www.walla.co.il Open in urlscan Pro
13.224.189.35 Public Scan

URL: https://mail.walla.co.il/

URL: https://www.yummi.co.il/?utm_source=walla&utm_medium=desktop_hp_top&utm_campaign=yammi
Title: יאמילהזמנת אוכל ביתי

URL: https://news.walla.co.il/
Title: חדשות

URL: https://sports.walla.co.il/
Title: ספורט

URL: https://e.walla.co.il/
Title: תרבות

URL: https://celebs.walla.co.il/
Title: סלבס

URL: https://finance.walla.co.il/
Title: כסף

URL: https://food.walla.co.il/
Title: אוכל

URL: https://healthy.walla.co.il/
Title: בריאות

URL: https://travel.walla.co.il/
Title: תיירות

URL: https://fashion.walla.co.il/
Title: אופנה

URL: https://www.sheee.co.il/
Title: SHEEE

URL: https://nadlan.walla.co.il/
Title: נדל״ן

URL: https://mekomi.walla.co.il/
Title: מקומי

URL: https://zoom.walla.co.il/
Title: וואלה! zoom

URL: https://cars.walla.co.il/
Title: רכב

URL: https://tech.walla.co.il/
Title: טכנולוגיה

URL: https://home.walla.co.il/
Title: בית ועיצוב

URL: https://b.walla.co.il/
Title: ברנז׳ה

URL: https://marketing.walla.co.il/
Title: שיווק ודיגיטל

URL: https://gaming.walla.co.il/
Title: גיימינג

URL: https://mazaltov.walla.co.il/
Title: בדרך לחתונה

URL: https://horoscope.walla.co.il/
Title: רוח והורוסקופ

URL: https://law.walla.co.il/
Title: משפטי

URL: https://career.walla.co.il/
Title: קריירה

URL: https://judaism.walla.co.il/
Title: יהדות

URL: https://tld.walla.co.il/category/13221
Title: weshow

URL: https://walla.co.il/magazine
Title: מגזין

URL: https://tld.walla.co.il/
Title: טוב לדעת

URL: https://calendar.walla.co.il/
Title: לוח שנה - חגים

URL: https://calendar.walla.co.il/shabbat-times
Title: זמני כניסת שבת

URL: https://fun.walla.co.il/
Title: משחקים

URL: https://yoram.walla.co.il/
Title: לימודים

URL: https://vod.walla.co.il/tvshows
Title: סדרות

URL: https://vod.walla.co.il/movies
Title: סרטים

URL: https://viva.walla.co.il/
Title: ויוה

URL: https://www.wallashops.co.il/
Title: וואלה שופס

URL: https://help.walla.co.il/
Title: עזרה

URL: https://dcx.walla.co.il/walla/terms/terms.pdf
Title: תנאי שימוש

URL: https://dcx.walla.co.il/walla_news_files/a516a87cfcaef229b342c437fe2b95f7.pdf
Title: מדיניות פרטיות

URL: https://www.tiktok.com/@walla.news

URL: https://www.instagram.com/wallanews/

URL: https://twitter.com/WallaNews

URL: https://www.facebook.com/wallanews

URL: https://beauty.walla.co.il/
Title: ביוטי

URL: https://seniors.walla.co.il/
Title: הוותיקים המבטיחים

URL: https://food.walla.co.il/category/1114
Title: ארוחה משפחתית

URL: https://cannabis.walla.co.il/
Title: קנאביס

URL: https://special.walla.co.il/sport75
Title: 75 הספורטאים האהובים

URL: https://food.walla.co.il/category/13332
Title: בריאות מהטבע

URL: https://perfectmatch.walla.co.il/
Title: חיבורים מושלמים

URL: https://healthy.walla.co.il/category/13034
Title: הורים טריים

URL: https://b144.walla.co.il/
Title: עסקים קטנים

URL: https://galil.walla.co.il/
Title: גליל תשאלו כל דחליל

URL: https://madaney.walla.co.il/
Title: מדעני העתיד

URL: https://paisculture.walla.co.il/
Title: פיס בתרבות

URL: https://yarokkl.walla.co.il/
Title: שומרים על כדור הארץ

URL: https://sanofi.walla.co.il/
Title: שמים אצבע על הדופק

URL: https://103fm.maariv.co.il/include/OnLineView_Walla.aspx
Title: 103fm

URL: https://eco99fm.maariv.co.il/embedded-player/radio/0
Title: eco 99fm

URL: https://www.maariv.co.il/
Title: מעריב

URL: https://news.walla.co.il/breaking
Title: מבזקי חדשותמבזקים

URL: https://news.walla.co.il/break/3590731
Title: 06:29תושב ירושלים נעצר בחשד לביצוע עבירות מין בילדות בגילאי 4-6

URL: https://news.walla.co.il/break/3590714
Title: 05:32רחפן צה"ל נפל בג'נין, נפתחה חקירה בנושא

URL: https://news.walla.co.il/break/3590699
Title: 04:33צה"ל: הטיל ששוגר מסוריה לא יורט, הנושא בבדיקה

URL: https://sports.walla.co.il/item/3590678

URL: https://news.walla.co.il/item/3590722
Title: הדרמה הליליתהטווח האדיר והמנגנון שלא עבד: זה הטיל הסורי שהתפוצץ בישראל

URL: https://news.walla.co.il/item/3590716
Title: הקרב על המהפכהישראל כ"ץ: "האופוזיציה עשתה טעות קשה מאוד"

URL: https://e.walla.co.il/item/3590718
Title: חתונמיכששמענו מה אמו של שניר אמרה, הבנו מאיפה באה תחושת הסלידה שלו

URL: https://cars.walla.co.il/item/3589970
Title: בשיתוף הפניקס סמארט, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.לא תאמינו איך תיראה התחבורה הציבורית בישראל ב-2026בשיתוף הפניקס סמארט

URL: https://tech.walla.co.il/item/3590631
Title: שימו לבהשירות הפופולרי של אפל נסגר - והתמונות שלכם יימחקו

URL: https://e.walla.co.il/item/3590729
Title: "האח הגדול"גיא פשוט מתחנן שידיחו אותו מהבית. גם זה לא הולך לו

URL: https://travel.walla.co.il/item/3590197
Title: לא רק טיטאןעשרות הרפתקנים נהרגו בשנה בחיפוש אחר הריגוש האולטימטיבי

URL: https://law.walla.co.il/item/3589700
Title: בשיתוף zap משפטי, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.אל תחמיצו: כל מה שצריך לדעת על ביטוח סיעודיבשיתוף zap משפטי

URL: https://home.walla.co.il/item/3589233
Title: מהגינה שלכםמתקלחים עם ספוג הליפה? חכו שתגלו ממה הוא עשוי

URL: https://food.walla.co.il/item/3590164
Title: לא פחות ממושלמתיותר קל מהמצופה: ארנצ'יני מוצרלה כמו במסעדות

URL: https://www.weightwatchers.com/de/ww-programm-angebote
Title: WeightWatchers

URL: https://popup.taboola.com/he/?template=colorbox&utm_source=wallail-walla&utm_medium=referral&utm_content=thumbnails-a:Left%20Rail%20Homepage:
Title: ממומן ע״י טאבולה

URL: https://trc.taboola.com/wallail-walla/log/3/click?pi=%2F&ri=67995145c6b17501c8a2011d09702d64&sd=v2_7c96b1e9b2b98832260328b58135abb5_9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926_1688282022_1688282022_CIi3jgYQk-FcGNeDzauRMSABKAEwODib4wlAjooQSPG12QNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926&it=text&ii=~~V1~~-7585865775816500648~~g3muipq4kUtNaqp9VswZqPPoiShJgrizoZCvs9m5MFL6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQ1qPnz8TIp56FGMwGW1REdGP6mCOrMydSrc5toiHgFWAp-3Jybkbg7ntaoS2VbkfQGUkHQ3_G_JxGjhw9TrdPb_HE79lMnEshhClK6-ItHTlNH3EBEsSbolrdhJgUTJ0SUnfDueH3AwhvTfauyFTuVnIBhMVuagGFjnMgWNrlFALu73ETmnfNFJzU3BmMA-FGrSKCvTMNihR0Kv3XR8PzKKvuvMET7zjtHu_AE_2i5FZBGS43MTwq4peCyxxt_ISDaiKk9hzSSC4SRdvMuJJa7WEHo8h_Pi8faK5c9IpXn10OfoW8WtRsbPiNMSyI4jIrse9WpTBzJNAGpYRQ2j0nN_v8ztrm1LIYuko58DDrjOI6SfqGSdcPh5WzwHBP-IyrMXRfLDB1uKpEC5OJxwtEag&pt=home&li=rbox-h2m&sig=c7f2863997dbc2608da63aef2c16c230836986aaebcf&redir=https%3A%2F%2Fwww.weightwatchers.com%2Fde%2Fww-programm-angebote%3Futm_medium%3Ddisplay_performance%26utm_source%3Dtaboola_network%26utm_campaign%3D23_0702%2520%26tblci%3DGiCZh00CoLf8tvWXdcQXUkE9PIlPuQbac5cUTPIEAKksVyDWr1Iousa1pquWg_6uAQ%23tblciGiCZh00CoLf8tvWXdcQXUkE9PIlPuQbac5cUTPIEAKksVyDWr1Iousa1pquWg_6uAQ&vi=1688282022359&p=wavemaker-ww-sc&r=86&lti=deflated&ppb=CIoG&cpb=EhIyMDIzMDYyOS0zLVJFTEVBU0UY8MTb0wYgACoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAxNjI4gN7OoAVAm-MJSI6KEFDxtdkDWP___________wFjCN7__________wEQ3v__________ARgiZGMI1xYQ1R8YI2RjCLk8EIpQGCRkYwjSAxDgBhgIZGMInAUQkQkYCWRjCK9HEKNeGAtkYwikJxCDNRgvZGMIxzAQxUAYMGRjCMouEJE-GDNkYwj-FhCKIBgTZGMIoUEQpVYYFGRjCNwKEPsaGBZkYwiWFBCZHBgYZGMI9BQQnh0YH2R4AYABAogBn9Om7QGQARyYAfSDzauRMQ&cta=true
Title: Mehr erfahren

URL: https://food.walla.co.il/item/3589615
Title: רשיד עודה, שמתמחה במטבח ערבי, עם מקלובה עוף שלא זקוקה לטיגון

URL: https://travel.walla.co.il/item/3588995
Title: קיץ של הפתעות: כל הפעילויות לילדים ביולי-אוגוסט בישראל

URL: https://tld.walla.co.il/item/3546134?lm_supplier=16893&lm_bc=9701
Title: בשיתוף TI SWIM, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.ביקור קצר בבריכה שינה לי את החיים - וגם לכם זה יקרהבשיתוף TI SWIM

URL: https://tld.walla.co.il/item/3582645?lm_supplier=16893&lm_bc=9701
Title: בשיתוף מרכז איריס גייר לטיפול דרך אבחון בגלגל העין, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.בשורה לסובלים ממיגרנות: אבחון שמאפשר לחזור לחייםבשיתוף מרכז איריס גייר לטיפול דרך אבחון בגלגל העין

URL: https://food.walla.co.il/item/3589030
Title: בשיתוף שופרסל, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.כולל מגנום וטילון: 8 מתכוני גלידות שכל אחד יכול להכין בביתבשיתוף שופרסל

URL: https://finance.walla.co.il/item/3580366
Title: בשיתוף אלטשולר שחם, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.כך תדאגו לעתיד הכלכלי של הילדים שלכם בכמה צעדים פשוטיםבשיתוף אלטשולר שחם

URL: https://news.walla.co.il/item/3590694
Title: די, זה לא אמיתי: לא תאמינו כמה עולה שיחת טלפון בכלא

URL: https://news.walla.co.il/item/3590723
Title: דרמה בפרברי פריז: רכב הוצת בפתח ביתו של ראש עיר - בנו נפצע

URL: https://news.walla.co.il/item/3590669
Title: מכתב האיומים על נתניהו: פריצת דרך בחקירה

URL: https://news.walla.co.il/item/3590666
Title: אסון בחופשה: ילדה ישראלית נהרגה לעיני אביה

URL: https://sports.walla.co.il/item/3590695
Title: הסרטון ה"מצמרר" בחדר הלבשה, וההצהרה של הנבחרת: "רוצים גביע"

URL: https://sports.walla.co.il/item/3590633
Title: מפתח הגוף המפורסם הטיף לחיים בריאים, ומת במפתיע בגיל 30

URL: https://sports.walla.co.il/item/3590677
Title: עוד השפלה פומבית לניימאר: דתי מזויף, "אתה לא גבר"

URL: https://sport1.maariv.co.il/square/article/1128164/
Title: גרמה לאנטונלה לקנא: האישה שתפרק למסי את הנישואים?

URL: https://news.walla.co.il/category/5108
Title: אסור לפספס

URL: https://news.walla.co.il/item/3590026
Title: לא בית לחם ולא ה-25 בדצמבר - האמת על הלידה של ישו נחשפת

URL: https://healthy.walla.co.il/item/3443009
Title: לשתות מי חסה כדי להירדם בקלות - האם זה באמת עובד או מסוכן?

URL: https://sports.walla.co.il/item/3590646
Title: הכוכב נעצר: "חנק את חברתו כי עשתה לייק לגבר אחר"

URL: https://tld.walla.co.il/item/3518092?lm_supplier=16893&lm_bc=18422
Title: בשיתוף גברא, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.חיי מין ללא פשרות - "זה הציל לי את הסקס והזוגיות"בשיתוף גברא

URL: https://e.walla.co.il/item/3590736
Title: נוסטלגיה: התוכנית "שום, פלפל ושמן זית" תחזור בקרוב לכאן 11

URL: https://e.walla.co.il/item/3590406
Title: האורגיות, הזונה והמיליונים: הסיפור שלא סופר השבוע על מילצ'ן

URL: https://celebs.walla.co.il/item/3590726
Title: קרובים קרובים: מה קורה בין גל גברעם לתום חיימוב?

URL: https://celebs.walla.co.il/item/3590734
Title: "נוחי על משכבך בשלום": טהוניה רובל נפרדת מאחותה הגדולה

URL: https://celebs.walla.co.il/item/3590535
Title: בעירום ועם עקיצה לאקס: הקליפ השערורייתי של שאקירה

URL: https://celebs.walla.co.il/item/3590322
Title: יובל לוי לא מגלחת את בית השחי? היא לא חייבת לכם הסברים

URL: https://finance.walla.co.il/item/3590701
Title: הרפורמה עצרה את הקטר? צניחה של 68% בהשקעות בהייטק בישראל

URL: https://finance.walla.co.il/item/3590556
Title: המהפכה המשפטית כבר כאן: תראו מה עושה אמסלם לרשות החברות

URL: https://finance.walla.co.il/item/3589859
Title: איפה הכסף: מה קרה לחסכונות שלנו ואיך זה קשור לבנקים?

URL: https://finance.walla.co.il/item/3590728
Title: יש לכם בבית רוטב סריראצ'ה? יש מצב שהתעשרתם

URL: https://food.walla.co.il/item/3590246
Title: אימפריית ההמבורגר של ת"א חוגגת. התוצאה לפניכם

URL: https://food.walla.co.il/item/3590273
Title: בדקנו, זה באמת קורה: דיל 1+1 שפותח את החופש

URL: https://food.walla.co.il/item/3433430
Title: הכי קיץ שיש: סלט עגבניות איטלקי-ישראלי

URL: https://healthy.walla.co.il/item/3589387
Title: איך אנשים בדיאטה מרזים גם כשהם עושים יום אחד של אכילה לא מוגבלת?

URL: https://healthy.walla.co.il/item/3590206
Title: הוויטמין הזה יכול למנוע את אחת הבעיות הכי קשות בבגרות

URL: https://healthy.walla.co.il/item/3590021
Title: מחקר מגלה מה קרה לסטודנטים שהפסיקו לראות פורנו במשך שבוע

URL: https://healthy.walla.co.il/item/3589548
Title: בשיתוף אסותא, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.[איך משלבים חדשנות ובינה מלאכותית בבית חולים חדש בישראל?בשיתוף אסותא

URL: https://travel.walla.co.il/item/3589031
Title: מחוץ למסלול: ביקרנו ביפן האמיתית שאתם לא מכירים

URL: https://travel.walla.co.il/item/3589681
Title: עיר תת קרקעית סודית בסין, שבה חיים מיליון איש מתחת לאדמה

URL: https://travel.walla.co.il/item/3590122
Title: גם מים, גם במרכז וגם קלללל: מסלול של 700 מטר שיש בו הכול

URL: https://fashion.walla.co.il/item/3590721
Title: לכלה המתקדמת: שווה לשים עין על השמלה הנוצצת של אמל קלוני

URL: https://fashion.walla.co.il/item/3590697
Title: נכנסה לדמות: אי אפשר להירגע ממרגו 'ברבי' רובי

URL: https://fashion.walla.co.il/item/3590290
Title: חוסכות לכן עבודה: 15 אוברולים שיקים לקיץ שסוגרים פינה

URL: https://fashion.walla.co.il/item/3590148
Title: משתבחת זו לא מילה: אבולוציית הסטייל של קייט מידלטון

URL: https://www.sheee.co.il/item/3590698
Title: נו, לא להישרף עליהם? סימנים שאברהם וספיר כבר מאוהבים

URL: https://www.sheee.co.il/item/3589036
Title: "היא זרקה אותי ביום הולדת שבוע אחרי שאמא שלי נפטרה"

URL: https://www.sheee.co.il/item/3590048
Title: ״אולי את הכי יפה כשנוח לך. אנחנו פחות. בכל מקרה ״פשוט״ זה לא

URL: https://www.sheee.co.il/item/3581644
Title: "כל הזמן המשכתי לסלוח לחבר הבוגד שלי - עד שהוא עשה את זה"

URL: https://tld.walla.co.il/item/3546134?lm_supplier=16893&lm_bc=9857
Title: בשיתוף TI SWIM, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.לשחות חתירה למרחקים וללא מאמץ ב-10 שבועות בביה"ס הגדול בעולםבשיתוף TI SWIM

URL: https://tld.walla.co.il/item/3522160
Title: בשיתוף בי קיור לייזר, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.פחות קמטים כבר אחרי שימוש אחד במכשיר ביתי מהפכניבשיתוף בי קיור לייזר

URL: https://tld.walla.co.il/item/3582645?lm_supplier=16893&lm_bc=9857
Title: בשיתוף מרכז איריס גייר לטיפול דרך אבחון בגלגל העין, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.בשורה לסובלים ממיגרנות: האבחון שמאפשר לחזור לחיים נורמלייםבשיתוף מרכז איריס גייר לטיפול דרך אבחון בגלגל העין

URL: https://tld.walla.co.il/item/3542996
Title: בשיתוף בי קיור לייזר, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.המכשיר שעושה מהפכה במלחמה בקמטים - במחיר מבצעבשיתוף בי קיור לייזר

URL: https://nadlan.walla.co.il/item/3590202
Title: באוצר שמים ברקס לרכבת מהירה לאילת: ישפיע על קידום המטרו?

URL: https://nadlan.walla.co.il/item/3590222
Title: גם במרכז: אושרה הקמת 8,800 דירות במתחמים מועדפים ברחבי הארץ

URL: https://nadlan.walla.co.il/item/3590058
Title: תודו לנו אחר כך: דירה עד 600 אלף שקל? הנה כמה אופציות

URL: https://nadlan.walla.co.il/item/3590366
Title: סוף לפקקים בחדרה? נפתח לתנועה מחלף אולגה צפון המשודרג

URL: https://mekomi.walla.co.il/item/3590126
Title: מדגם דיירקט פלוס: מתן דיל מנצח בסיבוב ראשון ברחובות

URL: https://mekomi.walla.co.il/item/3590390
Title: אלי שבירו ראש העיר אריאל לא יתמודד לקדנציה שלישית

URL: https://mekomi.walla.co.il/item/3590305
Title: הילה רובין-שלם תתמודד מול ראש העיר האגדי של קריית אתא

URL: https://mekomi.walla.co.il/item/3590028
Title: מנכ"ל רשות הבדואים הפורש יתמודד על ראשות העיר ערד

URL: https://cars.walla.co.il/item/3590660
Title: 4 שוטרים וסרטון לא הספיקו כדי להרשיע אדם בנהיגה בשלילה

URL: https://cars.walla.co.il/item/3590606
Title: כולן כבר נמכרו מראש: מה הסיפור של פרארי SF90XX החדשה?

URL: https://cars.walla.co.il/item/3590428
Title: מול פורשה קאיימן ואודי TT RS: ב.מ.וו M2 בישראל

URL: https://e.walla.co.il/item/3588438
Title: בשיתוף תערוכת "הדינוזאורים באים", הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.מתחם VR ודינוזאורים בגודל אמיתי: התערוכה המדוברת מגיעה לארץבשיתוף תערוכת "הדינוזאורים באים"

URL: https://travel.walla.co.il/item/3560323
Title: בשיתוף פגסוס, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.על אי החתולים שמעתם? מצאנו את חמשת האיים הכי מיוחדים ביפןבשיתוף פגסוס

URL: https://finance.walla.co.il/item/3587904
Title: בשיתוף שופרסל, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.הרשתות החברתיות בטירוף: הבובות ששיגעו את העולם מגיעות לישראלבשיתוף שופרסל

URL: https://magazine.shufersal.co.il/%D7%94%D7%9E%D7%92%D7%96%D7%99%D7%9F-%D7%A7%D7%95%D7%9C%D7%99%D7%A0%D7%A8%D7%99/%D7%94%D7%A8%D7%A9%D7%99%D7%9E%D7%95%D7%AA-%D7%A9%D7%9C-%D7%90%D7%9E%D7%90/%D7%9E%D7%90%D7%A4%D7%94-%D7%A4%D7%99%D7%A6%D7%94-%D7%90%D7%91%D7%95%D7%9C%D7%A2%D7%A4%D7%99%D7%94/?utm_source=walla&utm_medium=referral&utm_campaign=food_walla_magazin_shufersal&utm_term=general&utm_content=food_shufersal_walla_magazin_shufersal_text_mehadshim_sambusak_pizza_abulafia_2-7-2023
Title: בשיתוף שופרסל, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.מפנקים את הילדים עם מאפה פיצה אבולעפיהבשיתוף שופרסל

URL: https://tech.walla.co.il/item/3590587
Title: המהלך הבא של ספוטיפיי: סרטוני וידאו באורך מלא

URL: https://tech.walla.co.il/item/3590653
Title: המסמר האחרון? הציוץ של אילון מאסק גורם לנטישה המונית מטוויטר

URL: https://tech.walla.co.il/item/3590504
Title: נגמרה לו הסוללה: לזכרו של ג'ון גודאינף, ממציא סוללת הליתיום

URL: https://home.walla.co.il/item/3590742
Title: סייל הקיץ של איקאה חוזר: זה מגוון ההנחות שתמצאו ברשת

URL: https://home.walla.co.il/item/3590024
Title: חלונות מאבן וקיר שסותת בידי אמן: וילה אותנטית בקיבוץ

URL: https://home.walla.co.il/item/3590057
Title: במשפחה הזאת החליטו "לשכפל את הים". ביקשו - וקיבלו

URL: https://home.walla.co.il/item/3589741
Title: חולה אהבה ברמת אביב ג': הדירה שעברה מהפך מ-ש-ג-ע

URL: https://b.walla.co.il/item/3590469
Title: היעד הבא של מירילשווילי: ערוץ כלכלי בסגנון בלומברג

URL: https://sports.walla.co.il/item/3590493
Title: אריה מליניאק חשף בפייסבוק: "יש לי לוקמיה חריפה"

URL: https://b.walla.co.il/item/3590325
Title: תפנית בעלילה: מנכ"ל 103 אור צלקובניק ימונה למנכ"ל חדשות 13

URL: https://b.walla.co.il/item/3590203
Title: תחת ממשלת הימין הסיקור התקשורתי של חודש הגאווה הוכפל

URL: https://marketing.walla.co.il/item/3589951
Title: די עם הסטוצים! יחסים לטווח ארוך חיוניים לעסק שלכם

URL: https://marketing.walla.co.il/item/3590174
Title: בינה מלאכותית גנרטיבית מניחה את היסודות לשיווק פרואקטיבי

URL: https://marketing.walla.co.il/item/3589988
Title: דרמה בעולם הסייבר: פרסום כוזב בביה"ס של המפכ"ל - והתביעה שבדרך

URL: https://gaming.walla.co.il/item/3590410
Title: סוני חשפה בטעות את עלות הפיתוח של המשחקים הבלעדיים שלה

URL: https://gaming.walla.co.il/item/3589518
Title: מדוע תעשיית הגיימינג חושבת שאנחנו ילדים קטנים שצריכים להאכיל

URL: https://gaming.walla.co.il/item/3589533
Title: מסמך פנימי חושף: מיקרוסופט כמעט רכשה את סגה

URL: https://mazaltov.walla.co.il/article/event-place/8488/#utm_source=walla_news&utm_campaign=merkaz
Title: למרגלות הר הכרמל מסתתר לו מתחם אירועים עוצר נשימה

URL: https://mazaltov.walla.co.il/article/event-place/8473/?fbclid=IwAR2x5jOxJEXJfRXFn4w4jW_l9vT2jKLXt86sI-r3F9WaZVOGBTmAhL3QdZA#utm_source=walla_news&utm_campaign=merkaz
Title: הבשורה החדשה: תל אביב הגיעה לבת ים

URL: https://mazaltov.walla.co.il/article/archive/8349/?utm_source=walla_news&utm_campaign=merkaz
Title: פרק 4: הזוגות של ארגון צהר מדברים על הכל

URL: https://vod.walla.co.il/
Title: VOD

URL: https://vod.walla.co.il/hot

URL: https://vod.walla.co.il/tvshow/3448412
Title: בעלת החלומות

URL: https://vod.walla.co.il/tvshow/3432388
Title: ג'ודה

URL: https://vod.walla.co.il/movie/1875726
Title: הבקשה האחרונה

URL: https://viva.walla.co.il/tvshow/3347455
Title: הסולטן

URL: https://healthy.walla.co.il/category/594
Title: הורות

URL: https://healthy.walla.co.il/item/3587281
Title: בשיתוף JAMA, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.חופשה משפחתית מוצלחת ורגועה - לא פשוט אבל אפשריבשיתוף JAMA

URL: https://healthy.walla.co.il/item/3589674
Title: האם הנקה באמת גורמת לתינוקות להיות חכמים יותר?

