fb4b6401912d4520812ae18a69ae367f469d532910b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:55:48 GMT
content-encoding
gzip
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Sun, 04 Dec 2022 09:39:08 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA56-P4
age
11927
etag
W/"47d60-184dc80ee60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
GmUPfmDja-vP7tYkUstulzSDltzkOGknNAw7tdIOi3kZ9R0LHlYIog==
x-cached
MISS
pubads_impl_2022120101.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 03 Dec 2022 10:37:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95837
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133241
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 09:36:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 03 Dec 2023 10:37:17 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		907 B
925 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.walla.co.il
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e35aa85514833036e24200de785c47bae867e2d1fc4a2998e876713a650a4a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Sun, 04 Dec 2022 13:14:34 GMT
walla-v2-prod.js
cdn.valuad.cloud/hb/ 		907 KB
245 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670112000000
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
03820dcedde5a048ea1dacf83bd185f9363ddf279dc6c06a844b29b0901b115f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:35 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Mon, 14 Nov 2022 21:30:56 GMT
x-amz-request-id
tx000000000000044124ca3-00638c4f07-2b9ea74d-fra1a
etag
"b6079e76abd0aa26b990b76c0d0b281f"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1670159675.dop130.fr8.t,1670159675.cds003.fr8.hn,1670159675.cds275.fr8.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
250516
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) /
Resource Hash
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date
Sun, 04 Dec 2022 13:14:35 GMT
Content-Encoding
gzip
Age
1127
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
29221
Last-Modified
Wed, 02 Nov 2022 19:43:37 GMT
Server
ECS (frb/67C2)
Etag
"6633f9603c759c40d9b200995454f17c+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
gtm.js
www.googletagmanager.com/ 		405 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f63983586c1a7a902667948ba56c50e9888882c94536b8805589ce3987fea944
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84941
x-xss-protection
0
last-modified
Sun, 04 Dec 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 04 Dec 2022 13:14:35 GMT
gtm.js
www.googletagmanager.com/ 		466 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3e19226382f5e2b1263cd1b7fe9b21c3516777ed6f4f7248e1450905d0b206d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65772
x-xss-protection
0
last-modified
Sun, 04 Dec 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 04 Dec 2022 13:14:35 GMT
gtm.js
www.googletagmanager.com/ 		122 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KL6PRJM
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3e45d9c860ce8f8a49649b223a950e230a1ed3c69052969209cadee135c4fa9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47512
x-xss-protection
0
last-modified
Sun, 04 Dec 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 04 Dec 2022 13:14:35 GMT
wallawb.js
cf.dxmcdn.com/dta/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.dxmcdn.com/dta/wallawb.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:e000:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94c0a6a1ca27813a96c8286b7e1e6dee5b6af23babad416606784366748417b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 08:23:04 GMT
x-amz-version-id
qZmD6iSiSNKopHEgv3XRn4Et4epkBb1Z
content-encoding
gzip
last-modified
Sun, 29 May 2022 13:46:35 GMT
server
AmazonS3
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
etag
W/"c6a8b1a7ee5ce83efe089c14c99eefad"
age
17492
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Kx3aok5crGzCqMJPe4xwuR1LofYcwtcp0AIC1eyz5QKZtK1PeyEuEA==
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cf5fe2149d8b73f111851ba945205c53ef4cb07e26ac3f2873265491aefa9bac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 11:37:15 GMT
content-encoding
gzip
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
last-modified
Wed, 30 Nov 2022 01:35:48 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
5840
etag
W/"6386b374-9343"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
4r5ct2lTntz3O7KH-2z8yGp6zPW2iFDZZO_iSiTTbC8uBt7Q0ugbgw==
expires
Sun, 04 Dec 2022 13:37:15 GMT
icon-mail-empty.svg
www.walla.co.il/public/assets/homepage2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/homepage2/icon-mail-empty.svg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-97.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:55:49 GMT
content-encoding
gzip
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Sun, 04 Dec 2022 09:36:21 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA56-P4
age
11926
etag
W/"5f6-184dc7e6208"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
_s4ZwwQ8HS4q1gQbe3gBS99LorJalYVr3yFA3nZUa49lBW91WZgtfA==
x-cached
MISS
almoni-neue-aaa-600.woff
www.walla.co.il/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-97.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://www.walla.co.il/home
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:55:49 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Sun, 04 Dec 2022 09:36:21 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA56-P4
age
11926
etag
W/"e954-184dc7e6208"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59732
x-cached
MISS
x-amz-cf-id
8IBF-2GHLJ6teSNRyGchbOPzaIvGRbbpBYDKi8Wz8oLqe2753RA2Sw==
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		157 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=walla.co.il&domain=walla.co.il&path=%2Fhome
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4368f49db81292f3a0083f0b83e25dae13d252d55ccc593b7b2880e1a64a6512

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 04 Dec 2022 13:14:35 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
124
x-served-by
cache-hhn4033-HHN
x-timer
S1670159675.085746,VS0,VE100
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Fri, 02 Dec 2022 13:14:35 GMT
outbrain.js
widgets.outbrain.com/ 		216 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d3ac009b36c512711a3025684b17d941f9d29fdfb7645db7630b8c657558bc2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:35 GMT
content-encoding
gzip
last-modified
Sun, 04 Dec 2022 07:16:45 GMT
etag
"15-T7owi3lWEejHSt88miZTMwDN8H0"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14400
access-control-allow-credentials
false
x-traceid
e363e6d5b27e4b6c71dacd0a69058627
timing-allow-origin
*, *
content-length
76105
wallaicons.woff
www.walla.co.il/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-97.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://www.walla.co.il/home
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:55:50 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Sun, 04 Dec 2022 09:36:20 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA56-P4
age
11925
etag
W/"3bdc-184dc7e5e20"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15324
x-cached
MISS
x-amz-cf-id
xgv8H7eD1dmQIX3ar7Z3-cHxWK1G_RHywKVjP-xxVZ4uEAh_3oIFuA==
almoni-neue-aaa-700.woff
www.walla.co.il/public/font/almoni/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-700.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-97.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1

Request headers

Referer
https://www.walla.co.il/home
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:55:49 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Sun, 04 Dec 2022 09:36:21 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA56-P4
age
11926
etag
W/"ea00-184dc7e6208"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59904
x-cached
MISS
x-amz-cf-id
W26WxPoAme_dUQpN6YMdszZO2G0JS5NDOzpENBA5VkKy1LzogAXGdw==
almoni-neue-aaa-400.woff
www.walla.co.il/public/font/almoni/ 		58 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-400.woff
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-97.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086

Request headers

Referer
https://www.walla.co.il/home
Origin
https://www.walla.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:55:49 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Sun, 04 Dec 2022 09:36:21 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA56-P4
age
11926
etag
W/"e770-184dc7e6208"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59248
x-cached
MISS
x-amz-cf-id
mpoLP5PdK7GSEaf-_Yom2UIRqXQJ84qHVBj1kEoQp0Mi_46B8YrBmA==
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=walla.co.il&p=%2Fhome&u=CmBjVeD5xH1EphTXd&d=walla.co.il&g=20047&g0=%D7%95%D7%95%D7%90%D7%9C%D7%94&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=556&t=DvVbU_DROwiELm4BdCrTfPBCoulc0&V=137&tz=0&sn=1&sv=LIUcKJex0xCmcjja330oiC5ZaYi&sd=1&im=0602200f&_
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.154.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-154-34.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 04 Dec 2022 13:14:35 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js
cdn.permutive.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2022-12-04
Requested by
Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
kahoona-idx-live.js
d2r08ja41ypc0t.cloudfront.net/WALLA/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Requested by
Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:4c00:4:1c73:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ce11a57c53212253096ff106757121e62727bf706c7b4286d482b400fbb1633

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id
f2PX40iwZjaNodx_6aB1bPUpPvV_PfL2
content-encoding
gzip
via
1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
date
Sat, 03 Dec 2022 14:47:16 GMT
last-modified
Thu, 01 Dec 2022 14:46:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
80840
etag
W/"f33a6a3fe8a95ff779f9cd5fff93e281"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
oWBY3bPT2NJ97uO_OqEowaqrsSH6NTMVlt6LSOhKHkRFbH0ctaYv7Q==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KL6PRJM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 04 Dec 2022 11:15:46 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
7129
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 04 Dec 2022 13:15:46 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L30GH6X3WK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KL6PRJM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b629af68c1ccf75d68c317413c3b9b49f986f3eba13bc7615ae2ab2edfa64a18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78990
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 04 Dec 2022 13:14:35 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:35 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Tue, 03 Jan 2023 13:14:35 GMT
conversion.js
www.googleadservices.com/pagead/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
3bd916949aeea3ea0d8c943ffe67060a38c2902c9533a94d36650bc176e322af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16827
x-xss-protection
0
server
cafe
etag
16359567893097152046
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 04 Dec 2022 13:14:35 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 04 Dec 2022 13:14:35 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27340
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
xIpSGFHKHo9J1ifTMPbtyuTxWzfr1kBd+PCKpizx/373C6V0D9PC03KuqsoUMjN/5EGNUWxe04SsML4VG9Z58Q==
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c568fdbc3ac57a5131228be5b6ffbf097755174ac1f032ba7469fca5589a9e29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78997
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 04 Dec 2022 13:14:35 GMT
widget_iframe.644279d1635fd969e87af94a98bd232b.html
platform.twitter.com/widgets/ Frame 1DE3 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.walla.co.il
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6762) /
Resource Hash
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
313727
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105445
Content-Type
text/html; charset=utf-8
Date
Sun, 04 Dec 2022 13:14:35 GMT
Etag
"50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified
Wed, 02 Nov 2022 19:36:59 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6762)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
tfa.js
cdn.taboola.com/libtrc/unip/1245572/ 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1245572/tfa.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc27054f1a29f0c9f4a840948c46a6814e157e1e2afada12bf8a6961da9cd754

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id
8aJawsLpMHes77hGqu0alVSDTFXjyKG1
content-encoding
gzip
via
1.1 varnish
date
Sun, 04 Dec 2022 13:14:35 GMT
x-amz-request-id
SAT3FVMTF683B0X3
age
72
x-cache
HIT
x-amz-replication-status
PENDING
content-length
17929
x-amz-id-2
/gtL0cYnXM6uDDJIA44ECqIsUaGu+oh0F6VuC6qouP6k94xokfEKnlUw7P4AN0LM9Y3PXWa0sM4=
x-served-by
cache-hhn4062-HHN
last-modified
Sun, 27 Nov 2022 11:04:12 GMT
server
AmazonS3
x-timer
S1670159675.379007,VS0,VE0
etag
"b27a6ebdbcbd3e29edfd6c934160a129"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
18
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
4
391_b95b9a068cf61aa174c3_b95b9a068cf61aa174c3_walla.js
www.walla.co.il/public/ 		122 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/391_b95b9a068cf61aa174c3_b95b9a068cf61aa174c3_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_704ad58af06de6b5fde6_704ad58af06de6b5fde6_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-97.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
91134118421be0ce937f35b3da4223b0575145b4c68ea1dd69be65bc6b63579f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:55:47 GMT
content-encoding
gzip
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Sun, 04 Dec 2022 09:39:08 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA56-P4
age
11928
etag
W/"1e875-184dc80ee60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
IOXuQfeejnpLfx7rpyYTIq_0EEgvr1rEe8-GZIb7vx8UbPRdA1n6LQ==
x-cached
MISS
PikudInner_71a2339dbca8b244a152_71a2339dbca8b244a152_walla.js
www.walla.co.il/public/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.walla.co.il/public/PikudInner_71a2339dbca8b244a152_71a2339dbca8b244a152_walla.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_704ad58af06de6b5fde6_704ad58af06de6b5fde6_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-97.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
acf6065a1e918d23c4252187af26e95c150ed8285fece76659e48fe50cfa06ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:55:49 GMT
content-encoding
gzip
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Sun, 04 Dec 2022 09:39:08 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA56-P4
age
11926
etag
W/"cfc-184dc80ee60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
9FgHY382t8_YfPMIKwgANVjAJ2jutNqDnC8ZsTAqqyZYck9U9hPgHA==
x-cached
MISS
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/public/504_501f616b9c3a6c070551_501f616b9c3a6c070551_walla.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41c584b7b0c44ff76fc4a87b3fb65261ad613073b5d16d8a107bdab417ddc77f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27506
x-xss-protection
0
server
sffe
etag
"1411 / 952 of 1000 / last-modified: 1670022376"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 04 Dec 2022 13:14:35 GMT
settings
syndication.twitter.com/ Frame 1DE3 		980 B
707 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=280693b62ddb7805a7573e5e44b6c99777732461
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.walla.co.il
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
0809dce74d140cdb75918db36517dfca9fee927aa704fd47ee48432aee8986b5
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-response-time
106
date
Sun, 04 Dec 2022 13:14:34 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Sun, 04 Dec 2022 13:14:35 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
8b1724da9be6a6c5
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
c71fed8245bef4ea57da808d4c9f68a3941faaccde00e3a5b7aa05ce3c34545d
content-length
386
close.png
www.walla.co.il/public/assets/ads/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/ads/close.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-97.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:55:49 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Sun, 04 Dec 2022 09:36:21 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA56-P4
age
11926
etag
W/"46c-184dc7e6208"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1132
x-cached
MISS
x-amz-cf-id
Xb94oXTnVGjGGCl2CGT_FmxKmTY-CyTjwtkMPCgcAZk9ODnDj2tFBQ==
map-id
ledger.crowdad.io/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=42f7bfb0-a873-41b6-b153-6a46d5536a68&adnxsUserId=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fledger.crowdad.io%2Fmap-id%3FpublisherId%3DWALLA%26publisherUserId%3D%26kaUserId%3D42f7bfb0-a873-41b6-b153-6a46d5536a68%26adnxsUserId%3D%24UID
  • https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=42f7bfb0-a873-41b6-b153-6a46d5536a68&adnxsUserId=4145195386840364174
0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=42f7bfb0-a873-41b6-b153-6a46d5536a68&adnxsUserId=4145195386840364174
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Server
63.33.172.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-172-116.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:35 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 13:14:35 GMT
AN-X-Request-Uuid
000f4949-2553-4d7a-b3fc-20fb9a42e14f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=42f7bfb0-a873-41b6-b153-6a46d5536a68&adnxsUserId=4145195386840364174
Connection
keep-alive
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=920881200&t=pageview&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2Fhome&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1223525003&gjid=889745302&cid=523448243.1670159676&tid=UA-249518521-1&_gid=834362569.1670159676&_r=1&gtm=2wgbu0KL6PRJM&z=1419453804
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=920881200&t=pageview&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2Fhome&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=1001268609&gjid=602222953&cid=523448243.1670159676&tid=UA-4780630-1&_gid=834362569.1670159676&_r=1&gtm=2wgbu0T728TH&cd1=&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=1&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fwww.walla.co.il&cd116=0&z=1769577014
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L30GH6X3WK&gtm=2oebu0&_p=920881200&cid=523448243.1670159676&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670159675&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2Fhome&dt=&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L30GH6X3WK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get
odb.outbrain.com/utils/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2Fhome&idx=0&rand=76067&key=NANOWDGT01&widgetJSId=AR_57&va=true&et=true&format=html&adblck=false&abwl=false&px=0&py=40&vpd=0&cw=1600&activeTab=true&darkMode=false&ab=0&wl=0undefined&settings=true&recs=true&version=2000971&sig=UNoRxMLJ&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2Fhome
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7cc489e97d179924b30f624ff495972969116cdd9ba835f4c86a6cd6e3af802

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Sun, 04 Dec 2022 13:14:35 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1670159676.665719,VS0,VE123
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21980-LGA, cache-hhn4057-HHN
x-traceid
25cc8182b89e16c6b9cd3f94023a39f1
accept-ranges
bytes
content-length
1118
expires
Thu, 01 Jan 1970 00:00:00 GMT
handshakes
khn.crowdad.io/ 		0
105 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/handshakes
Requested by
Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.43.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-43-14.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Sun, 04 Dec 2022 13:14:36 GMT
access-control-allow-credentials
true
content-length
0
handshakes
khn.crowdad.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/handshakes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.43.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-43-14.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.walla.co.il
content-length
0
date
Sun, 04 Dec 2022 13:14:35 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1670159675637&cv=9&fst=1670159675637&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2Fhome&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46d02821451d3a21a5a4a66efc5f4a252a46c48a7829ed0a631d5f9d76dc3e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
893
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1616785908557850
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1616785908557850?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3a89cb35804d0b3dd5751e83282456fb5d0535861f731435247501141a38545c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 04 Dec 2022 13:14:35 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86420
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
NtYgX19EuIc3wB5xcTfxkl7nqBBuv5vvU5BHTFbxD9QcDC6wy4/ppQIvapgpW/fV07I0O/4a0Lo1YJA+5or1Cg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RYD7X7E8VN&gtm=2oebu0&_p=920881200&cid=523448243.1670159676&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670159675&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2Fhome&dt=&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-4780630-1&cid=523448243.1670159676&jid=1001268609&gjid=602222953&_gid=834362569.1670159676&_u=YEDAAEABAAAAACAAI~&z=1284766121
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 04 Dec 2022 13:14:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/1245572/trc/3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1245572/trc/3/json?tim=1670159675691&data=%7B%22id%22%3A965%2C%22ii%22%3A%22%2Fhome%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1670159675686%2C%22cv%22%3A%2220221124-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.walla.co.il%2Fhome%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drtbee-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1670159675690%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.walla.co.il%2Fhome%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1245572/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
54e7ba86065cb97b41ad94f7ec7502eb4094feb5ee848348c1a6b4d20a322619

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-vcl-time-ms
19
date
Sun, 04 Dec 2022 13:14:35 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-hhn4062-HHN
server
nginx
x-timer
S1670159676.716808,VS0,VE19
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
logo.png
www.walla.co.il/public/assets/pikud/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.walla.co.il/public/assets/pikud/logo.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-97.fra56.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:55:47 GMT
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
last-modified
Sun, 04 Dec 2022 09:36:21 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA56-P4
age
11928
etag
W/"558e-184dc7e6208"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
21902
x-cached
MISS
x-amz-cf-id
2tCDCjt0OgkpFA-lrPgNMXA_ZZywym1OWZJt2dudBtnsvbj2b_3mvg==
170717926997655
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/170717926997655?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fef6c48547bc96ac80f5dcbee1f5f6955357611b5164979cdff8182b1281cbaa
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 04 Dec 2022 13:14:35 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86191
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
bY74b5A80pMp8NNNBrh8EBoTHRBaj5vUlyheTEB+219ihipjO+hpG3X7O9Tdz4gWjFglVqYUYROdaCewADBJHQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2Fhome&rl=&if=false&ts=1670159675752&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1670159675751.460395435&it=1670159675648&coo=false&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 04 Dec 2022 13:14:35 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.google.com/pagead/1p-user-list/964224610/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/964224610/?random=1670159675637&cv=9&fst=1670158800000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2Fhome&fmt=3&is_vtc=1&random=682582817&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/964224610/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/964224610/?random=1670159675637&cv=9&fst=1670158800000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2Fhome&fmt=3&is_vtc=1&random=682582817&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
mcdp-nydc1.outbrain.com/ 		4 B
332 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=2d6bed2bb72ec006f8ecbeb0316a5112_1769_1670159675737&tm=646&eT=6&wRV=2000971&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 04 Dec 2022 13:14:36 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
101c84bd4722df35d51aed1e0115b060
Content-Length
4
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2Fhome&rl=&if=false&ts=1670159675998&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1670159675751.460395435&it=1670159675648&coo=false&rqm=GET
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 04 Dec 2022 13:14:36 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-4780630-1&cid=523448243.1670159676&jid=1001268609&_u=YEDAAEABAAAAACAAI~&z=237645507
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-4780630-1&cid=523448243.1670159676&jid=1001268609&_u=YEDAAEABAAAAACAAI~&z=237645507
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L30GH6X3WK&gtm=2oebu0&_p=920881200&cid=523448243.1670159676&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1670159675&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2Fhome&dt=&en=scroll&epn.percent_scrolled=90&_et=25
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L30GH6X3WK&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RYD7X7E8VN&gtm=2oebu0&_p=920881200&cid=523448243.1670159676&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1670159675&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2Fhome&dt=&en=scroll&epn.percent_scrolled=90&_et=10
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame A49D 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.walla.co.il
Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 13:14:36 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ Frame E26E 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.walla.co.il
Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 13:14:36 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
unip
trc-events.taboola.com/1245572/log/3/ 		0
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1245572/log/3/unip?en=pre_d_eng_tb&tos=1554&scd=100&ssd=1&est=1670159675688&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1670159677243&vi=1670159675686&ri=1ddcd5b2a373f5808eca5b617ce5658f&ref=null&cv=20221124-3-RELEASE&item-url=https%3A%2F%2Fwww.walla.co.il%2Fhome
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1245572/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Sun, 04 Dec 2022 13:14:37 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
init
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init?d=pubsub
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sun, 04 Dec 2022 13:14:37 GMT
server
Google Frontend
x-cloud-trace-context
29895c4cdd45ec7a8bf32d90a830df4d
x-request-id
undefined
init
hb-dot-valuad.appspot.com/ 		38 B
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670112000000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
x-request-id
9396881d-3f3e-4942-ad88-9d4d65822510
x-vad-version
0.9.12

Response headers

date
Sun, 04 Dec 2022 13:14:37 GMT
content-encoding
gzip
server
Google Frontend
etag
W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
42565d15cd4971f868bc15fe9a27333e
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64
x-request-id
undefined
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221204
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670112000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dabd15afd24409be284b032cec7eb5927f3b1947aa9f67ae25fa28788051e680
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Dec 2022 13:14:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
33225
x-jsd-version
1.0.1545
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4526-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"670-CH+E7kaqyyMCQge/UplO4OeUjxU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajo8JJW437UAU90QaLaJ7zGXhCyLa%2FxHUTFVGao3bfdqFNl04WGWSSTafKAJJ%2BpN64nhigRI6Go3bWgXg4Ci73iJh7YE92Qb0DKYhM6aei7Rt%2Bpv9PaLDkUAhzX0zBuq%2FiU8QnWpVIX%2FWN679UU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7744ce618d799bb2-FRA
localstore.js
script.4dex.io/ 		483 B
771 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670112000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 23 Nov 2022 15:43:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
938606
etag
W/"922cffdd75f7192f75231d92684885aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K00vVJT%2FifuVHJ8B74%2FrFXYEfE4CKgVKqh9ME7TKuSFN1cGJA9gbPvDlmw7%2FFlFMW%2B15wRkMVDeNAM8Jre4AJ8ZXFtjtxxP%2BYB5S%2FmX0Bz069V3Xj296zo1bmasUbuf1M%2BZ9Ob03wD5Kdwy7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
7744ce618fd7bb7a-FRA
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		709 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.walla.co.il%2Fhome&PublisherDomain=walla.co.il
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670112000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
71cc3a812132b51f058ff61e60aa15d2e52f896981487132303137edadc4e212
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:37 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
293
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
709
expires
0
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670112000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		33 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670112000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6bac2b798d1273a96b5f170c85e1913679d5b9351e6e5623a5b4d8a6a191d3b5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 04 Dec 2022 13:14:37 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
dcd3140f-6bd6-4055-a150-f3f5f0c93e6e
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.walla.co.il
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.29.3&referrer=https%3A%2F%2Fwww.walla.co.il%2Fhome&tmax=3000
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670112000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.169.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-169-1.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:37 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670112000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.217.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-217-10.compute-1.amazonaws.com
Software
/
Resource Hash
25b9a1c1c4bba72e66338c1a987df587c7bce2a8ce734412dc33676d03858ccf

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Dec 2022 13:14:37 GMT
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.walla.co.il
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
cdb
bidder.criteo.com/ 		18 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.3&cb=73096401122
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670112000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Dec 2022 13:14:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
mp.4dex.io/ 		114 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670112000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d69ea957e4703fd4748d554a7b5ecf0adf60e2ebd3c3c12aabffffcb1579ed08

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:37 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7744ce61995a925c-FRA
expires
0
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670112000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Sun, 04 Dec 2022 13:14:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670112000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce14.ams-01.nl.leaseweb.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Connection
keep-alive
Access-Control-Allow-Origin
https://www.walla.co.il
Access-Control-Allow-Credentials
true
arj
u.openx.net/w/1.0/ 		73 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.walla.co.il%2Fhome&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=98ff17d9-0d83-4889-8481-229800c1b9ff%2Cb25bfad2-09e1-4465-9bb5-dc450c9b24a1&nocache=1670159677573&ph=699eab9c-3b10-4094-afdb-80584fcca830&schain=1.0%2C1!valuad.io%2C15113%2C1%2C%2C%2C&aus=120x600%2C160x600%7C970x90%2C970x250&divids=adSlot-1%2CadSlot-17&aucs=43010785%252Fwallanews%252Fmain%252Fskyscraper_desktop%2C43010785%252Fwallanews%252Fmain%252Fproducts_footer_desktop&auid=544104782%2C544104782
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670112000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
514ee176d2081129cc97b2a18a6aeac1b2ef555721a265b03f81e228255f3fbb

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:37 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.walla.co.il
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670112000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.96 , France, ASN16276 (OVH, FR),
Reverse DNS
ip96.ip-5-135-209.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:37 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		171 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670112000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.96 , France, ASN16276 (OVH, FR),
Reverse DNS
ip96.ip-5-135-209.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:37 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		261 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670112000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
08c70e0f78b37b98a7cf1b29897a6fd660112ab5bccc7d1747412574f6d44dcd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 13:14:37 GMT
AN-X-Request-Uuid
cbfb4b94-19cc-4652-8896-33c98efcb29c
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.walla.co.il
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
261
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
prebid.smilewanted.com/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670112000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Dec 2022 13:14:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7744ce61aef59134-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670112000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 04 Dec 2022 13:14:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7744ce61aef99134-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
fastlane.json
fastlane.rubiconproject.com/a/api/ 		424 B
975 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2Fhome&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2Fhome&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2Fhome&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=98ff17d9-0d83-4889-8481-229800c1b9ff&l_pb_bid_id=47c1f7c9ce220f9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&slots=1&rand=0.18917816735135684
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670112000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f35985148f5d829428b1c11ce0ef1e4c07469565a9ee5f3720df8fd5383aa3b0

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:37 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
424
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=55&alt_size_ids=57&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2Fhome&tg_i.ref=https%3A%2F%2Fwww.walla.co.il%2Fhome&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2Fhome&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fproducts_footer_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=b25bfad2-09e1-4465-9bb5-dc450c9b24a1&l_pb_bid_id=48f7bfbc65698e9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fproducts_footer_desktop&slots=1&rand=0.12083298975474133
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670112000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3fa4eca537a3078d2a89c97733a5b80e240a10b1a236082760e19d7c696553f4

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:37 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.walla.co.il
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		131 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2405123703615796&correlator=692830021766118&eid=31071116&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Ctop_desktop%2Cnickbar_desktop%2Cprestitial_desktop%2Cvideo_slider_desktop%2Crm1_desktop%2Crm2_desktop%2Crm3_desktop%2Crm4_desktop%2Crm5_desktop%2Crm6_desktop%2Crm7_desktop%2Crm8_desktop%2Crm9_desktop%2Crm10_desktop%2Crm11_desktop%2Crm12_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17%2C0%2F1%2F2%2F18&prev_iu_szs=1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%2C970x40%7C970x50%7C970x80%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ifi=1&adks=3131741070%2C1593069613%2C2746968372%2C2837879538%2C581680292%2C3350566117%2C947382955%2C1039085789%2C1445159051%2C3423946700%2C941261744%2C3384287599%2C2655517675%2C199863101%2C41169740%2C2603141500&didk=1193244743~1193245113~1193245112~1193245115~1193245114~1193245117~1193245116~1193245119~1193245118~2997460807~2997460804~2997460805~2997460802~2997460803~2997460800~2997460801&sfv=1-0-40&ists=12287&prev_scp=slot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dprestitial_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dvideo_slider_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm2_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm3_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm4_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm5_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm6_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm7_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm8_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm9_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm10_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm11_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm12_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1670159677596&lmt=1670159677&dlt=1670159674836&idt=186&adxs=805%2C315%2C-12245933%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800&adys=100%2C1200%2C-12245933%2C115%2C889%2C889%2C889%2C889%2C889%2C889%2C889%2C889%2C889%2C889%2C889%2C889&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C-1%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2Fhome&frm=20&vis=1&psz=970x0%7C0x-1%7C0x-1%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0&msz=480x0%7C970x-1%7C0x-1%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0&fws=132%2C644%2C640%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132&ohw=970%2C0%2C0%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=523448243.1670159676&ga_sid=1670159678&ga_hid=920881200&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aed618011c69dc727256cfe2770588cce909e8f018ab4576f1fd0f3c1971779f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19390
x-xss-protection
0
google-lineitem-id
-1,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7C34 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 13:14:37 GMT
expires
Mon, 04 Dec 2023 13:14:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
events
khn.crowdad.io/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/events
Requested by
Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.43.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-43-14.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.walla.co.il
date
Sun, 04 Dec 2022 13:14:37 GMT
access-control-allow-credentials
true
content-length
0
events
khn.crowdad.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://khn.crowdad.io/events
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.43.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-43-14.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.walla.co.il
content-length
0
date
Sun, 04 Dec 2022 13:14:37 GMT
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NB9TPTTJ7K4TEC83
age
1049138
x-amz-id-2
xztyPZwGgJn0sD9o3QVLOzKKg7V8FiR6zvSSuMY6lcsF5SxoV/ytZi+T8sTBdgOeCm6b97XZQ1c=
last-modified
Tue, 22 Nov 2022 09:44:15 GMT
server
cloudflare
etag
W/"c56b6332dacf72f135afcd153ae22448"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxINiYdVITPSgA6TQIPCmi0oc8c5kfSo3SgdRXJHpQ4ITOOEslabv5MCXx0famCutXv1kLwlT%2BEQ3tr34didml6Z%2Bftmw6pmVeeFGx2x8o%2Bs%2FZ6d%2FYOnRhSWr%2BCbwQJAfVosBlp1nGrqL7%2F%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
7744ce61d8c89a03-FRA
get
odb.outbrain.com/utils/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.walla.co.il%2Fhome&idx=1&rand=10294&key=NANOWDGT01&widgetJSId=AR_25&va=true&et=true&format=html&t=MmQ2YmVkMmJiNzJlYzAwNmY4ZWNiZWIwMzE2YTUxMTI=&adblck=false&abwl=false&px=0&py=2452&vpd=1252&cw=1600&activeTab=true&darkMode=false&ab=0&wl=0undefined&em=1&settings=true&recs=true&version=2000971&sig=UNoRxMLJ&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.walla.co.il%2Fhome
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6423f744719959623ad9c6277a846369e4d3e9ced37cfe39b65f639b5cfef3bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Sun, 04 Dec 2022 13:14:38 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1670159678.784094,VS0,VE310
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21952-LGA, cache-hhn4057-HHN
x-traceid
77fd584ef496ed3308174bd1874701b1
accept-ranges
bytes
content-length
16628
expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68208b331cc07b7e8a4d4e33dde5a0dd186c118722eafe211ec35700f31c9039
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11155
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 04 Dec 2022 13:14:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F985 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
873
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 13:00:04 GMT
expires
Mon, 04 Dec 2023 13:00:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 90D9 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b83f09061a60757cb8a80f42559a2bdd9103ecf1c3f12a724f29efb7862d0317
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6scyRE5mA7odnjq_B_8-uQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-6scyRE5mA7odnjq_B_8-uQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 13:14:37 GMT
expires
Sun, 04 Dec 2022 13:14:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 90D9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120101&jk=2405123703615796&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
pagead2.googlesyndication.com/bg/ Frame F985 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 17:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 17:24:36 GMT
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.walla.co.il
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.walla.co.il
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sun, 04 Dec 2022 13:14:38 GMT
server
Google Frontend
x-cloud-trace-context
46d8998955eab691f381a3d1a093aef7
x-request-id
undefined
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670112000000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.walla.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
x-request-id
0851d710-da08-451c-8a9f-a81e13a6129e
x-vad-version
0.9.12

Response headers

date
Sun, 04 Dec 2022 13:14:38 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.walla.co.il
x-cloud-trace-context
e389853b24f5f6c5c33f7e8963129881
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16
x-request-id
undefined
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		99 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2405123703615796&correlator=2075266317822392&eid=31071116&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cskyscraper_desktop%2Cproducts_footer_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4&prev_iu_szs=120x600%7C160x600%2C970x90%7C970x250%7C970x550&ifi=17&adks=2273020715%2C2878636598&didk=1193244742~2997460814&sfv=1-0-40&prev_scp=slot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D493d6cbcda3240f%7Cslot_name%3Dproducts_footer_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D51256e951c3deee&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1670159678032&lmt=1670159678&dlt=1670159674836&idt=186&adxs=1480%2C315&adys=185%2C789&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=h%7Ci&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2Fhome&frm=20&vis=1&psz=0x-1%7C0x0&msz=120x-1%7C970x0&fws=644%2C132&ohw=0%2C0&ga_vid=523448243.1670159676&ga_sid=1670159678&ga_hid=920881200&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f41cd159cfd168ed7cbbadc282d0fd5404f9e29b46f9ff6a172e959e1c91e220
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ2a09KF4PsCFSmg_QcdtNAP4A&gqi=&layout=/sadbundle/%24csp%253Der3%24/4687128324995022848/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ2a09KF4PsCFSmg_QcdtNAP4A&gqi=&layout=/sadbundle/%24csp%253Der3%24/4687128324995022848/index.html
date
Sun, 04 Dec 2022 13:14:38 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35061
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.walla.co.il
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame F985 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5keXGQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
streamFeed.js
widgets.outbrain.com/nanoWidget/2000971/module/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000971/module/streamFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-86.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
26082814ec0935b4fb2d6b64c264d03718f9cd432073b1d1ab55bbc2e505d680