URL: https://healthy.walla.co.il/item/3587282
Title: בשיתוף JAMA, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית."אם אתה לא בא עכשיו - אני הולכת!". האם איומים באמת עובדים?בשיתוף JAMA

URL: https://horoscope.walla.co.il/item/3589618
Title: זה המזל הכי לא אהוב בגלגל המזלות

URL: https://horoscope.walla.co.il/item/3564522
Title: הורוסקופ סוף השבוע: 30 ביוני עד ה-1 ביולי 2023

URL: https://horoscope.walla.co.il/item/3589264
Title: מתה, חזרה לחיים ומספרת: "אני כבר לא מפחדת מהמוות"

URL: https://law.walla.co.il/item/3530052
Title: בשיתוף zap משפטי, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.הרחבה דרמטית של האפשרויות לילדים ולנכדים - דרכון גרמני, סיפור המעשהבשיתוף zap משפטי

URL: https://law.walla.co.il/item/3560737
Title: בשיתוף zap משפטי, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.מהו ייפוי כוח מתמשך, כיצד משתמשים בו וממה להיזהר?בשיתוף zap משפטי

URL: https://career.walla.co.il/item/3568221
Title: בשיתוף Manpower, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.המדריך לכתיבת קורות חיים בצורה נכונהבשיתוף Manpower

URL: https://career.walla.co.il/item/3568220
Title: בשיתוף Manpower, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.המדריך המלא לחיפוש עבודה באמצעות הרשתות החברתיותבשיתוף Manpower

URL: https://career.walla.co.il/item/3568219
Title: בשיתוף Manpower, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.המדריך לשימוש נכון ב"מידע הפנימי" של חברות השמה בעת חיפוש עבודהבשיתוף Manpower

URL: https://judaism.walla.co.il/item/3590200
Title: בשיתוף שובה ישראל, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.הסגולה הגדולה בקריאת פרשת בלקבשיתוף שובה ישראל

URL: https://judaism.walla.co.il/item/3590199
Title: בשיתוף שובה ישראל, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.כוח הרתעה: כך ניתן להביס כל אויבבשיתוף שובה ישראל

URL: https://judaism.walla.co.il/item/3590244
Title: בשיתוף שובה ישראל, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.שידור חי: הצטרפו לשיעורו של רבי יואל פינטובשיתוף שובה ישראל

URL: https://tld.walla.co.il/item/3579859
Title: בשיתוף Weshow, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.ממלכת היופי: סלון יופי חדשני ויוקרתי עם שירותי איפור, עיצוב ותוספות שיערבשיתוף Weshow

URL: https://tld.walla.co.il/item/3579870
Title: בשיתוף weshow, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.הזוג שניצח את האיטלקים: "העצבנית" - בר אוכל שכונתי טעים בטירוףבשיתוף weshow

URL: https://tld.walla.co.il/item/3579594
Title: בשיתוף weshow, הכתבה הופקה בידי מחלקת שיתופי פעולה מסחריים של וואלה בהשתתפות מימונית של גורם חיצוני ופורסמה לאחר עריכה עיתונאית.למקומות, היכון, טוס! חוויות הטיסה בטרקטורון מעופףבשיתוף weshow

URL: https://www.b144.co.il/%D7%A4%D7%A8%D7%97%D7%99%D7%9D/%D7%AA%D7%9C-%D7%90%D7%91%D7%99%D7%91-%D7%99%D7%A4%D7%95/?&sitecode=10&subsitecode=1400&site=walla&d=1
Title: כל חנויות הפרחים

URL: https://www.b144.co.il/%D7%97%D7%A9%D7%9E%D7%9C%D7%90%D7%99%D7%9D/%D7%97%D7%A9%D7%9E%D7%9C%D7%90%D7%99%D7%9D-24-%D7%A9%D7%A2%D7%95%D7%AA/%D7%90%D7%96%D7%95%D7%A8-%D7%AA%D7%9C-%D7%90%D7%91%D7%99%D7%91-%D7%95%D7%94%D7%9E%D7%A8%D7%9B%D7%96/?&sitecode=10&subsitecode=1402&site=walla&d=1
Title: חשמלאים

URL: https://www.kamaze.co.il/
Title: השוואת מחירים

URL: https://www.b144.co.il/%D7%A0%D7%93%D7%9C%D7%9F/%D7%AA%D7%99%D7%95%D7%95%D7%9A/%D7%90%D7%96%D7%95%D7%A8-%D7%AA%D7%9C-%D7%90%D7%91%D7%99%D7%91-%D7%95%D7%94%D7%9E%D7%A8%D7%9B%D7%96/?&sitecode=10&subsitecode=1403&site=walla&d=1
Title: תיווך

URL: https://www.hayoetzet.co.il/
Title: רופאים מומלצים

URL: https://www.sugat.com/all-recipes/
Title: מתכונים מנצחים

URL: https://www.etzhazait.co.il/
Title: בריאות מהטבע

URL: https://yoram.walla.co.il/mivdak?utm_source=wallacampaign
Title: המבדק של יורם

URL: http://www.enaim.co.il/
Title: הסרת משקפיים

URL: https://www.seolinks.co.il/
Title: קידום אתרים

URL: https://maximparerurehab.com/07e06b33-ba4c-4745-9748-db1b7c5fa470
Title: PV Angebote

URL: https://popup.taboola.com/he/?template=colorbox&utm_source=wallail-walla&utm_medium=referral&utm_content=thumbs-feed-01-b:Homepage%20Endless%20|%20Card%201:
Title: ממומן

URL: https://trc.taboola.com/wallail-walla/log/3/click?pi=%2F&ri=cb004f3ced991140511fbb5a63241014&sd=v2_7c96b1e9b2b98832260328b58135abb5_9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926_1688282022_1688282022_CIi3jgYQk-FcGNeDzauRMSABKAEwODib4wlAjooQSPG12QNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926&it=text&ii=~~V1~~999801878077795258~~Co1vD28oYJcz4nGq6auV4RN1ALN_Tz0cntGEc8sjc4b6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GZIABZnE6iw0vZgovqPMyoCY6eD5jnG1QLwcl4nkEOHw5CoWLlX1uzG9gUBqYmKqk08KJRZ9mwaEcwcGgiTaJHWsUaZak2AcDXKoRwoERbO2jiZaVV0tmQ1yUgw8rpSzIVM6ScdzwPU2amAtYGKeWE46TOF3YoD8S3wtZ1_2b5cDjhQ5_9IhkgPtnntsPUtyUEYTZrGx6CB16waFK_aRKwnE5JP6uRm_rPuxzo2a2Cqy6n-1dTmcqoX3rwflhGIrOIX7L7cYh3uFxwTtU_qpnnD3nvHrd1mPCfclXmQhIYu1j7cuNvF1X4I3Pjp4xHlxgZSxmOSDUpkPa4Va8PJQH9za_sgi9Con9qaYYXHYFZtq0HHWD6J8-Rma5ia31yJbb46zhr_uog6GC70OqLAd6RE&pt=home&li=rbox-h2v&sig=2621beb981f9ec37303d8661e3c2425a902a8db2a215&redir=https%3A%2F%2Fmaximparerurehab.com%2F07e06b33-ba4c-4745-9748-db1b7c5fa470%3Fsite%3Dwallail-walla%26title%3DEilmeldung%2Baus%2BTh%25C3%25BCringen%253A%2BStaat%2B%25C3%25A4ndert%2BSolar-Vorgaben%26thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252F97eb4215d600b559a5e2eead2af12b91.jpg%26campaign%3DDE_Solar_Desktop1b%26utm_content%3D3706451525%26conversionname%3DLead%26click_id%3DGiCZh00CoLf8tvWXdcQXUkE9PIlPuQbac5cUTPIEAKksVyCo7Fwo4LjglridiJs7%26utm_medium%3Ddis_nat%26utm_source%3Dtaboola%26tblci%3DGiCZh00CoLf8tvWXdcQXUkE9PIlPuQbac5cUTPIEAKksVyCo7Fwo4LjglridiJs7%23tblciGiCZh00CoLf8tvWXdcQXUkE9PIlPuQbac5cUTPIEAKksVyCo7Fwo4LjglridiJs7&vi=1688282022359&p=wattfoxgmbh-new-solar-sc&r=9&lti=deflated&ppb=CJEH&cpb=EhIyMDIzMDYyOS0zLVJFTEVBU0UY8MTb0wYgACoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAxNjI4gN7OoAVAm-MJSI6KEFDxtdkDWP___________wFjCN7__________wEQ3v__________ARgiZGMI1xYQ1R8YI2RjCLk8EIpQGCRkYwjSAxDgBhgIZGMInAUQkQkYCWRjCK9HEKNeGAtkYwikJxCDNRgvZGMIxzAQxUAYMGRjCMouEJE-GDNkYwj-FhCKIBgTZGMIoUEQpVYYFGRjCNwKEPsaGBZkYwiWFBCZHBgYZGMI9BQQnh0YH2R4AYABAogBn9Om7QGQARyYAfSDzauRMQ&cta=true
Title: Mehr erfahren

URL: https://keram1n.com/de/
Title: Keramin

URL: https://trc.taboola.com/wallail-walla/log/3/click?pi=%2F&ri=cb004f3ced991140511fbb5a63241014&sd=v2_7c96b1e9b2b98832260328b58135abb5_9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926_1688282022_1688282022_CIi3jgYQk-FcGNeDzauRMSABKAEwODib4wlAjooQSPG12QNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926&it=text&ii=~~V1~~-4127696113950932833~~Td2eK4k15kJPX8l_mqMKHwRg0Q1Dz4PGTvVTkrsdohL6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQ1qPnz8TIp56FGMwGW1REdGP6mCOrMydSrc5toiHgFWAp-3Jybkbg7ntaoS2VbkfQGUkHQ3_G_JxGjhw9TrdPb_HE79lMnEshhClK6-ItHTlNH3EBEsSbolrdhJgUTJ0SUnfDueH3AwhvTfauyFTuVnIBhMVuagGFjnMgWNrlFALu73ETmnfNFJzU3BmMA-FGrSKCvTMNihR0Kv3XR8PzKKvuvMET7zjtHu_AE_2i5FZBGS43MTwq4peCyxxt_ISDUMeID3FypAVE6I4i-4OIUG0dF-Jz2phR1pNPDvE8IQRx_FCeQtcqkNWiFmTwIHGqmvJWjArveXGP_Tbk68SXmfmDIhCreX2gYPy11UC2513_Te7VDBtrWfSR6dtjSD8vtjdwE8wOTsWj2zVqclxevo6zhr_uog6GC70OqLAd6RE&pt=home&li=rbox-h2v&sig=a7f904bdf1ab9fd668dd1f2760d9fb61619c45feec3c&redir=https%3A%2F%2Fkeram1n.com%2Fde%2F%3Fclickid%3DGiCZh00CoLf8tvWXdcQXUkE9PIlPuQbac5cUTPIEAKksVyDkiVsotNDNs5zAxrLCAQ%26utm_source%3Dtaboola%26__sid%3D9c5ba80c-fe6f-4ca3-836f-9c80d1919093%26subid1%3D26038131%26subid2%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252F2d7857a12e72340e4d7c1bcf6e6330da.png%26subid3%3D3706702768%26subid4%3Dwallail-walla%26subid8%3DNagelpilz%253A%2Bein%2Bpreiswertes%2BMittel%2Bf%25C3%25BCr%2B%25C3%25A4ltere%2BMenschen%26tblci%3DGiCZh00CoLf8tvWXdcQXUkE9PIlPuQbac5cUTPIEAKksVyDkiVsotNDNs5zAxrLCAQ%23tblciGiCZh00CoLf8tvWXdcQXUkE9PIlPuQbac5cUTPIEAKksVyDkiVsotNDNs5zAxrLCAQ&vi=1688282022359&p=jacklevi-sc&r=39&lti=deflated&ppb=CJEH&cpb=EhIyMDIzMDYyOS0zLVJFTEVBU0UY8MTb0wYgACoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAxNjI4gN7OoAVAm-MJSI6KEFDxtdkDWP___________wFjCN7__________wEQ3v__________ARgiZGMI1xYQ1R8YI2RjCLk8EIpQGCRkYwjSAxDgBhgIZGMInAUQkQkYCWRjCK9HEKNeGAtkYwikJxCDNRgvZGMIxzAQxUAYMGRjCMouEJE-GDNkYwj-FhCKIBgTZGMIoUEQpVYYFGRjCNwKEPsaGBZkYwiWFBCZHBgYZGMI9BQQnh0YH2R4AYABAogBn9Om7QGQARyYAfSDzauRMQ&cta=true
Title: Jetzt testen

URL: http://www.hopondeals.com/de/20230605
Title: hopondeals.com

URL: https://trc.taboola.com/wallail-walla/log/3/click?pi=%2F&ri=cb004f3ced991140511fbb5a63241014&sd=v2_7c96b1e9b2b98832260328b58135abb5_9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926_1688282022_1688282022_CIi3jgYQk-FcGNeDzauRMSABKAEwODib4wlAjooQSPG12QNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926&it=photo&ii=~~V1~~-559250124560454853~~aDvHdXKF90XwkHN9Shw5PhPaswABVI23UX8okiS7HfL6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQ1qPnz8TIp56FGMwGW1REdGP6mCOrMydSrc5toiHgFWAp-3Jybkbg7ntaoS2VbkfQGUkHQ3_G_JxGjhw9TrdPb_HE79lMnEshhClK6-ItHTlNH3EBEsSbolrdhJgUTJ0SUnfDueH3AwhvTfauyFTuVnIBhMVuagGFjnMgWNrlFALu73ETmnfNFJzU3BmMA-FGrSKCvTMNihR0Kv3XR8PzKKvuvMET7zjtHu_AE_2i5FZBGS43MTwq4peCyxxt_ISDTWwwY1xVpYdZcNGVVFt6cm0dF-Jz2phR1pNPDvE8IQQVcNApWbHHeBrJ7DZG-ng3MzCm8pGcyb5_SZyLSrimSd707AzNSpaKMbrucc7f2yGdX4buEmXinCzIpD73AB23Cs91UhpUIakClwrt1HPJjbZ0qKVrHzr73JnAoKE-Ang&pt=home&li=rbox-h2v&sig=61d7814b4a3262e8a8a44426bfc424106e86b393348b&redir=http%3A%2F%2Fwww.hopondeals.com%2Fde%2F20230605%3Fslug%3Ddie-5-besten-su-vs-auf-dem-markt%26utm_source%3D8057%26tblci%3DGiCZh00CoLf8tvWXdcQXUkE9PIlPuQbac5cUTPIEAKksVyDoul8oiqP54PCXsMhP%23tblciGiCZh00CoLf8tvWXdcQXUkE9PIlPuQbac5cUTPIEAKksVyDoul8oiqP54PCXsMhP&vi=1688282022359&p=taboolaaccount-advblackprcom&r=86&lti=deflated&ppb=CJEH&cpb=EhIyMDIzMDYyOS0zLVJFTEVBU0UY8MTb0wYgACoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAxNjI4gN7OoAVAm-MJSI6KEFDxtdkDWP___________wFjCN7__________wEQ3v__________ARgiZGMI1xYQ1R8YI2RjCLk8EIpQGCRkYwjSAxDgBhgIZGMInAUQkQkYCWRjCK9HEKNeGAtkYwikJxCDNRgvZGMIxzAQxUAYMGRjCMouEJE-GDNkYwj-FhCKIBgTZGMIoUEQpVYYFGRjCNwKEPsaGBZkYwiWFBCZHBgYZGMI9BQQnh0YH2R4AYABAogBn9Om7QGQARyYAfSDzauRMQ&cta=true
Title: Jetzt Anschauen

URL: https://wiwin.de/blog/crowdinvesting-beschleunigt-den-ausbau-von-windenergie-erheblich
Title: WIWIN

URL: https://popup.taboola.com/he/?template=colorbox&utm_source=wallail-walla&utm_medium=referral&utm_content=thumbs-feed-01-a:Homepage%20Endless%20|%20Card%202:
Title: ממומן

URL: https://trc.taboola.com/wallail-walla/log/3/click?pi=%2F&ri=d5b8579fcbeb306aa21f146f2f5bd3e0&sd=v2_7c96b1e9b2b98832260328b58135abb5_9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926_1688282022_1688282022_CIi3jgYQk-FcGNeDzauRMSABKAEwODib4wlAjooQSPG12QNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926&it=text&ii=~~V1~~-811960986545267090~~idT1IDvmZAPa_4Q8KAWSgSbGjUNPEJ390GCG357jNkT6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GZIABZnE6iw0vZgovqPMyoCY6eD5jnG1QLwcl4nkEOHw5CoWLlX1uzG9gUBqYmKqk08KJRZ9mwaEcwcGgiTaJHWsUaZak2AcDXKoRwoERbO2SJxwhdJv3jKN701ohCgWIPvdAwBc-tgcz2_jjECScpI4w8PM6vv5gTX6XQUWwWKIGEbZu7Qu9P8lowQ9YYvLP-weojo6lT9S15VRz57g-WD78no3i1hAfNCVfvmjeOR_RoCfy8aQRng1b-KfJkda5kHinrvmZTIV1Gg23yGn38OTDCGh6dcvXUW24uB2iM0eve3svj0ZcovwPAw195qJj5xFtVj1S2j8Uvlszv9Rgm8&pt=home&li=rbox-h2v&sig=2d84e464c48127f39a595acf2fd10ac9c963150b4417&redir=https%3A%2F%2Fwiwin.de%2Fblog%2Fcrowdinvesting-beschleunigt-den-ausbau-von-windenergie-erheblich%3Futm_source%3DNative%26utm_medium%3DTaboola%26utm_campaign%3DWind0323%26utm_content%3DVideo-desktop%0A%26tblci%3DGiCZh00CoLf8tvWXdcQXUkE9PIlPuQbac5cUTPIEAKksVyCOwlsogOSjjL-wxezAAQ%23tblciGiCZh00CoLf8tvWXdcQXUkE9PIlPuQbac5cUTPIEAKksVyCOwlsogOSjjL-wxezAAQ&vi=1688282022359&p=taboolaaccount-cezannewiwinde&r=85&lti=deflated&ppb=CMwF&cpb=EhIyMDIzMDYyOS0zLVJFTEVBU0UY8MTb0wYgACoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAxNjI4gN7OoAVAm-MJSI6KEFDxtdkDWP___________wFjCN7__________wEQ3v__________ARgiZGMI1xYQ1R8YI2RjCLk8EIpQGCRkYwjSAxDgBhgIZGMInAUQkQkYCWRjCK9HEKNeGAtkYwikJxCDNRgvZGMIxzAQxUAYMGRjCMouEJE-GDNkYwj-FhCKIBgTZGMIoUEQpVYYFGRjCNwKEPsaGBZkYwiWFBCZHBgYZGMI9BQQnh0YH2R4AYABAogBn9Om7QGQARyYAfSDzauRMQ&cta=true
Title: Weiterlesen

URL: http://elektroauto.life/
Title: Elektroauto | Gesponserte Links

URL: https://www.enpal.de/artikel2/das-sollten-sie-vor-dem-kauf-einer-solaranlage-wissen
Title: Enpal

URL: https://popup.taboola.com/he/?template=colorbox&utm_source=wallail-walla&utm_medium=referral&utm_content=thumbs-feed-01-b:Homepage%20Endless%20|%20Card%203:
Title: ממומן

URL: https://www.sixx.de/serien/paula-kommt-sex-und-gute-nacktgeschichten/videos/frag-paula-wie-merkt-mann-dass-frau-einen-orgasmus-hat
Title: Sixx

URL: https://trc.taboola.com/wallail-walla/log/3/click?pi=%2F&ri=e944014cac4a6984d00d55aacf0a4fa5&sd=v2_7c96b1e9b2b98832260328b58135abb5_9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926_1688282022_1688282022_CIi3jgYQk-FcGNeDzauRMSABKAEwODib4wlAjooQSPG12QNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926&it=text&ii=~~V1~~-4652653721114967188~~VtnwmMW4TS56Iyw2p4zvlBGCRvDXpFuSVk6R3nsdy2n6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GZIABZnE6iw0vZgovqPMyoCY6eD5jnG1QLwcl4nkEOHw5CoWLlX1uzG9gUBqYmKqk08KJRZ9mwaEcwcGgiTaJHWsUaZak2AcDXKoRwoERbO2SJxwhdJv3jKN701ohCgWIPvdAwBc-tgcz2_jjECScpI4w8PM6vv5gTX6XQUWwWKIebjSVbjX5yOOtt49kQLe_llistW9OKL0r3wBVInfuMuu6m6E1TmuPtqOFfKvKCtUgSsug3DhqGMNEqAZer_mKzwBwbVzqx5qDQAj-sfT0DnfLTG_bp-z7nAkEtb4m-CUve3svj0ZcovwPAw195qJj5xFtVj1S2j8Uvlszv9Rgm8&pt=home&li=rbox-h2v&sig=f7afade4022b383b4b352529cacb9e9a97ad45c7e2ba&redir=https%3A%2F%2Fwww.sixx.de%2Fserien%2Fpaula-kommt-sex-und-gute-nacktgeschichten%2Fvideos%2Ffrag-paula-wie-merkt-mann-dass-frau-einen-orgasmus-hat%3Futm_source%3Dtaboola%26utm_medium%3Ddisplay%26utm_campaign%3Dsixx_pub_paulakommt_prosp_desk%26utm_content%3DFrag%2BPaula%253A%2BWie%2Bmerkt%2BMann%2Bdass%2BFrau%2Beinen%2BOrgasmus%2Bhat%26utm_term%3Dwallail-walla%26tblci%3DGiCZh00CoLf8tvWXdcQXUkE9PIlPuQbac5cUTPIEAKksVyDygFAowrTVwZmh27_WAQ&vi=1688282022359&p=prosiebensat1tvdeutschlandgmbh-tvc-sc&r=95&lti=deflated&ppb=CKcD&cpb=EhIyMDIzMDYyOS0zLVJFTEVBU0UY8MTb0wYgACoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAxNjI4gN7OoAVAm-MJSI6KEFDxtdkDWP___________wFjCN7__________wEQ3v__________ARgiZGMI1xYQ1R8YI2RjCLk8EIpQGCRkYwjSAxDgBhgIZGMInAUQkQkYCWRjCK9HEKNeGAtkYwikJxCDNRgvZGMIxzAQxUAYMGRjCMouEJE-GDNkYwj-FhCKIBgTZGMIoUEQpVYYFGRjCNwKEPsaGBZkYwiWFBCZHBgYZGMI9BQQnh0YH2R4AYABAogBn9Om7QGQARyYAfSDzauRMQ&cta=true
Title: Jetzt Anschauen

URL: https://b6kj05.zbrjtstrclnm.com/
Title: Senior Dating | Gesponserte Links

URL: https://trc.taboola.com/wallail-walla/log/3/click?pi=%2F&ri=e944014cac4a6984d00d55aacf0a4fa5&sd=v2_7c96b1e9b2b98832260328b58135abb5_9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926_1688282022_1688282022_CIi3jgYQk-FcGNeDzauRMSABKAEwODib4wlAjooQSPG12QNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926&it=text&ii=~~V1~~-943376673275691411~~c3Twi4GniIq4NgvBft1wWZ-lVvzo6DIJMa7MYfabPin6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQ1qPnz8TIp56FGMwGW1REdGP6mCOrMydSrc5toiHgFWAp-3Jybkbg7ntaoS2VbkfQGUkHQ3_G_JxGjhw9TrdPb_HE79lMnEshhClK6-ItHTlNH3EBEsSbolrdhJgUTJ0SUnfDueH3AwhvTfauyFTuVnIBhMVuagGFjnMgWNrlFALu73ETmnfNFJzU3BmMA-FGrSKCvTMNihR0Kv3XR8PzKKvuvMET7zjtHu_AE_2i5FZBGS43MTwq4peCyxxt_ISDyVjoWP3OIky7CgLVwaNxkG0dF-Jz2phR1pNPDvE8IQRGtHJYzyjovL7-n4SJCEAOGq8S0Fq8fsQYa3eBF0Cuy_mDIhCreX2gYPy11UC2513_Te7VDBtrWfSR6dtjSD8vtjdwE8wOTsWj2zVqclxevo6zhr_uog6GC70OqLAd6RE&pt=home&li=rbox-h2v&sig=7192056d9345509ccc04de9db6ae9a0e35085fe3c515&redir=https%3A%2F%2Fb6kj05.zbrjtstrclnm.com%3Futm_source%3Dtaboola%26utm_medium%3Dreferral%26subid1%3D25630668%7Cwallail-walla%7C3700755148%26subid2%3D1519763%26subid3%3DErfurt%253A%2BTreffen%2BSie%2Balleinstehende%2B%25C3%25A4ltere%2BFrauen%2Bin%2BIhrer%2BN%25C3%25A4he%2B%25E2%2580%2593%2Bsiehe%2BDating-Sites%26subid4%3Dde-de-tb-pavel-seniordatingpr-110623-all-v1%26network%3Dtaboola%26site%3Dwallail-walla%26adtitle%3DErfurt%253A%2BTreffen%2BSie%2Balleinstehende%2B%25C3%25A4ltere%2BFrauen%2Bin%2BIhrer%2BN%25C3%25A4he%2B%25E2%2580%2593%2Bsiehe%2BDating-Sites%26click_id%3DGiCZh00CoLf8tvWXdcQXUkE9PIlPuQbac5cUTPIEAKksVyCQu18o89Gzvre9o_usAQ%26dpco%3D1%26tblci%3DGiCZh00CoLf8tvWXdcQXUkE9PIlPuQbac5cUTPIEAKksVyCQu18o89Gzvre9o_usAQ%23tblciGiCZh00CoLf8tvWXdcQXUkE9PIlPuQbac5cUTPIEAKksVyCQu18o89Gzvre9o_usAQ&vi=1688282022359&p=tarzomedia-seniordating-sc&r=99&lti=deflated&ppb=CKcD&cpb=EhIyMDIzMDYyOS0zLVJFTEVBU0UY8MTb0wYgACoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAxNjI4gN7OoAVAm-MJSI6KEFDxtdkDWP___________wFjCN7__________wEQ3v__________ARgiZGMI1xYQ1R8YI2RjCLk8EIpQGCRkYwjSAxDgBhgIZGMInAUQkQkYCWRjCK9HEKNeGAtkYwikJxCDNRgvZGMIxzAQxUAYMGRjCMouEJE-GDNkYwj-FhCKIBgTZGMIoUEQpVYYFGRjCNwKEPsaGBZkYwiWFBCZHBgYZGMI9BQQnh0YH2R4AYABAogBn9Om7QGQARyYAfSDzauRMQ&cta=true
Title: Mehr erfahren

URL: https://tech.walla.co.il/item/3588032

URL: https://pro-verbraucher.info/trick-hotel-l2t-tb/
Title: Pro Verbraucher

URL: https://popup.taboola.com/he/?template=colorbox&utm_source=wallail-walla&utm_medium=referral&utm_content=thumbs-feed-01-b:Homepage%20Endless%20|%20Card%205:
Title: ממומן

URL: https://www.enpal.de/artikel2/die-solaranlage-die-alles-kann-bekannt-aus-tv
Title: Enpal

URL: https://bredings-person.com/92f77ffc-0bfe-4c90-8796-d2f2472c94a5
Title: PilzPlus+

URL: http://www.oref.org.il/11093-he/Pakar.aspx
Title: פיקוד העורף

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://walla.co.il/ HTTP 301
https://www.walla.co.il/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 156

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/777956447/?random=213970978&cv=11&fst=1688282021121&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=720157231.1688282021&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=pSOhZKuYDNKO7_UP_ay-2As&sscte=1&crd=&eitems=ChAI8MCEpQYQ4_vKiJuJ07hdEh0AE3f2l-lDSoAPABKR8zv2Nlo3aWXF9iggt_weIA&pscrd=Ek5DaEVJOE1DRXBRWVFsdEh1OGFpbW5hRGZBUklsQU1mZE1JWXdIakQwOF9GMnVPM29Sb1BuMy1ySzNxQ3BfRFdvLWs4UXgtSjdTS3liWlEaV0NoQUk4TUNFcFFZUTY5N3htUFdVNVAwRUVpMEFxUl9rRXRyVms3djE2ajRyMHIxcklEc2ZmNTUxc1Fzd2VDQUlsT1ZWVWhicTg2cDFPZFl5bUladU1wTSITCOv-ndG87_8CFVLHuwgdfZYPuw HTTP 302
https://www.google.com/pagead/1p-conversion/777956447/?random=213970978&cv=11&fst=1688282021121&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=720157231.1688282021&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE1DRXBRWVFsdEh1OGFpbW5hRGZBUklsQU1mZE1JWXdIakQwOF9GMnVPM29Sb1BuMy1ySzNxQ3BfRFdvLWs4UXgtSjdTS3liWlEaV0NoQUk4TUNFcFFZUTY5N3htUFdVNVAwRUVpMEFxUl9rRXRyVms3djE2ajRyMHIxcklEc2ZmNTUxc1Fzd2VDQUlsT1ZWVWhicTg2cDFPZFl5bUladU1wTSITCOv-ndG87_8CFVLHuwgdfZYPuw&is_vtc=1&ocp_id=pSOhZKuYDNKO7_UP_ay-2As&cid=CAQSKQBygQiDV_7uYl8_HPCHwjEX4B3hNOVU8WOsw6IutN9z9GjHxnOPMVV5&eitems=ChAI8MCEpQYQ4_vKiJuJ07hdEh0AE3f2l3GwVEzUuFIjZM7wLwqXwlMIvjn3aqiKdw&random=1160288710 HTTP 302
https://www.google.de/pagead/1p-conversion/777956447/?random=213970978&cv=11&fst=1688282021121&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=720157231.1688282021&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE1DRXBRWVFsdEh1OGFpbW5hRGZBUklsQU1mZE1JWXdIakQwOF9GMnVPM29Sb1BuMy1ySzNxQ3BfRFdvLWs4UXgtSjdTS3liWlEaV0NoQUk4TUNFcFFZUTY5N3htUFdVNVAwRUVpMEFxUl9rRXRyVms3djE2ajRyMHIxcklEc2ZmNTUxc1Fzd2VDQUlsT1ZWVWhicTg2cDFPZFl5bUladU1wTSITCOv-ndG87_8CFVLHuwgdfZYPuw&is_vtc=1&ocp_id=pSOhZKuYDNKO7_UP_ay-2As&cid=CAQSKQBygQiDV_7uYl8_HPCHwjEX4B3hNOVU8WOsw6IutN9z9GjHxnOPMVV5&eitems=ChAI8MCEpQYQ4_vKiJuJ07hdEh0AE3f2l3GwVEzUuFIjZM7wLwqXwlMIvjn3aqiKdw&random=1160288710&ipr=y