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:38 GMT
content-encoding
gzip
last-modified
Sun, 04 Dec 2022 07:16:10 GMT
server
AkamaiNetStorage
etag
"5fe9cb4adc39aa513f704d2098259c8a:1670140373.769207"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
14354
expires
Sun, 11 Dec 2022 13:14:38 GMT
get
mv.outbrain.com/Multivac/api/ 		87 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.walla.co.il%2Fhome&settings=true&recs=true&widgetJSId=AR_25&key=NANOWDGT01&version=2000971&apv=true&sig=UNoRxMLJ&format=html&rand=6071&em=1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=MmQ2YmVkMmJiNzJlYzAwNmY4ZWNiZWIwMzE2YTUxMTI=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=1&lastIdx=1&lastCardIdx=0&fAB=no_abtest&dpr=1&cw=1600&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.walla.co.il%2Fhome
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000971/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7929904a5554ad4b7c9312ee60d473cd482c089b47264f0230a9249add6be9fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Sun, 04 Dec 2022 13:14:39 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1670159678.219887,VS0,VE1059
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21949-LGA, cache-hhn4057-HHN
x-traceid
387b1ff3442a44955eecdeb54a401b66
accept-ranges
bytes
content-length
22036
expires
Thu, 01 Jan 1970 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame 20D4 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 28 Nov 2022 09:52:43 GMT
age
530515
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Nov 2023 09:52:43 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 20D4 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 28 Nov 2022 09:52:42 GMT
age
530516
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Nov 2023 09:52:42 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 20D4 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 28 Nov 2022 09:52:43 GMT
age
530515
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Nov 2023 09:52:43 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 20D4 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe75d0fb01c62e14b75d418f8e5bb6e413e49610f564e90248669d7e3513403
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 02 Dec 2022 02:01:05 GMT
age
213213
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16659
x-xss-protection
0
server
sffe
etag
"94fac542ca9cc297"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 02 Dec 2023 02:01:05 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 20D4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 28 Nov 2022 09:52:43 GMT
age
530515
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Nov 2023 09:52:43 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 20D4 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 28 Nov 2022 09:52:42 GMT
age
530516
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Nov 2023 09:52:42 GMT
truncated
/ Frame 20D4 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34ac2ae38a8ec21f328b68f26d1a849acb356aa69069d056221f8a3ec4d16836