Request Chain 169

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.walla.co.il%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.walla.co.il%2F&rid=esp&cc=1

Request Chain 177

https://gum.criteo.com/sid/json?origin=publishertagids&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Et15GHx4WlFZa0VvMnpzNDZ3dTdlWFJlQzlaM1doQ2RtY1gzNDhpOFB5Yk05N3BOQWtPaHZPemtnMDR5dUE1QTRTekE3czI5dm5Ca2h2Qk9KdkpuenNPeDdNL3hydWZZNkNXUjN5WHVLYlJkSi9UbFl6SWE5U0s4Q3MrdCs1eWNpdXNJaURRa1BSZjB1R3JLWWQ3SmNGeDNJa3BvME00NmtId2VmemlVRThlRjBqS2t5cThESldVcjdoNjBVdFRUNG1ybmVjVUZ0Tjd5OEh0dkZ1a3VzQm1HWUJBL1FKdjByd2o2dk9SZmNETnZEZlRta3YrL0ZxUXZ0OS8rZXVKODFrZGU5L1BkZ1JqZ3REdVdYRWZXQUxiKzdRUT09fA&cppv=2

Request Chain 198

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKdJIfqahty4O1tXHzkPm_o&google_cver=1

Request Chain 199

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKEjpsvxJchzRiGMKPI2ugAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKdJIfqahty4O1tXHzkPm_o&google_cver=1

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECeJjfal1ot9AjkNArn7EKM&google_cver=1

Request Chain 201

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA2Mzk4MjM2MTc2Nzc2NjY5Ng%3D%3D

Request Chain 248

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F

Request Chain 259

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1688282022768 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=5639328449 HTTP 302
https://sync.1rx.io/usersync/turn/8900439031662473856?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-3c699ecb-c8dc-4768-9794-0ebd3d628f2a-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-3c699ecb-c8dc-4768-9794-0ebd3d628f2a-003 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-3c699ecb-c8dc-4768-9794-0ebd3d628f2a-003

Request Chain 260

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOHyoZVanh6J9jz5qVshvf0&google_cver=1

Request Chain 262

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEK6v_LLx1ztegAsV4f6198w&google_cver=1

Request Chain 264

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/betweenx/6e388d36-be5d-52b7-a9ba-d1accd1bf20a

Request Chain 265

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOHyoZVanh6J9jz5qVshvf0&google_cver=1

Request Chain 267

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEK6v_LLx1ztegAsV4f6198w&google_cver=1

Request Chain 270

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOHyoZVanh6J9jz5qVshvf0&google_cver=1

Request Chain 272

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEK6v_LLx1ztegAsV4f6198w&google_cver=1

Request Chain 276

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIZgMeEWukKjJPq48I4a46Y&google_cver=1&google_push=AaAOQGGCmiiCEk9TXFQFi2AsG8w6YhTQq7HSh_sSH88FwWbhxlfMpkjJHaWCA5eO-vN91VCvLJU96FfN_u4lA0lbCPI3AD7aFgfPgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1MTExNjA3MDk0MjI3NTczMg%3D%3D&google_push=AaAOQGGCmiiCEk9TXFQFi2AsG8w6YhTQq7HSh_sSH88FwWbhxlfMpkjJHaWCA5eO-vN91VCvLJU96FfN_u4lA0lbCPI3AD7aFgfPgg

Request Chain 277

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJ0Nsmz4GPcy6rTR__c1nck&google_cver=1&google_push=AaAOQGEjTl5oIDOFFqauywsLcAbZI9-UtOb4kWmIPM8GZEpdkYGsAQ_8WUGqKCQrCMcUJz830VPAmw2oCGZfVFx9tI3CWxuyDDxoNQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJ0Nsmz4GPcy6rTR__c1nck&google_cver=1&google_push=AaAOQGEjTl5oIDOFFqauywsLcAbZI9-UtOb4kWmIPM8GZEpdkYGsAQ_8WUGqKCQrCMcUJz830VPAmw2oCGZfVFx9tI3CWxuyDDxoNQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=I8QoZlJTS8-PGf6lM3axLw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGEjTl5oIDOFFqauywsLcAbZI9-UtOb4kWmIPM8GZEpdkYGsAQ_8WUGqKCQrCMcUJz830VPAmw2oCGZfVFx9tI3CWxuyDDxoNQ

Request Chain 278

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELL6DAy_XoP9P2SyQlKKWwU&google_cver=1&google_push=AaAOQGEWA3FIU6odfErtRkrGVXCvAIbxH9DdO8_r8uOqKim2J-wBXcjTO-iI9iLv15xKP3NbE7fexxew0xfc8ok6oNTDRZuMEkP06A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpMM0lYNVctMU0tNUNXOQ==&google_push=AaAOQGEWA3FIU6odfErtRkrGVXCvAIbxH9DdO8_r8uOqKim2J-wBXcjTO-iI9iLv15xKP3NbE7fexxew0xfc8ok6oNTDRZuMEkP06A

Request Chain 279

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESED7Buut5M46s1qksyZD-nfQ&google_cver=1&google_push=AaAOQGFkGHybcN0I6phf44mBmw_x78xwMVopbUODpsgVVEGYKsx5K34oSALBeXVVEjDoD1w1FPWPuZcXkkBJTwRVRW2-RKAUHu2jpw HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESED7Buut5M46s1qksyZD-nfQ&google_cver=1&google_push=AaAOQGFkGHybcN0I6phf44mBmw_x78xwMVopbUODpsgVVEGYKsx5K34oSALBeXVVEjDoD1w1FPWPuZcXkkBJTwRVRW2-RKAUHu2jpw&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGFkGHybcN0I6phf44mBmw_x78xwMVopbUODpsgVVEGYKsx5K34oSALBeXVVEjDoD1w1FPWPuZcXkkBJTwRVRW2-RKAUHu2jpw&google_hm=G6XxJGZH__q39tT-QoWEGkvk

Request Chain 282

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOHyoZVanh6J9jz5qVshvf0&google_cver=1

Request Chain 284

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEK6v_LLx1ztegAsV4f6198w&google_cver=1

Request Chain 293

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/2377327c42426363114219bafb1fe1?gdpr_consent=&gdpr=0

Request Chain 304

https://fw.adsafeprotected.com/rfw/st/1484042/72188330/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013030159&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20259277643&bidurl=https://www.walla.co.il/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0heqkwecySoU2XWtSPI1Ts9&adContainerId=brand_safety_piOhZNW7HM6XjuwPv4Wd8A4&cbFunctionName=goog_wrapCb_piOhZNW7HM6XjuwPv4Wd8A4&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.walla.co.il&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.walla.co.il%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:435ebc46-63b2-2d78-2296-19e0610f80c9,c:hbWQyL,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-7fdb4976c7-rmmp9,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tIPNjxS+11%7C12%7C13%7C14%7C15%7C16*.1484042-72188330%7C161%7C162%7C163%7C164%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1d1%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:20,oid:f9f74165-18a7-11ee-b41a-9aedfca68b90,v:19.8.422,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_piOhZNW7HM6XjuwPv4Wd8A4&cbFunctionName=goog_wrapCb_piOhZNW7HM6XjuwPv4Wd8A4&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js

Request Chain 346

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPHkfoAddXSq6p68XEW3srE&google_cver=1&google_push=AaAOQGESVvBQj6U4kGdxyCn4QXbJZOyRdAXQlHA_N2a69-9arnhA5lDpt4unPw-AZFvTOPnsOuF3_303O717hoyA8ELaZint6eY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODkwMDQzOTAzMTY2MjQ3Mzg1Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPHkfoAddXSq6p68XEW3srE&google_cver=1

Request Chain 347

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOoEMmlayf674McJG18CL5A&google_cver=1&google_push=AaAOQGF0_3Wde1jUF8kcg-3GcRQDK6Qk471rEQWNncD3rQk5kzEwQjlT5Ssu7JHaIZ0WwVjYBMI1vClyFA_7_4r9sOjLpQCGAq9D HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOoEMmlayf674McJG18CL5A&google_cver=1&google_push=AaAOQGF0_3Wde1jUF8kcg-3GcRQDK6Qk471rEQWNncD3rQk5kzEwQjlT5Ssu7JHaIZ0WwVjYBMI1vClyFA_7_4r9sOjLpQCGAq9D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MGdkVzFURUkxUWZSaGQ1&google_gid=CAESEOoEMmlayf674McJG18CL5A&google_cver=1&google_push=AaAOQGF0_3Wde1jUF8kcg-3GcRQDK6Qk471rEQWNncD3rQk5kzEwQjlT5Ssu7JHaIZ0WwVjYBMI1vClyFA_7_4r9sOjLpQCGAq9D

Request Chain 348

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEABZ8YI28yAebblNQuYdvOU&google_cver=1&google_push=AaAOQGHeHNWuZS3kTAkc1rfMGdygc7UWhYg58J0HUjl6muYXmLFvWLRWXqI3254n7qQ9InUrb1wwy1UOPY9cizAtEP4pl0RZmCu0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-U-xbR_v8YIBgabLjRuFhPOqYc7LDrP2nDo5tmQ&google_push=PUSH_DATA HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Request Chain 349

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELs6UbJAtYp5Udf1tvCeocs&google_cver=1&google_push=AaAOQGEszE7gJlEsN5wHYiujUcuCmhv5W9cuDKwo90y4q9WlMmKrt_WlSdv9BZxAnDHzk2nC8pb9dKrPpTFwxcbzc79dJTG-l18O HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELs6UbJAtYp5Udf1tvCeocs&google_hm=ZKEjpsvxJchzRiGMKPI2ugAADSQAAAAB&google_nid=index&google_push=AaAOQGEszE7gJlEsN5wHYiujUcuCmhv5W9cuDKwo90y4q9WlMmKrt_WlSdv9BZxAnDHzk2nC8pb9dKrPpTFwxcbzc79dJTG-l18O

Request Chain 350

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESED7Buut5M46s1qksyZD-nfQ&google_cver=1&google_push=AaAOQGG7EdD4Erd0Lyk70-Hs015SjsXcqKH3uqRSLgVyPCbpZVe1LC8X8Zw5_G-__-aPUiRdJahWDcthNHqFWuTc9svj5Dh8NrT4 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGG7EdD4Erd0Lyk70-Hs015SjsXcqKH3uqRSLgVyPCbpZVe1LC8X8Zw5_G-__-aPUiRdJahWDcthNHqFWuTc9svj5Dh8NrT4&google_hm=G6XxJGZH__q39tT-QoWEGkvk

Request Chain 351

https://match.360yield.com/match/ebda?google_gid=CAESENN3jFp6R7F9vsNoJjLEfyM&google_cver=1&google_push=AaAOQGFdVjpsIF5kmeKEU9JUMLZowTG8Ll3589Ld4xgiz4XNN9IATvqw1PhWSfIC8bvJgt6OkvhKlxWEcTBGzF7SJhr6S76W9hTZ HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESENN3jFp6R7F9vsNoJjLEfyM&google_cver=1&google_push=AaAOQGFdVjpsIF5kmeKEU9JUMLZowTG8Ll3589Ld4xgiz4XNN9IATvqw1PhWSfIC8bvJgt6OkvhKlxWEcTBGzF7SJhr6S76W9hTZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=EFmo7J7US7CWZHvp6x1_ig&google_push=AaAOQGFdVjpsIF5kmeKEU9JUMLZowTG8Ll3589Ld4xgiz4XNN9IATvqw1PhWSfIC8bvJgt6OkvhKlxWEcTBGzF7SJhr6S76W9hTZ

Request Chain 354

https://fw.adsafeprotected.com/rfw/st/1484042/72185571/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013030159&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20259277643&bidurl=https://www.walla.co.il/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hGlMmstQpvSSJSmQG1z2BK&adContainerId=brand_safety_piOhZKn8MYun9u8P6p6vKA&cbFunctionName=goog_wrapCb_piOhZKn8MYun9u8P6p6vKA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.walla.co.il&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.walla.co.il%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e824cd45-8a73-f634-68d0-8945ed0119ca,c:hbWQGe,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-576fbdf94b-gw8jq,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tIPNjEW+11%7C12%7C13%7C14%7C15%7C161%7C162%7C1631%7C164%7C165%7C17%7C18%7C19%7C1a%7C1b%7C1c*.1484042-72185571%7C1c1%7C1c2%7C1d1%7C1d2%7C1e1%7C1e2%7C1f1%7C1f2%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1c*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:44,oid:fa16d811-18a7-11ee-9f1f-224114f1d8e0,v:19.8.422,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_piOhZKn8MYun9u8P6p6vKA&cbFunctionName=goog_wrapCb_piOhZKn8MYun9u8P6p6vKA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js

Request Chain 379

https://fw.adsafeprotected.com/rfw/st/1484042/72188194/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013030159&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20259277643&bidurl=https://www.walla.co.il/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gkZ5cf4lBU0iLSzp0UfVLx&adContainerId=brand_safety_piOhZN2PNquQjuwPtcKGmAk&cbFunctionName=goog_wrapCb_piOhZN2PNquQjuwPtcKGmAk&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.walla.co.il&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.walla.co.il%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:3e472016-4c8a-9a78-1b8f-45c4f65645da,c:hbWQKm,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-576fbdf94b-ld2fj,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tIPNjJj+11%7C12%7C13%7C14%7C15%7C161%7C162%7C1631%7C164%7C165%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1c5%7C1d1%7C1d2%7C1d3%7C1e*.1484042-72188194%7C1e1%7C1e2%7C1f1%7C1f2%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:30,oid:fa2815be-18a7-11ee-a49e-ca7727e09e69,v:19.8.422,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_piOhZN2PNquQjuwPtcKGmAk&cbFunctionName=goog_wrapCb_piOhZN2PNquQjuwPtcKGmAk&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js

Request Chain 390

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPHkfoAddXSq6p68XEW3srE&google_cver=1&google_push=AaAOQGEplzvO4f9TeyJAHA_vAEIYmaqb3WyQl7gazcFLiKwOTpmTZLmQ5Fil5dDiViMdjzKbaExT9uG_7x49TwAbc-FuJk-KOWUbtQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODkwMDQzOTAzMTY2MjQ3Mzg1Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPHkfoAddXSq6p68XEW3srE&google_cver=1

Request Chain 393

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMIkdq4NWTIjvkvQpZoB6ig&google_cver=1&google_push=AaAOQGEAYBwdw6SzzERoJIMSLRxkIFJEq42JWgCqNKkOEPBmcQB-uxKs4Y2wRnmLSD_gAHMvRay3E9x5-ax2IdGbJSwXAlsiqcXhHQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGEAYBwdw6SzzERoJIMSLRxkIFJEq42JWgCqNKkOEPBmcQB-uxKs4Y2wRnmLSD_gAHMvRay3E9x5-ax2IdGbJSwXAlsiqcXhHQ

Request Chain 394

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEA9W0dEsjLSm9FwbgGfunyc&google_cver=1&google_push=AaAOQGHU7t7DSkjjIlnmhBkaj9C7JD_jyFy0vc3FAk_KPM1dSuyb0asqyUKH8seRZzj01Wsqbsk-08T6XTGZcX0aoyKWB-LYreAOPg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHU7t7DSkjjIlnmhBkaj9C7JD_jyFy0vc3FAk_KPM1dSuyb0asqyUKH8seRZzj01Wsqbsk-08T6XTGZcX0aoyKWB-LYreAOPg

Request Chain 395

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEA9W0dEsjLSm9FwbgGfunyc&google_cver=1&google_push=AaAOQGECKJXdBE0DZbQ-jDnL3UEO5PhkysypFkJwG2vJMIZj6IWG7cTyDNd1ipf30VYxwi2AWCMALYe-bB8Cj4MLGzOowjGcwcBdNuQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGECKJXdBE0DZbQ-jDnL3UEO5PhkysypFkJwG2vJMIZj6IWG7cTyDNd1ipf30VYxwi2AWCMALYe-bB8Cj4MLGzOowjGcwcBdNuQ HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 396

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBhi-ijiOUAYJ5QpA2UUXFU&google_cver=1&google_push=AaAOQGFUNv7Uw_lYpJD4Dl-nzlVMS6TB9oLKaq1iDSvm-FnMpRUeC8OeJLEjnKELd2vDJbEqTkH8E12YgE4QZzXG8ym6eDTOlsa_QPA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjA2Mzk4MjM2MTc2Nzc2NjY5Ng%3D%3D&google_gid=CAESEBhi-ijiOUAYJ5QpA2UUXFU&google_cver=1&google_push=AaAOQGFUNv7Uw_lYpJD4Dl-nzlVMS6TB9oLKaq1iDSvm-FnMpRUeC8OeJLEjnKELd2vDJbEqTkH8E12YgE4QZzXG8ym6eDTOlsa_QPA

Request Chain 399

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOoEMmlayf674McJG18CL5A&google_cver=1&google_push=AaAOQGEvQ4eIuAtV8QCsqB4L02F5z-WXMDpC29ZOG1NZFIV0a_rfHwWnavu91MqCSGtnW-zjs8HwyJFBxgFt0rU8HvvEYD84av1x HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MGdkVzFURUkxUWZSaGQ1&google_gid=CAESEOoEMmlayf674McJG18CL5A&google_cver=1&google_push=AaAOQGEvQ4eIuAtV8QCsqB4L02F5z-WXMDpC29ZOG1NZFIV0a_rfHwWnavu91MqCSGtnW-zjs8HwyJFBxgFt0rU8HvvEYD84av1x

Request Chain 400

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHMwxwbv2MKR5SDLnG9chtI&google_cver=1&google_push=AaAOQGGH-qZ0A4rXbqS1DHkBjw0Tmy5rERuaVnrCLVD6IW87l84TkLaMhpfCUEf9RfyqzJnj4lXIJb1vetLDDGwv-XFJ7kaHeRA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGH-qZ0A4rXbqS1DHkBjw0Tmy5rERuaVnrCLVD6IW87l84TkLaMhpfCUEf9RfyqzJnj4lXIJb1vetLDDGwv-XFJ7kaHeRA

Request Chain 402

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEABZ8YI28yAebblNQuYdvOU&google_cver=1&google_push=AaAOQGHucvF19VuRw0Awtt4WCBVYBp08PGU_tJXSVmV8WQoehl7VWQ6j3a5VHjdfOfcgMzGhQDsnxP4fTaIVK_RIfCyT129F-9Us HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-U-xbR_v8YIBgabLjRuFhPOqYc7LDrP2nDo5tmQ&google_push=PUSH_DATA HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Request Chain 403

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMIkdq4NWTIjvkvQpZoB6ig&google_cver=1&google_push=AaAOQGETKkDZeOmQ00-EMTN5O3mT4SyXHsAfUHUYJFlHg8QJ2mGt7R38Vv9m6wC-v-S89KbEU77xJxZxVu4Ld5xFlqScv2QBKwEc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGETKkDZeOmQ00-EMTN5O3mT4SyXHsAfUHUYJFlHg8QJ2mGt7R38Vv9m6wC-v-S89KbEU77xJxZxVu4Ld5xFlqScv2QBKwEc

Request Chain 404

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEA9W0dEsjLSm9FwbgGfunyc&google_cver=1&google_push=AaAOQGEdBKHI65wt6ZJWihUj-X9nycOlRb3OhC2BV3TpmQN3cWqXECtepKd7O7sZqyEKWZ_113PMjYXdHLQT_cL3ZSSvav7HBNY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEdBKHI65wt6ZJWihUj-X9nycOlRb3OhC2BV3TpmQN3cWqXECtepKd7O7sZqyEKWZ_113PMjYXdHLQT_cL3ZSSvav7HBNY

Request Chain 405

https://match.360yield.com/match/ebda?google_gid=CAESENN3jFp6R7F9vsNoJjLEfyM&google_cver=1&google_push=AaAOQGHLYlBAI5JX6Jdksie__fpar3cjJwQLjhrlpsNEjvxsTvHfyyVDwXqdJ-_DYCSrEdx2cy1Wm1b1ElTlSk8_k0MVLZmnyiOv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=EFmo7J7US7CWZHvp6x1_ig&google_push=AaAOQGHLYlBAI5JX6Jdksie__fpar3cjJwQLjhrlpsNEjvxsTvHfyyVDwXqdJ-_DYCSrEdx2cy1Wm1b1ElTlSk8_k0MVLZmnyiOv

Request Chain 409

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIZgMeEWukKjJPq48I4a46Y&google_cver=1&google_push=AaAOQGG0-UzsLLOUSOEeVDr3Es7EF5zYlPwEnU9H-knJH1AhyGrKrMhiAQBr_HwgfGeYR9PD3UPZ9eLtscAfnAuZYKqzgWByC55C HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1MTExNjA3MDk0MjI3NTczMg%3D%3D&google_push=AaAOQGG0-UzsLLOUSOEeVDr3Es7EF5zYlPwEnU9H-knJH1AhyGrKrMhiAQBr_HwgfGeYR9PD3UPZ9eLtscAfnAuZYKqzgWByC55C

Request Chain 410

https://match.360yield.com/match/ebda?google_gid=CAESENN3jFp6R7F9vsNoJjLEfyM&google_cver=1&google_push=AaAOQGGDbM-rj6EzCZ2vHWC29AtcV3I_t6Kl8wHZT66Sc23Irk1EG6Rie-EvUpujio9Ogjin5IW-oeI2YsPNHoK1hpkr-8P04Qtc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=EFmo7J7US7CWZHvp6x1_ig&google_push=AaAOQGGDbM-rj6EzCZ2vHWC29AtcV3I_t6Kl8wHZT66Sc23Irk1EG6Rie-EvUpujio9Ogjin5IW-oeI2YsPNHoK1hpkr-8P04Qtc

Request Chain 411

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEBb3z9nzor5X1MHB62kbJuI&google_cver=1&google_push=AaAOQGGhX57Gfw6plEwcz1aTp93TuLZIAAlgGK022d3f3pWt0RzD4AN5EqSlGMT9LF9_12txn6T3LdjKFdLyBF-KZTWBRRMMEjuM HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-3c699ecb-c8dc-4768-9794-0ebd3d628f2a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGGhX57Gfw6plEwcz1aTp93TuLZIAAlgGK022d3f3pWt0RzD4AN5EqSlGMT9LF9_12txn6T3LdjKFdLyBF-KZTWBRRMMEjuM%26google_hm%3DAzxpnsvI3Edol5QOvT1ijyo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGGhX57Gfw6plEwcz1aTp93TuLZIAAlgGK022d3f3pWt0RzD4AN5EqSlGMT9LF9_12txn6T3LdjKFdLyBF-KZTWBRRMMEjuM&google_hm=AzxpnsvI3Edol5QOvT1ijyo

Request Chain 412

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGNQOjVn35hRYud4DMON0as&google_cver=1&google_push=AaAOQGHNVZtOfn199KMm3jt0NWF0_fgNaU0nPaHMarg2okymUroakBDZ0ZqfvsQDsHjZQCcFowIXr-HnM-Qbw35m5eNSOJazrtM HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGHNVZtOfn199KMm3jt0NWF0_fgNaU0nPaHMarg2okymUroakBDZ0ZqfvsQDsHjZQCcFowIXr-HnM-Qbw35m5eNSOJazrtM&google_gid=CAESEGNQOjVn35hRYud4DMON0as HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzc5NDE5ODg1MzkzMjcwNTIyMDAyMg%3D%3D&google_push=AaAOQGHNVZtOfn199KMm3jt0NWF0_fgNaU0nPaHMarg2okymUroakBDZ0ZqfvsQDsHjZQCcFowIXr-HnM-Qbw35m5eNSOJazrtM

Request Chain 413

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIjL9e0bYfEd3e_b9llfKpo&google_cver=1&google_push=AaAOQGGF651qRAxET3ufF7XOZaf8HUoZAsUjh7IztIdMHPdZ_0b5T_zsT3rUik6D966H4C85YJcf3ZFMn079wWjxgvmOuKPGMAPa HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIjL9e0bYfEd3e_b9llfKpo&google_cver=1&google_push=AaAOQGGF651qRAxET3ufF7XOZaf8HUoZAsUjh7IztIdMHPdZ_0b5T_zsT3rUik6D966H4C85YJcf3ZFMn079wWjxgvmOuKPGMAPa HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=97b7e5ef-f0a2-4b27-bd88-2cb1b7aa3068&%%GOOGLE_PUSH_PAIR%%

Request Chain 432

https://cdn-uw2-prod.tsv2.amagi.tv/linear/amg01742-walla-wallanews-ono/playlist.m3u8 HTTP 302
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8

Request Chain 523

https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=3&topUrl=www.walla.co.il&bundle=q5_Jn19mcyUyQmJDdzVGQmdQdnlaZWc4YnpBdGFxZzE4UyUyQk1aSDd6b1VHMW0wTkxzOWQlMkZhb1pudmUwZVZKSUQ3azNTTkpvWmNEWXB0MlRMa2tuT3AlMkJ3UUdDNlcyOW8lMkJBMEVscGhiWVh6blA2bjZabDljRmx6VDlNZGk0ZE1CS1dGbWg2cHJGcXNoc2F1c3VudUpWSSUyRiUyQks5SHFCQSUzRCUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=-bkFbXxHaGxMeTZZZG5vdDVzQiszc2lwazg4eDY4ZU51dnlGSTRuRXcyTVB0LzBmSWVCcGYzTm95V3NoSnMzOUwxaTNPY3VBMWJJa2YrVlIyTDIwcUU2a1p6U3ovNnp1L0hDSlJlS2YzVjRHVFN3bEpOQ0oyV084NVFOUmtjUkZ6ZFZzN3VwZXpPTTZBM2dhK2IvTzRMem9ybFE1MCtUazcvaVMwdXlJaW0xUXl3cXdWMkszK3R1VkZYaGoyNGJHVGZQY2x4eU5QM0hnTEh6NGNhK2RlNlZHenBldTlIc2ovcmNCN3ViRE5LYitYZCtBOEo0S002SUplZGZZZlphazRTUDA1clEzM3Buc1cxWGFtbFNvbEtHcmRPdGRYZmZnQmhYWDBMQzVGVmw0UXQvWT18&cppv=2

Request Chain 554

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8128439130400774114

Request Chain 555

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 556

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329526443594606

Request Chain 557

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=23C42866-5253-4BCF-8F19-FEA53376B12F&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=23C42866-5253-4BCF-8F19-FEA53376B12F&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 558

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=I8QoZlJTS8-PGf6lM3axLw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 560

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3194800787 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=23C42866-5253-4BCF-8F19-FEA53376B12F

Request Chain 561

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=23C42866-5253-4BCF-8F19-FEA53376B12F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NWlsVzdCbTlON0NUVlNZWVRNU2VhblJjdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=342713563282871321&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 562

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjNDNDI4NjYtNTI1My00QkNGLThGMTktRkVBNTMzNzZCMTJG&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 563

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENXBma7mvhtjK3REBkSUiBo&google_cver=1

Request Chain 565

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=342713563282871321

Request Chain 576

https://gcdn.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/4B69049688E4003122C135632A4CB3D76DE76066.51C337EF27BC065E67B4EB8743C183ED76ACD1A3/key/ck2/file/file.mp4?cpn=uQ7F1ijQY1TyDlaJ HTTP 302
https://r3---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/13F243918610146119CD8B82D162C5410BE3F895.24E3250854696A2C13414715521CF9BE6B5C85A9/key/cms1/cms_redirect/yes/mh/FW/mip/2001:1b60:1010:2:1011:bebd:fd3f:e24e/mm/42/mn/sn-4g5e6nzl/ms/onc/mt/1688281133/mv/u/mvi/3/pl/29?cpn=uQ7F1ijQY1TyDlaJ&file=file.mp4

Request Chain 579

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGE5NjI1ZDE4OTM0MDFhN2UzY2Q2N2E4OTljODk3YjNlYTAxNWQzNA

Request Chain 580

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/jquhkavjzBuKjrp3xEERmsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-CCpy_OFE2oIBb3Z5IYgEnRCA4kFGtuNWLKGHjg--~A

Request Chain 581

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJL3IX5W-1M-5CW9

Request Chain 582

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEpMM0lYNVctMU0tNUNXOQ== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELL6DAy_XoP9P2SyQlKKWwU&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpMM0lYNVctMU0tNUNXOQ==&google_push=

Request Chain 583

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-AjIX16USe2BzrDMEgDiCw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=-AjIX16USe2BzrDMEgDiCw

Request Chain 584

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMgPkZ8uMMU-uIWM1A8YyqI&google_cver=1

Request Chain 586

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-NLLaWTbSY-502KC2oECPw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-NLLaWTbSY-502KC2oECPw

Request Chain 590

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F

Request Chain 592

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
https://csync.smilewanted.com/set_partner_userid_get/adform/342713563282871321

Request Chain 607

https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/0I2Yh6qkmdQnYUqspaUe?pi=smilewanted&tc=1

Request Chain 609

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=9205ad4fd805feef084933d98af06bcb

621 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.walla.co.il/
Redirect Chain

https://walla.co.il/
https://www.walla.co.il/

573 KB
260 KB

2094ms
2017ms

Document
text/html

13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 29d4418fcc0b1aac6a84d22d30d52037aecc163468d5c52493b36c0cb458a597

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=30
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 02 Jul 2023 07:13:39 GMT
etag: W/"8f241-fTbeHUCsC9yh04/utYdhmf1zg8A"
server: openresty/1.15.8.1
vary: Accept-Encoding
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
x-amz-cf-id: 7UmFg0WNqtCb441W4cf400BOnhF3MtOG3CWV6n00YA6RY01ltMYdYA==
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-cached: MISS

Redirect headers

age: 58
content-length: 0
date: Sun, 02 Jul 2023 07:12:40 GMT
location: https://www.walla.co.il/
server: AmazonS3
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-cf-id: bC96oINrNvikUHfbOPJg1e7WxFjLwgvB1Nrk-VvE8A7VJxiqPPDj3Q==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
26 KB 166ms
116ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0ef355e5e71baea1af4750ef6a4bde8f8d0585a77932eab853a3470f57eb6a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26453
x-xss-protection: 0
server: cafe
etag: 109 / 19540 / 31075743 / config-hash: 4433571151520717869
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 02 Jul 2023 07:13:40 GMT

GET
H/1.1 200
OK MIN-20300.js Show response
apv-launcher.minute.ly/api/launcher/ 41 KB
14 KB 121ms
31ms Script
text/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://apv-launcher.minute.ly/api/launcher/MIN-20300.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 571b2e1dcb8f47db573999c8e3dd8514e1121e67a99fcce3a723647836146bfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 07:13:40 GMT
Content-Encoding: gzip
X-HW: 1688282020.dop265.fr8.t,1688282020.cds148.fr8.shn,1688282020.dop265.fr8.t,1688282020.cds221.fr8.c
Content-Type: text/javascript; charset=utf-8; charset=utf-8
Cache-Control: max-age=30
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 14043

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
70 KB 94ms
36ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11170679829

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

059df4784f6f38c0e9e25694794f585c82bb3cd52d8dffc4a0bedcf679e1cb3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70895
x-xss-protection: 0
last-modified: Sun, 02 Jul 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 Jul 2023 07:13:40 GMT

GET
H2 200 dmp-provider.js Show response
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/ 208 KB
63 KB 84ms
24ms Script
text/javascript 18.66.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-109.fra56.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: e01f4bc5be958007ac184062e6ac1f6c3c979342a61dca583eea86f1ade9891c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 12:46:44 GMT
content-encoding: br
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server: nginx/1.20.0
x-amz-cf-pop: FRA56-P5
age: 66416
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
x-amz-cf-id: 8VZEx5j-bmjbpTmr8Z_AB6slm-SixwsJo90-58OPrzmd7o1jvG3elQ==

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 106ms
24ms Script
application/x-javascript 2600:9000:2057:cc00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:cc00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 06:39:27 GMT
content-encoding: gzip
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 00:37:14 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 2053
etag: W/"649b80ba-5df1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: WUDSX_YzMKVHeHLyPPSDmlTNGqmfCi_ccj3wQOF-sA202JMhX4KiYQ==
expires: Sun, 02 Jul 2023 08:39:27 GMT

GET
H2 200 new-logo-mobile.svg
www.walla.co.il/public/assets/homepage2/ 1 KB
965 B 116ms
112ms Image
image/svg+xml 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/new-logo-mobile.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a1cb876b8d4ac161aa3960063801ce2a3e1f893863524b9132de74867fe9d16b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: gzip
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"473-189024e6f10"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: jVm6b3WnZbdUJ89aM7RCKz_eTa4ERtCbZ6BmGkc5UJ0Tg19e0YDcoA==
x-cached: HIT

GET
H2 200 icon-weather-mobile.svg
www.walla.co.il/public/assets/icons/ 2 KB
1 KB 106ms
103ms Image
image/svg+xml 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/icon-weather-mobile.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: fd3121a04a4b745f71058c38f7902b207de37f86aa3a9674eda80a2baf366382

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: gzip
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"7ee-189024e6f10"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: GYDrHpOEoMEJg_GAKow5viiCOBdYVuPfHyemHYbhvVnNwAQXNGqQ9g==
x-cached: HIT

GET
H2 200 icon-mail-no-bg.svg
www.walla.co.il/public/assets/homepage2/ 464 B
821 B 66ms
62ms Image
image/svg+xml 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/icon-mail-no-bg.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 50795dddaa17612e809ddf339489bc1fdff6f7bcc76115ba6eeb17eccb68eb47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"1d0-189024e6f10"
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 464
x-cached: HIT
x-amz-cf-id: X--ok-70M3T3ZYxLUaEGoxW81MrWpFBtl1cica8PcoAA_7IQcwEqZw==

GET
H2 200 new-logo.svg
www.walla.co.il/public/assets/homepage2/ 1 KB
990 B 62ms
59ms Image
image/svg+xml 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/new-logo.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a0321d7f4006d1ef24eb6f33f7252ab8bcbb9237a56c49aad5abe30b085ae3fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: gzip
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"492-189024e6f10"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: nV-g_cJOAGHAPIChYgnc-Y3Swuss08AMOJJFhhotjwijqHCaNw3Ctw==
x-cached: HIT

GET
H2 200 allay-icon.svg
www.walla.co.il/public/assets/icons/ 3 KB
2 KB 112ms
109ms Image
image/svg+xml 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/allay-icon.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 06629d4561f4f5300f64a9bd017f09f07617d10fe67e3c82feabd39d52aad534

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: gzip
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"c00-189024e6f10"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: KaNAVHPoEyXnI9MTXr-vwF7Qq4v8XIwiq2o0QYAHr35yUgF3c6QwLw==
x-cached: HIT

GET
H2 200 tiktok.svg
www.walla.co.il/public/assets/navigation/ 628 B
986 B 125ms
121ms Image
image/svg+xml 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/navigation/tiktok.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 40083197f6c3fad2ef5d99095c72f3a60072e92bdfcd920dd91299f3679027b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"274-189024e6f10"
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 628
x-cached: HIT
x-amz-cf-id: tb7GNLeGkxrju2VtiEoZMFSCsR_jG4H3rgmOMC9a_tKpJUpU6JQ57w==

GET
H2 200 insta.svg
www.walla.co.il/public/assets/navigation/ 2 KB
1 KB 69ms
66ms Image
image/svg+xml 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/navigation/insta.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 23e2409494818d5a7bbcf232f0818db8599da2d9c3c1856572f95ffc7b4b1d2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: gzip
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"79e-189024e6f10"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: _mj2EsAyKShYIHgHp5A5Y20YzEgLLq4Eg4pmTuicMQxIdeMYZdR-Rg==
x-cached: HIT

GET
H2 200 twitter.svg
www.walla.co.il/public/assets/navigation/ 1004 B
942 B 80ms
77ms Image
image/svg+xml 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/navigation/twitter.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: d685d349bc446d06cf68755fd4dbd95bb51f8913ad08cea281e371aa1fc284eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: gzip
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"3ec-189024e6f10"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: 6SOqV2NeIP8sIl3XqJjwYQMCQtyitRu9tlgJc-ktqEjbJhCPf3LSGQ==
x-cached: HIT

GET
H2 200 facebook.svg
www.walla.co.il/public/assets/navigation/ 471 B
829 B 69ms
66ms Image
image/svg+xml 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/navigation/facebook.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 5d2840fc0bf868ec7e60c9e2f14a0f623b865ee0a7f8459fbfb25881709f7838

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"1d7-189024e6f10"
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 471
x-cached: HIT
x-amz-cf-id: SZdToTCmJDJF3lSpdDEuetPzDL8w3JY1K2Bp3nS_ekUcKINw1obsLg==

GET
H2 200 3565198-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/3/5/6/5/ 123 KB
123 KB 75ms
22ms Image
image/jpeg 34.160.198.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/3/5/6/5/3565198-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 118.198.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 03dfaf7c25a7de2f82372621781770e71c9f2695bf25e6387411bcc9f42145bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:03:22 GMT
via: 1.1 google
age: 618
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125950

GET
H2 200 invalid-name2.svg
www.walla.co.il/public/assets/shivuki/ 2 KB
1 KB 69ms
67ms Image
image/svg+xml 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/shivuki/invalid-name2.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: ce3152168290b1b92efe3a9ec4ee91acf3b91397b117aecaa158ae938bb826f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: gzip
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"834-189024e6f10"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: G5NS9m8_jCKBJzAtj7_CIuH4Mqjl1WOK-tnh41qRDUiIidOb7qgSUg==
x-cached: HIT

GET
H2 200 3564710-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/6/4/ 11 KB
11 KB 111ms
58ms Image
image/jpeg 34.160.198.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/6/4/3564710-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 118.198.160.34.bc.googleusercontent.com
Software: /
Resource Hash: bc5e749bdd4d89314fca4a3bb2dedda9c63728a3b90139e16b3c03d30d562b6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 06:25:08 GMT
via: 1.1 google
age: 2912
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11231

GET
H2 200 3562598-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/6/2/ 29 KB
29 KB 97ms
44ms Image
image/jpeg 34.160.198.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/6/2/3562598-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 118.198.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 04af9b5f5e7d4140b6b8e4610c0f93714093f9f7bfe6df57766f70a4caf8c80d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 06:35:49 GMT
via: 1.1 google
age: 2271
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30042

GET
H2 200 3540886-46.mp4
images.wcdn.co.il/q_auto,w_300,t_18/3/5/4/0/ 1 MB
1 MB 135ms
82ms Image
image/gif 34.160.198.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/q_auto,w_300,t_18/3/5/4/0/3540886-46.mp4
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 118.198.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 9c0d30699abac345d40690a79678462b3b5de6b0325aa4f3370cf2ee8954922f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 06:55:21 GMT
via: 1.1 google
age: 1099
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1468700

GET
H2 200 logo_walla+.png
www.walla.co.il/public/assets/homepage2/ 10 KB
10 KB 85ms
82ms Image
image/png 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/logo_walla+.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 301bf90c72cd880946376981a30c087ebfdb02bf1a96780e311b7c48a0ed03a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"26ba-189024e6f10"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 9914
x-cached: MISS
x-amz-cf-id: PDqOTCpCSNYT3ff-taGS3yCehhGXO6S_sviRxQXbduG9K-3oc5GxXw==

GET
H2 200 3112023-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/1/1/2/ 9 KB
9 KB 108ms
55ms Image
image/jpeg 34.160.198.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/1/1/2/3112023-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 118.198.160.34.bc.googleusercontent.com
Software: /
Resource Hash: b0b7c5da90e6b3e34cef577634c3091232b248f0d42aac5a168a2fcf0153188b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 06:37:04 GMT
via: 1.1 google
age: 2196
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8709

GET
H2 200 3562683-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/6/2/ 19 KB
19 KB 91ms
90ms Image
image/jpeg 34.160.198.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/6/2/3562683-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 118.198.160.34.bc.googleusercontent.com
Software: /
Resource Hash: b711b68e05d27163016d1d3d87046a123902afab1ddad7ee9c96e3014ea4a8e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 06:35:33 GMT
via: 1.1 google
age: 2287
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19204

GET
H2 200 3546737-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/4/6/ 14 KB
14 KB 92ms
91ms Image
image/jpeg 34.160.198.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/5/4/6/3546737-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 118.198.160.34.bc.googleusercontent.com
Software: /
Resource Hash: f77b7eadda7cd17fce7ed06f48b31fc8b8fefb15c377dc1ca2a66f1e06285c31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 06:57:21 GMT
via: 1.1 google
age: 979
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14564

GET
H2 200 3933_4af9f32aa5600d50a1e5_4af9f32aa5600d50a1e5_walla.js Show response
www.walla.co.il/public/ 12 KB
4 KB 131ms
128ms Script
application/javascript 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/3933_4af9f32aa5600d50a1e5_4af9f32aa5600d50a1e5_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 0cbdcc7e5bc4af4fa7963965c349288c941fddde011311ab6e16a70a98df7dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: gzip
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:05:08 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"307b-18902527e20"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: zc7sI4z5p196qqqaIkunXKfoHm8AzKDhSmq2LoQbCzT3dxJrDiASXg==
x-cached: MISS

GET
H2 200 2415_1964ea1482fc9bb00b2a_1964ea1482fc9bb00b2a_walla.js Show response
www.walla.co.il/public/ 310 KB
101 KB 53ms
51ms Script
application/javascript 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/2415_1964ea1482fc9bb00b2a_1964ea1482fc9bb00b2a_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: fba5c7d3750000b669c9c3bd2d7fa3bd1eb6a1dc564a9752c4116ad0f7562c1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 15:07:48 GMT
content-encoding: gzip
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:05:08 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
age: 317152
etag: W/"4d9e4-18902527e20"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: JOy84uKgdfo60yB_FTGFtAcEMhAvAXUZP7pifqccNobKcXPbEUhuGQ==
x-cached: HIT

GET
H2 200 main_8b04f34b5e12da7311dd_8b04f34b5e12da7311dd_walla.js Show response
www.walla.co.il/public/ 949 KB
211 KB 61ms
59ms Script
application/javascript 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/main_8b04f34b5e12da7311dd_8b04f34b5e12da7311dd_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 1fbbcc136f9bff9db87eff8e400601aa421e0bf3437b4fce577c1c1d1cbde0dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 15:07:48 GMT
content-encoding: gzip
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:05:08 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
age: 317152
etag: W/"ed48b-18902527e20"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: qL3RRuqImYG8FVyFFk9_p82aSKTNrcIbTRwrLGO1OIWZ8X4JzcS8RA==
x-cached: HIT

GET
H2 200 9561_a6cb45b79e6001ccc514_a6cb45b79e6001ccc514_walla.js Show response
www.walla.co.il/public/ 27 KB
7 KB 138ms
136ms Script
application/javascript 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/9561_a6cb45b79e6001ccc514_a6cb45b79e6001ccc514_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 801d6ff0dd3191cc7e44d8060ed2336706e8301bf4478df935f1ef87a82c11de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: gzip
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:05:08 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"6b6b-18902527e20"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: ila6s836OshT0yLNkDVuEgiUKHzvsl7V29gdxDUrG9rK7jJfH50spw==
x-cached: MISS

GET
H2 200 homepage_c6a03d208d6056eb64e0_c6a03d208d6056eb64e0_walla.js Show response
www.walla.co.il/public/ 216 KB
41 KB 58ms
56ms Script
application/javascript 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/homepage_c6a03d208d6056eb64e0_c6a03d208d6056eb64e0_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 318da02488ca24360b3d8e8bde784b123e8f092c484d1560c3440d1e91e61a36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 15:07:48 GMT
content-encoding: gzip
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:05:08 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
age: 317152
etag: W/"36124-18902527e20"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: 8v-AbsOT8EwoUCy5pcU-fiAhpBPbUEPTFgPyonRxpZbUrhB-wkZy3Q==
x-cached: HIT

GET
H2 200 wallacoil-prod.js Show response
cdn.valuad.cloud/hb/ 993 KB
269 KB 121ms
30ms Script
application/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

b6a3eb8f0998492ad41f9a0a52d216be0d77cf6bad21dfa593f001977d568615

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Tue, 27 Jun 2023 12:40:41 GMT
x-amz-request-id: tx00000000000000bfee5ce-0064a11f63-3ab62474-fra1a
etag: "b391c8bf8bde77dd1ec4a00463f1e280"
x-envoy-upstream-healthchecked-cluster
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1688282020.dop130.fr8.t,1688282020.cds098.fr8.hn,1688282020.cds261.fr8.c
content-type: application/javascript
x-rgw-object-type: Normal
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 275407

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/wallail-walla/ 632 KB
59 KB 86ms
24ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf1f2c61c6661bf8e73719a2df31faf069a90d0c28284b67058b60260a99ef6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: V.guGMe.Do0Y.0EtY31U.8YhlUhP5zPS
content-encoding: gzip
via: 1.1 varnish
date: Sun, 02 Jul 2023 07:13:40 GMT
x-amz-request-id: J86NRHQJN70YJ7X5
age: 95
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 60368
x-amz-id-2: 42p5gG3+cdjFyP/UkMz3NNj9aGVKWIIA3E5Dy0P7cxOY7+AcqP+h4uXdaAM7WvtOjzu0wGmgFks=
x-served-by: cache-fra-eddf8230098-FRA
last-modified: Thu, 29 Jun 2023 09:51:15 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1688282020.283204,VS0,VE0
etag: "d4881345d2b1cf8eb631b95fd93ab3a5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 97
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 2

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 113ms
22ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 07:13:40 GMT
Content-Encoding: gzip
Age: 543
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/67F3)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 465 KB
101 KB 67ms
66ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T728TH

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f21a54ac462feacf98f6480c05f5057c9dde4c1fcf2797800ca68790706497ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103343
x-xss-protection: 0
last-modified: Sun, 02 Jul 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 Jul 2023 07:13:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 437 KB
68 KB 53ms
52ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8658d850dab323ae252762266bdddcec0d782ba8fd44a196d6f0dea6b451d941

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69391
x-xss-protection: 0
last-modified: Sun, 02 Jul 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 Jul 2023 07:13:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 73ms
22ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 02 Jul 2023 07:04:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 539
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 02 Jul 2023 09:04:41 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 26ms
26ms Script
application/x-javascript 2600:9000:2057:cc00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:cc00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ca578004c17a038ab0b78306e6bf07a05fd2f4617cd4d2c9b774ef09b796a1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 06:37:53 GMT
content-encoding: gzip
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 00:35:23 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 2147
etag: W/"649b804b-9482"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: ILYL8xW4a-wjWy5MLu4JXzKm4CC7wcFWEL-7yL5zemF72XTbI1lY7Q==
expires: Sun, 02 Jul 2023 08:37:53 GMT

GET
H2 200 google.gif
www.walla.co.il/public/assets/icons/ 1 KB
2 KB 74ms
73ms Image
image/gif 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/google.gif
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a9556451882c7b86d689ee82a86c2b360cf0acea6d92a4165c80054371e52336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"5b6-189024e6f10"
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1462
x-cached: HIT
x-amz-cf-id: GQbE0nUd9xYx8qpq_ac7VmVUEekQh36IWBAfEU8lr1tdd6W7zI3uZw==

GET
H2 200 icon-serch.svg
www.walla.co.il/public/assets/homepage2/ 743 B
1 KB 83ms
83ms Image
image/svg+xml 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/icon-serch.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: b7ee2e2c1f36198a263d4d442d6752e78d61fecd54473cb5c1c3dbb8b6053817

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"2e7-189024e6f10"
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 743
x-cached: MISS
x-amz-cf-id: 4ZoAeHh0Pku1Z_-bzoln8GJOIWc-SYiF5VHPHRUpMcLkEwX1eoJmTQ==

GET
H2 200 icon-yummi.svg
www.walla.co.il/public/assets/icons/ 2 KB
1 KB 124ms
124ms Image
image/svg+xml 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/icon-yummi.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 51c5f4315ad081d300d4f13424766d79998d1d84cf7e6113b7d87d140a5048b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: gzip
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"661-189024e6f10"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: dxyyAA00PQ07IhlYgJgUXtiG2mscuXP3n4a3nRrQhkbS1M-HNvX75Q==
x-cached: HIT

GET
H2 200 icon-wather.svg
www.walla.co.il/public/assets/icons/ 2 KB
1 KB 123ms
122ms Image
image/svg+xml 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/icon-wather.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: c2095f6920579eb6938ef2ddecc5652d5a9557555a32b019969e329a93731897

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: gzip
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"85c-189024e6f10"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: hGSWtWR45ug6zLZ_t_ODWlK-zT-3kA1T2Tq03FmerDP8Mk2TcIQyoA==
x-cached: MISS

GET
H2 200 icon-mail-empty.svg
www.walla.co.il/public/assets/homepage2/ 1 KB
1 KB 66ms
66ms Image
image/svg+xml 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/homepage2/icon-mail-empty.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 56dc3f20e9bfd5faaa6cb74b9e2b1c4f6ef120732aa1f111b56e988123800fbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: gzip
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"5f6-189024e6f10"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-id: 0f8LDhPfGsmOLzqqFeTUkTtswGjTZ122wNjB4Ec8KyyBhy8ArC0m3Q==
x-cached: HIT

GET
H2 200 video@2x.webp
www.walla.co.il/public/assets/icons/homepage3/ 2 KB
2 KB 128ms
128ms Image
image/webp 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/homepage3/video@2x.webp
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 1c4dcf3b62662f4aa2a585956c0a77eb845c6bb99dbc5d71263f742286d79c18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"74c-189024e6f10"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1868
x-cached: MISS
x-amz-cf-id: NzZc1Glw94aQ4Z4JYZNIjlOqn3FAzGbTR-46fT1d8IIKov8AUjrocA==

GET
H2 200 almoni-neue-aaa-600.woff
www.walla.co.il/public/font/almoni/ 58 KB
59 KB 63ms
62ms Font
font/woff 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"e954-189024e6f10"
x-cache: Miss from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 59732
x-cached: HIT
x-amz-cf-id: rP4wXBWQEuA6tXnTs6Kp6W5PBZoJgojalAjNrf3bLP9nhwphN0kGdA==

GET
H2 200 almoni-neue-aaa-700.woff
www.walla.co.il/public/font/almoni/ 59 KB
59 KB 69ms
68ms Font
font/woff 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-700.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: bfde7d8c3faf39da42713b587dbed55d088a5afc1664a79565a8391735c63df1

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"ea00-189024e6f10"
x-cache: Miss from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 59904
x-cached: MISS
x-amz-cf-id: wagFu4BtjtPs-hsrBgNHLqv5O57AxjIiDcZV8qPkbzKwYSlcDdwpkQ==

GET
H2 200 almoni-neue-aaa-400.woff
www.walla.co.il/public/font/almoni/ 58 KB
58 KB 120ms
119ms Font
font/woff 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-400.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 5d571c24dd581cd84d7fb29cf1ca60872930eb09dec2678e282ddfd2b6091086

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"e770-189024e6f10"
x-cache: Miss from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 59248
x-cached: MISS
x-amz-cf-id: 8EALARkc4KnrkHH55AayiYTjavwlmosPJejVkG9CUNfxxmLLNSOKLg==

GET
H2 200 almoni-neue-aaa-500.woff
www.walla.co.il/public/font/almoni/ 58 KB
58 KB 105ms
105ms Font
font/woff 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/almoni/almoni-neue-aaa-500.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 3ce180dce4e114166047284e549a6dae0c28ec609c5539920da8fa3a0c6a9034

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"e7c0-189024e6f10"
x-cache: Miss from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 59328
x-cached: HIT
x-amz-cf-id: iiYY3k_qzhQNn7JDqDxvrMvb3mPE1g5IRHopkDzWONKNjHki4eNehA==

GET
H2 200 recorder.js Show response
web-sdk.smartlook.com/ 4 KB
2 KB 101ms
27ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://web-sdk.smartlook.com/recorder.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

11e53a8c33a6db55a610815cd86e8bbe37e94d478011ded87f474a2e75a2bf83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 02 Jul 2023 07:13:40 GMT
strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
cross-origin-resource-policy: cross-origin
x-age: 206
x-accel-date: 1688281814
x-77-nzt: AZySIYvt2Kv/zgAAAA
x-accel-expires: @1688282414
last-modified: Thu, 29 Jun 2023 12:40:12 GMT
server: CDN77-Turbo
etag: W/"649d7bac-10f6"
x-77-nzt-ray: cf878727eeeb6264a423a164d2d30812
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600

GET
H2 200 wallaicons.woff
www.walla.co.il/public/font/fonticon/ 15 KB
15 KB 126ms
125ms Font
font/woff 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"3bdc-189024e6f10"
x-cache: Miss from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 15324
x-cached: MISS
x-amz-cf-id: AbdU5h8YLVRhB7FqXuxPUB1vhMxuQj50LMWma_thdv99oBNO0Qii3Q==

OPTIONS
H2 200 PRE
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ Frame 0
0 68ms
23ms Preflight 18.66.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/PRE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-109.fra56.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.walla.co.il
access-control-max-age: 1800
age: 66325
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Sat, 01 Jul 2023 12:48:15 GMT
server: nginx/1.20.0
vary: Origin
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-id: LIIgNHcmJUMfpBanLnGnlNRxYBmJSPLuAG_uF2YxjSc-UaQgfOlM6A==
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront

OPTIONS
H2 200 POST
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ Frame 0
0 68ms
23ms Preflight 18.66.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/POST
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-109.fra56.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.walla.co.il
access-control-max-age: 1800
age: 66325
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Sat, 01 Jul 2023 12:48:15 GMT
server: nginx/1.20.0
vary: Origin
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
x-amz-cf-id: rFx3LtGABaoRM1y90Th60Eic3tmlGTBQvsoWYsKmV-ZD7JTLgF6TPw==
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront

GET
H2 403 bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js
cdn.permutive.com/ 0
0 93ms
30ms Script
text/html 104.19.149.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2023-07-02
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 kahoona-idx-live.js Show response
d2r08ja41ypc0t.cloudfront.net/WALLA/ 52 B
463 B 82ms
20ms Script
application/javascript 2600:9000:2057:b400:4:1c73:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:b400:4:1c73:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9dc28caa0fca7a160f2f4c9907725629603a32a137934e5cdcc2652323f637

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: ij0H4Ovav57a0UP4tyuRnZhuK0a2LmIu
date: Sat, 01 Jul 2023 16:38:43 GMT
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
last-modified: Mon, 23 Jan 2023 15:24:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 52510
x-amz-server-side-encryption: AES256
etag: "ac76f968cf4a4fbbb4cd41cc0f5c401c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 52
x-amz-cf-id: 5RaboZKaPb5KEVl0AFSY885-OyVHw2oZZSCFLmCZUHSbuNlFBIFlMg==

GET
H2 200 PRE Show response
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ 0
320 B 22ms
21ms Fetch
text/javascript 18.66.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/PRE
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-109.fra56.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/javascript

Response headers

date: Sat, 01 Jul 2023 12:47:16 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server: nginx/1.20.0
x-amz-cf-pop: FRA56-P5
age: 66384
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
access-control-allow-credentials: true
content-length: 0
x-amz-cf-id: 1KexyjkEcmPe6em91zvWVpDuxpIUqIv-hGlG869sM7_e1Fxh6Jqdvw==

GET
H2 200 POST Show response
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/ 0
321 B 22ms
20ms Fetch
text/javascript 18.66.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/snippets/POST
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-109.fra56.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/javascript