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
iw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 20D4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/iw.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 04:39:36 GMT
x-content-type-options
nosniff
server
cafe
age
30902
etag
415739381108731362
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2712
x-xss-protection
0
expires
Mon, 05 Dec 2022 04:39:36 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 20D4 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 11:46:04 GMT
x-content-type-options
nosniff
server
cafe
age
5314
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 05 Dec 2022 11:46:04 GMT
l
www.google.com/ads/measurement/ Frame 20D4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRBkDEUP1SDKEO-cuk2id7VOxHWnuwCBXTzhPaNjYD9DwQKMGFwG8yhw2FkqzI1Cooypn5cUdDjP3B19crt-afSP0otTw
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 20D4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cs2xUPZ2MY5aCLv-V9u8P3LSrwAPYt5vLZ-T_1MbxDtvZHhABINGTwypglYKAgLgHoAGKpY-ZA8gBCakCRL-0GpessT7gAgCoAwHIAwiqBOIBT9AGdsJ4GfQnWD-sPlPbNLkoQc4fqevTCdbJlU7iywAxM9PE-fdmByXLpxU8iw9xs-vuv3hV4ToJ9ed8tbQFxuziZiq2bS6lHcOaCksFVGcpwKfCMWR77KvpFKG6TqEq7xuF8xnDZUMvBzF4F28qFNgS9bOnmEOjAtKvWVU6dUbVNef84P5wnK3bpWJu5GjyuP2f9mGNuWH9SB4VTlU_iFqddcONEtWMAybT_BYnW7VIUhdZ509O3aTNqoZrfPqQ22szCN_4IQofRevOuAkV_7S0XUpaQSSJ2kxqeCox7kb4BMAE3Nr-tf4C4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB97a8GaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCInzDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi00NDkxNjU5NDk2MzcyMTcyGPHmEw&sigh=NuvKe0WJHOI&uach_m=[UACH]&cid=CAQSOwDq26N9bSqSNh9H7154e6EVOkq1FkikNGvP2Y59Kuwt3TYiH4CZnX42LjoAXSFAZMxmCyOnbwopi8iYGAEgEw&template_id=419
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
square.jpg
tpc.googlesyndication.com/sadbundle/17612822195840302855/ Frame 20D4 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17612822195840302855/square.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c8372a7a2d71ccfdf058dde21db62b9fda51711aa5a692acd347b16a2dfcbc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:20:12 GMT
x-content-type-options
nosniff
age
258866
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9264
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 15:22:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Dec 2023 13:20:12 GMT
thermostat_gerade_215.png
tpc.googlesyndication.com/sadbundle/17612822195840302855/ Frame 20D4 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17612822195840302855/thermostat_gerade_215.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d58bfe45fff0044b022b2ce2a32fc9c5b09b9978ee1ccfbc85d1b7130e48e2a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 07:45:53 GMT
x-content-type-options
nosniff
age
192525
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21819
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 15:22:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 02 Dec 2023 07:45:53 GMT
thermostat_gerade_2.png
tpc.googlesyndication.com/sadbundle/17612822195840302855/ Frame 20D4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17612822195840302855/thermostat_gerade_2.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f1b671f9971661bd3ea3101ffd9df1cca75dae1158a3135829e15917d6618cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 07:23:01 GMT
x-content-type-options
nosniff
age
280297
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2307
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 15:22:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Dec 2023 07:23:01 GMT
thermostat_kipp_215.png
tpc.googlesyndication.com/sadbundle/17612822195840302855/ Frame 20D4 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17612822195840302855/thermostat_kipp_215.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b21496975e1fbf896262d6e3a46ca89ac596b372f9a98abeb136c7a7f78b5286
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:20:12 GMT
x-content-type-options
nosniff
age
258866
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22498
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 15:22:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Dec 2023 13:20:12 GMT
thermostat_kipp_2.png
tpc.googlesyndication.com/sadbundle/17612822195840302855/ Frame 20D4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17612822195840302855/thermostat_kipp_2.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
168e1e9c9fe5c418e51650aa24b3ff45586f18fad32ff1baa90c01ff00cf0941
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 07:45:53 GMT
x-content-type-options
nosniff
age
192525
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2233
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 15:22:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 02 Dec 2023 07:45:53 GMT
Die-Evolution-smarten-Heizens.jpg
tpc.googlesyndication.com/sadbundle/17612822195840302855/ Frame 20D4 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17612822195840302855/Die-Evolution-smarten-Heizens.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
924e12722011f683252a676dbc0dd396622ae2915e177a4111d65a78b07bd4f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 07:45:53 GMT
x-content-type-options
nosniff
age
192525
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5251
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 15:22:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 02 Dec 2023 07:45:53 GMT
Der-neue-Heizkoerperthermostat-Evo.jpg
tpc.googlesyndication.com/sadbundle/17612822195840302855/ Frame 20D4 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17612822195840302855/Der-neue-Heizkoerperthermostat-Evo.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9a21479e930de7d848e906f16b9626b8154eff12172a9b81766aaa30dd10a5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 07:45:53 GMT
x-content-type-options
nosniff
age
192525
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4831
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 15:22:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 02 Dec 2023 07:45:53 GMT
homematic.png
tpc.googlesyndication.com/sadbundle/17612822195840302855/ Frame 20D4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17612822195840302855/homematic.png
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91035c1fe5b437bc3887fe3c741f18a2135902bff05eadc228d77eead13b7036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 08:34:11 GMT
x-content-type-options
nosniff
age
362427
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2904
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 15:22:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 30 Nov 2023 08:34:11 GMT
reddot.jpg
tpc.googlesyndication.com/sadbundle/17612822195840302855/ Frame 20D4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17612822195840302855/reddot.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6aa3af02c8fa356bbae8af8d0154332e7b6374af867cad956f9bbe836f34951
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 07:45:53 GMT
x-content-type-options
nosniff
age
192525
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3314
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 15:22:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 02 Dec 2023 07:45:53 GMT
Smarte-Infos-gibts-hier.jpg
tpc.googlesyndication.com/sadbundle/17612822195840302855/ Frame 20D4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/17612822195840302855/Smarte-Infos-gibts-hier.jpg
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08fa266fe6000ad63395fe214bd935323e712ff3005fd4105715b508eac9cc4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 04:28:02 GMT
x-content-type-options
nosniff
age
204396
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2608
x-xss-protection
0
last-modified
Wed, 22 Dec 2021 15:22:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 02 Dec 2023 04:28:02 GMT
container.html
f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1DCC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 13:14:37 GMT
expires
Mon, 04 Dec 2023 13:14:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 94CB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 13:14:37 GMT
expires
Mon, 04 Dec 2023 13:14:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 		262 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670112000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
date
Sun, 04 Dec 2022 13:14:38 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 08:22:46 GMT
server
Apache
etag
"1481c32-41771-5c7110f340cdf"
vary
Accept-Encoding
content-type
text/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=56398
accept-ranges
bytes
content-length
82748
expires
Mon, 05 Dec 2022 04:54:36 GMT
/
csync.smilewanted.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1670112000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eef3229975dcea05e62c3c6a907c2b9c50a68b07a632ce4fa232a41a0bcb1ad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
7744ce66dab09134-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 7CA1 		728 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22dc7c8c81b9f9f71547187665865406a2b782c54b0bc43d26f3a823987abd32
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
352616
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
63764
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Nov 2022 11:17:42 GMT
expires
Thu, 30 Nov 2023 11:17:42 GMT
last-modified
Wed, 12 Oct 2022 11:17:37 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 1DCC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CbzLQPp2MY52DBqnA9u8PtKG_gA6I5cTdbcD-lsijEJu9qYbANRABINGTwypglYKAgLgHoAG61ePlAcgBCakCRL-0GpessT7gAgCoAwHIAwKqBOIBT9A5-lpD0p2RFJpnTQGFZHlwuc7Cr2Zbtha7zae89bN390b8G8DHXE6H4c9RqTMD9dLkKuahbKnOh045Y38WpNyW_BmfssSilp8iv_ZEgNDwACdV9SGro01Zy5wyLQVCoXKbfCintnaQ5p8FGMCMGjyIb4A3SL5A6Dzt0WGp0e98GzhblXeoWiKBh-x2VgOddRTABfGcMjbYAVbPRf1oodL0g8jItCBLSSVN5ZF9JYL-SHAydaifBFRxYkfNCjEhLAONDOxMYydqI9q2aUK3Tu40_QZGR-UwM4hir1rhxsHQmsAEqqy8n5gE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBl2AB66qnJoCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQvY9b0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItNDQ5MTY1OTQ5NjM3MjE3Mhjx5hM&sigh=U1z8gacwuQc&uach_m=[UACH]&cid=CAQSOwDq26N9gmQtwlIKpuVuiafiE9q-TJv6Bi51EztLWIA7Z1OrF8QKasAeWPPDhCuqAU-5SbQJJQ7oB2kDGAEgEw
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
s
googleads.g.doubleclick.net/pagead/drt/ Frame BEFC 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
URL: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1093
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 12:56:25 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 1DCC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
URL: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:09:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
14714
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 09:09:24 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 1DCC 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
URL: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 10:10:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
11029
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 10:10:49 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 999E 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNWJ7qij544xEmTw3E3rIFlXU4KyrP-XLAkvqL332m8MlAkXjIiv92SDkbxemQr-8xqimSU7kaTRCY5oKs29GYbAZ5jSORaQDCmv0WUDGMN0CsBpLuQYKhfMkmXP4TyabNq8aei4WiwgkDCopy8FMjMXVDVUDLGr0XgT8P140OaZ2NA88cY
Requested by
Host: f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
URL: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 13:14:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 94CB 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxF1PjTSYpvgOygANgIaEyYwk97ub817dStHo_-qggqyqUy9m_94Ep-1WR6CbSW_0LSGnrnrsI3W6boC_B9-tza4KqdQ&cry=1&dbm_d=AKAmf-CA4Q2TrT3W_1H89zjoUNYOW-rc9xLu7BKcEHN9H_p3hVJRvxhap_ucj6GCShjBLbiR6UAjJZv0HZsF64ZiolcM1_oCXlqIEzwsHq7bAduvJ5yS8FwNG1gAKT75Q7uyIH4hMbVQRrmMlN5liOWD3x9XjnRu4CHmCLr6BSippUEnaKKnDuUNt47WmJSG_DXLGvfkdeQ9VT5XOwh2N6_v-roMcbQUnkx5XOjahikTW5U7AtGYzWFqc_6J4LSFEWFcNQM9L7o1mVW4RrH3jMZG5zjjLf0i6UQK6PSpw4fU0Lg8XQsirrU_QJJRknvHn3rOVkCCGXohcXZF8OhX_5YFBLwAaVXoxyJ8BuAjkaitHCUwvp19FtBiyMqTmOc15KesW6Ox4DDersYSVBmrxJzioazKN5JNsC7AkBnngUHhfjiag9QzVG1CrKUnHLU-ueOmsPEN_LHf5FfL2c-yc2HxAO4TF2OfXanftVj1WagxsmN73tt0323dEDLxSBXH8E815fhDNZj_vVU2fxAcPbpR0r6J9MGzUVkQssQxYkIa_krVlx1f5Qa8w-UWoZlKspVE-M884x7nnqwgoFgtjC7JwzlqQ-8A_LR8MrRotpoxasNeXKQ34emT9MPgM2XM_oVYZ5PMW82CxIhRH8hYF7im7jxbU2FqRBj-JOgTg-DV1uV0ubD0UvOFkLAJf-nmPUaCS2UJDc2K4HSP6GUVqGmkJbMghQtaTbpGtclJnCdDC8IyDY-tt4fgLIrF41HBbQC_42ZEkh7_5bpvqA28h8M1y6T6On2wwCf5YQHNFUfvJFSF3Ap0dVVdU43CKxCqOIp_5_qKMzbw2dsCwJTkUzP2tqLZES5Z2fDpfZe19IsrDTAik5EhiRPZ89EtZK9rCM9YrGoWhzrDenu3oip5MVaFhc6WmxtmZFhaw2vkUnJSQS2l3jovIPmhbiRUZH72J-3iszW6WwkzHCT4ZajxnSq57z6FobaoToHX2WcGW7mcwna8PzXni7WVMluCWGB3Z25dYuAiJ16t2GcM1jTPGzCuwGiBLgcHJ5ru3BfuzigkrrGeQojV9h5IIf7aDg0rtqIAVtacBeNuwLFNZ3X8bDXWEuD1Bm2odjkdIJTxhEqUWbvtYuvveF77ocLTiTMi68rkA1pSo0NduFxNcl-pXgxCwX2ZQMgiae8gtGLLta2Q-7-f2IFcuUwgLicx2HGJJAyL3x38GiyKs34sr3JFPjTb4bIs6GI3T807y4mOxaKNVgnrI1HD7gVWhhezPBx_outvaUHa6BUDZ5PpBoXDSJ_29AKIryLp2uFVu9fO-8QhSZoGWC97goKYDxGWPrkFiGgcy9KFsRTZMZQbj40Um5yThHZskpDaAc9HG7DhPTHjIHyYAA9r5X5TLFQCaVc55Hj_rQk09CvMogu0ytZBK5OzeVDqUIYOcOmLev8s4_3jn8FhRBhd-oWFlZ1MB8pQZ3VT-72dRFAghZDSUc-rJoGck9xgX8rL3c3pAQ_Z_TMi7McPDwcOxyL8RSNOavrzn0mTbabqCWPFRQomvWazdmxwf5WOHaM2DzOoHLhhr3UVd44BDlC1BY8tXW7ifRk2ujJOe1OJv6tLtUBZ19bVQf2hHeRw3GWvv7g2-wffmCwtyjec1ciIun9CGcjgIAzxrC_353xyq6aniNJDMWNyNmrWfvqk3e47y_BiRVx9m3nTBMciX8I_CVHtp8cVN8_Kn07X2aX8-7lG4EFMI7_-FmzlMgCU-nBVcoRMlNfx7GrKhEMLPAwH673LVf23qHfz3dK7KkinreTCxZ1jq4K-8BPD6XAA3Ml8sxICot7Gm-8AX4dfPkWpvlgoo5W9c2Zl8jjxYzQBDIEDZzENHQYZcPzLR5_Op28fUuVcrXoDmHA8MaSyRDvuIhS6NozT5s88-gKtc-LquIxBjlTbfCKE5BKXKLUqM6YqT17FStBK05ZZHEv2E-VkT5QXV2oOlcty_9lTw-SDj5uARnIcbMit_fi5JH9vIOS7xKJkJspKLF-zIu1PPGF-_XQgV_B84Z2LZ8yuHn-cCHrKw6aeTRu9a830LMrVzHP5PVRXRLkR60KmOhoNRnxOIwMHtNljlg8LPDlFxq9S9qPlpBRX-DIXRQ8m0unargflk7StXyBGnUfF7EWYVr2BpUfcozWX_a6BAAE51pVPQ7S2ZxQIaVFN1T8LPmPW0uszsuHUnAn3veDMJL_Jr8qoCiOFrQLh82V_xRaLqVHruhte_goYMqUNiTMMwyXRq6yu4ocm4svaHUhjSLlyZMMvNV7lmXqPEet4HG1PJHwfVG7brpqQf_FOubyuzYjsWOu7Fo23tJ2KUfBuWTzxDWXwlVDy00OGdCppWKu0zIhPxR9oCq3XV63yvHlWg9Vm_LGccfGRqk5vqiETy-gbyodNIo2M4jSRQEoWYkhYoN9p1jglaWEIo_1OIc6XzEPs1g-dmc51wkoLJIiDda1Hvm2ldslHg2r0pG5kz93mI80ljhoT5RbeDYlQLudHgfYKiI0yOzwVv1s8NhhZI2j6Z8JF3cxyIiF7YSO_XGSACo7yfwO4mL1pqxetT8BhjRwd5gi-caX95HM9Gi9_X3YBC-iN606VLGRRUi9ulvHrBm70GjZOsmzKfXh-rbYE0tYe0aYVj6Di5uT7xkDEZORxl3-p3HnGhMcZvm-Y9xVjMJNlTT1TJTitYjS3RlUQiKACXFB26C7I7JFs_H3EKYT0ctxdaolXZbNybd4gKJhYAGxto_ytq_CK3lJPrpvcZJ3FJSyPvuFh1groCdE-aq2XshtQI-Lu0CMYzd_y9fGF-67-yUD9S3Dq2Wd6_VHaLf7eKA9MzGKixRmjK9z6z9wCXnDIhECleiqorbwk9FaIsMAzC3PL_skasy3qopZLdt74ed206w74SB1GdBaiVBnRuCLljhT3kL78NIHmX8-VG0VEYz5nFN_Cv1_IhF6TkWSX05AJkmPq27--dWTeL5bgzE8PDab4CMkJDeVFa0UHaxZ7YNLgy5nf2Nz-oxFH8TOur3wZ600vtSNonif3tLfwl2jMGHg&cid=CAQSOwDq26N9gmQtwlIKpuVuiafiE9q-TJv6Bi51EztLWIA7Z1OrF8QKasAeWPPDhCuqAU-5SbQJJQ7oB2kDGAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21b2989c363a7860a1809e90ae491c952dc7022821ce5127e40b32ee51a1a187
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34591
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 94CB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ADTtPdw5Hzdu8zdF_1srYYTcIjnHG8CmAnVPjNtF5zDmbME6VvmOq-ZtWyO_LDIzzivGRGnBZBbA9tUWe6mHmFOKVVgukv71JfaLLji7vyh-WwbU8
Requested by
Host: f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
URL: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 94CB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
URL: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:09:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
14714
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 09:09:24 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 94CB 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
URL: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 10:10:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
11029
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 10:10:49 GMT
l
www.google.com/ads/measurement/ Frame 94CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRC57oyYf5PoVRAutT_qHqoamVOU1c40H2bYHWHEs4IpT0YLoM8e6Qs4i9S7VpsG6lA7keLtgHUqcyDK1YKXSU1hJXyAQ
Requested by
Host: f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
URL: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 94CB 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
URL: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48508
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1669811598765935"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 04 Dec 2022 13:14:38 GMT
css
fonts.googleapis.com/ Frame 7CA1 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:800,300,600,700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3a4961c1ae6e8496067150f54acfa06b0026a5525978c24075d5636d33531fb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 04 Dec 2022 13:14:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 04 Dec 2022 12:04:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Dec 2022 13:14:38 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7CA1 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 10:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 05 Dec 2022 10:31:55 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7CA1 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 09:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
12820
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 05 Dec 2022 09:40:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1DCC 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
URL: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48508
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1669811598765935"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 04 Dec 2022 13:14:38 GMT
truncated
/ Frame 1DCC 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36ebd8322aa41078fd0626ab3cb8e59d4d1c3a32dd4ae295af598c020a9e9df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
decode_consent.js
static.smilewanted.com/js/decode_consent/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
767464
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7744ce67ecf89134-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
rum
dsum-sec.casalemedia.com/ Frame 999E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL6eL2Yue2ZXPZR9JVpyv2Y&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL6eL2Yue2ZXPZR9JVpyv2Y&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL6eL2Yue2ZXPZR9JVpyv2Y&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNWJ7qij544xEmTw3E3rIFlXU4KyrP-XLAkvqL332m8MlAkXjIiv92SDkbxemQr-8xqimSU7kaTRCY5oKs29GYbAZ5jSORaQDCmv0WUDGMN0CsBpLuQYKhfMkmXP4TyabNq8aei4WiwgkDCopy8FMjMXVDVUDLGr0XgT8P140OaZ2NA88cY
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 13:14:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 13:14:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEL6eL2Yue2ZXPZR9JVpyv2Y&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 999E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4ydPtdbn9hsI04klMtawAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL6eL2Yue2ZXPZR9JVpyv2Y&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL6eL2Yue2ZXPZR9JVpyv2Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNWJ7qij544xEmTw3E3rIFlXU4KyrP-XLAkvqL332m8MlAkXjIiv92SDkbxemQr-8xqimSU7kaTRCY5oKs29GYbAZ5jSORaQDCmv0WUDGMN0CsBpLuQYKhfMkmXP4TyabNq8aei4WiwgkDCopy8FMjMXVDVUDLGr0XgT8P140OaZ2NA88cY
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 13:14:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL6eL2Yue2ZXPZR9JVpyv2Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 999E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBKrCqmlQ2M3RlB_p7FOpbg&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBKrCqmlQ2M3RlB_p7FOpbg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNWJ7qij544xEmTw3E3rIFlXU4KyrP-XLAkvqL332m8MlAkXjIiv92SDkbxemQr-8xqimSU7kaTRCY5oKs29GYbAZ5jSORaQDCmv0WUDGMN0CsBpLuQYKhfMkmXP4TyabNq8aei4WiwgkDCopy8FMjMXVDVUDLGr0XgT8P140OaZ2NA88cY
Protocol
HTTP/1.1
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 13:14:38 GMT
AN-X-Request-Uuid
b5aed4d4-d65a-4383-a8ba-94481347334c
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBKrCqmlQ2M3RlB_p7FOpbg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 999E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE0NTE5NTM4Njg0MDM2NDE3NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE0NTE5NTM4Njg0MDM2NDE3NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYw9PDmAEwAQ&v=APEucNWJ7qij544xEmTw3E3rIFlXU4KyrP-XLAkvqL332m8MlAkXjIiv92SDkbxemQr-8xqimSU7kaTRCY5oKs29GYbAZ5jSORaQDCmv0WUDGMN0CsBpLuQYKhfMkmXP4TyabNq8aei4WiwgkDCopy8FMjMXVDVUDLGr0XgT8P140OaZ2NA88cY
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 13:14:38 GMT