Response headers

date: Sat, 01 Jul 2023 12:47:16 GMT
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server: nginx/1.20.0
x-amz-cf-pop: FRA56-P5
age: 66384
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
access-control-allow-credentials: true
content-length: 0
x-amz-cf-id: 742ocPGrx8FbMcIwFHNC9SkpqUUZGhNu1eJpL1kfp9bDFZNOSzJDQQ==

GET
H2 200 mi-1.17.0.38.js Show response
snippet.minute.ly/publishers/20300/ 174 KB
49 KB 111ms
43ms Script
application/javascript 2606:4700:20::681a:bda
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://snippet.minute.ly/publishers/20300/mi-1.17.0.38.js
Requested by: Host: apv-launcher.minute.ly
URL: https://apv-launcher.minute.ly/api/launcher/MIN-20300.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd8b062bf3ca94cfd10e12816dfd38052679dafb79563d19919d7c6c7a117476

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 30 May 2023 15:08:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1685459326"
x-hw: 1688282020.dop225.am5.t,1688282020.cds253.am5.c
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6zuIFIOyDsWX8AnrG%2FWCO4q8Zg3ZkxmWKC%2FMkuGcZgPjJNP5uCCV4r36A7h00zvvMSvGCYtTx8LoKNU2grfBV7XT%2F5Z8rquiJ1AdjCI5HAyjTCvwwb%2F%2BAGhWxG8EPlmO9ouPR2nb2QzQXboXFNy"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=28713406
access-control-allow-credentials: true
cf-ray: 7e0516638b021e53-FRA
access-control-allow-headers: Content-Type

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 16 KB
3 KB 89ms
23ms XHR
application/json 2a04:4e42:400::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=walla.co.il&domain=walla.co.il&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b06349583cd9c9a242b055aefe037a697e7106d754af369bf34047a9ef5f049d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 1
date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 4
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2991
x-served-by: cache-fra-eddf8230104-FRA
x-timer: S1688282020.472184,VS0,VE1
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Fri, 30 Jun 2023 07:13:36 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11170679829/ 3 KB
2 KB 87ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11170679829/?random=1688282020609&cv=11&fst=1688282020609&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&auid=720157231.1688282021&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11170679829

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b6b66aba7e9f7e1640533944cd239a97e3e583f8c321ea6b0f1ee238fcbd6bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1382
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 359ms
116ms Image
image/gif 52.20.228.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=walla.co.il&p=%2F&u=De4CmoBMBQtqD3qnz_&d=walla.co.il&g=20047&g0=%D7%95%D7%95%D7%90%D7%9C%D7%94&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11003&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.walla.co.il%2F&b=2965&t=BvGhnSCblEYWB-nZNEPFt7yBMSlHM&V=140&i=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&tz=0&sn=1&sv=BqNhxeCzwwSxCuQnqEBMSlOVD0xtzt&sd=1&im=067b2fff&_
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.228.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-228-112.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:40 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ 20 B
175 B 87ms
25ms XHR
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=ay3FPSS6OcBXPHg&fields=countryCode
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/2415_1964ea1482fc9bb00b2a_1964ea1482fc9bb00b2a_walla.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 02 Jul 2023 07:13:40 GMT
Content-Length: 20
Content-Type: application/json; charset=utf-8

GET
H2 200 3452_28c1808d0814a46feaca_28c1808d0814a46feaca_walla.js Show response
www.walla.co.il/public/ 123 KB
36 KB 69ms
69ms Script
application/javascript 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/3452_28c1808d0814a46feaca_28c1808d0814a46feaca_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_8b04f34b5e12da7311dd_8b04f34b5e12da7311dd_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 6dba6e329dfb9cefab40d65bd87209b0f98f585e82f455bff4ffb75e99573a23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: gzip
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:05:08 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"1eb65-18902527e20"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: zIgvfl7SWQGcoKM2yqyoR3OMw_S0m8IR-X60ei58XtU3596V1cqZIA==
x-cached: MISS

GET
H2 200 PikudInner_2e1eca4b5cb115902ee9_2e1eca4b5cb115902ee9_walla.js Show response
www.walla.co.il/public/ 3 KB
2 KB 59ms
59ms Script
application/javascript 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/PikudInner_2e1eca4b5cb115902ee9_2e1eca4b5cb115902ee9_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_8b04f34b5e12da7311dd_8b04f34b5e12da7311dd_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 55e1bb5ac96493124163d21acdc1a9e620d826d6654f94a9fab30cd8a648c0b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: gzip
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:05:08 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"cfe-18902527e20"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: sC8P8mr4GXGA0SIxSUFOibxQDV301rOr0KxkRG9YC1z1gOwlblSfuA==
x-cached: HIT

GET
H2 200 2323 Show response
dal.walla.co.il/editor/ 7 KB
3 KB 92ms
22ms XHR
application/json 18.66.122.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dal.walla.co.il/editor/2323?from=www.walla.co.il
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/2415_1964ea1482fc9bb00b2a_1964ea1482fc9bb00b2a_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-88.fra60.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 79a0bcede21b6de3c2042572eb262016331d9d5c95c11262f124437578616719

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:24 GMT
content-encoding: gzip
via: 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 16
x-srkey: 9ca383bf7f5c06689b373a08cfd03266
x-cache: Hit from cloudfront
x-cached: HIT
pragma: cache
server: openresty/1.15.8.1
x-speed: 0.0469849110
vary: Accept-Encoding
x-hostname: 0dd8a0af763e
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
x-ip-x: 74.102.219.232, 64.252.66.133
x-ip-r: 10.30.21.69
cache-control: max-age=60
x-amz-cf-id: 5-wzss3X56HDfHm73UwiTXN-PxymZpBnLVT2tH6p_WjrqVbdLeuwJg==
expires: Sun, 02 Jul 2023 07:13:59 GMT

GET
H2 200 7309_9e237d99c75cf4f9de9e_9e237d99c75cf4f9de9e_walla.js Show response
www.walla.co.il/public/ 44 KB
12 KB 53ms
53ms Script
application/javascript 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/7309_9e237d99c75cf4f9de9e_9e237d99c75cf4f9de9e_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_8b04f34b5e12da7311dd_8b04f34b5e12da7311dd_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 02b9a34773ec700d23a92657536ca41b37bdd6012f2604ed935ebc25b5cbccd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: gzip
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:05:08 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"ae04-18902527e20"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: 7hHJpHmv2XkhjmbqH8IfONfQseB7yeBKqhh17NEA9vj6BCJAc_uFAw==
x-cached: HIT

GET
H2 200 player.html Show response
www.walla.co.il/public/ Frame C0EC 3 KB
1 KB 55ms
55ms Document
text/html 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/2415_1964ea1482fc9bb00b2a_1964ea1482fc9bb00b2a_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 2032901260636a93d4b00ff76c650de1150da5893234963460b2968939d38dcf

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Jul 2023 07:13:40 GMT
etag: W/"b90-18902527e20"
last-modified: Wed, 28 Jun 2023 14:05:08 GMT
server: openresty/1.15.8.1
vary: Accept-Encoding
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
x-amz-cf-id: Gevkpat95chhCnIVwQWt19dTDEAvmCclHZvcNVe1CFAoSVd9TbQ00g==
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
x-cached: HIT

GET
H2 200 video.webp
www.walla.co.il/public/assets/icons/homepage3/ 930 B
1 KB 120ms
120ms Image
image/webp 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/icons/homepage3/video.webp
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 8cce178d2af1945d796fb0f59a956e2d51086ed8d5dd8152efc951c05ecf1f6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"3a2-189024e6f10"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 930
x-cached: MISS
x-amz-cf-id: 2zGWzUTYDOq7DtgaOvGpCUrTeeHdf6YxgB65em8M9SvZ0nU5iGY3FA==

GET
H2 200 1626_1cf2f92cf9cb7c0c9f53_1cf2f92cf9cb7c0c9f53_walla.js Show response
www.walla.co.il/public/ 3 KB
2 KB 108ms
108ms Script
application/javascript 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/1626_1cf2f92cf9cb7c0c9f53_1cf2f92cf9cb7c0c9f53_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/main_8b04f34b5e12da7311dd_8b04f34b5e12da7311dd_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: c74b2f070e1bc57215f1da639699f41c0c05df1e7954c63fc8896f7f5d7ba3d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: gzip
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:05:08 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"c3b-18902527e20"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: rv95V5bfsiTLmcSejfh6wTyFwnUaRnhunTaYBz-tG2D33DgYrLC9iA==
x-cached: HIT

GET
H2 200 close.png
www.walla.co.il/public/assets/ads/ 1 KB
1 KB 57ms
55ms Image
image/png 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/ads/close.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"46c-189024e6f10"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1132
x-cached: MISS
x-amz-cf-id: GKgVJX32Cd8pfV5-DixXqKFtOAC0xfEWSv3ovplIc14Z-YJONqvMwg==

GET
H2 200 3565220-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/6/5/ 11 KB
11 KB 23ms
22ms Image
image/jpeg 34.160.198.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/6/5/3565220-46.jpeg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 118.198.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 510614634f2c73a0321f8d7ce09de0cbcc4ce593f85b9f20ab74822fc5e47626

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:02:32 GMT
via: 1.1 google
age: 668
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11315

GET
H2 200 3112904-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/1/1/2/ 8 KB
8 KB 25ms
24ms Image
image/jpeg 34.160.198.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/1/1/2/3112904-46.jpeg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 118.198.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 902191d384d1074d719958f70bb027e8c6ef85ea105c22a4792e874a6ea86578

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 06:24:54 GMT
via: 1.1 google
age: 2926
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8467

GET
H2 200 3565262-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/6/5/ 7 KB
7 KB 24ms
23ms Image
image/jpeg 34.160.198.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/6/5/3565262-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 118.198.160.34.bc.googleusercontent.com
Software: /
Resource Hash: f1b7fdd319877672ea963b9e627b445d1b8ea5beefcf9d8affbfde16c31b280a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:03:05 GMT
via: 1.1 google
age: 635
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7412

GET
H2 200 3564155-46.png
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/6/4/ 101 KB
101 KB 23ms
22ms Image
image/png 34.160.198.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/6/4/3564155-46.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 118.198.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 510b352ec634523bac0f73e086575acfe5f198f386c360743d0a6c9a413179e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 06:39:23 GMT
via: 1.1 google
age: 2057
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103027

GET
H2 200 3565087-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/6/5/ 14 KB
14 KB 24ms
23ms Image
image/jpeg 34.160.198.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/5/6/5/3565087-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 118.198.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 43219adf09f0c5fe37345b6a436fae8dd5f878e405945c24b0f6f8d9e2228017

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 06:45:15 GMT
via: 1.1 google
age: 1705
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13958

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/ 392 KB
125 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49738
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127740
x-xss-protection: 0
server: cafe
etag: 1744020965594933375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 30 Jun 2024 17:24:42 GMT

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 361ms
113ms Image
image/gif 44.205.104.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=De4CmoBMBQtqD3qnz_&c=0&V=140&x=jAOUvMLCyygP8&v=B&ml=m&sl=gDl5E&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.104.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-104-77.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
201 B 361ms
113ms Image
image/gif 44.205.104.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=De4CmoBMBQtqD3qnz_&c=0&V=140&x=OBpwTh8fwh2bW&v=A&ml=m&sl=of6lZ&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.104.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-104-77.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 362ms
114ms Image
image/gif 44.205.104.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=De4CmoBMBQtqD3qnz_&c=0&V=140&x=hMhHzyIMcGWUk&v=B&ml=m&sl=C1R50k,B8FPFj&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.104.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-104-77.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 362ms
115ms Image
image/gif 44.205.104.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=De4CmoBMBQtqD3qnz_&c=0&V=140&x=MDgue6HmvxWok&v=A&ml=m&sl=DMYp_&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.104.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-104-77.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 362ms
114ms Image
image/gif 44.205.104.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=De4CmoBMBQtqD3qnz_&c=0&V=140&x=AsmK1GaXs7JX5&v=A&ml=m&sl=BoN5hK&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.104.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-104-77.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 362ms
115ms Image
image/gif 44.205.104.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=De4CmoBMBQtqD3qnz_&c=0&V=140&x=qyypr594XzuXG&v=A&ml=m&sl=BvV6ub&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.104.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-104-77.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 193ms
188ms Image
image/gif 44.205.104.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=De4CmoBMBQtqD3qnz_&c=0&V=140&x=RmxEicXNYwKhH&v=B&ml=m&sl=CQuc2R&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.104.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-104-77.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 193ms
188ms Image
image/gif 44.205.104.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=De4CmoBMBQtqD3qnz_&c=0&V=140&x=aQabx7GThF1eE&v=B&ml=m&sl=DGzWBd,DhCzfg&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.104.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-104-77.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 193ms
189ms Image
image/gif 44.205.104.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=De4CmoBMBQtqD3qnz_&c=0&V=140&x=03J9MKTsb5WGf&v=B&ml=m&sl=Ci07Nq&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.104.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-104-77.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 194ms
189ms Image
image/gif 44.205.104.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=De4CmoBMBQtqD3qnz_&c=0&V=140&x=6XVnsmGeiq0Ai&v=B&ml=m&sl=gkC9s&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.104.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-104-77.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 197ms
193ms Image
image/gif 44.205.104.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=De4CmoBMBQtqD3qnz_&c=0&V=140&x=LQnO90swQVTQm&v=B&ml=m&sl=ClmBav&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.104.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-104-77.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 198ms
193ms Image
image/gif 44.205.104.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=De4CmoBMBQtqD3qnz_&c=0&V=140&x=06nTc7E0dcZc5&v=B&ml=m&sl=Ch0N-R&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.104.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-104-77.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 197ms
192ms Image
image/gif 44.205.104.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=De4CmoBMBQtqD3qnz_&c=0&V=140&x=9b4v4dziQFs6n&v=C&ml=m&sl=BqEQhV&e=-1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.104.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-104-77.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 mab
mabping.chartbeat.net/ping/ 43 B
200 B 198ms
193ms Image
image/gif 44.205.104.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mabping.chartbeat.net/ping/mab?h=walla.co.il&p=%2F&d=walla.co.il&u=De4CmoBMBQtqD3qnz_&c=0&V=140&me=3&ml=m&x=LXjvOTteAPQq0
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.104.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-104-77.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

OPTIONS
H2 200 init
hb-dot-valuad.appspot.com/ Frame 0
0 195ms
113ms Preflight
text/html 2a00:1450:4001:813::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/init
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-request-id,x-vad-version
Access-Control-Request-Method: POST
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-request-id,x-vad-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://www.walla.co.il
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 02 Jul 2023 07:13:41 GMT
server: Google Frontend
x-cloud-trace-context: ac7fd140f417d8448406fbb461cd119b
x-request-id: undefined

POST
H3 200 init Show response
hb-dot-valuad.appspot.com/ 38 B
87 B 164ms
117ms Fetch
application/json 2a00:1450:4001:813::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/init
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Content-Type: application/json
Accept: application/json
Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
x-request-id: f35bbe8e-b954-4668-9f8e-bc1c20389050
x-vad-version: 0.11.3

Response headers

date: Sun, 02 Jul 2023 07:13:41 GMT
content-encoding: gzip
server: Google Frontend
etag: W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
x-cloud-trace-context: 841e01f01a68e59d60ea18746415575c
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64
x-request-id: undefined

GET
H2 200 dmp-main.js Show response
tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/ 220 KB
65 KB 22ms
22ms Script
text/javascript 18.66.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-provider.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-109.fra56.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 926454d7d0abc825778dd8255efcd12e3a3e7023dc9e351e2e022b5dc084ca41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 12:46:44 GMT
content-encoding: br
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server: nginx/1.20.0
x-amz-cf-pop: FRA56-P5
age: 66417
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
x-amz-cf-id: Vl54d2hYPCuBku2IZTQTALas85QjzqjRM2LW2tqNWW_atgI-BPmBwA==

GET
H2 200 load.js Show response
pm-widget.taboola.com/wallail-walla/ 3 KB
1 KB 183ms
182ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/wallail-walla/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef9f4e5595c87f7bab17859c9e649bc27a66aae8e407d0c72b179a336f6be282

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: Nc3GQX_FPWE4JJa4d6ElLMboprgduwrj
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Sun, 02 Jul 2023 07:13:41 GMT
x-amz-request-id: WJCB0VAK6N27CAE3
age: 49304
x-cache: HIT, HIT
content-length: 1107
x-amz-id-2: a5eUPl2yrpBY76JQo0VPuojcIjnzVUkpPysQQhmZvfYaLhE30mDMCl/jCa49Cn+zg0+jnl9xmLo=
x-served-by: cache-bur-kbur8200068-BUR, cache-fra-eddf8230098-FRA
last-modified: Tue, 18 Apr 2023 12:24:46 GMT
server: AmazonS3
x-timer: S1688282021.073983,VS0,VE158
etag: "ba233cf579e81e13395451d440481864"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
x-cache-hits: 665, 1

GET
H2 200 impl.20230629-3-RELEASE.js Show response
cdn.taboola.com/libtrc/ 784 KB
162 KB 24ms
24ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230629-3-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: befac6a76bc0d72d1732ef8e7162ec6dfeb907acd2ecc773d5a018b3a32b941a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: pgoCG7u3RKWXGAw2Nj2R0ISG2W1YrpUl
content-encoding: br
via: 1.1 varnish
date: Sun, 02 Jul 2023 07:13:41 GMT
x-amz-request-id: 63VPWX6Q6ZQDWZW9
age: 21871
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 165932
x-amz-id-2: 622fqJZoH1ehbfybGHq2G1hCuHFd/I5veEYhbV4rDlQSQ/RQxITGxz2U8eKUTbPMbxTQIgp+Siw=
x-served-by: cache-fra-eddf8230098-FRA
last-modified: Thu, 29 Jun 2023 09:09:07 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1688282021.074005,VS0,VE0
etag: "f4ecbc5dc84deab2e855c4983d93e467"
vary: Accept-Encoding
content-type: application/javascript
abp: 10
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 32448

GET
H2 200 init.64fcdff3ea6baf288c05.js Show response
web-sdk.smartlook.com/es6/ 60 KB
17 KB 98ms
36ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://web-sdk.smartlook.com/es6/init.64fcdff3ea6baf288c05.js

Requested by

Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

78f800d7976b969f3e979bc442844ff700eabd04d01f5d210abff239592257bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

Referer: https://www.walla.co.il/
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 02 Jul 2023 07:13:41 GMT
strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
cross-origin-resource-policy: cross-origin
x-age: 235881
x-accel-date: 1688046140
x-77-nzt: AZySIYv4MH3/aZkDAA
x-accel-expires: @1719582140
last-modified: Thu, 29 Jun 2023 12:40:12 GMT
server: CDN77-Turbo
etag: W/"649d7bac-ee83"
x-77-nzt-ray: cf8787270aec6d76a523a1642d385608
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame E6A6 320 KB
104 KB 22ms
22ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.walla.co.il
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5564480
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Sun, 02 Jul 2023 07:13:41 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/669E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 3933_4af9f32aa5600d50a1e5_4af9f32aa5600d50a1e5_walla.js Show response
www.walla.co.il/public/ Frame C0EC 12 KB
4 KB 27ms
27ms Script
application/javascript 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/3933_4af9f32aa5600d50a1e5_4af9f32aa5600d50a1e5_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 0cbdcc7e5bc4af4fa7963965c349288c941fddde011311ab6e16a70a98df7dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
content-encoding: gzip
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:05:08 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
age: 1
etag: W/"307b-18902527e20"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: 0Jh3ez7Rf0JCR_lu1hffP-ps02GDIOfur0lb8mR-b8T1I9eKPrGp5A==
x-cached: MISS

GET
H2 200 9330_0e7a460c49891bee9871_0e7a460c49891bee9871_walla.js Show response
www.walla.co.il/public/ Frame C0EC 725 KB
198 KB 89ms
89ms Script
application/javascript 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/9330_0e7a460c49891bee9871_0e7a460c49891bee9871_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 4267d5fba12c67ee991d1608912d64595a206c6c5fd492c5ab5c0aea993dd0f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:41 GMT
content-encoding: gzip
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:05:08 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"b54cb-18902527e20"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: vuckWluBKIUczf20afofIreCPhdHju1Xu5gH7kPI6IcG_jEwnqFpow==
x-cached: HIT

GET
H2 200 player_139c5045859344d8ca2a_139c5045859344d8ca2a_walla.js Show response
www.walla.co.il/public/ Frame C0EC 30 KB
10 KB 53ms
52ms Script
application/javascript 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/player_139c5045859344d8ca2a_139c5045859344d8ca2a_walla.js
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: d022bb881fc63f8c07690b96bd2a77af9474cfe938adfe43dd599b4e0bf319b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:41 GMT
content-encoding: gzip
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:05:08 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"7748-18902527e20"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
x-amz-cf-id: dcQZDPBzWlE_tbOzg3pRfICvfVmSRWBtt2sglVpVI6X67U3sIbEMlA==
x-cached: HIT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 70ms
24ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e33937c8718b4891cefe03686c4bac285d9265052427e705bce7e677659ed765

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 02 Jul 2023 07:13:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: yDygqzd31W45I241fStudhbKpwMrpmAcHJukzUv9eyc4SkUQ66pqoVvv13OV4NFXPjjoIB8Dq8tiU6GUVvcBng==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
209 B 30ms
28ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1455705248&t=pageview&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAACAAI~&jid=1323472454&gjid=1142851768&cid=1031612647.1688282021&tid=UA-4780630-1&_gid=1000806957.1688282021&_r=1&_slc=1&gtm=45He36s0n71T728TH&cd1=&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd10=0&cd20=no&cd22=0&cd23=0&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=0&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=&cd116=0&cd117=&cd118=&cd119=&cd120=&cd121=&cd122=gtm.js&cd123=https%3A%2F%2Fwww.walla.co.il%2F&cd124=&z=1062113218

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/777956447/ 3 KB
2 KB 96ms
34ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/777956447/?random=1688282021121&cv=11&fst=1688282021121&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&bttype=purchase&auid=720157231.1688282021&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

086c9d9adb1e4d737828f1e0a60050df23265c6ab76f86b1d30264805a56db06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1676
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 49 KB
18 KB 175ms
119ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

1b170673eeef31a7e9881e2a93c4ab24c535fe0321feca405d22739de295f92a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18399
x-xss-protection: 0
server: cafe
etag: 5565525223662320794
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 02 Jul 2023 07:13:41 GMT

GET
H2 200 adoric.js Show response
12890047.adoric-om.com/ 169 KB
47 KB 532ms
35ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://12890047.adoric-om.com/adoric.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b1d05cb18e6f619383ba346aa7faa879e5b74a1d67c64c70f5d9448b7e988e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 google
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102
x-dns-prefetch-control: off
content-range: bytes 50-10000/*
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"2a460-mUbibpu9NN1WmELnl2UyYExYFMM"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: movetogcp2020.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRmhsqu2Z835Deu1kdC5AJCK8eQ42yqumgT5kV4IuUFhDwZTjnINkK4YRxNUZMy3pQ72eL%2BBgytIS00LmZyLuTY5Zg3IH9HskbKUWggH9tiWwNOELyV%2BQGvtgJ7vsS6dU6SRyhM7%2Bq3PeNGi%2BHMbZUVnc9nl"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
access-control-allow-credentials: *
vary: Accept-Encoding
cf-ray: 7e05166bada12c23-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
79 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

86a0d17535a01addd74b66e6cffff0da34cd186043c207450d17a52d4a90b6d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80772
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 02 Jul 2023 07:13:41 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 196 KB
72 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TSQY5YTYZ0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

798a3b1ebb80b75b46647d974c5aaf221aeaa93cb6c71c7b2ce41d134462696d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73658
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 02 Jul 2023 07:13:41 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 550ms
28ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-4780630-1&cid=1031612647.1688282021&jid=1323472454&gjid=1142851768&_gid=1000806957.1688282021&_u=aEBAAEAAEAAAACAAI~&z=1539405986

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 02 Jul 2023 07:13:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo.png
www.walla.co.il/public/assets/pikud/ 21 KB
22 KB 60ms
59ms Image
image/png 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.walla.co.il/public/assets/pikud/logo.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:41 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"558e-189024e6f10"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 21902
x-cached: HIT
x-amz-cf-id: i-Y0ub_-dzAK3kYfM4o9DoJvfeocIIZwrVzunZ6fQ45dR1OS8vZ-sg==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 438ms
22ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 06:42:24 GMT
via: 1.1 google
age: 1877
x-guploader-uploadid: ADPycdvMcnBPBHvwZTjrQPCfPpchGlQ0JkIgE3dicKfvqgA5SuMF7bKj8CDoCwxJhr3iNlfvgvNaoMIsSQIX1xD62axVkhMJtoWh
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Sun, 02 Jul 2023 07:42:24 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 439ms
23ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 03:04:08 GMT
content-encoding: gzip
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 14974
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: vUq-JyCiZv_bYg2eRsRX8CGfzBatdW-YbUyGJFTOQ3_RM5gOSGZjpA==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 433ms
22ms Script
text/javascript 2600:9000:2250:d400:a:e047:753:be1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d400:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
Date: Sun, 02 Jul 2023 05:58:56 GMT
Via: 1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 4486
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: V2dYyVveyK90Pda9C4MNdHAdjE7xFZkLU_Jn6voJGftxepk4EUruIg==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 450ms
35ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: KQFF0FWPP4C17CP6
age: 355
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7e05166bbbf43aa2-FRA
x-amz-id-2: 8HczqSS59NC5+bMgvklOJToJ5CbRskupftalLHCw5wQPI4bAuQkMqhcD6kfepdHSTAjOpZlv/QM=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
878 B 432ms
21ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 02 Jul 2023 07:13:41 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28434
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230080-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 487ms
63ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 03 Jul 2023 07:13:41 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 439ms
24ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 04:47:06 GMT
content-encoding: gzip
age: 1218395
x-guploader-uploadid: ADPycdvJ9f2JAcW_u33Wuncj8S73-G6Q6wRUusXGmU1oTYHkwdtBIiLp1LRa7LAdcbtsWxYQGd2x5956XBCXTVQq42M4_Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Mon, 17 Jun 2024 04:47:06 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 12 KB
4 KB 422ms
27ms Script
application/javascript 104.18.35.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d285ae6755d52c452904f5bdfa4a6c2082186d695304b242e9db2f12461f02e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Jun 2023 16:15:13 GMT
server: cloudflare
age: 40599
etag: W/"648b3911-2e4b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7e05166bbb698fe9-FRA
expires: Mon, 03 Jul 2023 07:13:41 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame E6A6 869 B
658 B 509ms
133ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=2db68ed578dcfa1b46fd3b2ceabd9e42c621b6cc

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.walla.co.il

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time: 110
date: Sun, 02 Jul 2023 07:13:41 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Sun, 02 Jul 2023 07:13:41 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 953ce64f5e90c33f
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 487abfe849839f42f007068f60ca0b0e4317a2c45ef684b6132d6ce01150491b
content-length: 337

GET
H2 200 /
www.google.com/pagead/1p-user-list/11170679829/ 42 B
455 B 366ms
34ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11170679829/?random=1688282020609&cv=11&fst=1688281200000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4068221652&rmt_tld=0&ipr=y

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11170679829/ 42 B
154 B 90ms
37ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11170679829/?random=1688282020609&cv=11&fst=1688281200000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4068221652&rmt_tld=1&ipr=y

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 _.gif
counter.snackly.co/ 0
246 B 187ms
127ms Ping
image/gif 2606:4700:10::6816:48ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.snackly.co/_.gif
Requested by: Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/20300/mi-1.17.0.38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 02 Jul 2023 07:13:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
access-control-allow-origin: https://www.walla.co.il
cache-control: max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7e05166c48192be5-FRA
access-control-allow-headers: Content-Type
content-length: 0
expires: Sun, 02 Jul 2023 07:13:41 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 359ms
22ms XHR
application/json 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230702

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d02c6ff405ce784605160f8c6063dac27561649a5a81b34acd03a356017482a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 02 Jul 2023 07:13:41 GMT
x-content-type-options: nosniff
content-encoding: br
age: 11570
x-jsd-version: 1.0.1738
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 859
x-served-by: cache-fra-eddf8230088-FRA
x-jsd-version-type: version
etag: W/"63f-+qhvTgS6pgi6MHNNkXu8pfXB1cc"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1023 B 78ms
30ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 07:13:41 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Tue, 06 Jun 2023 12:52:55 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 2224163
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0B57QMtI1dPjCVCSu4Yxmc5RX8DwYGuuMvzIcblvHglPxLPjw6oUnk0vJfuGvtGMQj0ZCj5sMEgKLZdYluvI%2BUobOOSvHVBNRrx6xtrdEgpUNUQn%2Fuo5vcgIhLaui%2FkCWDZNHpwo0D%2F%2BWuye"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7e05166c2f4a35fe-FRA

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 369ms
29ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
11 KB 510ms
510ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1456132369863478&correlator=4050585049087202&eid=31075743%2C31075760&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Crm1_desktop%2Crm2_desktop%2Crm3_desktop%2Crm4_desktop%2Crm5_desktop%2Crm6_desktop%2Crm7_desktop%2Crm8_desktop%2Crm9_desktop%2Crm10_desktop%2Crm11_desktop%2Crm12_desktop%2Crm13_desktop%2Crm14_desktop%2Crm15_desktop%2Cnickbar_desktop%2Ctop_desktop%2Cdontmiss_strip_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17%2C0%2F1%2F2%2F18%2C0%2F1%2F2%2F19%2C0%2F1%2F2%2F20&prev_iu_szs=1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1200x40%2C1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%7C1200x1%7C1200x90%7C1200x250%7C1200x330%7C1200x350%7C1200x550%2C320x50%7C865x190&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight&ifi=1&adks=3574292238%2C3281790396%2C98111979%2C284161084%2C2694544435%2C99995744%2C2663655591%2C1832766528%2C3711358991%2C3169800366%2C3148243285%2C211575734%2C3583292036%2C2042096236%2C3658430203%2C1750305995%2C885339186%2C3185403617&didk=1909289936~4078182110~845420629~2737176580~3757563159~2051796368~2459729993~3096182529~3770086168~3931141563~3707026742~2555613071~45217321~479599996~2547616871~1193244743~1193245113~1193245117&sfv=1-0-40&ists=262136&prev_scp=slot_name%3Drm1_desktop%7Cslot_name%3Drm2_desktop%7Cslot_name%3Drm3_desktop%7Cslot_name%3Drm4_desktop%7Cslot_name%3Drm5_desktop%7Cslot_name%3Drm6_desktop%7Cslot_name%3Drm7_desktop%7Cslot_name%3Drm8_desktop%7Cslot_name%3Drm9_desktop%7Cslot_name%3Drm10_desktop%7Cslot_name%3Drm11_desktop%7Cslot_name%3Drm12_desktop%7Cslot_name%3Drm13_desktop%7Cslot_name%3Drm14_desktop%7Cslot_name%3Drm15_desktop%7Cslot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Ddontmiss_strip_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1688282021391&lmt=1688282021&dlt=1688282020084&idt=1182&adxs=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C200%2C920%2C535&adys=11107%2C11107%2C11107%2C11107%2C11107%2C11107%2C11107%2C11107%2C11107%2C11107%2C11107%2C11107%2C11107%2C11107%2C11107%2C1200%2C173%2C2723&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13%7C14%7C15%7C16%7C0%7C17&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=1600x11107%7C1600x11107%7C1600x11107%7C1600x11107%7C1600x11107%7C1600x11107%7C1600x11107%7C1600x11107%7C1600x11107%7C1600x11107%7C1600x11107%7C1600x11107%7C1600x11107%7C1600x11107%7C1600x11107%7C0x-1%7C1200x0%7C864x0&msz=1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1200x-1%7C480x0%7C865x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C644%2C132%2C132&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1200%2C864&ga_vid=1031612647.1688282021&ga_sid=1688282021&ga_hid=1455705248&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYsfvMq5ExSABSAghkEhsKDDMzYWNyb3NzLmNvbRix-8yrkTFIAFICCGQSGQoKcHViY2lkLm9yZxix-8yrkTFIAFICCGQSFwoIcnRiaG91c2UYsPvMq5ExSABSAghkEhkKCnVpZGFwaS5jb20YsfvMq5ExSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLH7zKuRMUgAUgIIZBIUCgVvcGVueBix-8yrkTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGLH7zKuRMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8de40d59047a29439f84fd49c5474329e81fb54a2ca87e57faa0967fdf0aed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:41 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11430
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A023 6 KB
3 KB 139ms
30ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 07:13:41 GMT
expires: Mon, 01 Jul 2024 07:13:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 112ms
36ms Script
text/javascript 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230629-3-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:40 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 254587
expires: 60

GET
H2 200 state Show response
event.dxmdp.com/rest/api/v1/ 0
0 158ms
56ms Script
application/json 52.212.193.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.dxmdp.com/rest/api/v1/state
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.193.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-193-79.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 170717926997655 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 23ms
23ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/170717926997655?v=2.9.110&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

67f526e486a94dd1cffe48316a0bc8eea43e2cda1e07db88cc8691d7d8c2121d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 02 Jul 2023 07:13:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110013
x-xss-protection: 0
pragma: public
x-fb-debug: owNDnZY3HXq+Drt3ieP4DX0XfSNJ4YAyX5K9seM8JFs82NxHPiglhqz2qmWsY/FHduIQk2L1loR1Oe0uRdkN2Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 85ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RYD7X7E8VN&gtm=45je36s0&_p=1455705248&cid=1031612647.1688282021&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&dp=%2F&sid=1688282021&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&en=page_view&_fv=1&_ss=1&ep.ga_client_id=&epn.vertical_id=173&ep.vertical_name=%D7%95%D7%95%D7%90%D7%9C%D7%94&ep.category_id=&ep.item_id=&ep.item_type=&ep.item_publication_date=&ep.item_last_update=&ep.content_provider=&ep.item_title=&ep.item_author=&ep.hostname=walla.co.il&ep.item_sections_words_count=&ep.tags=&ep.editor=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RYD7X7E8VN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 64ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TSQY5YTYZ0&gtm=45je36s0&_p=1455705248&cid=1031612647.1688282021&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1688282021&sct=1&seg=0&dl=https%3A%2F%2Fwww.walla.co.il%2F&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TSQY5YTYZ0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 walla.json Show response
www.walla.co.il/public/player-config/ Frame C0EC 111 B
481 B 56ms
56ms Fetch
application/json 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.walla.co.il/public/player-config/walla.json?cache=1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/player_139c5045859344d8ca2a_139c5045859344d8ca2a_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 51f3359dfda7f7e3bb7ca5440eba096f6b170c38da65853d53fc56bdd65f396a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/public/player.html?autoplay=true&imaAdUnit=43010785%2Fwallanews%2Fmain%2Fpre_desktop&imaKeyValues=%7B%22app_name%22%3Afalse%2C%22providerId%22%3A0%2C%22item_id%22%3A0%2C%22vertical_id%22%3A173%2C%22vertical_name%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22category_id%22%3A0%2C%22item_type%22%3A%22%22%2C%22exclusive%22%3A%22not%22%2C%22login%22%3A%22no%22%2C%22isMobileApp%22%3Afalse%7D&muted=true&player=walla&stream=https%3A%2F%2Fcdn-uw2-prod.tsv2.amagi.tv%2Flinear%2Famg01742-walla-wallanews-ono%2Fplaylist.m3u8&url=https%3A%2F%2Fwww.walla.co.il%2F&ver=2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:41 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 14:00:42 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: FRA2-C1
etag: W/"6f-189024e6f10"
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 111
x-cached: HIT
x-amz-cf-id: 4tqrrW87DXVBK5UF1Jgey7T0qnOHU7mI75yLLRAByucxQKP7pGfLCQ==

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 380 B
719 B 309ms
135ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&tk_flint=pbjs_lite_v7.39.0&x_source.tid=8be4d379-933b-413b-91e7-a877decc010f&l_pb_bid_id=29be681ed65d15&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fskyscraper_desktop&slots=1&rand=0.41041111919723194
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ee39cae74c1947e78e781b0ac473bf4ff358015778a819e63f153a45e30309c6

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 380
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 365 B
705 B 296ms
123ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Frectangle_hp3_desktop&tk_flint=pbjs_lite_v7.39.0&x_source.tid=322518ce-4348-4584-9e57-2ad6511147c6&l_pb_bid_id=329ad7370fdbbc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Frectangle_hp3_desktop&slots=1&rand=0.845004755243399
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6b62e5d4945a4d5710d401bd957daee02e5e75b385876c818fbb1c6c352f9088

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 365
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 370 B
709 B 308ms
135ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fpremium_rectangle1_desktop&tk_flint=pbjs_lite_v7.39.0&x_source.tid=c96771e3-d7a7-45c5-a9ce-8a19b0cd95e4&l_pb_bid_id=4bc8c9c1d8e6f5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fpremium_rectangle1_desktop&slots=1&rand=0.16478319253277407
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f67f094d1c16272783252615e5ab1399998f70caba02850105f77b4d3d2bdd17

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 370
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 366 B
881 B 291ms
119ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.page=https%3A%2F%2Fwww.walla.co.il%2F&tg_i.domain=walla.co.il&tg_i.pbadslot=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&tk_flint=pbjs_lite_v7.39.0&x_source.tid=14de606c-645f-47b2-bb70-b0fd2622b155&l_pb_bid_id=5c8d868bbf39ad&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Fmain%2Fyad2_rectangle_desktop&slots=1&rand=0.9385942231070834
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e66d22a67e9b4b0f3e53b7a26f30f93d3c309bed6124da801c7e2f62acaa3221

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 366
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 217ms
47ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.39.0&cb=82151389500&lsavail=1

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.walla.co.il
date: Sun, 02 Jul 2023 07:13:40 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 323ms
155ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.walla.co.il
date: Sun, 02 Jul 2023 07:13:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 2214040 Show response
bs.yandex.ru/metadsp/ 0
421 B 249ms
83ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://bs.yandex.ru/metadsp/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 02 Jul 2023 07:13:41 GMT
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.walla.co.il
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
uniformat-product-type: None
x-xss-protection: 1; mode=block
expires: Sun, 02 Jul 2023 07:13:41 GMT

POST
H2 204 2214040 Show response
bs.yandex.ru/metadsp/ 0
25 B 256ms
90ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://bs.yandex.ru/metadsp/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 02 Jul 2023 07:13:41 GMT
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.walla.co.il
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
uniformat-product-type: None
x-xss-protection: 1; mode=block
expires: Sun, 02 Jul 2023 07:13:41 GMT

POST
H2 204 2214040 Show response
bs.yandex.ru/metadsp/ 0
25 B 255ms
89ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://bs.yandex.ru/metadsp/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 02 Jul 2023 07:13:41 GMT
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.walla.co.il
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
uniformat-product-type: None
x-xss-protection: 1; mode=block
expires: Sun, 02 Jul 2023 07:13:41 GMT

POST
H2 204 2214040 Show response
bs.yandex.ru/metadsp/ 0
25 B 262ms
96ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://bs.yandex.ru/metadsp/2214040?imp-id=1&target-ref=www.walla.co.il&ssp-id=10500

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 02 Jul 2023 07:13:41 GMT
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.walla.co.il
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
uniformat-product-type: None
x-xss-protection: 1; mode=block
expires: Sun, 02 Jul 2023 07:13:41 GMT

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
309 B 199ms
42ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 02 Jul 2023 07:13:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7e05166bbed13a8e-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 203ms
45ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 02 Jul 2023 07:13:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7e05166bbed23a8e-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 206ms
49ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 02 Jul 2023 07:13:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7e05166bbed43a8e-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
35 B 202ms
45ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 02 Jul 2023 07:13:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7e05166bbed53a8e-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 470 B
1 KB 174ms
23ms XHR
application/json 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ec2-18-194-40-171.eu-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

599fe3fbcba142421384d99bdf724517f01226d7c8196fe9b02a8fa74a2c6bda

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 02 Jul 2023 07:13:41 GMT
AN-X-Request-Uuid: 78e91c01-0a8c-4de8-8af6-59d53ccb4b2e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.walla.co.il
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 470
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 114 B
514 B 200ms
49ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cebc60e40dd5021c551108d1bc71b27f4784633e6572ed3b908bb908c6f6a99a

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Sun, 02 Jul 2023 07:13:41 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Seats Booster. unable to get the seat booster engine for organization: 1241
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7e05166bbb613619-FRA
expires: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 196ms
38ms XHR
application/json 185.86.139.85
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.85 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 196ms
39ms XHR
application/json 185.86.139.85
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.85 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:40 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
337 B 220ms
63ms XHR
application/json 185.86.139.85
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.85 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:40 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
607 B 188ms
32ms XHR
application/json 18.194.40.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.39.0&referrer=https%3A%2F%2Fwww.walla.co.il%2F&tmax=3000

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.40.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
accept-ch: sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory
x-auction-status: 12, 12, 12, 12, 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 arj Show response
u.openx.net/w/1.0/ 71 B
376 B 286ms
131ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.walla.co.il%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8be4d379-933b-413b-91e7-a877decc010f%2C322518ce-4348-4584-9e57-2ad6511147c6%2Cc96771e3-d7a7-45c5-a9ce-8a19b0cd95e4%2C14de606c-645f-47b2-bb70-b0fd2622b155&nocache=1688282021566&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&ph=699eab9c-3b10-4094-afdb-80584fcca830&schain=1.0%2C1!valuad.io%2C15113%2C1%2C%2C%2C&aus=120x600%2C160x600%7C300x250%7C300x250%7C300x250&divids=adSlot-1%2CadSlot-3%2CadSlot-4%2CadSlot-5&aucs=43010785%252Fwallanews%252Fmain%252Fskyscraper_desktop%2C43010785%252Fwallanews%252Fmain%252Frectangle_hp3_desktop%2C43010785%252Fwallanews%252Fmain%252Fpremium_rectangle1_desktop%2C43010785%252Fwallanews%252Fmain%252Fyad2_rectangle_desktop&auid=544104782%2C544104782%2C544104782%2C544104782
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: af3651d3e7bba55f69203153254f5f381ce2d3303136a61d5cd70a5c88d8cfcb

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.walla.co.il
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 302ms
148ms XHR
application/json 185.86.139.85
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.85 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 293ms
140ms XHR
application/json 185.86.139.85
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.85 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 367ms
172ms XHR
application/json 185.86.139.85
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.85 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
557 B 376ms
181ms XHR
application/json 185.86.139.85
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.85 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
363 B 176ms
23ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

58.218.120.34.bc.googleusercontent.com

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.walla.co.il
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 892 B
1 KB 285ms
133ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.walla.co.il%2F&PageUrl=https%3A%2F%2Fwww.walla.co.il%2F&PageReferrer=https%3A%2F%2Fwww.walla.co.il%2F&CanonicalUrl=https%3A%2F%2Fwww.walla.co.il%2F

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

dca10e53ee79cc69f334960e082cbafc67289d3eac91e3f678669a6cae520375

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 102
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 892
expires: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
178 B 184ms
34ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.walla.co.il
date: Sun, 02 Jul 2023 07:13:41 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2

200

/
www.google.de/pagead/1p-conversion/777956447/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/777956447/?random=213970978&cv=11&fst=1688282021121&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.w...
https://www.google.com/pagead/1p-conversion/777956447/?random=213970978&cv=11&fst=1688282021121&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=m...
https://www.google.de/pagead/1p-conversion/777956447/?random=213970978&cv=11&fst=1688282021121&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZ...

42 B
108 B

56ms
41ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/777956447/?random=213970978&cv=11&fst=1688282021121&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=720157231.1688282021&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE1DRXBRWVFsdEh1OGFpbW5hRGZBUklsQU1mZE1JWXdIakQwOF9GMnVPM29Sb1BuMy1ySzNxQ3BfRFdvLWs4UXgtSjdTS3liWlEaV0NoQUk4TUNFcFFZUTY5N3htUFdVNVAwRUVpMEFxUl9rRXRyVms3djE2ajRyMHIxcklEc2ZmNTUxc1Fzd2VDQUlsT1ZWVWhicTg2cDFPZFl5bUladU1wTSITCOv-ndG87_8CFVLHuwgdfZYPuw&is_vtc=1&ocp_id=pSOhZKuYDNKO7_UP_ay-2As&cid=CAQSKQBygQiDV_7uYl8_HPCHwjEX4B3hNOVU8WOsw6IutN9z9GjHxnOPMVV5&eitems=ChAI8MCEpQYQ4_vKiJuJ07hdEh0AE3f2l3GwVEzUuFIjZM7wLwqXwlMIvjn3aqiKdw&random=1160288710&ipr=y

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/777956447/?random=213970978&cv=11&fst=1688282021121&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.walla.co.il%2F&label=mZWsCNeTj4sYEN_Y-vIC&hn=www.googleadservices.com&frm=0&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&value=0&auid=720157231.1688282021&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE1DRXBRWVFsdEh1OGFpbW5hRGZBUklsQU1mZE1JWXdIakQwOF9GMnVPM29Sb1BuMy1ySzNxQ3BfRFdvLWs4UXgtSjdTS3liWlEaV0NoQUk4TUNFcFFZUTY5N3htUFdVNVAwRUVpMEFxUl9rRXRyVms3djE2ajRyMHIxcklEc2ZmNTUxc1Fzd2VDQUlsT1ZWVWhicTg2cDFPZFl5bUladU1wTSITCOv-ndG87_8CFVLHuwgdfZYPuw&is_vtc=1&ocp_id=pSOhZKuYDNKO7_UP_ay-2As&cid=CAQSKQBygQiDV_7uYl8_HPCHwjEX4B3hNOVU8WOsw6IutN9z9GjHxnOPMVV5&eitems=ChAI8MCEpQYQ4_vKiJuJ07hdEh0AE3f2l3GwVEzUuFIjZM7wLwqXwlMIvjn3aqiKdw&random=1160288710&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pmk-20220605.1.js Show response
pm-widget.taboola.com/wallail-walla/ 115 KB
31 KB 24ms
24ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/wallail-walla/pmk-20220605.1.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/wallail-walla/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7e3e2281e670435dd46492437a30bcf0c59368d824ac1aa591571d35c81d88b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: YaUoVhRXeV8pgb7fnBF6NLXk_e7KSGb2
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Sun, 02 Jul 2023 07:13:41 GMT
x-amz-request-id: 3JR9X5B7QWG1GVJW
age: 6461312
x-cache: HIT, HIT
content-length: 31819
x-amz-id-2: AKGFZk5OD9L+JyhN2R0VSrHVpHKNzOQlSKMFAEWVbI342luSWp8dV/tlNx3DJMsO9NvXppA3dzg=
x-served-by: cache-bur-kbur8200072-BUR, cache-fra-eddf8230098-FRA
last-modified: Tue, 18 Apr 2023 12:24:45 GMT
server: AmazonS3
x-timer: S1688282022.745105,VS0,VE0
etag: "4bbfdfa56e1850f61d8804a24a682324"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 16, 23

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 3 KB
2 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1688282021591&cv=9&fst=1688282021591&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c87e67f676c21e695f28a55893bce57a73b8c32cbb8458175a5fb4a87809111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1442
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame C0EC 361 KB
121 KB 1615ms
1549ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/public/player_139c5045859344d8ca2a_139c5045859344d8ca2a_walla.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123120
x-xss-protection: 0
expires: Sun, 02 Jul 2023 07:13:43 GMT

GET
DATA 200
OK truncated
/ Frame C0EC 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://www.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 /
www.google.com/pagead/1p-user-list/964224610/ 42 B
108 B 35ms
35ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/964224610/?random=1688282021591&cv=9&fst=1688281200000&num=1&guid=ON&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&fmt=3&is_vtc=1&random=4046848415&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/964224610/ 42 B
108 B 68ms
37ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/964224610/?random=1688282021591&cv=9&fst=1688281200000&num=1&guid=ON&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.walla.co.il%2F&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D&fmt=3&is_vtc=1&random=4046848415&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1616785908557850 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 22ms
22ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1616785908557850?v=2.9.110&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

660c079d9a1cfcbc3bb0d90021d860092e9886ae6b4279c8574e69db82faf266

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 02 Jul 2023 07:13:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87942
x-xss-protection: 0
pragma: public
x-fb-debug: e8JhdwAcysPOUWN+4eq9qEmDIT7wfvSW6VngSyANum5FkWcVzYe3F7ftgDK1S6ZDP7VcR2MGuYqb5PYRwzh/iw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 65ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1688282021753&sw=1600&sh=1200&v=2.9.110&r=stable&ec=0&o=30&fbp=fb.2.1688282021751.1688885350&cs_est=true&it=1688282021456&coo=false&rqm=GET

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 02 Jul 2023 07:13:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 38ms
35ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4780630-1&cid=1031612647.1688282021&jid=1323472454&_u=aEBAAEAAEAAAACAAI~&z=839898459

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 56ms
35ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4780630-1&cid=1031612647.1688282021&jid=1323472454&_u=aEBAAEAAEAAAACAAI~&z=839898459

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 65ms
63ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 0eac9f81351900e3819a35591358e7a481a7387cba875062626de603bb0a46e6

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Jul 2023 07:13:41 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 98d75e06e476ec0ad3f8ee5a3da298ac
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 92ms
36ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://www.walla.co.il
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Sun, 02 Jul 2023 07:13:41 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: 64f2f9c8fb9b38b80267af9d9989edf0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.walla.co.il%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.walla.co.il%2F&rid=esp&cc=1

85 B
202 B

133ms
132ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.walla.co.il%2F&rid=esp&cc=1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 7ca23fc8e040e69e563a28f3943cde57d7ebdd513947c742fd1fdea893a22060

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:42 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-Zn83o/Hd4JO9bJ1TJIg1aUaeQXk"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sun, 02 Jul 2023 07:13:41 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.walla.co.il
location: /esp?url=https%3A%2F%2Fwww.walla.co.il%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
334 B 153ms
43ms XHR
application/json 54.246.206.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.206.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-206-91.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: cf5f990e61273e2eaf6e5d84cbb041273c7c4fbe89eb5ca1c8c51fd9e6408ff1

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache
x-server: 10.45.3.196
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 adoric.v8.1.min.css
static.adoric.com/ 153 KB
13 KB 108ms
32ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adoric.com/adoric.v8.1.min.css
Requested by: Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07327d08ae460881029ee367ce289f16d0bc5f6a6ccad85b56309f4bd3378164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2143
x-guploader-uploadid: ADPycdu8g7GOwXw0mcWI28Y08fsmeUO_Y3CWGEqUqH54UPmY9LvhPdrAFbLRgsUK8KU7bSBTLxFF6YKYDKesH2tWGvhACA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Mar 2023 12:34:21 GMT
server: cloudflare
etag: W/"f21b1e8721ea0a2b3184b3791f313ae5"
vary: Accept-Encoding
x-goog-hash: crc32c=CaOFEQ==, md5=8hsehyHqCisxhLN5HzE65Q==
x-goog-generation: 1679488461632848
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AyZD6HhrOh0mYmbo9cIGkzsfwhVVxHZ4FrhmTpLRbfZi9OJZjgA3WsnkFkKZ6AnUQmJb3xFOTkvdcCaPXYST%2F2svVcbeY8s37eC83%2BBtM%2BesXB0vcMhCIM5h%2Bn4ZJs8Ac%2BMakSrrnOso4bF7Mhz%2FiA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12224
cf-ray: 7e05166cd94035e2-FRA
expires: Sun, 02 Jul 2023 06:38:06 GMT

GET
H2 200 / Show response
app.adoric-om.com/v1/campaigns/ 772 B
1 KB 176ms
121ms XHR
application/json 34.120.218.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.adoric-om.com/v1/campaigns/?u=9cf2e1a44ca72a3fec13c925568a4883&l=en&cc=0&b=chrome&os=win&h=https%3A%2F%2Fwww.walla.co.il%2F&d=desktop&lsps=0&pd=M&nv=true&tz=0&cIds=%5B%5D

Requested by

Host: 12890047.adoric-om.com
URL: https://12890047.adoric-om.com/adoric.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.218.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

9381ff97e2df5a195d6b81be0321fd4c7d2cd962eeba323da8f2b55c5d0c057e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
date: Sun, 02 Jul 2023 07:13:41 GMT
x-content-type-options: nosniff
via: 1.1 google
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 772
x-xss-protection: 1; mode=block
etag: W/"304-mPRypT+2v9Xj9ILFnew1Si8DRWU"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-credentials: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
324 B 79ms
29ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.walla.co.il
date: Sun, 02 Jul 2023 07:13:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame AB56 15 KB
6 KB 41ms
39ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.walla.co.il

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 07:13:41 GMT
server: Kestrel
server-processing-duration-in-ticks: 292815
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
23 KB 72ms
30ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 07:13:41 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2224158
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Jun 2023 12:52:54 GMT
Server: cloudflare
ETag: W/"845b176368f98c92daf7aa531dcbc491"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BtJMXB37GRTjSEt42Hgfk3Z5wNeDR4wNpv7R%2BN6cvyzhgkdxtlELz2mAniKdt4CnrFetTBlbRN1ePwuWOs%2BWdEaM4%2BDVeTchxjjzE%2F%2B%2BSrlJnXfg7%2BrQUzzwQgmYLxUklsWQuqm5dZh9zwOS"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7e05166caf789968-FRA

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 21ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fwww.walla.co.il%2F&rl=&if=false&ts=1688282021822&sw=1600&sh=1200&v=2.9.110&r=stable&ec=0&o=30&fbp=fb.2.1688282021751.1688885350&it=1688282021456&coo=false&rqm=GET

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 02 Jul 2023 07:13:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame AB56
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=walla.co.il&sn=ChromeSyncframe&so=0&topUrl=www.walla.co.il&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=Et15GHx4WlFZa0VvMnpzNDZ3dTdlWFJlQzlaM1doQ2RtY1gzNDhpOFB5Yk05N3BOQWtPaHZPemtnMDR5dUE1QTRTekE3czI5dm5Ca2h2Qk9KdkpuenNPeDdNL3hydWZZNkNXUjN5WHVLYlJkSi9UbFl6SWE5U0s4Q3MrdC...