AN-X-Request-Uuid
b74897c1-fd31-4c07-bc81-a94963bd8bb5
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE0NTE5NTM4Njg0MDM2NDE3NA%3D%3D
Connection
keep-alive
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120101&jk=2405123703615796&bg=!UlGlURXNAAbvMpMzzzI7ACkAdvg8Wni1iaecLpwYU1zYf8UOGQ6HUW7W5aFyNexl60oShJBeTeGo8gIAAABBUgAAAARoAQcKABGfH4CZZjW-ICrOOJsBOw8ELJkCqN-_pRL3kzcZcsbI-xbQguYaV1X0xmM6ZjjTVnRIu9mz2uTGEOqENcjlIt_tvllWqRlNs-bak4PEnhL-eSWGjw5rWKdYxhxKucOj_Rwf9nrZpKKrJ__WFMIPPhx4hK-YAImrH-xE_uax2LI-4SEtLDONkIIqpCWT7PU9p5_AlSivU6Af9aXuxNpeKSxQkwWt8njZM3h7PJfWb1bxnAhaGz8JLv3nwaX2vb0bqENRGSuQpyFHzrwZMBy4yHgsy0xCXcl2c6SqQLPd5Thit6Ij39I7iRU3GbGYB6ZYn0bO97_f9e-9JfYP4kHJvuGByrtVREZE6bIxFaT3s_qTIHQHlSllun5ILDzUIlRZbG7JMO3GGbIThGQMHceBZogiIsB5PMRept05p_7rjDD4bGCeq9LYrv_yx_TvTX5Yk0qvgFleOMPOxRC1WykERiVoq88EZMrL-1V7E0wSCf9n6VAX7rwHUtvJoaYQHC_Hue35lq0fDG4cYFuGw_j1ltMUfJhRLbGpJd83PsRs_4dKJMPxaz6c356jCI4UokeisYOc5OpesWbolx1lfxIGT_XqG8ChhOVzw0gkQ3sU9oc3eRG7ydtMFuMjSNVIGUpZ5xQ4GQ7poVxq0BMo2H46YC1mFCeOZUObXpKATnbxHD-4muZUeLxNuY253K2KvVwhFb_IM4FQV52pH_TpkP6oZUFpVKsK6T-xch_ZUJb4AGuTACbWg6-2eGZ5V6XgnwpkFxLi3R--6XWD-cTQ-Ibv8LMsJML_U81Fc4P3Nj_PwDYKKRWo2cuXuKIwX3NSiUpiBUNvYkXgT-FSvW1EwBD4lyBKMxDRNjtGyfBNu3txnApv9rUxu0sq5aUwww0QSmqTVHMKUiXNFVLZHZ57vc8dMo-o2HBrE_dFmzQ_hR0i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame BEFC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
URL: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 13:14:38 GMT
expires
Sun, 04 Dec 2022 13:14:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 13:14:38 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 94CB 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/
Origin
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 10:10:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11028
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Dec 2022 10:10:50 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 94CB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxF1PjTSYpvgOygANgIaEyYwk97ub817dStHo_-qggqyqUy9m_94Ep-1WR6CbSW_0LSGnrnrsI3W6boC_B9-tza4KqdQ&cry=1&dbm_d=AKAmf-CA4Q2TrT3W_1H89zjoUNYOW-rc9xLu7BKcEHN9H_p3hVJRvxhap_ucj6GCShjBLbiR6UAjJZv0HZsF64ZiolcM1_oCXlqIEzwsHq7bAduvJ5yS8FwNG1gAKT75Q7uyIH4hMbVQRrmMlN5liOWD3x9XjnRu4CHmCLr6BSippUEnaKKnDuUNt47WmJSG_DXLGvfkdeQ9VT5XOwh2N6_v-roMcbQUnkx5XOjahikTW5U7AtGYzWFqc_6J4LSFEWFcNQM9L7o1mVW4RrH3jMZG5zjjLf0i6UQK6PSpw4fU0Lg8XQsirrU_QJJRknvHn3rOVkCCGXohcXZF8OhX_5YFBLwAaVXoxyJ8BuAjkaitHCUwvp19FtBiyMqTmOc15KesW6Ox4DDersYSVBmrxJzioazKN5JNsC7AkBnngUHhfjiag9QzVG1CrKUnHLU-ueOmsPEN_LHf5FfL2c-yc2HxAO4TF2OfXanftVj1WagxsmN73tt0323dEDLxSBXH8E815fhDNZj_vVU2fxAcPbpR0r6J9MGzUVkQssQxYkIa_krVlx1f5Qa8w-UWoZlKspVE-M884x7nnqwgoFgtjC7JwzlqQ-8A_LR8MrRotpoxasNeXKQ34emT9MPgM2XM_oVYZ5PMW82CxIhRH8hYF7im7jxbU2FqRBj-JOgTg-DV1uV0ubD0UvOFkLAJf-nmPUaCS2UJDc2K4HSP6GUVqGmkJbMghQtaTbpGtclJnCdDC8IyDY-tt4fgLIrF41HBbQC_42ZEkh7_5bpvqA28h8M1y6T6On2wwCf5YQHNFUfvJFSF3Ap0dVVdU43CKxCqOIp_5_qKMzbw2dsCwJTkUzP2tqLZES5Z2fDpfZe19IsrDTAik5EhiRPZ89EtZK9rCM9YrGoWhzrDenu3oip5MVaFhc6WmxtmZFhaw2vkUnJSQS2l3jovIPmhbiRUZH72J-3iszW6WwkzHCT4ZajxnSq57z6FobaoToHX2WcGW7mcwna8PzXni7WVMluCWGB3Z25dYuAiJ16t2GcM1jTPGzCuwGiBLgcHJ5ru3BfuzigkrrGeQojV9h5IIf7aDg0rtqIAVtacBeNuwLFNZ3X8bDXWEuD1Bm2odjkdIJTxhEqUWbvtYuvveF77ocLTiTMi68rkA1pSo0NduFxNcl-pXgxCwX2ZQMgiae8gtGLLta2Q-7-f2IFcuUwgLicx2HGJJAyL3x38GiyKs34sr3JFPjTb4bIs6GI3T807y4mOxaKNVgnrI1HD7gVWhhezPBx_outvaUHa6BUDZ5PpBoXDSJ_29AKIryLp2uFVu9fO-8QhSZoGWC97goKYDxGWPrkFiGgcy9KFsRTZMZQbj40Um5yThHZskpDaAc9HG7DhPTHjIHyYAA9r5X5TLFQCaVc55Hj_rQk09CvMogu0ytZBK5OzeVDqUIYOcOmLev8s4_3jn8FhRBhd-oWFlZ1MB8pQZ3VT-72dRFAghZDSUc-rJoGck9xgX8rL3c3pAQ_Z_TMi7McPDwcOxyL8RSNOavrzn0mTbabqCWPFRQomvWazdmxwf5WOHaM2DzOoHLhhr3UVd44BDlC1BY8tXW7ifRk2ujJOe1OJv6tLtUBZ19bVQf2hHeRw3GWvv7g2-wffmCwtyjec1ciIun9CGcjgIAzxrC_353xyq6aniNJDMWNyNmrWfvqk3e47y_BiRVx9m3nTBMciX8I_CVHtp8cVN8_Kn07X2aX8-7lG4EFMI7_-FmzlMgCU-nBVcoRMlNfx7GrKhEMLPAwH673LVf23qHfz3dK7KkinreTCxZ1jq4K-8BPD6XAA3Ml8sxICot7Gm-8AX4dfPkWpvlgoo5W9c2Zl8jjxYzQBDIEDZzENHQYZcPzLR5_Op28fUuVcrXoDmHA8MaSyRDvuIhS6NozT5s88-gKtc-LquIxBjlTbfCKE5BKXKLUqM6YqT17FStBK05ZZHEv2E-VkT5QXV2oOlcty_9lTw-SDj5uARnIcbMit_fi5JH9vIOS7xKJkJspKLF-zIu1PPGF-_XQgV_B84Z2LZ8yuHn-cCHrKw6aeTRu9a830LMrVzHP5PVRXRLkR60KmOhoNRnxOIwMHtNljlg8LPDlFxq9S9qPlpBRX-DIXRQ8m0unargflk7StXyBGnUfF7EWYVr2BpUfcozWX_a6BAAE51pVPQ7S2ZxQIaVFN1T8LPmPW0uszsuHUnAn3veDMJL_Jr8qoCiOFrQLh82V_xRaLqVHruhte_goYMqUNiTMMwyXRq6yu4ocm4svaHUhjSLlyZMMvNV7lmXqPEet4HG1PJHwfVG7brpqQf_FOubyuzYjsWOu7Fo23tJ2KUfBuWTzxDWXwlVDy00OGdCppWKu0zIhPxR9oCq3XV63yvHlWg9Vm_LGccfGRqk5vqiETy-gbyodNIo2M4jSRQEoWYkhYoN9p1jglaWEIo_1OIc6XzEPs1g-dmc51wkoLJIiDda1Hvm2ldslHg2r0pG5kz93mI80ljhoT5RbeDYlQLudHgfYKiI0yOzwVv1s8NhhZI2j6Z8JF3cxyIiF7YSO_XGSACo7yfwO4mL1pqxetT8BhjRwd5gi-caX95HM9Gi9_X3YBC-iN606VLGRRUi9ulvHrBm70GjZOsmzKfXh-rbYE0tYe0aYVj6Di5uT7xkDEZORxl3-p3HnGhMcZvm-Y9xVjMJNlTT1TJTitYjS3RlUQiKACXFB26C7I7JFs_H3EKYT0ctxdaolXZbNybd4gKJhYAGxto_ytq_CK3lJPrpvcZJ3FJSyPvuFh1groCdE-aq2XshtQI-Lu0CMYzd_y9fGF-67-yUD9S3Dq2Wd6_VHaLf7eKA9MzGKixRmjK9z6z9wCXnDIhECleiqorbwk9FaIsMAzC3PL_skasy3qopZLdt74ed206w74SB1GdBaiVBnRuCLljhT3kL78NIHmX8-VG0VEYz5nFN_Cv1_IhF6TkWSX05AJkmPq27--dWTeL5bgzE8PDab4CMkJDeVFa0UHaxZ7YNLgy5nf2Nz-oxFH8TOur3wZ600vtSNonif3tLfwl2jMGHg&cid=CAQSOwDq26N9gmQtwlIKpuVuiafiE9q-TJv6Bi51EztLWIA7Z1OrF8QKasAeWPPDhCuqAU-5SbQJJQ7oB2kDGAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 10:10:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
11028
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 10:10:50 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 94CB 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DxF1PjTSYpvgOygANgIaEyYwk97ub817dStHo_-qggqyqUy9m_94Ep-1WR6CbSW_0LSGnrnrsI3W6boC_B9-tza4KqdQ&cry=1&dbm_d=AKAmf-CA4Q2TrT3W_1H89zjoUNYOW-rc9xLu7BKcEHN9H_p3hVJRvxhap_ucj6GCShjBLbiR6UAjJZv0HZsF64ZiolcM1_oCXlqIEzwsHq7bAduvJ5yS8FwNG1gAKT75Q7uyIH4hMbVQRrmMlN5liOWD3x9XjnRu4CHmCLr6BSippUEnaKKnDuUNt47WmJSG_DXLGvfkdeQ9VT5XOwh2N6_v-roMcbQUnkx5XOjahikTW5U7AtGYzWFqc_6J4LSFEWFcNQM9L7o1mVW4RrH3jMZG5zjjLf0i6UQK6PSpw4fU0Lg8XQsirrU_QJJRknvHn3rOVkCCGXohcXZF8OhX_5YFBLwAaVXoxyJ8BuAjkaitHCUwvp19FtBiyMqTmOc15KesW6Ox4DDersYSVBmrxJzioazKN5JNsC7AkBnngUHhfjiag9QzVG1CrKUnHLU-ueOmsPEN_LHf5FfL2c-yc2HxAO4TF2OfXanftVj1WagxsmN73tt0323dEDLxSBXH8E815fhDNZj_vVU2fxAcPbpR0r6J9MGzUVkQssQxYkIa_krVlx1f5Qa8w-UWoZlKspVE-M884x7nnqwgoFgtjC7JwzlqQ-8A_LR8MrRotpoxasNeXKQ34emT9MPgM2XM_oVYZ5PMW82CxIhRH8hYF7im7jxbU2FqRBj-JOgTg-DV1uV0ubD0UvOFkLAJf-nmPUaCS2UJDc2K4HSP6GUVqGmkJbMghQtaTbpGtclJnCdDC8IyDY-tt4fgLIrF41HBbQC_42ZEkh7_5bpvqA28h8M1y6T6On2wwCf5YQHNFUfvJFSF3Ap0dVVdU43CKxCqOIp_5_qKMzbw2dsCwJTkUzP2tqLZES5Z2fDpfZe19IsrDTAik5EhiRPZ89EtZK9rCM9YrGoWhzrDenu3oip5MVaFhc6WmxtmZFhaw2vkUnJSQS2l3jovIPmhbiRUZH72J-3iszW6WwkzHCT4ZajxnSq57z6FobaoToHX2WcGW7mcwna8PzXni7WVMluCWGB3Z25dYuAiJ16t2GcM1jTPGzCuwGiBLgcHJ5ru3BfuzigkrrGeQojV9h5IIf7aDg0rtqIAVtacBeNuwLFNZ3X8bDXWEuD1Bm2odjkdIJTxhEqUWbvtYuvveF77ocLTiTMi68rkA1pSo0NduFxNcl-pXgxCwX2ZQMgiae8gtGLLta2Q-7-f2IFcuUwgLicx2HGJJAyL3x38GiyKs34sr3JFPjTb4bIs6GI3T807y4mOxaKNVgnrI1HD7gVWhhezPBx_outvaUHa6BUDZ5PpBoXDSJ_29AKIryLp2uFVu9fO-8QhSZoGWC97goKYDxGWPrkFiGgcy9KFsRTZMZQbj40Um5yThHZskpDaAc9HG7DhPTHjIHyYAA9r5X5TLFQCaVc55Hj_rQk09CvMogu0ytZBK5OzeVDqUIYOcOmLev8s4_3jn8FhRBhd-oWFlZ1MB8pQZ3VT-72dRFAghZDSUc-rJoGck9xgX8rL3c3pAQ_Z_TMi7McPDwcOxyL8RSNOavrzn0mTbabqCWPFRQomvWazdmxwf5WOHaM2DzOoHLhhr3UVd44BDlC1BY8tXW7ifRk2ujJOe1OJv6tLtUBZ19bVQf2hHeRw3GWvv7g2-wffmCwtyjec1ciIun9CGcjgIAzxrC_353xyq6aniNJDMWNyNmrWfvqk3e47y_BiRVx9m3nTBMciX8I_CVHtp8cVN8_Kn07X2aX8-7lG4EFMI7_-FmzlMgCU-nBVcoRMlNfx7GrKhEMLPAwH673LVf23qHfz3dK7KkinreTCxZ1jq4K-8BPD6XAA3Ml8sxICot7Gm-8AX4dfPkWpvlgoo5W9c2Zl8jjxYzQBDIEDZzENHQYZcPzLR5_Op28fUuVcrXoDmHA8MaSyRDvuIhS6NozT5s88-gKtc-LquIxBjlTbfCKE5BKXKLUqM6YqT17FStBK05ZZHEv2E-VkT5QXV2oOlcty_9lTw-SDj5uARnIcbMit_fi5JH9vIOS7xKJkJspKLF-zIu1PPGF-_XQgV_B84Z2LZ8yuHn-cCHrKw6aeTRu9a830LMrVzHP5PVRXRLkR60KmOhoNRnxOIwMHtNljlg8LPDlFxq9S9qPlpBRX-DIXRQ8m0unargflk7StXyBGnUfF7EWYVr2BpUfcozWX_a6BAAE51pVPQ7S2ZxQIaVFN1T8LPmPW0uszsuHUnAn3veDMJL_Jr8qoCiOFrQLh82V_xRaLqVHruhte_goYMqUNiTMMwyXRq6yu4ocm4svaHUhjSLlyZMMvNV7lmXqPEet4HG1PJHwfVG7brpqQf_FOubyuzYjsWOu7Fo23tJ2KUfBuWTzxDWXwlVDy00OGdCppWKu0zIhPxR9oCq3XV63yvHlWg9Vm_LGccfGRqk5vqiETy-gbyodNIo2M4jSRQEoWYkhYoN9p1jglaWEIo_1OIc6XzEPs1g-dmc51wkoLJIiDda1Hvm2ldslHg2r0pG5kz93mI80ljhoT5RbeDYlQLudHgfYKiI0yOzwVv1s8NhhZI2j6Z8JF3cxyIiF7YSO_XGSACo7yfwO4mL1pqxetT8BhjRwd5gi-caX95HM9Gi9_X3YBC-iN606VLGRRUi9ulvHrBm70GjZOsmzKfXh-rbYE0tYe0aYVj6Di5uT7xkDEZORxl3-p3HnGhMcZvm-Y9xVjMJNlTT1TJTitYjS3RlUQiKACXFB26C7I7JFs_H3EKYT0ctxdaolXZbNybd4gKJhYAGxto_ytq_CK3lJPrpvcZJ3FJSyPvuFh1groCdE-aq2XshtQI-Lu0CMYzd_y9fGF-67-yUD9S3Dq2Wd6_VHaLf7eKA9MzGKixRmjK9z6z9wCXnDIhECleiqorbwk9FaIsMAzC3PL_skasy3qopZLdt74ed206w74SB1GdBaiVBnRuCLljhT3kL78NIHmX8-VG0VEYz5nFN_Cv1_IhF6TkWSX05AJkmPq27--dWTeL5bgzE8PDab4CMkJDeVFa0UHaxZ7YNLgy5nf2Nz-oxFH8TOur3wZ600vtSNonif3tLfwl2jMGHg&cid=CAQSOwDq26N9gmQtwlIKpuVuiafiE9q-TJv6Bi51EztLWIA7Z1OrF8QKasAeWPPDhCuqAU-5SbQJJQ7oB2kDGAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.walla.co.il%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 10:10:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
11029
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 18 Dec 2022 10:10:49 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ Frame 7CA1 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:800,300,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 22:05:34 GMT
x-content-type-options
nosniff
age
227344
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46524
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:58:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 22:05:34 GMT
index.html
s0.2mdn.net/sadbundle/9299586283340861618/ Frame 866B 		27 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9299586283340861618/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10c3ccaf681df66f43432ae1644c414aed231c1fa9502b15dc9230c440a5bbd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
439959
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5399
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 29 Nov 2022 11:01:59 GMT
expires
Wed, 29 Nov 2023 11:01:59 GMT
last-modified
Tue, 01 Nov 2022 13:44:28 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 94CB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssL4s3rD1vgL5YYlDQXwQ2ofSixG9GApEKhJGj9TT1fyGYbfC3ygR1Y4xau01D2ZpYMyyq3hKFWc8tuIYTMoVJ0PvcleEVYwWCPwsoGiHcaRnzjhb02ztU1DHozHjAG6I5Dru_36-oniExYcRPOlX5gPK0oUG1H2_kdziACWUNIvchpnf_xWb2bDLQjI_-3Y6Fo54SqZb2uGzLX-Rt3xz6a2gPpY2QL2pI41JoHkczjO4qTjZfRQQaZHObW_ucS-7wOlPqosg-HVYxhFjRWtM-Wci8UzknqWZhNLRRb15WK3ieqGQ40AKr6nKBXFPiQ2ws9g0JritYRFOns82BPz8MNZ3eR1K1t1aEM5EVZwjbBkNQ-npWnzehjOz-h-rZRg7zg_7hfgkLhyeluhzsNYg5LWP8rD6wG8TrsTDgPWyxvl4Pf5lcfaIjwdAfwPEzTdrFb7txuRl04oFsm3UEtZ3qOn4qfZw-Na1Q9vdEEsZbINeJEK99thDRCwlNQFD6cY90BgRMSQ7GM_BRtRtN16vakiGspZo7cZ14WAZ8DrpHFzPT1Vh8cmHCiZA1YUizZnhxO2kPYNKkuu38z34cldG7lfN85M8SQ4VFlEf0_oNAyZf2nfxlmLhNgA-TrYRY22VbmlVVOHDVi-tp0-qLyeF245CzToXHmqqy0XJw0ZEVDfjZbz9xde-RayhiksbUuGXsR5VZfHbdBr88lBpgDRyIV7pejOCSSUPvct9JX7vcBGXWroAyT48L0Pwg-BdVDt70y41LgH4f8vnG2jsnFcS8Acpj4GAwt711IMscYojAaFvWyD2v1p1E-_dKhoc9qhxNh5dRJtI59c14494ZqP_kkHnvNiH4Q2xJnRETzbeF4X933fTta-rHcX6R0JYuYa70TvtlvrEBKHisYGn6dQr0RCFuU_G88V2HavQigfqAJCx06gUoh0Lae0EvST2A2uA0Vv2qepvwax6DTSHHE69PQvRCpfhktmgNp5x6EA14QWOhBXjbIa9pjOrFK3lhiBrAxWggSPMQ3SP3mfeaGiXYmnwx8MUkcLXDOgB59XlRQtikoTt1oqK0v876oT8Kxfw-YJusXb-QsHoDqyM3CQH-Orn7QXAWcngeukZ8rgjAVkuTIRAGNQxRzWc8llhek_q9eAgsTwK1kie199HpTudMlT9Lx4NJ0b7K1IrogNhY8slO6sPjbksSTNt5xPC7XlbA-7zqoXSI&sai=AMfl-YQcNDFb4Iu0CBEykEBsFS4Ni3h1JAJ6q_h_Rpux6DGOpy13MY-I_dQaQzmw4kL-E6FHzJ2cvRTQ1yUPzNoJSESRIuUofVjcTJROGjxnCGmSugdQBPCDaImQinrm5xvll3y_U0VD0IHXM9T624o7bR88XhsEoHYwfevT8thCQU3PGW5FLGDWmZfRRc8YuICMxVh_vSlyzb5eIMFVoRHBVe8c90ra2rWDuvpGiwugl4qagJYoeHSRRo1npa1gGM9fpbCbF8OPatVbfTLDXGc1pnEVPEEJpeX0yw&sig=Cg0ArKJSzPh0Sj_rKB6KEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=96&cbvp=1&cstd=93&cisv=r20221110.92815&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 04 Dec 2022 13:14:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 04 Dec 2022 13:14:38 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame 997F 		0
337 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7744ce68aef29134-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 04 Dec 2022 13:14:38 GMT
server
cloudflare
vary
Accept-Encoding
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 94CB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
URL: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
161096
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 16:29:42 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8215 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
URL: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11029
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 10:10:49 GMT
etag
48472445140208031
expires
Mon, 05 Dec 2022 10:10:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 94CB 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ea9be3a74e767850d7f9fcdfb635973c47ce010e2ad2b825d22eab2fac3c0dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Content-Type
image/png
411abac7a13088d426e44a46fa99b1
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame B18D
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/411abac7a13088d426e44a46fa99b1?gdpr_consent=&gdpr=0
0
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/411abac7a13088d426e44a46fa99b1?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7744ce69d9ad9134-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 04 Dec 2022 13:14:39 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Sun, 04 Dec 2022 13:14:39 GMT
Expires
Sun, 04 Dec 2022 13:14:39 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/411abac7a13088d426e44a46fa99b1?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1670159678918081-361
caafd485a4229a8786e33286a6757f51.js
s0.2mdn.net/sadbundle/9299586283340861618/ Frame 866B 		94 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9299586283340861618/caafd485a4229a8786e33286a6757f51.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9299586283340861618/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9adf2872df2e729a3f068d8372119d928ae9b5fc6b54076e452fdbf84ab5d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9299586283340861618/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 11:02:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
439958
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27504
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 13:44:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 11:02:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A882 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
181148
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 02 Dec 2022 10:55:30 GMT
expires
Sat, 02 Dec 2023 10:55:30 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8215
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMJKCp4uH-caGFmJ_ThUzvU&google_cver=1&google_push=ASkJ3Fbj7PPk3JKq2jOmJfn_tBcC4K75cgMAHlJnlH3lFGv36n2IkFaJ6jo0pudG_RuwHhwANKEezZ8U-jCWNQEuMaIG4lW8l84e
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDU3OTg3ODY4NDc5MDcxMTU4OQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMJKCp4uH-caGFmJ_ThUzvU&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMJKCp4uH-caGFmJ_ThUzvU&google_cver=1
Requested by
Host: f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
URL: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 04 Dec 2022 13:14:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMJKCp4uH-caGFmJ_ThUzvU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 8215 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDMu42Nqbb98DlgO9oYQa8s&google_cver=1&google_push=ASkJ3FbhK9wmZ_HZaPTpN0C0MyNNnP8xyrJ99g-7SyDFtWK1D81erNjGJ4DZXoem2ttWKQac9ArRxWj0OTiDOaZCd2SC_kyUTyDY
Requested by
Host: f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
URL: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8215
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEPSeVSzL1pAi0efO4bBsZ3M&google_cver=1&google_push=ASkJ3FY8ysE03Iq5T5tW-dwaWoEnSpabaSSo4XziOLNVOnmNE2xsmNbppKN4BCl328rbcNfSeP-Ix--kYfZK7gM3RWEDmIhUA1CN
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AB0BD8FFC041453D8E1790E2594F69F9&google_push=ASkJ3FY8ysE03Iq5T5tW-dwaWoEnSpabaSSo4XziOLNVOnmNE2xsmNbppKN4BCl328rbcNfSeP-Ix--kYfZK7gM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AB0BD8FFC041453D8E1790E2594F69F9&google_push=ASkJ3FY8ysE03Iq5T5tW-dwaWoEnSpabaSSo4XziOLNVOnmNE2xsmNbppKN4BCl328rbcNfSeP-Ix--kYfZK7gM3RWEDmIhUA1CN
Requested by
Host: f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
URL: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 04 Dec 2022 13:14:38 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AB0BD8FFC041453D8E1790E2594F69F9&google_push=ASkJ3FY8ysE03Iq5T5tW-dwaWoEnSpabaSSo4XziOLNVOnmNE2xsmNbppKN4BCl328rbcNfSeP-Ix--kYfZK7gM3RWEDmIhUA1CN
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 03 Dec 2022 13:14:38 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 8215 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECCSBJ9dMp8MqvBLqv6Viag&google_cver=1&google_push=ASkJ3FYsU4EvUVVHr3TIsb9avChYyUeDYHS2e5IwPsJSsS3hBgSPPMP4z5igB5BvV0CpmrUAyaXDR9OCoLS-ZRFSHboi-CBQumYg
Requested by
Host: f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
URL: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:38 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 8215
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEF1oknxvi9aH79qV7YcjNHU&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEF1oknxvi9aH79qV7YcjNHU&google_hm=Y4ydPtdbn9hsI04klMtawAAAFAgAAAIB&google_nid=index&google_push=ASkJ3FYsJZtbWpzL6HMHHIFHpGpk1lXdYpbTl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEF1oknxvi9aH79qV7YcjNHU&google_hm=Y4ydPtdbn9hsI04klMtawAAAFAgAAAIB&google_nid=index&google_push=ASkJ3FYsJZtbWpzL6HMHHIFHpGpk1lXdYpbTlz8vE7wY5Ibn0UCre6PEtYuJX8XkrSwgYNfoNyesdW0NN_5f4sUEipUxkHIgXkSv
Requested by
Host: f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
URL: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dyb1wMem2ybQyD7S%2FC005pAQyjCGHeG6SJKu2k6W1cQ24%2BPrxe8IczlzJ7e8OMJLT7kxYybiyPLh5eJIO%2FWoN2zKuyLJIp1YHpnyHmBRR4smWxkdhZdlztobZVkHZlQhQzUuu38Q9m4zbw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEF1oknxvi9aH79qV7YcjNHU&google_hm=Y4ydPtdbn9hsI04klMtawAAAFAgAAAIB&google_nid=index&google_push=ASkJ3FYsJZtbWpzL6HMHHIFHpGpk1lXdYpbTlz8vE7wY5Ibn0UCre6PEtYuJX8XkrSwgYNfoNyesdW0NN_5f4sUEipUxkHIgXkSv
cache-control
no-cache
cf-ray
7744ce695ec4bb83-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 8215
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIdziEG_Dkpj4H6f1Y6j8Jk&google_cver=1&google_push=ASkJ3FYs19RW4r6W50oTZxSC5FIWOMDmVjVNtl30hBiaRA-7-DZKotn1TW_DXtNp87ZAxjv7HAeS0WHlLNWK_3tC...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FYs19RW4r6W50oTZxSC5FIWOMDmVjVNtl30hBiaRA-7-DZKotn1TW_DXtNp87ZAxjv7HAeS0WHlLNWK_3tC51EUlVHtPOM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FYs19RW4r6W50oTZxSC5FIWOMDmVjVNtl30hBiaRA-7-DZKotn1TW_DXtNp87ZAxjv7HAeS0WHlLNWK_3tC51EUlVHtPOM
Requested by
Host: f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
URL: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 04 Dec 2022 13:14:38 GMT
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ASkJ3FYs19RW4r6W50oTZxSC5FIWOMDmVjVNtl30hBiaRA-7-DZKotn1TW_DXtNp87ZAxjv7HAeS0WHlLNWK_3tC51EUlVHtPOM
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
VmfIidMI5ANXnaIYC_qc6G2UKAqfdwsXWrUU3jx-sBESpULmlepxSw==
pixel
cm.g.doubleclick.net/ Frame 8215
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHZR-35m8K3bvqtKONx2NnU&google_cver=1&google_push=ASkJ3FYx51jar_jPg...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE0NTE5NTM4Njg0MDM2NDE3NA%3D%3D&google_gid=CAESEHZR-35m8K3bvqtKONx2NnU&google_cver=1&google_push=ASkJ3FYx51jar_jPgMpq1cGyUr-j46ZjsP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE0NTE5NTM4Njg0MDM2NDE3NA%3D%3D&google_gid=CAESEHZR-35m8K3bvqtKONx2NnU&google_cver=1&google_push=ASkJ3FYx51jar_jPgMpq1cGyUr-j46ZjsPn2CKqnOq9oGO5DtPILk_HHRCBFrHMNTWHn0oHyuKOcDc54FSIVYpInzA0OHoXKjvCciA
Requested by
Host: f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
URL: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 04 Dec 2022 13:14:38 GMT
AN-X-Request-Uuid
1391ce33-a934-4c16-987f-c3da3ca54c72
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDE0NTE5NTM4Njg0MDM2NDE3NA%3D%3D&google_gid=CAESEHZR-35m8K3bvqtKONx2NnU&google_cver=1&google_push=ASkJ3FYx51jar_jPgMpq1cGyUr-j46ZjsPn2CKqnOq9oGO5DtPILk_HHRCBFrHMNTWHn0oHyuKOcDc54FSIVYpInzA0OHoXKjvCciA
Connection
keep-alive
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 8215 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LiiHnjJwoKj8wyMzUKGSG-1N2qM3vqjKe4m1MaMVtqSchkfarJJuTSAgL61nPq-zrA7Zp-0g
Requested by
Host: f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
URL: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
v1
match.sharethrough.com/universal/ Frame 1F01 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.133.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-133-172.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sun, 04 Dec 2022 13:14:38 GMT
Algovir_Packagings.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 7CA1 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/Algovir_Packagings.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ba645c358687e7cd2018456d3691e703613aa27fa2fa2e54d9396cdf4c55b3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 30 Nov 2022 11:17:50 GMT
x-content-type-options
nosniff
age
352608
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27097
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 11:17:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 30 Nov 2023 11:17:50 GMT
Check.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 7CA1 		585 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/Check.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f60b30f2c5ddad9a137a0bebdbcdd2df24cf8e1c3f229764e987d72d56aed439
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 01 Dec 2022 23:02:07 GMT
age
223951
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 11:17:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Dec 2023 23:02:07 GMT
CTA_mehr_erfahren_einzeilig.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 7CA1 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/CTA_mehr_erfahren_einzeilig.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eba07c8aaf4516406fe82ace06334844f851e93b3efb12ef6ee69f190a5c4f67
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 30 Nov 2022 11:18:36 GMT
age
352562
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1689
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 11:17:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 30 Nov 2023 11:18:36 GMT
CTA_mehr_erfahren_zweizeilig.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 7CA1 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/CTA_mehr_erfahren_zweizeilig.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66e9c7e2345cb50b8e2eed66f19e4ca73427ec6b96b78ecf9387ad152003474b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 30 Nov 2022 11:18:36 GMT
age
352562
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1265
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 11:17:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 30 Nov 2023 11:18:36 GMT
Bubbles.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 7CA1 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/Bubbles.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42e15b92dfd5ed76464a31a7e57706652db1f05e4287b112170f0f57c3aeb8f7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 28 Nov 2022 17:44:04 GMT
x-content-type-options
nosniff
age
502234
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15028
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 11:17:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 28 Nov 2023 17:44:04 GMT
algovir_Visual_Spruehstoss.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 7CA1 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/algovir_Visual_Spruehstoss.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21b2c55e517d80205308da0a13befc68d57b05b7f077646058b1b584ee872a5c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 30 Nov 2022 11:17:50 GMT
x-content-type-options
nosniff
age
352608
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14241
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 11:17:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 30 Nov 2023 11:17:50 GMT
algovir_flasche.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 7CA1 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/algovir_flasche.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c45eea5e6944436e8762d9c18bde4591ac33efd2bfbda1ff9d064712cadaa1ce
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 30 Nov 2022 11:17:50 GMT
x-content-type-options
nosniff
age
352608
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20835
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 11:17:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 30 Nov 2023 11:17:50 GMT
Viren.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 7CA1 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/Viren.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1c08ac4601146baf8c5c89c7ce57be133c9fa8cf02d02904f0a20d57b0d1e99
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 01 Dec 2022 23:01:50 GMT
x-content-type-options
nosniff
age
223968
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7856
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 11:17:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Dec 2023 23:01:50 GMT
css
fonts.googleapis.com/ Frame 866B 		6 KB
638 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500|Roboto:700
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9299586283340861618/caafd485a4229a8786e33286a6757f51.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d1bacd17873c96bdbd350c12414feaac6d0b8cca24bf7c7a76fb2adca4da029a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 04 Dec 2022 13:14:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 04 Dec 2022 13:05:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Dec 2022 13:14:38 GMT
26a7c83d22829365e50f6443cb4ff331.png
s0.2mdn.net/sadbundle/9299586283340861618/media/ Frame 866B 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9299586283340861618/media/26a7c83d22829365e50f6443cb4ff331.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9299586283340861618/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6896ad0850e899ea7bb9db2d18ba059b05129f3589b0bc986d0d67a3e7ba0a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9299586283340861618/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 11:02:00 GMT
x-content-type-options
nosniff
age
439958
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28828
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 13:44:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 11:02:00 GMT
bebf4f55ab27208ae89f4030e1b6be96.png
s0.2mdn.net/sadbundle/9299586283340861618/media/ Frame 866B 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9299586283340861618/media/bebf4f55ab27208ae89f4030e1b6be96.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9299586283340861618/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da69dad40a95b2e135b55c4ff8f6b295db28ad672234c2ffa7628e5f97fbe404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9299586283340861618/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 11:02:00 GMT
x-content-type-options
nosniff
age
439958
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5978
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 13:44:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 11:02:00 GMT
fcd84f1b4045d548b5e7683f7b00f108.png
s0.2mdn.net/sadbundle/9299586283340861618/media/ Frame 866B 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9299586283340861618/media/fcd84f1b4045d548b5e7683f7b00f108.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9299586283340861618/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3c04ece0a38a44bb92b8cff233e3fc9e9de941d93c68eff7e0b66795f947694
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9299586283340861618/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 11:02:00 GMT
x-content-type-options
nosniff
age
439958
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30353
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 13:44:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 11:02:00 GMT
e6a4ec3fae3e6a73cb7eb6918695ed02.png
s0.2mdn.net/sadbundle/9299586283340861618/media/ Frame 866B 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9299586283340861618/media/e6a4ec3fae3e6a73cb7eb6918695ed02.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9299586283340861618/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eba80e3e7fe6e84a681928ece12a2e50d281a7c894167acfc061b299b23c3b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9299586283340861618/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 11:02:00 GMT
x-content-type-options
nosniff
age
439958
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1137
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 13:44:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 11:02:00 GMT
M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
pagead2.googlesyndication.com/bg/ Frame A882 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 17:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 17:24:36 GMT
KznzEzjMum9a2Q5lixOZ
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 964E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/KznzEzjMum9a2Q5lixOZ?pi=smilewanted&tc=1
0
388 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/KznzEzjMum9a2Q5lixOZ?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7744ce69c98e9134-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 04 Dec 2022 13:14:39 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 04 Dec 2022 13:14:38 GMT Sun, 04 Dec 2022 13:14:38 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/KznzEzjMum9a2Q5lixOZ?pi=smilewanted&tc=1
pragma
no-cache
f2a13ee20c7c1967c5475059b996fa24.jpg
s0.2mdn.net/sadbundle/9299586283340861618/media/ Frame 866B 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9299586283340861618/media/f2a13ee20c7c1967c5475059b996fa24.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9299586283340861618/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e399e78f0de4357eda651c7bcd4c0b8c6a31ef704e012393dbae331b34460c86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9299586283340861618/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 11:02:00 GMT
x-content-type-options
nosniff
age
439958
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4408
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 13:44:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 11:02:00 GMT
34982548fd3ca58bc1b2657338118feb.png
s0.2mdn.net/sadbundle/9299586283340861618/media/ Frame 866B 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9299586283340861618/media/34982548fd3ca58bc1b2657338118feb.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9299586283340861618/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7176a68f787d038634c07ddfec722ea8bd90a36488dfbd96bc07d1e2b41de0ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9299586283340861618/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 11:02:00 GMT
x-content-type-options
nosniff
age
439958
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4504
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 13:44:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Nov 2023 11:02:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 866B 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500|Roboto:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 16:44:52 GMT
x-content-type-options
nosniff
age
505787
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 16:44:52 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 866B 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500|Roboto:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 11:59:40 GMT
x-content-type-options
nosniff
age
263699
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 11:59:40 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 866B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900|Roboto:500|Roboto:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 03:39:12 GMT
x-content-type-options
nosniff
age
293727
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Dec 2023 03:39:12 GMT
setuid
ib.adnxs.com/prebid/ Frame 866D
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=191ee3e318bf3b91c5e46b985335bace
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=191ee3e318bf3b91c5e46b985335bace
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
93aa350c-6158-42ca-88e9-ce90ddc90447
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 04 Dec 2022 13:14:39 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7744ce69c98c9134-FRA
content-type
text/html; charset=UTF-8
date
Sun, 04 Dec 2022 13:14:39 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=191ee3e318bf3b91c5e46b985335bace
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame 190C 		1 KB
824 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7744ce6a38f09191-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 04 Dec 2022 13:14:39 GMT
server
cloudflare
view
googleads4.g.doubleclick.net/pcs/ Frame 94CB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssL4s3rD1vgL5YYlDQXwQ2ofSixG9GApEKhJGj9TT1fyGYbfC3ygR1Y4xau01D2ZpYMyyq3hKFWc8tuIYTMoVJ0PvcleEVYwWCPwsoGiHcaRnzjhb02ztU1DHozHjAG6I5Dru_36-oniExYcRPOlX5gPK0oUG1H2_kdziACWUNIvchpnf_xWb2bDLQjI_-3Y6Fo54SqZb2uGzLX-Rt3xz6a2gPpY2QL2pI41JoHkczjO4qTjZfRQQaZHObW_ucS-7wOlPqosg-HVYxhFjRWtM-Wci8UzknqWZhNLRRb15WK3ieqGQ40AKr6nKBXFPiQ2ws9g0JritYRFOns82BPz8MNZ3eR1K1t1aEM5EVZwjbBkNQ-npWnzehjOz-h-rZRg7zg_7hfgkLhyeluhzsNYg5LWP8rD6wG8TrsTDgPWyxvl4Pf5lcfaIjwdAfwPEzTdrFb7txuRl04oFsm3UEtZ3qOn4qfZw-Na1Q9vdEEsZbINeJEK99thDRCwlNQFD6cY90BgRMSQ7GM_BRtRtN16vakiGspZo7cZ14WAZ8DrpHFzPT1Vh8cmHCiZA1YUizZnhxO2kPYNKkuu38z34cldG7lfN85M8SQ4VFlEf0_oNAyZf2nfxlmLhNgA-TrYRY22VbmlVVOHDVi-tp0-qLyeF245CzToXHmqqy0XJw0ZEVDfjZbz9xde-RayhiksbUuGXsR5VZfHbdBr88lBpgDRyIV7pejOCSSUPvct9JX7vcBGXWroAyT48L0Pwg-BdVDt70y41LgH4f8vnG2jsnFcS8Acpj4GAwt711IMscYojAaFvWyD2v1p1E-_dKhoc9qhxNh5dRJtI59c14494ZqP_kkHnvNiH4Q2xJnRETzbeF4X933fTta-rHcX6R0JYuYa70TvtlvrEBKHisYGn6dQr0RCFuU_G88V2HavQigfqAJCx06gUoh0Lae0EvST2A2uA0Vv2qepvwax6DTSHHE69PQvRCpfhktmgNp5x6EA14QWOhBXjbIa9pjOrFK3lhiBrAxWggSPMQ3SP3mfeaGiXYmnwx8MUkcLXDOgB59XlRQtikoTt1oqK0v876oT8Kxfw-YJusXb-QsHoDqyM3CQH-Orn7QXAWcngeukZ8rgjAVkuTIRAGNQxRzWc8llhek_q9eAgsTwK1kie199HpTudMlT9Lx4NJ0b7K1IrogNhY8slO6sPjbksSTNt5xPC7XlbA-7zqoXSI&sai=AMfl-YQcNDFb4Iu0CBEykEBsFS4Ni3h1JAJ6q_h_Rpux6DGOpy13MY-I_dQaQzmw4kL-E6FHzJ2cvRTQ1yUPzNoJSESRIuUofVjcTJROGjxnCGmSugdQBPCDaImQinrm5xvll3y_U0VD0IHXM9T624o7bR88XhsEoHYwfevT8thCQU3PGW5FLGDWmZfRRc8YuICMxVh_vSlyzb5eIMFVoRHBVe8c90ra2rWDuvpGiwugl4qagJYoeHSRRo1npa1gGM9fpbCbF8OPatVbfTLDXGc1pnEVPEEJpeX0yw&sig=Cg0ArKJSzPh0Sj_rKB6KEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=315&vt=11&dtpt=219&dett=3&cstd=93&cisv=r20221110.92815&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.walla.co.il
URL: https://www.walla.co.il/home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 04 Dec 2022 13:14:39 GMT
getuid
sync.smartadserver.com/ Frame 81E1
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sun, 04 Dec 2022 13:14:39 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Sun, 04 Dec 2022 13:14:38 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
56a95dcd-10f2-4880-8e1b-07f9ecf90025&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 8D01
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/56a95dcd-10f2-4880-8e1b-07f9ecf90025&partner_id=1010
0
427 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/56a95dcd-10f2-4880-8e1b-07f9ecf90025&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7744ce6bbdfb9134-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 04 Dec 2022 13:14:39 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Sun, 04 Dec 2022 13:14:39 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/56a95dcd-10f2-4880-8e1b-07f9ecf90025&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
1
sync-eu.connectad.io/syncer/ Frame AEDD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7744ce6ada329191-FRA
date
Sun, 04 Dec 2022 13:14:39 GMT
server
cloudflare
via
1.1 google
gen_204
pagead2.googlesyndication.com/pagead/ Frame A882 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6UO5Pp2MY6yLJv2wx_APpo61yAYAAAAAOAHgBAI&bg=!6-il6KzNAAbvMpMzzzI7ACkAdvg8WhLCdT7EEYE_Wn-X_bM67WOTOvlQFFGw_EQh4rYWdOPCDvrcYwIAAAC4UgAAAARoAQcKAH82B7R_XnKNiheRD3PyWUJC9A5UmN6205rkoNT5bii4H-SuF5GWoF5NiJ9WW57JhGPCj-AhWT0lkn7HBotFyKxTuPkM8OcHF9jBARE1-l6hXz4w2ZLOrXE9f2fqc9wDrU8gaef8QgLpliZqET8TyU5aD7VEByF8Xrjnz8xQZ_xGmQLeTloJfrrEFwM-PpSggpZasxTKGXFqK4xqK3IIij46cIjNa4if435h05MpqZkgkikSQRI-Z4eX_x8dtgPnf-Zwu5Jc6SbnVSddxlp8lZARLTS0Cg32UAAZR_BSgQVpGgDvOaInvZoNVztVx4QVugNiRfbkTh5iG8bhA0Sruy1o9Z94fGbeK1IL58nZHsCCpoMKVSRWx8DKpGfHHPAfrHV7ZdOGNqaqKnL4twiQSd3YSRbLh5GbWiJuFbpafDloZrfTYyrBROwNUpNBEMmb6bK-U1LVhUcReccntR4Sw35ZrkyozI8JmYP8JKIk7bOUtCy2kQXrGrmDx0wpws8SGk6QFkS88K-DLKOrOCAFMCfk-AfRxY-hbcejYMoqg_HZv9zAA-RFa6N31qe7RN4nvOO9t_WwZ22qbhmul7QlWqccjqfckzkjX45NwM-Gk1sSmOxDv6k08FcBpPIuOFFsk4GlxXu3s6RZ4jb1e3BhqJto6Yi63w4cVbKcWiuXudF80VCgOwECDN4bY4NtVHaFUBhBQMhctJ4WSi1qI8RgvXCLqfw067mwUYAEDezo3TDYdQ4b0EuVAFX7NCFZDNIO8kVwwM3CAQYuxNJljSA1jroxoBm39sioq1Vrbfm8hdXRQWxr32gQ_SrMTdfN-hjBQb1EYOhsb9pDkUoC_xgz9uzRhoZSmuCMwvEBrx0XisCfnKBgS0lEXS-McisAs4m_4o-HqwK5s6QgncCR6QP51l_F6cplmi3kAxITr87tLz7KjNW82Nt_SyzipOpR83MwfiMalxVdCVKvbERjUET0a_DkBKcteX7SnvgZb5REMCh6zY4p_3mB8RU968Aafg94dwNvYkUBjrRuE4hyDAmRmV03MFbGtqBcd6jQxa8lHchxeOyU8e-PCBp-WP-LRIUcfYfV7PYMthfNHr7E4mHukvA5nzfAMMqEziU-yZr0aRrg_5waonUF8NsEh8uJ_BbKYLA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 3BBE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C8DD 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=58689
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 04 Dec 2022 13:14:39 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 05 Dec 2022 05:32:48 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame C8DD 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=30850605&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f9478f6992907ff0975cf403d3c993151f0a6cf34112400d8a667a6f11f6229a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 04 Dec 2022 13:14:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Y4ydPtdbn9hsI04klMtawAAA%265128
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame 8666
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y4ydPtdbn9hsI04klMtawAAA%265128
0
565 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y4ydPtdbn9hsI04klMtawAAA%265128
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.walla.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7744ce6c5f859134-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 04 Dec 2022 13:14:39 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7744ce6b9af69b25-FRA
content-length
0
date
Sun, 04 Dec 2022 13:14:39 GMT
expires
0
location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Y4ydPtdbn9hsI04klMtawAAA%265128
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53twzhdoLTGreoZ1Zk51I6WdmKU00QPK7KeJ%2FoWbzWBsfO4PY1eqvGczGsQ7tSGkb26ifX2KgbVI5qUDdtmNKFJRNVrz5tK8vgUJQFdHIJ7XNCS4i%2BwK6KrSg6f6Vhojv9PaU5WdeGVsWA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
match
c1.adform.net/serving/cookie/ Frame CB0A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=1D889444-ABE0-4271-809B-B49C4CB422CB&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1D889444-ABE0-4271-809B-B49C4CB422CB&gdpr=0&gdpr_consent=
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1D889444-ABE0-4271-809B-B49C4CB422CB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 04 Dec 2022 13:14:39 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sun, 04 Dec 2022 13:14:39 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=1D889444-ABE0-4271-809B-B49C4CB422CB&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 9737
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cadc638c-9d3f-4f00-84f9-dfa90d89e724&gdpr=0&gdpr_consent=
42 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cadc638c-9d3f-4f00-84f9-dfa90d89e724&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 04 Dec 2022 13:14:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 04 Dec 2022 13:14:39 GMT
Expires
Sun, 04 Dec 2022 13:14:38 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master cdg-pixel-x31 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cadc638c-9d3f-4f00-84f9-dfa90d89e724&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 446A
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1342292186260750491
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1342292186260750491
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 04 Dec 2022 13:14:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1342292186260750491
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame BC95 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 13:14:39 GMT
expires
Sun, 04 Dec 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
604830
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame F6FF
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1D889444-ABE0-4271-809B-B49C4CB422CB&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1D889444-ABE0-4271-809B-B49C4CB422CB&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1D889444-ABE0-4271-809B-B49C4CB422CB&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 04 Dec 2022 13:14:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
MGEJBZM6528KPKGDPF82