441 B
661 B

291ms
43ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Et15GHx4WlFZa0VvMnpzNDZ3dTdlWFJlQzlaM1doQ2RtY1gzNDhpOFB5Yk05N3BOQWtPaHZPemtnMDR5dUE1QTRTekE3czI5dm5Ca2h2Qk9KdkpuenNPeDdNL3hydWZZNkNXUjN5WHVLYlJkSi9UbFl6SWE5U0s4Q3MrdCs1eWNpdXNJaURRa1BSZjB1R3JLWWQ3SmNGeDNJa3BvME00NmtId2VmemlVRThlRjBqS2t5cThESldVcjdoNjBVdFRUNG1ybmVjVUZ0Tjd5OEh0dkZ1a3VzQm1HWUJBL1FKdjByd2o2dk9SZmNETnZEZlRta3YrL0ZxUXZ0OS8rZXVKODFrZGU5L1BkZ1JqZ3REdVdYRWZXQUxiKzdRUT09fA&cppv=2

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

639bd21c16e186b05fcbb743765a3ba48765ee6f776f29d40567668ee74dc27b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3709213
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=Et15GHx4WlFZa0VvMnpzNDZ3dTdlWFJlQzlaM1doQ2RtY1gzNDhpOFB5Yk05N3BOQWtPaHZPemtnMDR5dUE1QTRTekE3czI5dm5Ca2h2Qk9KdkpuenNPeDdNL3hydWZZNkNXUjN5WHVLYlJkSi9UbFl6SWE5U0s4Q3MrdCs1eWNpdXNJaURRa1BSZjB1R3JLWWQ3SmNGeDNJa3BvME00NmtId2VmemlVRThlRjBqS2t5cThESldVcjdoNjBVdFRUNG1ybmVjVUZ0Tjd5OEh0dkZ1a3VzQm1HWUJBL1FKdjByd2o2dk9SZmNETnZEZlRta3YrL0ZxUXZ0OS8rZXVKODFrZGU5L1BkZ1JqZ3REdVdYRWZXQUxiKzdRUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 274568
content-length: 0
expires: 0

OPTIONS
H2 200 events
event.dxmdp.com/rest/api/v1/ Frame 0
0 139ms
48ms Preflight 52.212.193.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.dxmdp.com/rest/api/v1/events
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.193.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-193-79.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.walla.co.il
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Sun, 02 Jul 2023 07:13:42 GMT
server: nginx/1.20.0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 sync
event.dxmdp.com/rest/api/v1/ Frame 0
0 137ms
46ms Preflight 52.212.193.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.dxmdp.com/rest/api/v1/sync
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.193.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-193-79.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.walla.co.il
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Sun, 02 Jul 2023 07:13:42 GMT
server: nginx/1.20.0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 events Show response
event.dxmdp.com/rest/api/v1/ 9 KB
9 KB 61ms
61ms Fetch
application/json 52.212.193.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.dxmdp.com/rest/api/v1/events
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.193.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-193-79.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 212b9ab2bcf1379a8f4b8d1f04373e4186e67a8987667bf187256cd31e8ca832

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.walla.co.il
date: Sun, 02 Jul 2023 07:13:42 GMT
access-control-allow-credentials: true
server: nginx/1.20.0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

GET
H2 200 sync Show response
event.dxmdp.com/rest/api/v1/ 13 B
326 B 48ms
47ms Fetch
application/json 52.212.193.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.dxmdp.com/rest/api/v1/sync
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.193.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-193-79.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: d658d875fc3585c4c508c403d9d0843e192845b6e101a09e887b757a895b1790

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.walla.co.il
date: Sun, 02 Jul 2023 07:13:42 GMT
access-control-allow-credentials: true
server: nginx/1.20.0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

GET
H2 200 container.html Show response
f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EE06 6 KB
3 KB 28ms
23ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 07:13:41 GMT
expires: Mon, 01 Jul 2024 07:13:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 analytics Show response
hb-dot-valuad.appspot.com/ 16 B
35 B 163ms
163ms Fetch
application/json 2a00:1450:4001:813::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/analytics
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type: application/json
Accept: application/json
Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
x-request-id: 818a965a-3d70-4782-9adf-7f05a0e849a8
x-vad-version: 0.11.3

Response headers

date: Sun, 02 Jul 2023 07:13:42 GMT
server: Google Frontend
etag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
x-cloud-trace-context: 5b894ca33a652dd48af91919d75e052c
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
x-request-id: undefined

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 31ms
30ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 93 KB
27 KB 455ms
455ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1456132369863478&correlator=2137076060518780&eid=31075743%2C31075760&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cmain%2Cskyscraper_desktop%2Crectangle_hp3_desktop%2Cpremium_rectangle1_desktop%2Cyad2_rectangle_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6&prev_iu_szs=120x600%7C160x600%2C300x250%2C300x250%2C300x250&ifi=19&adks=2273020715%2C1717219177%2C1472875564%2C2299111211&didk=1193244742~1193245112~1193245115~1193245114&sfv=1-0-40&prev_scp=slot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Drectangle_hp3_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dpremium_rectangle1_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1%7Cslot_name%3Dyad2_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D173%26vertical_name%3Dhomepage%26mobile%3D0%26vertical_eng_name%3Dhomepage%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fwww.walla.co.il%26strip_step%3D1&eri=1&cust_params=permutive%3D&sc=1&cookie=ID%3D3fe622a37625deea%3AT%3D1688282021%3ART%3D1688282021%3AS%3DALNI_MaqdbUTDdHBgDI0ZmY-zgXO2blawQ&gpic=UID%3D00000c8c125d5705%3AT%3D1688282021%3ART%3D1688282021%3AS%3DALNI_MaiOK2LvIrc5fVK2MYw0YZWpCRQVA&abxe=1&dt=1688282022023&lmt=1688282022&dlt=1688282020084&idt=1182&adxs=1480%2C516%2C200%2C516&adys=160%2C839%2C839%2C1105&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=j%7Ck%7Cl%7Cm&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.walla.co.il%2F&frm=20&vis=1&psz=120x0%7C300x0%7C300x0%7C300x0&msz=120x0%7C300x0%7C300x0%7C300x0&fws=4%2C4%2C4%2C4&ohw=120%2C300%2C300%2C300&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=1031612647.1688282021&ga_sid=1688282021&ga_hid=1455705248&ga_fc=true&ga_cid=1000806957.1688282021&a3p=EhsKDDMzYWNyb3NzLmNvbRix-8yrkTFIAFICCGQSGQoKdWlkYXBpLmNvbRix-8yrkTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGO7_zKuRMUgAUgIIahIcCg1jcndkY250cmwubmV0GLH7zKuRMUgAUgIIZBIZCgpwdWJjaWQub3JnGIH_zKuRMUgAUgIIahIXCghydGJob3VzZRiw-8yrkTFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YsfvMq5ExSABSAghkEhQKBW9wZW54GLH7zKuRMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

386814df4f41ae81d0accefd5dba9822fca34a32a02ee82fb3e1e68a546a3372

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27321
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync Show response
event.dxmdp.com/rest/api/v1/ 34 B
362 B 48ms
47ms Fetch
application/json 52.212.193.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.dxmdp.com/rest/api/v1/sync?audids=TW7oIPDA,oAENlyoR
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.193.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-193-79.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e43cce118c3fa978490a1d7abaccf3a665561210e714a41fddabccad38b8d693

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.walla.co.il
date: Sun, 02 Jul 2023 07:13:42 GMT
access-control-allow-credentials: true
server: nginx/1.20.0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

GET
H2 200 dmp-common-iframe.html Show response
cf.dxmcdn.com/dta/ Frame D05E 193 KB
62 KB 122ms
26ms Document
text/html 2600:9000:20eb:0:11:da61:a100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.dxmcdn.com/dta/dmp-common-iframe.html?dmpid=57d57ac3-887b-48d0-9c86-fd6613173de7&monitoringConfig=%7B%22uuid%22%3A%22bc8a7a32-7d98-4226-8af9-d2a43a8621cc%22%2C%22enabled%22%3Afalse%2C%22verboseMode%22%3A%22ERRORS%22%2C%22sampling%22%3Anull%2C%22observedUserId%22%3Anull%2C%22includeDatabase%22%3Afalse%2C%22includeLocalStorage%22%3Afalse%2C%22includeLoggerState%22%3Afalse%7D
Requested by: Host: tags.dxmdp.com
URL: https://tags.dxmdp.com/tags/bc8a7a32-7d98-4226-8af9-d2a43a8621cc/dmp-main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:0:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62db05cbc08f8a152afa78e6c309221aac46be5a9927d700dc5dcd79b694af7d

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12957
content-encoding: gzip
content-type: text/html
date: Sun, 02 Jul 2023 03:37:46 GMT
etag: W/"26fac2aab0da1220dfb31537337da864"
last-modified: Thu, 22 Jun 2023 12:45:06 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
x-amz-cf-id: mk1x6aGyWPnmQcKmUuNdVfe-N_ICt1XDMUG8jcZmSP1bEZk2m1GQLw==
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: URyL1F8hHWqFe1lRA1JzInJ0QLmqiRIN
x-cache: Hit from cloudfront

OPTIONS
H2 200 analytics
hb-dot-valuad.appspot.com/ Frame 0
0 117ms
116ms Preflight
text/html 2a00:1450:4001:813::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/analytics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-request-id,x-vad-version
Access-Control-Request-Method: POST
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-request-id,x-vad-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://www.walla.co.il
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 02 Jul 2023 07:13:42 GMT
server: Google Frontend
x-cloud-trace-context: b503773b564821204d8b8fa6d89837b8;o=1
x-request-id: undefined

OPTIONS
H2 200 sync
event.dxmdp.com/rest/api/v1/ Frame 0
0 63ms
63ms Preflight 52.212.193.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.dxmdp.com/rest/api/v1/sync?audids=TW7oIPDA,oAENlyoR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.193.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-193-79.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.walla.co.il
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Sun, 02 Jul 2023 07:13:42 GMT
server: nginx/1.20.0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 9093 0
91 B 132ms
127ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 02 Jul 2023 07:13:42 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 54BD 624 B
242 B 65ms
64ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYjYjl7gEwAQ&v=APEucNU9bYp_rGPrzQzxXBLzz7YlEijeSrHE5sxO5DFDKSG2wfkAsWWzahr1MvHishtms24Rc9soWtut7t5wb_lJ9FA0IpS1FfmixNForZa1w-zTpP6FUR94ngb94ZNsLotFWdC87cmSRPctYHAgZxKA7uO6o4ZUHAkzSN5dvR_DMCPmV09McFI

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 07:13:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame EE06 78 KB
28 KB 226ms
169ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 02 Jul 2023 07:13:42 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE06 42 B
401 B 112ms
56ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BV09JIF2I8-bkJzEBAsMYL-LGT7ii3wdVBypXtenQdGJ8eh4oGMhWjn27yU9CiANkLsPsIXJLSd4up-KfTGR2T987lMvwVPVOszw8T0Yp1VZ-Kqxs

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE06 0
58 B 113ms
56ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16729808716967373784&x=1&ct=76

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame EE06 3 KB
1 KB 93ms
26ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 23:28:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27903
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 23:28:39 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame EE06 20 KB
9 KB 90ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:50:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 17:50:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE06 179 KB
56 KB 248ms
233ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jul 2023 07:13:42 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 54BD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKdJIfqahty4O1tXHzkPm_o&google_cver=1

43 B
766 B

25ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKdJIfqahty4O1tXHzkPm_o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYjYjl7gEwAQ&v=APEucNU9bYp_rGPrzQzxXBLzz7YlEijeSrHE5sxO5DFDKSG2wfkAsWWzahr1MvHishtms24Rc9soWtut7t5wb_lJ9FA0IpS1FfmixNForZa1w-zTpP6FUR94ngb94ZNsLotFWdC87cmSRPctYHAgZxKA7uO6o4ZUHAkzSN5dvR_DMCPmV09McFI
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Jul 2023 07:13:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKdJIfqahty4O1tXHzkPm_o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 54BD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKEjpsvxJchzRiGMKPI2ugAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKdJIfqahty4O1tXHzkPm_o&google_cver=1

43 B
766 B

25ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKdJIfqahty4O1tXHzkPm_o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYjYjl7gEwAQ&v=APEucNU9bYp_rGPrzQzxXBLzz7YlEijeSrHE5sxO5DFDKSG2wfkAsWWzahr1MvHishtms24Rc9soWtut7t5wb_lJ9FA0IpS1FfmixNForZa1w-zTpP6FUR94ngb94ZNsLotFWdC87cmSRPctYHAgZxKA7uO6o4ZUHAkzSN5dvR_DMCPmV09McFI
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Jul 2023 07:13:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKdJIfqahty4O1tXHzkPm_o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 54BD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECeJjfal1ot9AjkNArn7EKM&google_cver=1

43 B
1 KB

33ms
22ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECeJjfal1ot9AjkNArn7EKM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYjYjl7gEwAQ&v=APEucNU9bYp_rGPrzQzxXBLzz7YlEijeSrHE5sxO5DFDKSG2wfkAsWWzahr1MvHishtms24Rc9soWtut7t5wb_lJ9FA0IpS1FfmixNForZa1w-zTpP6FUR94ngb94ZNsLotFWdC87cmSRPctYHAgZxKA7uO6o4ZUHAkzSN5dvR_DMCPmV09McFI

Protocol

HTTP/1.1

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Jul 2023 07:13:42 GMT
AN-X-Request-Uuid: d74701ab-0bb0-493b-b51e-de35a74fa55d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECeJjfal1ot9AjkNArn7EKM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 54BD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA2Mzk4MjM2MTc2Nzc2NjY5Ng%3D%3D

170 B
243 B

31ms
31ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA2Mzk4MjM2MTc2Nzc2NjY5Ng%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 02 Jul 2023 07:13:42 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 24e767bf-1719-45be-b2f4-b0144fbe72e9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA2Mzk4MjM2MTc2Nzc2NjY5Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8D29 0
18 B 22ms
22ms Document
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.walla.co.il
Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.walla.co.il
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 07:13:42 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 json Show response
trc.taboola.com/wallail-walla/trc/3/ 131 KB
34 KB 758ms
752ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/wallail-walla/trc/3/json?tim=07%3A13%3A42.362&lti=deflated&data=%7B%22id%22%3A200%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1688032273730%2C%22vi%22%3A1688282022359%2C%22cv%22%3A%2220230629-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.walla.co.il%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A11092%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Left%20Rail%20Homepage%22%2C%22orig_uip%22%3A%22Left%20Rail%20Homepage%22%2C%22cd%22%3A1106.484375%2C%22mw%22%3A298%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-g%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Homepage%201%22%2C%22orig_uip%22%3A%22Mid%20Homepage%201%22%2C%22cd%22%3A4298.984375%2C%22mw%22%3A864%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-g%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Homepage%202%22%2C%22orig_uip%22%3A%22Mid%20Homepage%202%22%2C%22cd%22%3A5465.984375%2C%22mw%22%3A864%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-g%3Aabp%3D0%22%2C%22uip%22%3A%22Homepage%20Endless%22%2C%22orig_uip%22%3A%22Homepage%20Endless%22%2C%22cd%22%3A11092.265625%2C%22mw%22%3A863%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHomepage%20Endless%3Dthumbnails-g%3Aabp%3D0%2C%2CLeft%20Rail%20Homepage%3Dthumbnails-a%3Aabp%3D0%2C%2CMid%20Homepage%201%3Dthumbnails-g%3Aabp%3D0%2C%2CMid%20Homepage%202%3Dthumbnails-g%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230629-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b6f303b0b3e771cdd4b97d7c5c28eae5e262d7130440a8e6d996fc1a3f5f9a34

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 727
date: Sun, 02 Jul 2023 07:13:43 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 8041
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-fra-eddf8230098-FRA
server: nginx
x-timer: S1688282022.377101,VS0,VE727
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 bulk-metrics Show response
trc-events.taboola.com/wallail-walla/log/3/ 0
247 B 95ms
30ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/wallail-walla/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230629-3-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.walla.co.il
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 210 KB
64 KB 83ms
23ms Script
application/javascript 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: fdb3a5f6e3182c980503f12c3b7d7a6cbbf899db34df26816ac905acb58f7cdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:35:42 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=160084
accept-ranges: bytes
content-length: 65459
expires: Tue, 04 Jul 2023 03:41:46 GMT

GET
H2 200 / Show response
csync.smilewanted.com/ 6 KB
2 KB 46ms
37ms Script
application/javascript 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b62a89701f26ec1da28a7957e9dbdf26c5151089025c31795f9534a0ea878600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
cf-ray: 7e05166ffb453a8e-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8302 0
15 B 22ms
21ms Document
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.walla.co.il
Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.walla.co.il
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 07:13:42 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ 48 KB
12 KB 46ms
32ms Script
application/javascript 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 408605
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e0516704b983a8e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE06 0
56 B 56ms
55ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9316006003845&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE06 0
56 B 56ms
56ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9316006003845&version=m202301230201&ct=76&x=1&cor=16729808716967373000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame EE06 102 KB
39 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cgov_luU1AZrq1LeL2RyeLHGbw5llxJiDHTEf-g7yVa86AQ9p-O6qKW5temVCDQoEBIFQelmrcbM6YPN23K2swpw8yiDfB6IiE_OHmx_Y614iNzrkCG5sXo9MqvVAUR2wC23utFiX1FFq2RovS55mbvbYILhrM6mB87NsSMTGmABOyPJI&dbm_d=AKAmf-CChcG1RBW0eHFstd2-X7QA_lHmkLLmyTgvttFo6cmPt8fRYSouIenI8nNEaNo__XVWyl2JuRQlFuzCFsoWMZ3xxPh12u7vva_to4mvxCsdni9D1gkwoyK87MTuLwyyQ-YYccet4LjYnYk40o0l58q6jKtgxBmufWdKAwKEjQG86UcU3-2zQId3OqkA1hfFrbuo2wInRW3HpK7pUC0jD2YkAfzqx9tBIgyAtAuUjLrnzUH7vTGY_gxaEOZ853WDOTZoqhwDpIlGWYY783xuApNKDnRn0RD-JuTOPxQgeAQOfV2KrSdL4qLzVVvS2ZPF50KoCPJpA-lZKXx3E0ewr0JEty8AJfKKOKeLkqzepdJXBxNFYzZ9B3tatlfy7_1OEK7jWuvWpuf7T2KBcqnoleZduV4apV_zhCARhGvrpyS3fvE8y6UdUvMKUFUUlXGVXHF8FhZLwMC5CaExJT9YcjQHZIQ-Ix2EEu7o38ta9ha5f52jfFwCmKiJ_fPPH5mbwkYMf6DrmvrBGnRnsu4WOBHc9FVu6jht-W-FCPDVjSdBdpJVfediIS1QE1s2GnrDNmtYa_QnxEzUda-lbCen3013WQnxHIrkXAKQqSOaOCEdM7rfYt6ikxpknlGZJ5i6-l6J8kABSK98HPIVTn6eSMSnEGg3OlWoRwcsIfvXwcGGGDPejrgqEB94NC9DdPwqYQtI81whZPs6njcDFOO669HwJk-EExOoc0S9kwmTzUSpdfY96Ddwen4DzCX1dahRDU2_PPb6sVSK5ZQhLrCSQCM1zftDN-UY-K2aHMN4yCxkphy-xqdBIWzNlqeUJdmux50F5AtQrWxftwiavP-wyYCmM6G0Ro1-iWlYw4XTseFmQI22i0sLjMLzrmFadJzBYIp6CfkP_jZJcre8vQy04LujAxuHHztFP_2Dl0mIIhyQDbAGhg61uFPETbVqJAOqyGrxcmfQ0Z0RMWqPJNi34pCq0givRh7dSd00laJnGMTUVVoKAVi6wVe1652BkNPPsvHhG8nwYj-j0z2l4hTT8B8CjgFIyZlGmxPi7HBrtt4xrc0A6ubssrSQ_jdr3rFojh7ROrGKBSdSu4ufd12Bnj9ySBMUf7jVLcXuVUD9rWU89MbJjP540_1zRIw-8Gobxn2Tas5vZ9ZCUvskq8ga4a1KVraBI7Kk_NgmS85xp6HaquGI-NA_eVURleR46hD5uqYr4abg4E8Zk4LRYRlr6yPEUnYESxI60DrdF4LYAO2b_Rq5HotkaW4JADMwb8zxNCtdH0HoP7D0t3h7W8V4mygUYo15s0jCFJXMl3hbuUCsOOjKH45ySDZYv3WBWqXqzKWrLQjQ1dHKyuDGMMCveHlxXfoeTRhEJnB7rkeXbZLlgvY_xvXjA6Mdk9ZaxFX5WXca2rn1AWk1FlCy4wTCKioyDDI6nZJA02ejmxCUOi_ClXXOaNfU1jnNklSjszikYEJstWAqvCUkBBTK_y8WESyoB_n-maz1mX-Nh_hL5XPT6WePkZTwOXLd4CRd80LJUv_zTSU6mhdkueHhlQTXQqanUl2oR_SCYy4gByWrjDHaKXiTaoCndXwPx0ssRvctjTAJFJq6JuWlqFTsgwkgR2umMXtDte4f7E89fJhrwY03yo3ImvFg1fmoagZCuwGjqhwEKAJ7t03CJJ6G3dhiZZ8AM3srPnzuBykzj2jT21Bmhng0V-THtBX0mXmV6Ah6S1fG4geb_spLRC9rMX_XnSDFrKZzP6rFf6I93nj82YLh1HJiNWnYIvFXjHEdGmIWuIRLeuKZPPs8iXwiw6_1xFmzVE3X0rZ8aiaZMN3GN9xmgApNfOXVYS4oQlSX6EZhAnGytXmEDOP-1_5Wihz-bnHv0jW948sWNNfwMdRhIcbSAlf_k1gJLJferSmoP3vBeK9YA2-H63twWh-Seaq8uYsePDaJjA_CpctEg2P6y9hZmL9nHc77nxooDi019kp8w-7GhKTBDKiQpYnTlkH91UHdm4Ww8enXbOapMLWxfcoHI_9Z4GeJDPKMq1XHlHZWp692I9MeiYQyVUqG4H9xY1fAIWQ97c0rZlzHapijmu40_LuBq11Qq5J8rye1YQfnejbBQLl8Jew9NFkgFeusr8Lnw5wjfQRof81_mAgWZ70YfSNC5mWqW38W7Zh9PMojPfFf2us5LpnA1FB7q_ubPStufBlGhDjUDu7jf3HlHqeIwF2vJJsUKgehLBEoWA_eidnL1MzLCM8U0viC3UPAM-wTmnGgoD1cQfstunPoEA0DJcD4IwRu_C-_yYL19HG4efm-0vR88NQeWc79NEO2yOjC08Xc0_9eKkDOHQruLuEubHar47DGd5hrTJxXUP7W-Cu4_Ib8bcrEVn0_XFUiLwmNLgO-Ciy3rqop1CpS-qOz6ejet3yj49nu4GcYfyK7YPYRqiJT6fi1U5VJ_PICA0IT4vAvYjMXel2o3SLyDswDoSXGyTTdd107tPbLksFfg05PWC7ow_YOL-PwnfxLiDcEJwbCEzol_-RmiQY3v6qe4smfJOWIlsj_njEF7FZ3D0mgv2fmT-KXUV-JZ71XfmFWjUuDUHSq1V1Mod7NHGHlxeRVKAgyd8nkXqhj7wog5m4vFPERcrsUIxwDVwxkE0Qz_Ay6veVtSoR-by5cqWosFqmzPdaUkiEwailJSPYpRz1fCn1WAyb609vCxxiJ-AKZJm64o8UcyFL5EtlBx3WyEMdPylYjwFq2CC35ose_hs-aQr39sQrx-NE54r9ijUnzEU8F2OcMDXivxs6NgzTtNhK9dOcOtutaFdrSrs368zJh3iog8i-xr0AgK6gxtUfPOGqKgSoWiSKVeBL1IYnGa-gnxhA8iE-MkFJqucEuO-k_3-JSrgXD--GpOMA0i901hV_xAlCHhDiW8UIINdTzWm8XzsWN9t7Jksgmp6MVyrA3XmrsktF5k91mfHe3AEvp_9jSnNJIOBaVZ36w0JdfGmAxe7zm1u_zXYj3kmnCx4p8ip2w4uw7uX5YdFDCsTS_xZMMD4JCc_HJFxcA8ZFc73RzwkSBM63fhxPvHZk1_4bWO6KcCV4c1yKYD-KXQcMsoiHCWVn8EnJYXakfaCYJ-WCbucEWJ4ym60qJ5_nPkVis1UMsXbgR6QIUxYznhyq7hMY2XCMAKmeLE0W6BmCR3TzoZw4gl-zlXktE3_IT-zNYYF-LjPznWYDPTTm3C8ZpQ9nykBFMFUxHorgCSyINJojfct3f1dEP1t6yqOBqOewJfIDHCTWHAcpVRs7IpuzCF5q4V_kdPbY2FNNgnlm1_A8pWmuf4sXhYRfdUc0EOPy1Fg0Xe8J_TGGfVGwcIQB3jbchxv6fN-e3ghylVi2PM-nNzBWY21Caqx8zPHPeD3k6e6DZEhgORUNEnOmo3RUcwbYN9WpZoa_yodIZsceyRUj4uT3mBz6VlM-QWPjC2m9icj9w3uEWOKb_BYB33XpahfPqVg&cid=CAQSOwBygQiDZbA6Gvwt18TEw1LwnL6I0YOBwIP3_X0YpzGfQ31P7pj-iKsidAbY9bOkD1_b-SbJUnnJhcILGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=16729808716967373000&adk=2228999115&idt=238&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a21b923fbc5c52a936efd42f34a1755068606ebbaed342aecf9d6b8b8764fadd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39723
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame B5DB 0
335 B 38ms
37ms Document
text/html 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7e0516709bc63a8e-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Jul 2023 07:13:42 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 9327 0
0 23ms
23ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H3 200 container.html Show response
f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 61B5 6 KB
3 KB 24ms
23ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 07:13:41 GMT
expires: Mon, 01 Jul 2024 07:13:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4E74 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 07:13:41 GMT
expires: Mon, 01 Jul 2024 07:13:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4B82 6 KB
3 KB 25ms
24ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 07:13:41 GMT
expires: Mon, 01 Jul 2024 07:13:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1113 6 KB
3 KB 23ms
23ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 07:13:41 GMT
expires: Mon, 01 Jul 2024 07:13:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 4EF9 0
0 584ms
194ms Document
text/plain 63.251.14.14
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.14 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS: 14.14.251.63.unassigned.ord.singlehop.net
Software: /
Resource Hash

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Sun, 02 Jul 2023 07:13:43 GMT
X-Sovrn-Pod: ad_ap1sea1

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 08A3 640 B
262 B 66ms
64ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYoofk7gEwAQ&v=APEucNWJhkUv9UcNf45OvQukAd8cjOibKHQRlaXRQsp_Q1ASL3erMaT9Fco3xOfrURY_V88JvWejP2Ohe-5TopYaiRyZTVDF9_qCauF6YSF_AWHhPLfhwjXUdYOfKog3Nbg4ABwFINzm_uEvccjY_uV6S3xJmWM1LeHq78EAI3ZcXNn4sFaVmmQ

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 07:13:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 61B5 78 KB
27 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 02 Jul 2023 07:13:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 61B5 42 B
63 B 59ms
58ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DTU5X8h2JX9RD8erIDJHVjDE0PfZDSRkP-rhs9slyXgSl8hoBl3u33LhYdbdxaZz2hme4APsvRxS9LPz9Xba_TO_lDVOSY1q105Vq4byYAwYIu-rg

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 61B5 0
20 B 59ms
58ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12266748515599429406&x=1&ct=76

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 61B5 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 23:28:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27903
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 23:28:39 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 61B5 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:50:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 17:50:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 61B5 0
0 31ms
30ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSykjzrO2fmNnWf9QBIC46LznwCy3kMaJunQFNKOyZ6dSZwbgFuUKCC4N_5-ew_rOUb4S4aXhpSwsqtUSNGFxy4y7t_XA
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 61B5 179 KB
56 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jul 2023 07:13:42 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1484042/72188330/ Frame EE06 245 KB
74 KB 150ms
45ms Script
application/javascript 63.32.196.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1484042/72188330/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013030159&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20259277643&bidurl=https://www.walla.co.il/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0heqkwecySoU2XWtSPI1Ts9
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.196.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-196-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8e83c5e32c97bff0a28fb2f5a68cce67f3b21990ef3f332f888bc1254c1ef954