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sun, 04 Dec 2022 13:14:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=1D889444-ABE0-4271-809B-B49C4CB422CB&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
TWMG7Q4PPFB0CYP3873Q
Pug
simage2.pubmatic.com/AdServer/ Frame 546C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4145195386840364174&gdpr=0&gdpr_consent=
42 B
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4145195386840364174&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 04 Dec 2022 13:14:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
944ebaef-0440-4457-ace4-ba457d09c141
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 04 Dec 2022 13:14:39 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4145195386840364174&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
80.255.10.203; 80.255.10.203; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
1D889444-ABE0-4271-809B-B49C4CB422CB
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame FEC8 		0
704 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/1D889444-ABE0-4271-809B-B49C4CB422CB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7744ce6bfeca9134-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 04 Dec 2022 13:14:39 GMT
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C8DD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=HYiURKvgQnGAm7ScTLQiyw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

unused62
8096267
date
Sun, 04 Dec 2022 13:14:39 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=UTF-8
cache-control
max-age=58689
accept-ranges
bytes
content-length
5549
expires
Mon, 05 Dec 2022 05:32:48 GMT

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame C8DD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=754f638c-9d3f-4200-b843-32f5c7905033
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=754f638c-9d3f-4200-b843-32f5c7905033
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 04 Dec 2022 13:14:39 GMT
Server
MT3 180 1fd3e2d master cdg-pixel-x12 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=754f638c-9d3f-4200-b843-32f5c7905033
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 04 Dec 2022 13:14:38 GMT
mw
mwzeom.zeotap.com/ Frame C8DD
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=1D889444-ABE0-4271-809B-B49C4CB422CB&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=0c77400775348ff2b9785fd49357b27d&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=060103195f90aa44
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8de485fc-b01a-4076-6898-cb0a14babf85&reqId=b1727862-13fd-4479-7a2c-5f4320a24c19&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGXhuX3K8zi1VaoVXLuS2Uk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8de485fc-b01a-4076-6898-cb0a14babf85&reqId=b1727862-13fd-4479-7a2c-5f4...
95 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEGXhuX3K8zi1VaoVXLuS2Uk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8de485fc-b01a-4076-6898-cb0a14babf85&reqId=b1727862-13fd-4479-7a2c-5f4320a24c19&zcluid=060103195f90aa44&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
2606:4700:10::6816:1957 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7744ce713c3392bd-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEGXhuX3K8zi1VaoVXLuS2Uk&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8de485fc-b01a-4076-6898-cb0a14babf85&reqId=b1727862-13fd-4479-7a2c-5f4320a24c19&zcluid=060103195f90aa44&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C8DD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MUQ4ODk0NDQtQUJFMC00MjcxLTgwOUItQjQ5QzRDQjQyMkNC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 04 Dec 2022 13:14:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C8DD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECajH95V_N5nwtMTof2jFGE&google_cver=1
42 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECajH95V_N5nwtMTof2jFGE&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 04 Dec 2022 13:14:39 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECajH95V_N5nwtMTof2jFGE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame C8DD 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 13:14:39 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 03 Dec 2022 13:14:39 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C8DD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5673640727577580083
42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5673640727577580083
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 04 Dec 2022 13:14:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5673640727577580083
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame C8DD 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 04 Dec 2022 13:14:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
activeview
pagead2.googlesyndication.com/pcs/ Frame 20D4 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRuPFqbJzNRmzRu1IHQPL06D2C42GK7RPJI8D_KSaMjJM3iYmsChiVqfAexQYxdZEvxNuul_BXUXILtMOcuzP5ZH1HGPV7PtuOm5DzcWdV31TztO36nj9-DF_co3Sh7kvaE7W7-9Ai2fZiwFngHQhttWKjqbQv366mOQ&sai=AMfl-YQblUFZ7k7f_pYCBxIOkmXUanaKmTqqTO5z5wpX2EQeitZBqcnCLq7mOCD7q96U3qPhTvNlLiN7V7z2-_zsl_bxMBA25qYDpTvJm_puSly_ET-TOKmAcAqhlNrtyg&sig=Cg0ArKJSzP6_qoGzFMnqEAE&cid=CAQSOwDq26N9bSqSNh9H7154e6EVOkq1FkikNGvP2Y59Kuwt3TYiH4CZnX42LjoAXSFAZMxmCyOnbwopi8iYGAEgEw&id=ampim&o=436,101&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=250&tls=1251&g=100&h=100&tt=1251&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1DCC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRZqWYKwvpB1Ag0Vj0z8WkOuSXtjkCVlVEkKCVWvtUBm5bb3xlX6Xcb__llFdFKndVTS6_uS_ePLIXqd_o7iyd_0z4TxAqkGcoC0U3W7vMuQH8btfCOBMj7-eYJPnfUEdx4RKrHA&sai=AMfl-YS5bbPfjdv4Vq3cSSiWndlVoFJ2iZ3Q5t8oyavvBc9I8FGXaeJcxRUpKVbQp1rygrbsU3jFaGfS9rutilOpFusqR16fdrZyoMaDIp10qStoJxx_bHi99isYeYdwgw&sig=Cg0ArKJSzEAtSSX-c0fnEAE&cid=CAQSOwDq26N9gmQtwlIKpuVuiafiE9q-TJv6Bi51EztLWIA7Z1OrF8QKasAeWPPDhCuqAU-5SbQJJQ7oB2kDGAEgEw&id=lidar2&mcvt=1000&p=186,1439,786,1599&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2273020715&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670159678494&rpt=264&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 94CB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnrObLaAbRZXhjCabAy85HM8aOK1SOqcZeMDZRaWe9RGeVpyZ-9Xwxtxe8ZcaMDD8FJ4i5L2x891OInZiivFIPW-XYnsXKvIx39yBPSRhHgiAV-s9FFNvqshlDkbSW60Bs1bJp7w&sai=AMfl-YRtVZ_5FczWMgQgQV57tEg_UAsr_UGt6Q_B-uYqj788lsCKpHeiCbOeRv4ev-d3bHh94WVzIYoU4m1FE5IUUxHUn_zTU8jf-iCUrA8-hmXXtuQzeHtR79we1r0OSQ&sig=Cg0ArKJSzDlI0FRXMxj_EAE&cid=CAQSOwDq26N9gmQtwlIKpuVuiafiE9q-TJv6Bi51EztLWIA7Z1OrF8QKasAeWPPDhCuqAU-5SbQJJQ7oB2kDGAEgEw&id=lidar2&mcvt=1000&p=881,315,1131,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2878636598&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670159678497&rpt=342&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 13:14:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unip
trc-events.taboola.com/1245572/log/3/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1245572/log/3/unip?en=pre_d_eng_tb&tos=4555&scd=100&ssd=1&est=1670159675688&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1670159680244&vi=1670159675686&ri=1ddcd5b2a373f5808eca5b617ce5658f&ref=null&cv=20221124-3-RELEASE&item-url=https%3A%2F%2Fwww.walla.co.il%2Fhome
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1245572/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.walla.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

access-control-allow-origin
https://www.walla.co.il
pragma
no-cache
date
Sun, 04 Dec 2022 13:14:40 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| oncontentvisibilityautostatechange function| addScriptPromise object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| twttr string| isAAB string| pageNumberInSession string| fatherSessionInSession object| dataLayer object| wallaGlobalEventData object| wallaEnv object| slotslist object| WallaTargeting object| _sf_async_config object| _cb_shared string| loadDataState object| __LOADABLE_LOADED_CHUNKS__ object| pSUPERFLY_mab object| _cbq object| pSUPERFLY function| desc function| category function| author function| tags function| age function| gender object| ptag object| f object| ktag string| path object| z object| permutive object| google_tag_manager string| GoogleAnalyticsObject function| ga function| postscribe object| google_tag_manager_external object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| google_conversion_id object| google_custom_params object| google_remarketing_only function| fbq function| _fbq object| __twttrll object| __twttr object| regeneratorRuntime object| _tfa object| _cbm string| __strip_step__ object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| _0xc67b function| _0x2220 object| _vadHb object| vadprebid object| vadprebidChunk object| ADAGIO object| Criteo object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| sas object| apntag object| _ADAGIO object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| ONFOCUS function| owpbjsChunk object| owpbjs object| ucTag object| PWT object| OWT string| partnerName string| key object| a object| google_image_requests object| sw_consent

62 Cookies

Domain/Path Name / Value
.walla.co.il/ Name: _cb
Value: CmBjVeD5xH1EphTXd
.walla.co.il/ Name: _chartbeat2
Value: .1670159675075.1670159675075.1.LIUcKJex0xCmcjja330oiC5ZaYi.1
.walla.co.il/ Name: _cb_svref
Value: null
www.walla.co.il/ Name: strip_step
Value: 2
.walla.co.il/ Name: _wpnis
Value: 2
.walla.co.il/ Name: _wfsis
Value: https://www.walla.co.il
.walla.co.il/ Name: _gid
Value: GA1.3.834362569.1670159676
.walla.co.il/ Name: _gat_UA-249518521-1
Value: 1
.walla.co.il/ Name: _gat_UA-4780630-1
Value: 1
.adnxs.com/ Name: uuid2
Value: 4145195386840364174
.walla.co.il/ Name: _ga
Value: GA1.1.523448243.1670159676
.walla.co.il/ Name: _fbp
Value: fb.2.1670159675751.460395435
.walla.co.il/ Name: _ga_L30GH6X3WK
Value: GS1.1.1670159675.1.0.1670159676.0.0.0
.walla.co.il/ Name: _ga_RYD7X7E8VN
Value: GS1.1.1670159675.1.0.1670159676.0.0.0
www.walla.co.il/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.adnxs.com/ Name: icu
Value: ChgIgKNkEAoYASABKAEwvbqynAY4AUABSAEQvbqynAYYAA..
.rubiconproject.com/ Name: khaos
Value: LB9DY70U-27-93NL
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qr0SW8/gnS29eQFbWGgM44fR/rFJVNr6iJ88ybwyGOeeKKpKe4U/Mg3fUbtGK/WusQkHL1A+FIUCiL5hAXvaZVpo2A6U/0n5lg=
.walla.co.il/ Name: vad-loc-code
Value: de
.doubleclick.net/ Name: IDE
Value: AHWqTUnS5IwVgMbscA9rvNTlJHJk2ajfNY5TpF4yNALBWEzI4IYZUq9U75nAcHWx8iA
.walla.co.il/ Name: __gads
Value: ID=2260061d069c62c4:T=1670159678:S=ALNI_MaluRTwUPNU3fQU_upTwa09yAcFAg
.walla.co.il/ Name: __gpi
Value: UID=00000b8d7de5d1e8:T=1670159678:RT=1670159678:S=ALNI_Mb_5i4X7Ax_rmPXdbIjB-VByEyvpQ
.doubleclick.net/ Name: DSID
Value: NO_DATA
.casalemedia.com/ Name: CMPS
Value: 5128
.casalemedia.com/ Name: CMPRO
Value: 5128
.casalemedia.com/ Name: CMID
Value: Y4ydPtdbn9hsI04klMtawAAA
.blismedia.com/ Name: b
Value: 638C9D3EF8A6AD0DACCF2A66BLIS
.quantserve.com/ Name: d
Value: EGIBCQHdJ4EA
.quantserve.com/ Name: mc
Value: 638c9d3e-e3f36-a9cda-83d52
.simpli.fi/ Name: suid
Value: AB0BD8FFC041453D8E1790E2594F69F9
.creativecdn.com/ Name: u
Value: KznzEzjMum9a2Q5lixOZ
.creativecdn.com/ Name: ts
Value: 1670159678
.turn.com/ Name: uid
Value: 4579878684790711589
.ads.stickyadstv.com/ Name: UID
Value: 411abac7a13088d426e44a46fa99b1
.adnxs.com/ Name: anj
Value: dTM7k!M40<EVNsVF']wIg2In8gIIw2!]tdE8i_iqf!oN/@E'zz<*Z0Q0lw<FdZG^L/DFO*-5nU8J$]/RYnd3=b2MtFTD._*Pl[i'pRL>iih.1^_syLR5/9#j_v-jJ>=qbQ5KL'e=@yt^5+`Cj<pdyukJUE2e+.<Q!+Z?t#XWR(
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiIxOTFlZTNlMzE4YmYzYjkxYzVlNDZiOTg1MzM1YmFjZSIsImV4cGlyZXMiOiIyMDIzLTAzLTA0VDEzOjE0OjM5WiJ9fSwiYmlydGhkYXkiOiIyMDIyLTEyLTA0VDEzOjE0OjM5WiJ9
.connectad.io/ Name:
Value: cadsync
.ads.pubmatic.com/ Name: KCCH
Value: YES
.360yield.com/ Name: tuuid
Value: 56a95dcd-10f2-4880-8e1b-07f9ecf90025
.360yield.com/ Name: tuuid_lu
Value: 1670159679
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 1D889444-ABE0-4271-809B-B49C4CB422CB
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 158810:2
.pubmatic.com/ Name: DPSync3
Value: 1671321600%3A201_197_219%7C1670198400%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1671321600%3A13_7_56_3_220_21_161_54_251%7C1671408000%3A35
.casalemedia.com/ Name: CMTS
Value: 2161
.mathtag.com/ Name: uuid
Value: 754f638c-9d3f-4200-b843-32f5c7905033
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4145195386840364174&KRTB&23339-4145195386840364174
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:cadc638c-9d3f-4f00-84f9-dfa90d89e724&KRTB&16736-uid:cadc638c-9d3f-4f00-84f9-dfa90d89e724&KRTB&23019-uid:cadc638c-9d3f-4f00-84f9-dfa90d89e724&KRTB&23208-uid:cadc638c-9d3f-4f00-84f9-dfa90d89e724
.smilewanted.com/ Name: sw_user_params_infos
Value: CvyJCj%2Bmz1Cj%2B%2BUNtH1KLjnD7zOLn8sPPUMSPmmgIo11lJbyOK1c2e6mQuTKituYbjCzQYGN7%2BiZrYSHRMg7zk0pyOxTPxH7RoB89S8jw2Zewbzf6rCmqEVJ5ZaDSN7GquKnDKoPuM%2FJoMJhPW5D7ejv8oAuO1F5n8nrBJwVkthfd2xQ7tTs0EKTKF%2F70jQE94hZyfMcZUFHU%2FDXlxE%2F7CaQWfYhzbXSqpKqSPhXzcB0J46KYbaCqsyjja4CZIMkQwolnDOuk5uTZoAKgLDBrEGh9AMc06qD2zw6ficzUokIYU5d9fWzGxIAxCbOd5QQePJsL%2B8Dwdq%2FrWMagoLk4DRv5j4eMQZK%2FAzaOF4sljbn5U5wBn4o9Isd%2F22b2lkS%2FSzACmV%2B7QvlNgBBlYQvwiOG8VA8r5sxNXcVbFSGRWs%3D
.de17a.com/ Name: guid
Value: 1.1342292186260750491
.adform.net/ Name: uid
Value: 5673640727577580083
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESECajH95V_N5nwtMTof2jFGE&KRTB&16514-CAESECajH95V_N5nwtMTof2jFGE&KRTB&23025-CAESECajH95V_N5nwtMTof2jFGE&KRTB&23386-CAESECajH95V_N5nwtMTof2jFGE
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5673640727577580083&KRTB&23263-5673640727577580083
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-1342292186260750491
.pubmatic.com/ Name: PugT
Value: 1670159679
.pubmatic.com/ Name: SPugT
Value: 1670159678
.amazon-adsystem.com/ Name: ad-id
Value: AyD3qQ4_nEZTrKPud2qEuHs
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.onaudience.com/ Name: cookie
Value: 060103195f90aa44
.onaudience.com/ Name: done_redirects161
Value: 1

6 Console Messages

Source Level URL
Text
network error URL: https://www.walla.co.il/home
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js?cb=31071116, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2022-12-04
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/4687128324995022848/index.html".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
b1h-euc1.zemanta.com
bidder.criteo.com
c1.adform.net
cdn.ampproject.org
cdn.connectad.io
cdn.jsdelivr.net
cdn.permutive.com
cdn.taboola.com
cdn.valuad.cloud
cf.dxmcdn.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
creativecdn.com
csync.smilewanted.com
d2r08ja41ypc0t.cloudfront.net
d5p.de17a.com
dis.criteo.com
dsum-sec.casalemedia.com
f49cd02b6aced8105549589ddf646ea3.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb-api.omnitagjs.com
hb-dot-valuad.appspot.com
hb.minutemedia-prebid.com
hbopenbid.pubmatic.com
ib.adnxs.com
ice.360yield.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
khn.crowdad.io
ledger.crowdad.io
loada.exelator.com
mab.chartbeat.com
match.adsrvr.org
match.sharethrough.com
mcdp-nydc1.outbrain.com
mp.4dex.io
mv.outbrain.com
mwzeom.zeotap.com
odb.outbrain.com
onetag-sys.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.onaudience.com
pixel.rubiconproject.com
platform.twitter.com
prebid.smilewanted.com
prg.smartadserver.com
r.turn.com
region1.google-analytics.com
s.ad.smaato.net
s0.2mdn.net
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.chartbeat.com
static.smilewanted.com
stats.g.doubleclick.net
sync-eu.connectad.io
sync.mathtag.com
sync.smartadserver.com
syndication.twitter.com
tlx.3lift.com
tpc.googlesyndication.com
tr.blismedia.com
trc-events.taboola.com
trc.taboola.com
u.openx.net
um.simpli.fi
walla.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.walla.co.il
104.18.33.19
104.19.150.54
104.244.42.72
141.226.228.48
142.250.74.194
143.204.89.105
143.204.89.4
151.101.114.132
151.101.193.44
172.217.18.2
172.67.10.198
178.250.2.151
185.184.8.90
185.255.84.151
185.29.134.248
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.80.39.216
185.86.137.110
198.47.127.20
2.16.107.129
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
205.185.216.42
213.155.156.167
213.227.153.221
216.58.212.162
23.35.236.201
23.35.237.86
2600:9000:223c:9400:18:1fcd:351:7bc1
2600:9000:223e:4c00:4:1c73:c740:93a1
2600:9000:223f:b200:1b:5138:8a40:93a1
2600:9000:2240:e000:11:da61:a100:93a1
2602:803:c003:200::21
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:1957
2606:4700:10::6816:36ce
2606:4700:20::ac43:4bf1
2606:4700::6810:5614
2606:4700::6812:272
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:800::2001
2a00:1450:4001:803::2002
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2006
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::2014
2a00:1450:400c:c1b::9d
2a02:2638:1::1a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:400::714
3.224.217.10
3.65.169.1
34.199.154.34
34.251.43.14
34.254.143.3
34.91.62.186
34.96.105.8
34.98.64.218
35.71.131.137
37.157.3.30
37.252.171.149
37.252.171.21
5.135.209.96
51.222.80.231
51.89.9.254
52.222.236.97
52.28.133.172
63.33.172.116
64.202.112.223
67.220.226.233
69.173.144.139
99.81.20.134
03820dcedde5a048ea1dacf83bd185f9363ddf279dc6c06a844b29b0901b115f
03934c8c4af46d1ccac0264b05179da73d1e1659069e1dae283e09cc9ed1b2d9
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534
0809dce74d140cdb75918db36517dfca9fee927aa704fd47ee48432aee8986b5
08c70e0f78b37b98a7cf1b29897a6fd660112ab5bccc7d1747412574f6d44dcd
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
08fa266fe6000ad63395fe214bd935323e712ff3005fd4105715b508eac9cc4a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eba80e3e7fe6e84a681928ece12a2e50d281a7c894167acfc061b299b23c3b3
10c3ccaf681df66f43432ae1644c414aed231c1fa9502b15dc9230c440a5bbd7
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
168e1e9c9fe5c418e51650aa24b3ff45586f18fad32ff1baa90c01ff00cf0941
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1f1b671f9971661bd3ea3101ffd9df1cca75dae1158a3135829e15917d6618cb
21b2989c363a7860a1809e90ae491c952dc7022821ce5127e40b32ee51a1a187
21b2c55e517d80205308da0a13befc68d57b05b7f077646058b1b584ee872a5c
22dc7c8c81b9f9f71547187665865406a2b782c54b0bc43d26f3a823987abd32
25b9a1c1c4bba72e66338c1a987df587c7bce2a8ce734412dc33676d03858ccf
26082814ec0935b4fb2d6b64c264d03718f9cd432073b1d1ab55bbc2e505d680
2a4495c734823c29cbc5635e42d09e525267911f7e48fd7ea37b1e82355a1691
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2da118cee3bab2e8ae526fb4b6401912d4520812ae18a69ae367f469d532910b
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
34ac2ae38a8ec21f328b68f26d1a849acb356aa69069d056221f8a3ec4d16836
36ebd8322aa41078fd0626ab3cb8e59d4d1c3a32dd4ae295af598c020a9e9df4
3a4961c1ae6e8496067150f54acfa06b0026a5525978c24075d5636d33531fb0
3a89cb35804d0b3dd5751e83282456fb5d0535861f731435247501141a38545c
3bd916949aeea3ea0d8c943ffe67060a38c2902c9533a94d36650bc176e322af
3e19226382f5e2b1263cd1b7fe9b21c3516777ed6f4f7248e1450905d0b206d4
3e45d9c860ce8f8a49649b223a950e230a1ed3c69052969209cadee135c4fa9c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fa4eca537a3078d2a89c97733a5b80e240a10b1a236082760e19d7c696553f4
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
41c584b7b0c44ff76fc4a87b3fb65261ad613073b5d16d8a107bdab417ddc77f
42e15b92dfd5ed76464a31a7e57706652db1f05e4287b112170f0f57c3aeb8f7
4368f49db81292f3a0083f0b83e25dae13d252d55ccc593b7b2880e1a64a6512
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d02821451d3a21a5a4a66efc5f4a252a46c48a7829ed0a631d5f9d76dc3e25
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9
514ee176d2081129cc97b2a18a6aeac1b2ef555721a265b03f81e228255f3fbb
526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54e7ba86065cb97b41ad94f7ec7502eb4094feb5ee848348c1a6b4d20a322619
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a
5afc143e26bb47b3ef46fe9c2ce92093affafe0fad14bdea1450f3041e6c336f
5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5e35aa85514833036e24200de785c47bae867e2d1fc4a2998e876713a650a4a2
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5fe75d0fb01c62e14b75d418f8e5bb6e413e49610f564e90248669d7e3513403
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6423f744719959623ad9c6277a846369e4d3e9ced37cfe39b65f639b5cfef3bd
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66e9c7e2345cb50b8e2eed66f19e4ca73427ec6b96b78ecf9387ad152003474b
68208b331cc07b7e8a4d4e33dde5a0dd186c118722eafe211ec35700f31c9039
6896ad0850e899ea7bb9db2d18ba059b05129f3589b0bc986d0d67a3e7ba0a89
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bac2b798d1273a96b5f170c85e1913679d5b9351e6e5623a5b4d8a6a191d3b5
6ce11a57c53212253096ff106757121e62727bf706c7b4286d482b400fbb1633
7176a68f787d038634c07ddfec722ea8bd90a36488dfbd96bc07d1e2b41de0ac
71cc3a812132b51f058ff61e60aa15d2e52f896981487132303137edadc4e212
76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7929904a5554ad4b7c9312ee60d473cd482c089b47264f0230a9249add6be9fd
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7ea9be3a74e767850d7f9fcdfb635973c47ce010e2ad2b825d22eab2fac3c0dd
7ff6e89ef0a4dcb72ed72196173642deb38c4b539baf3d7030ba8e122c284475
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
91035c1fe5b437bc3887fe3c741f18a2135902bff05eadc228d77eead13b7036
91134118421be0ce937f35b3da4223b0575145b4c68ea1dd69be65bc6b63579f
924e12722011f683252a676dbc0dd396622ae2915e177a4111d65a78b07bd4f9
94c0a6a1ca27813a96c8286b7e1e6dee5b6af23babad416606784366748417b9
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
98ba645c358687e7cd2018456d3691e703613aa27fa2fa2e54d9396cdf4c55b3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c8372a7a2d71ccfdf058dde21db62b9fda51711aa5a692acd347b16a2dfcbc6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6cbbfde0f8fa5053ac3b8a87d712870edae2c840f56df167e4c33f31e61e84b
a9a21479e930de7d848e906f16b9626b8154eff12172a9b81766aaa30dd10a5c
acf6065a1e918d23c4252187af26e95c150ed8285fece76659e48fe50cfa06ed
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aed618011c69dc727256cfe2770588cce909e8f018ab4576f1fd0f3c1971779f
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c08ac4601146baf8c5c89c7ce57be133c9fa8cf02d02904f0a20d57b0d1e99
b21496975e1fbf896262d6e3a46ca89ac596b372f9a98abeb136c7a7f78b5286
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b629af68c1ccf75d68c317413c3b9b49f986f3eba13bc7615ae2ab2edfa64a18
b83f09061a60757cb8a80f42559a2bdd9103ecf1c3f12a724f29efb7862d0317
bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c45eea5e6944436e8762d9c18bde4591ac33efd2bfbda1ff9d064712cadaa1ce
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
c568fdbc3ac57a5131228be5b6ffbf097755174ac1f032ba7469fca5589a9e29
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9adf2872df2e729a3f068d8372119d928ae9b5fc6b54076e452fdbf84ab5d0b
ce7497d1dd1d9ce10416341b5027126ef63d34886391980e3a0418fd6a9820ce
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5fe2149d8b73f111851ba945205c53ef4cb07e26ac3f2873265491aefa9bac
d1bacd17873c96bdbd350c12414feaac6d0b8cca24bf7c7a76fb2adca4da029a
d3ac009b36c512711a3025684b17d941f9d29fdfb7645db7630b8c657558bc2f
d3c04ece0a38a44bb92b8cff233e3fc9e9de941d93c68eff7e0b66795f947694
d58bfe45fff0044b022b2ce2a32fc9c5b09b9978ee1ccfbc85d1b7130e48e2a3
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d69ea957e4703fd4748d554a7b5ecf0adf60e2ebd3c3c12aabffffcb1579ed08
d6aa3af02c8fa356bbae8af8d0154332e7b6374af867cad956f9bbe836f34951
d7cc489e97d179924b30f624ff495972969116cdd9ba835f4c86a6cd6e3af802
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
da69dad40a95b2e135b55c4ff8f6b295db28ad672234c2ffa7628e5f97fbe404
dabd15afd24409be284b032cec7eb5927f3b1947aa9f67ae25fa28788051e680
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e18c7f470c660da0fbb80b92916bd2f6d3b5c5c761d5dfa9008ab8fa3db1abc1
e399e78f0de4357eda651c7bcd4c0b8c6a31ef704e012393dbae331b34460c86
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eba07c8aaf4516406fe82ace06334844f851e93b3efb12ef6ee69f190a5c4f67
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
eef3229975dcea05e62c3c6a907c2b9c50a68b07a632ce4fa232a41a0bcb1ad9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35985148f5d829428b1c11ce0ef1e4c07469565a9ee5f3720df8fd5383aa3b0
f41cd159cfd168ed7cbbadc282d0fd5404f9e29b46f9ff6a172e959e1c91e220
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f60b30f2c5ddad9a137a0bebdbcdd2df24cf8e1c3f229764e987d72d56aed439
f63983586c1a7a902667948ba56c50e9888882c94536b8805589ce3987fea944
f6a69ae74374cd68efa0256c89a99d1cccbb7095e33ffb88d1ae54ee900d4741
f9478f6992907ff0975cf403d3c993151f0a6cf34112400d8a667a6f11f6229a
f991a6f2a1afe2d8fafe1dd3218d13bff5a7b1227b2b954d4c283c7840882871
fc27054f1a29f0c9f4a840948c46a6814e157e1e2afada12bf8a6961da9cd754
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
fef6c48547bc96ac80f5dcbee1f5f6955357611b5164979cdff8182b1281cbaa