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame EE06 111 KB
39 KB 93ms
25ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Origin: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 13:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62448
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 13:52:54 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame EE06 11 KB
4 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cgov_luU1AZrq1LeL2RyeLHGbw5llxJiDHTEf-g7yVa86AQ9p-O6qKW5temVCDQoEBIFQelmrcbM6YPN23K2swpw8yiDfB6IiE_OHmx_Y614iNzrkCG5sXo9MqvVAUR2wC23utFiX1FFq2RovS55mbvbYILhrM6mB87NsSMTGmABOyPJI&dbm_d=AKAmf-CChcG1RBW0eHFstd2-X7QA_lHmkLLmyTgvttFo6cmPt8fRYSouIenI8nNEaNo__XVWyl2JuRQlFuzCFsoWMZ3xxPh12u7vva_to4mvxCsdni9D1gkwoyK87MTuLwyyQ-YYccet4LjYnYk40o0l58q6jKtgxBmufWdKAwKEjQG86UcU3-2zQId3OqkA1hfFrbuo2wInRW3HpK7pUC0jD2YkAfzqx9tBIgyAtAuUjLrnzUH7vTGY_gxaEOZ853WDOTZoqhwDpIlGWYY783xuApNKDnRn0RD-JuTOPxQgeAQOfV2KrSdL4qLzVVvS2ZPF50KoCPJpA-lZKXx3E0ewr0JEty8AJfKKOKeLkqzepdJXBxNFYzZ9B3tatlfy7_1OEK7jWuvWpuf7T2KBcqnoleZduV4apV_zhCARhGvrpyS3fvE8y6UdUvMKUFUUlXGVXHF8FhZLwMC5CaExJT9YcjQHZIQ-Ix2EEu7o38ta9ha5f52jfFwCmKiJ_fPPH5mbwkYMf6DrmvrBGnRnsu4WOBHc9FVu6jht-W-FCPDVjSdBdpJVfediIS1QE1s2GnrDNmtYa_QnxEzUda-lbCen3013WQnxHIrkXAKQqSOaOCEdM7rfYt6ikxpknlGZJ5i6-l6J8kABSK98HPIVTn6eSMSnEGg3OlWoRwcsIfvXwcGGGDPejrgqEB94NC9DdPwqYQtI81whZPs6njcDFOO669HwJk-EExOoc0S9kwmTzUSpdfY96Ddwen4DzCX1dahRDU2_PPb6sVSK5ZQhLrCSQCM1zftDN-UY-K2aHMN4yCxkphy-xqdBIWzNlqeUJdmux50F5AtQrWxftwiavP-wyYCmM6G0Ro1-iWlYw4XTseFmQI22i0sLjMLzrmFadJzBYIp6CfkP_jZJcre8vQy04LujAxuHHztFP_2Dl0mIIhyQDbAGhg61uFPETbVqJAOqyGrxcmfQ0Z0RMWqPJNi34pCq0givRh7dSd00laJnGMTUVVoKAVi6wVe1652BkNPPsvHhG8nwYj-j0z2l4hTT8B8CjgFIyZlGmxPi7HBrtt4xrc0A6ubssrSQ_jdr3rFojh7ROrGKBSdSu4ufd12Bnj9ySBMUf7jVLcXuVUD9rWU89MbJjP540_1zRIw-8Gobxn2Tas5vZ9ZCUvskq8ga4a1KVraBI7Kk_NgmS85xp6HaquGI-NA_eVURleR46hD5uqYr4abg4E8Zk4LRYRlr6yPEUnYESxI60DrdF4LYAO2b_Rq5HotkaW4JADMwb8zxNCtdH0HoP7D0t3h7W8V4mygUYo15s0jCFJXMl3hbuUCsOOjKH45ySDZYv3WBWqXqzKWrLQjQ1dHKyuDGMMCveHlxXfoeTRhEJnB7rkeXbZLlgvY_xvXjA6Mdk9ZaxFX5WXca2rn1AWk1FlCy4wTCKioyDDI6nZJA02ejmxCUOi_ClXXOaNfU1jnNklSjszikYEJstWAqvCUkBBTK_y8WESyoB_n-maz1mX-Nh_hL5XPT6WePkZTwOXLd4CRd80LJUv_zTSU6mhdkueHhlQTXQqanUl2oR_SCYy4gByWrjDHaKXiTaoCndXwPx0ssRvctjTAJFJq6JuWlqFTsgwkgR2umMXtDte4f7E89fJhrwY03yo3ImvFg1fmoagZCuwGjqhwEKAJ7t03CJJ6G3dhiZZ8AM3srPnzuBykzj2jT21Bmhng0V-THtBX0mXmV6Ah6S1fG4geb_spLRC9rMX_XnSDFrKZzP6rFf6I93nj82YLh1HJiNWnYIvFXjHEdGmIWuIRLeuKZPPs8iXwiw6_1xFmzVE3X0rZ8aiaZMN3GN9xmgApNfOXVYS4oQlSX6EZhAnGytXmEDOP-1_5Wihz-bnHv0jW948sWNNfwMdRhIcbSAlf_k1gJLJferSmoP3vBeK9YA2-H63twWh-Seaq8uYsePDaJjA_CpctEg2P6y9hZmL9nHc77nxooDi019kp8w-7GhKTBDKiQpYnTlkH91UHdm4Ww8enXbOapMLWxfcoHI_9Z4GeJDPKMq1XHlHZWp692I9MeiYQyVUqG4H9xY1fAIWQ97c0rZlzHapijmu40_LuBq11Qq5J8rye1YQfnejbBQLl8Jew9NFkgFeusr8Lnw5wjfQRof81_mAgWZ70YfSNC5mWqW38W7Zh9PMojPfFf2us5LpnA1FB7q_ubPStufBlGhDjUDu7jf3HlHqeIwF2vJJsUKgehLBEoWA_eidnL1MzLCM8U0viC3UPAM-wTmnGgoD1cQfstunPoEA0DJcD4IwRu_C-_yYL19HG4efm-0vR88NQeWc79NEO2yOjC08Xc0_9eKkDOHQruLuEubHar47DGd5hrTJxXUP7W-Cu4_Ib8bcrEVn0_XFUiLwmNLgO-Ciy3rqop1CpS-qOz6ejet3yj49nu4GcYfyK7YPYRqiJT6fi1U5VJ_PICA0IT4vAvYjMXel2o3SLyDswDoSXGyTTdd107tPbLksFfg05PWC7ow_YOL-PwnfxLiDcEJwbCEzol_-RmiQY3v6qe4smfJOWIlsj_njEF7FZ3D0mgv2fmT-KXUV-JZ71XfmFWjUuDUHSq1V1Mod7NHGHlxeRVKAgyd8nkXqhj7wog5m4vFPERcrsUIxwDVwxkE0Qz_Ay6veVtSoR-by5cqWosFqmzPdaUkiEwailJSPYpRz1fCn1WAyb609vCxxiJ-AKZJm64o8UcyFL5EtlBx3WyEMdPylYjwFq2CC35ose_hs-aQr39sQrx-NE54r9ijUnzEU8F2OcMDXivxs6NgzTtNhK9dOcOtutaFdrSrs368zJh3iog8i-xr0AgK6gxtUfPOGqKgSoWiSKVeBL1IYnGa-gnxhA8iE-MkFJqucEuO-k_3-JSrgXD--GpOMA0i901hV_xAlCHhDiW8UIINdTzWm8XzsWN9t7Jksgmp6MVyrA3XmrsktF5k91mfHe3AEvp_9jSnNJIOBaVZ36w0JdfGmAxe7zm1u_zXYj3kmnCx4p8ip2w4uw7uX5YdFDCsTS_xZMMD4JCc_HJFxcA8ZFc73RzwkSBM63fhxPvHZk1_4bWO6KcCV4c1yKYD-KXQcMsoiHCWVn8EnJYXakfaCYJ-WCbucEWJ4ym60qJ5_nPkVis1UMsXbgR6QIUxYznhyq7hMY2XCMAKmeLE0W6BmCR3TzoZw4gl-zlXktE3_IT-zNYYF-LjPznWYDPTTm3C8ZpQ9nykBFMFUxHorgCSyINJojfct3f1dEP1t6yqOBqOewJfIDHCTWHAcpVRs7IpuzCF5q4V_kdPbY2FNNgnlm1_A8pWmuf4sXhYRfdUc0EOPy1Fg0Xe8J_TGGfVGwcIQB3jbchxv6fN-e3ghylVi2PM-nNzBWY21Caqx8zPHPeD3k6e6DZEhgORUNEnOmo3RUcwbYN9WpZoa_yodIZsceyRUj4uT3mBz6VlM-QWPjC2m9icj9w3uEWOKb_BYB33XpahfPqVg&cid=CAQSOwBygQiDZbA6Gvwt18TEw1LwnL6I0YOBwIP3_X0YpzGfQ31P7pj-iKsidAbY9bOkD1_b-SbJUnnJhcILGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=16729808716967373000&adk=2228999115&idt=238&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:55:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47896
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 17:55:26 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame EE06 30 KB
11 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:57:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47770
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 17:57:32 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame EE06 41 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 345853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 07:09:29 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D808 640 B
262 B 66ms
64ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNW-U9_XCdmdUgqUnGGia0Llv-GPnWb3RGSkCqXZnCp9I4gWMiVzvR6JH_goV8_kWpWcWPfeLQ0LGBEIbGyIyWloGPsOWwuV27nj06Fz0CGuSwoSNoyO5moOqJeU180QvaNM5EKnwKvYl1WK2V4pn3jl7zA4-77TIS8w9Zs3hGOjDSIaR68

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 07:13:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4E74 78 KB
27 KB 190ms
189ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 02 Jul 2023 07:13:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E74 42 B
63 B 56ms
55ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CS0PsWyrkI_jDXbF-KXkDTQ1tXGXPr9APxCMIDcjEJcU9wicVizySv4TwByWsAitIusCcc3YKSfndgo6WXdRZ6z9mIY1V1-oQ02vLQ8QB6qouLEIQ

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E74 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7629567881427154227&x=1&ct=76

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 4E74 3 KB
1 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 23:28:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27903
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 23:28:39 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 4E74 20 KB
8 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:50:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 17:50:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4E74 0
0 31ms
30ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT9eE0sMCUSCYK79e7Hq03ZMYJrHRFHqgnSKrPrKGH_qhKCTovQJDuB3ZDEYOzbG6mpwFjcD5J-jHlzljz9ALIqrXcv6A
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E74 179 KB
56 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jul 2023 07:13:42 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2402 640 B
262 B 67ms
64ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYjvzk7gEwAQ&v=APEucNVgjnotyCOLWhhkxLGBbqsykkOZ00a8T_h3_epTAWCF-aMHGXbnFCnAgFH11AYnsVkA2PixRiLGpomIbW63hdw6nCgYEpAX8GLlFc4Y-0FUchr1fdVP7r2NcweMRsEKp25-LuuzdZ1pm1di_T0MQL-jijYUX7LNqvVAId_jvB6cDzmh2uQ

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 07:13:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4B82 78 KB
27 KB 175ms
174ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 02 Jul 2023 07:13:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B82 42 B
63 B 58ms
56ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dfi6RLovUt9eArDQoLbvfAJ29xHQQ67P9J1Ba2_7_WFnewLKSGNTM287TOVxBpiaVu7TvciIm9pHcQTXQer9g9we1ctarVtQ81lZPMnJyqGRa7Evw

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B82 0
20 B 58ms
56ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15789368646106372542&x=1&ct=76

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 4B82 3 KB
1 KB 30ms
25ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 23:28:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27903
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 23:28:39 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 4B82 20 KB
8 KB 26ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:50:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 17:50:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4B82 0
0 35ms
33ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR_00i66p_lwAE2LHOjytev4wPh9RgvhF4Qv2lUYfyfV9b9vvZuQuDTNNPVdbX1mLChlMWdfFgYy6nE2FhNuwhxn5Ri8A
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4B82 179 KB
56 KB 58ms
56ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jul 2023 07:13:42 GMT

GET
H2

200

/ Show response
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 999C
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F

95 B
241 B

33ms
33ms

Document
image/png

157.90.211.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.211.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.246.211.90.157.clients.your-server.de
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: image/png
date: Sun, 02 Jul 2023 07:13:40 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx/1.14.1
x-powered-by: PHP/8.2.4

Redirect headers

content-type: text/html; charset=UTF-8
date: Sun, 02 Jul 2023 07:13:40 GMT
location: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fwww.walla.co.il%2F
server: nginx/1.14.1
x-powered-by: PHP/8.2.4

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4903 640 B
262 B 75ms
72ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNVACqWPcJSnrEDgOBqP6sCpf951znRl8Cz8AX_TMMbTgCUwz4wqAiDWUOrioEQRUWFeE-VI4y6ngiCuBz80_Q_bWNgTOews0ZjyPET8sY25Hjiok1K3v_mh4kLgrEWYJXqnXbNSHUn4iakCbwsGo0yi3rMRsegeHDqRlPRZJXylsiFUwjc

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 07:13:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1113 78 KB
27 KB 184ms
182ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 02 Jul 2023 07:13:42 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1113 42 B
63 B 58ms
55ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CILAvBA6DcLCJEvq1XZqPbOZ4A37l6HKw6G0vV5oCuJK6JFjaiV8jXzuTODFAt7CmYXmNx1b36OYS8yhTKn_7DXUp1JZBVxKEGaCESR1jFnxSezME

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1113 0
20 B 58ms
56ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4031263784859718815&x=1&ct=76

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 1113 3 KB
1 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 23:28:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27903
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 23:28:39 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 1113 20 KB
8 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:50:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 17:50:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1113 0
0 33ms
31ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzjgo_q_rybCGCfnramNPVTLrpkI8E50lOldAEkXajdvnQh97s-Xp6X6iJFhXPqjivEZVHIOxrrywj84fpK8gz3Qxy8Q
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1113 179 KB
56 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Jul 2023 07:13:42 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 783F 1 KB
643 B 23ms
22ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85050
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 07:36:12 GMT
etag: 48472445140208031
expires: Sun, 02 Jul 2023 07:36:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EE06 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6028e989c47c5f0969fe408649aa78892d3efaf66fcd265bc59c8a9880c0ebe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

RX-3c699ecb-c8dc-4768-9794-0ebd3d628f2a-003 Show response
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame 6DAF
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted&zcc=1&cb=1688282022768
https://ad.turn.com/r/cs?pid=45&rndcb=5639328449
https://sync.1rx.io/usersync/turn/8900439031662473856?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-3c699ecb-c8dc-4768-9794-0ebd3d628f2a-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-3c699ecb-c8dc-4768-9794-0eb...
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-3c699ecb-c8dc-4768-9794-0ebd3d628f2a-003

0
498 B

56ms
45ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-3c699ecb-c8dc-4768-9794-0ebd3d628f2a-003
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7e0516743f663a8e-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Jul 2023 07:13:43 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-type: text/html
date: Sun, 02 Jul 2023 07:13:43 GMT
etag: RX3c699ecbc8dc476897940ebd3d628f2a003
location: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-3c699ecb-c8dc-4768-9794-0ebd3d628f2a-003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 08A3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOHyoZVanh6J9jz5qVshvf0&google_cver=1

43 B
114 B

128ms
126ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOHyoZVanh6J9jz5qVshvf0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYoofk7gEwAQ&v=APEucNWJhkUv9UcNf45OvQukAd8cjOibKHQRlaXRQsp_Q1ASL3erMaT9Fco3xOfrURY_V88JvWejP2Ohe-5TopYaiRyZTVDF9_qCauF6YSF_AWHhPLfhwjXUdYOfKog3Nbg4ABwFINzm_uEvccjY_uV6S3xJmWM1LeHq78EAI3ZcXNn4sFaVmmQ
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOHyoZVanh6J9jz5qVshvf0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 08A3 43 B
131 B 133ms
127ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYoofk7gEwAQ&v=APEucNWJhkUv9UcNf45OvQukAd8cjOibKHQRlaXRQsp_Q1ASL3erMaT9Fco3xOfrURY_V88JvWejP2Ohe-5TopYaiRyZTVDF9_qCauF6YSF_AWHhPLfhwjXUdYOfKog3Nbg4ABwFINzm_uEvccjY_uV6S3xJmWM1LeHq78EAI3ZcXNn4sFaVmmQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 08A3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEK6v_LLx1ztegAsV4f6198w&google_cver=1

23 B
163 B

49ms
49ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEK6v_LLx1ztegAsV4f6198w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYoofk7gEwAQ&v=APEucNWJhkUv9UcNf45OvQukAd8cjOibKHQRlaXRQsp_Q1ASL3erMaT9Fco3xOfrURY_V88JvWejP2Ohe-5TopYaiRyZTVDF9_qCauF6YSF_AWHhPLfhwjXUdYOfKog3Nbg4ABwFINzm_uEvccjY_uV6S3xJmWM1LeHq78EAI3ZcXNn4sFaVmmQ
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sun, 02 Jul 2023 07:13:42 GMT
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEK6v_LLx1ztegAsV4f6198w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 08A3 23 B
163 B 125ms
50ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYoofk7gEwAQ&v=APEucNWJhkUv9UcNf45OvQukAd8cjOibKHQRlaXRQsp_Q1ASL3erMaT9Fco3xOfrURY_V88JvWejP2Ohe-5TopYaiRyZTVDF9_qCauF6YSF_AWHhPLfhwjXUdYOfKog3Nbg4ABwFINzm_uEvccjY_uV6S3xJmWM1LeHq78EAI3ZcXNn4sFaVmmQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sun, 02 Jul 2023 07:13:42 GMT
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2

200

6e388d36-be5d-52b7-a9ba-d1accd1bf20a Show response
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame C08A
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1
https://csync.smilewanted.com/set_partner_userid_get/betweenx/6e388d36-be5d-52b7-a9ba-d1accd1bf20a

0
392 B

37ms
37ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/betweenx/6e388d36-be5d-52b7-a9ba-d1accd1bf20a
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7e051672be063a8e-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Jul 2023 07:13:42 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: https://csync.smilewanted.com/set_partner_userid_get/betweenx/6e388d36-be5d-52b7-a9ba-d1accd1bf20a

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame D808
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOHyoZVanh6J9jz5qVshvf0&google_cver=1

43 B
106 B

127ms
127ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOHyoZVanh6J9jz5qVshvf0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNW-U9_XCdmdUgqUnGGia0Llv-GPnWb3RGSkCqXZnCp9I4gWMiVzvR6JH_goV8_kWpWcWPfeLQ0LGBEIbGyIyWloGPsOWwuV27nj06Fz0CGuSwoSNoyO5moOqJeU180QvaNM5EKnwKvYl1WK2V4pn3jl7zA4-77TIS8w9Zs3hGOjDSIaR68
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOHyoZVanh6J9jz5qVshvf0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame D808 43 B
120 B 133ms
133ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNW-U9_XCdmdUgqUnGGia0Llv-GPnWb3RGSkCqXZnCp9I4gWMiVzvR6JH_goV8_kWpWcWPfeLQ0LGBEIbGyIyWloGPsOWwuV27nj06Fz0CGuSwoSNoyO5moOqJeU180QvaNM5EKnwKvYl1WK2V4pn3jl7zA4-77TIS8w9Zs3hGOjDSIaR68
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame D808
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEK6v_LLx1ztegAsV4f6198w&google_cver=1

23 B
163 B

48ms
46ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEK6v_LLx1ztegAsV4f6198w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNW-U9_XCdmdUgqUnGGia0Llv-GPnWb3RGSkCqXZnCp9I4gWMiVzvR6JH_goV8_kWpWcWPfeLQ0LGBEIbGyIyWloGPsOWwuV27nj06Fz0CGuSwoSNoyO5moOqJeU180QvaNM5EKnwKvYl1WK2V4pn3jl7zA4-77TIS8w9Zs3hGOjDSIaR68
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sun, 02 Jul 2023 07:13:42 GMT
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEK6v_LLx1ztegAsV4f6198w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame D808 23 B
163 B 97ms
48ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNW-U9_XCdmdUgqUnGGia0Llv-GPnWb3RGSkCqXZnCp9I4gWMiVzvR6JH_goV8_kWpWcWPfeLQ0LGBEIbGyIyWloGPsOWwuV27nj06Fz0CGuSwoSNoyO5moOqJeU180QvaNM5EKnwKvYl1WK2V4pn3jl7zA4-77TIS8w9Zs3hGOjDSIaR68
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sun, 02 Jul 2023 07:13:42 GMT
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DFD1 22 KB
8 KB 25ms
22ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 345789
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 07:10:33 GMT
expires: Thu, 27 Jun 2024 07:10:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 2402
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOHyoZVanh6J9jz5qVshvf0&google_cver=1

43 B
106 B

127ms
127ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOHyoZVanh6J9jz5qVshvf0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYjvzk7gEwAQ&v=APEucNVgjnotyCOLWhhkxLGBbqsykkOZ00a8T_h3_epTAWCF-aMHGXbnFCnAgFH11AYnsVkA2PixRiLGpomIbW63hdw6nCgYEpAX8GLlFc4Y-0FUchr1fdVP7r2NcweMRsEKp25-LuuzdZ1pm1di_T0MQL-jijYUX7LNqvVAId_jvB6cDzmh2uQ
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOHyoZVanh6J9jz5qVshvf0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 2402 43 B
120 B 130ms
128ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYjvzk7gEwAQ&v=APEucNVgjnotyCOLWhhkxLGBbqsykkOZ00a8T_h3_epTAWCF-aMHGXbnFCnAgFH11AYnsVkA2PixRiLGpomIbW63hdw6nCgYEpAX8GLlFc4Y-0FUchr1fdVP7r2NcweMRsEKp25-LuuzdZ1pm1di_T0MQL-jijYUX7LNqvVAId_jvB6cDzmh2uQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 2402
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEK6v_LLx1ztegAsV4f6198w&google_cver=1

23 B
163 B

47ms
47ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEK6v_LLx1ztegAsV4f6198w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYjvzk7gEwAQ&v=APEucNVgjnotyCOLWhhkxLGBbqsykkOZ00a8T_h3_epTAWCF-aMHGXbnFCnAgFH11AYnsVkA2PixRiLGpomIbW63hdw6nCgYEpAX8GLlFc4Y-0FUchr1fdVP7r2NcweMRsEKp25-LuuzdZ1pm1di_T0MQL-jijYUX7LNqvVAId_jvB6cDzmh2uQ
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sun, 02 Jul 2023 07:13:42 GMT
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEK6v_LLx1ztegAsV4f6198w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 2402 23 B
163 B 47ms
46ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYjvzk7gEwAQ&v=APEucNVgjnotyCOLWhhkxLGBbqsykkOZ00a8T_h3_epTAWCF-aMHGXbnFCnAgFH11AYnsVkA2PixRiLGpomIbW63hdw6nCgYEpAX8GLlFc4Y-0FUchr1fdVP7r2NcweMRsEKp25-LuuzdZ1pm1di_T0MQL-jijYUX7LNqvVAId_jvB6cDzmh2uQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sun, 02 Jul 2023 07:13:42 GMT
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 783F 70 B
265 B 142ms
45ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENTKmss_i64P8XhDGwS9vPU&google_cver=1&google_push=AaAOQGE0ePrCMRM7Af1TJ19YV1y_p3eGfRfANPotK2mxNrRKmX7AmxNMv0exiIGN8g3iF8F2ct4xySPiG6TfuLUq8W70s6ad5BBp
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 783F 0
173 B 88ms
32ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEC0Ul_iJkI35vb2KGex1dxk&google_cver=1&google_push=AaAOQGF5n7AWqVpMUOIYe4YWxw7J-dvcMtGSpZ2Jsagt7-uDRQu3qeYbyU6ooxmxNY_5xziWmEuJdXj9FGoUWXyQyih5vI3b9JVtSQ
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:42 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 783F
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIZgMeEWukKjJPq48I4a46Y&google_cver=1&google_push=AaAOQGGCmiiCEk9TXFQFi2AsG8w6YhTQq7HSh_sSH88FwWbhxlfMpkjJHaWCA5eO-vN91VCvLJU96FfN_u4lA0...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1MTExNjA3MDk0MjI3NTczMg%3D%3D&google_push=AaAOQGGCmiiCEk9TXFQFi2AsG8w6YhTQq7HSh_sSH88FwWbhxlfMpkjJHaWCA5eO-vN91VCvLJU96FfN_u4lA0lbCP...

170 B
188 B

34ms
34ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1MTExNjA3MDk0MjI3NTczMg%3D%3D&google_push=AaAOQGGCmiiCEk9TXFQFi2AsG8w6YhTQq7HSh_sSH88FwWbhxlfMpkjJHaWCA5eO-vN91VCvLJU96FfN_u4lA0lbCPI3AD7aFgfPgg

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1MTExNjA3MDk0MjI3NTczMg%3D%3D&google_push=AaAOQGGCmiiCEk9TXFQFi2AsG8w6YhTQq7HSh_sSH88FwWbhxlfMpkjJHaWCA5eO-vN91VCvLJU96FfN_u4lA0lbCPI3AD7aFgfPgg
Date: Sun, 02 Jul 2023 07:13:42 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 783F
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=I8QoZlJTS8-PGf6lM3axLw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

35ms
35ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=I8QoZlJTS8-PGf6lM3axLw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGEjTl5oIDOFFqauywsLcAbZI9-UtOb4kWmIPM8GZEpdkYGsAQ_8WUGqKCQrCMcUJz830VPAmw2oCGZfVFx9tI3CWxuyDDxoNQ

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=I8QoZlJTS8-PGf6lM3axLw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGEjTl5oIDOFFqauywsLcAbZI9-UtOb4kWmIPM8GZEpdkYGsAQ_8WUGqKCQrCMcUJz830VPAmw2oCGZfVFx9tI3CWxuyDDxoNQ
date: Sun, 02 Jul 2023 07:13:42 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 783F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELL6DAy_XoP9P2SyQlKKWwU&google_cver=1&google_push=AaAOQGEWA3FIU6odfErtRkrGVXCvAIbxH9DdO8_r8uOqKim2J-wBXcjTO-iI9iLv15xKP3NbE7f...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpMM0lYNVctMU0tNUNXOQ==&google_push=AaAOQGEWA3FIU6odfErtRkrGVXCvAIbxH9DdO8_r8uOqKim2J-wBXcjTO-iI9iLv15xKP3NbE7fexxew0xfc8ok6oNTDRZuMEkP06A

170 B
188 B

38ms
38ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpMM0lYNVctMU0tNUNXOQ==&google_push=AaAOQGEWA3FIU6odfErtRkrGVXCvAIbxH9DdO8_r8uOqKim2J-wBXcjTO-iI9iLv15xKP3NbE7fexxew0xfc8ok6oNTDRZuMEkP06A

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpMM0lYNVctMU0tNUNXOQ==&google_push=AaAOQGEWA3FIU6odfErtRkrGVXCvAIbxH9DdO8_r8uOqKim2J-wBXcjTO-iI9iLv15xKP3NbE7fexxew0xfc8ok6oNTDRZuMEkP06A
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 783F
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESED7Buut5M46s1qksyZD-nfQ&google_cver=1&google_push=AaAOQGFkGHybcN0I6phf44mBmw_x78xwMVopbUODpsgVVEGYKsx5K34oSALBeXVVEjDoD1w1FPWPuZcXkkBJTwRVR...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESED7Buut5M46s1qksyZD-nfQ&google_cver=1&google_push=AaAOQGFkGHybcN0I6phf44mBmw_x78xwMVopbUODpsgVVEGYKsx5K34oSALBeXVVEjDoD1w1FPWPuZcXkkBJTwRVR...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGFkGHybcN0I6phf44mBmw_x78xwMVopbUODpsgVVEGYKsx5K34oSALBeXVVEjDoD1w1FPWPuZcXkkBJTwRVRW2-RKAUHu2jpw&google_hm=G6XxJGZH__q39tT-QoWE...

170 B
188 B

32ms
32ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGFkGHybcN0I6phf44mBmw_x78xwMVopbUODpsgVVEGYKsx5K34oSALBeXVVEjDoD1w1FPWPuZcXkkBJTwRVRW2-RKAUHu2jpw&google_hm=G6XxJGZH__q39tT-QoWEGkvk

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 02 Jul 2023 07:13:43 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGFkGHybcN0I6phf44mBmw_x78xwMVopbUODpsgVVEGYKsx5K34oSALBeXVVEjDoD1w1FPWPuZcXkkBJTwRVRW2-RKAUHu2jpw&google_hm=G6XxJGZH__q39tT-QoWEGkvk
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 783F 0
45 B 167ms
39ms Image
text/plain 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESELdJfXIX3rdBoc7NnaD2QsU&google_cver=1&google_push=AaAOQGF6ihKnMrFvjKPiiDeGB-l7aJyvav2fvWQxuFjdEwhk2Uy2jssOB3bH4_6sXeT16FR4yI1_y2sLcQWHo0ImoxsPPCrG1buG
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:42 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 783F 0
12 B 32ms
30ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KfP5k1irRKEMWQdF2qo5A3A2kC0pioqNgQUiSnVSK6nNSiIwV50jDDGsLR37i_oRf3PpPC

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 4903
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOHyoZVanh6J9jz5qVshvf0&google_cver=1

43 B
106 B

130ms
130ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOHyoZVanh6J9jz5qVshvf0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNVACqWPcJSnrEDgOBqP6sCpf951znRl8Cz8AX_TMMbTgCUwz4wqAiDWUOrioEQRUWFeE-VI4y6ngiCuBz80_Q_bWNgTOews0ZjyPET8sY25Hjiok1K3v_mh4kLgrEWYJXqnXbNSHUn4iakCbwsGo0yi3rMRsegeHDqRlPRZJXylsiFUwjc
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOHyoZVanh6J9jz5qVshvf0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 4903 43 B
120 B 129ms
128ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNVACqWPcJSnrEDgOBqP6sCpf951znRl8Cz8AX_TMMbTgCUwz4wqAiDWUOrioEQRUWFeE-VI4y6ngiCuBz80_Q_bWNgTOews0ZjyPET8sY25Hjiok1K3v_mh4kLgrEWYJXqnXbNSHUn4iakCbwsGo0yi3rMRsegeHDqRlPRZJXylsiFUwjc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 4903
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEK6v_LLx1ztegAsV4f6198w&google_cver=1

23 B
163 B

52ms
45ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEK6v_LLx1ztegAsV4f6198w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNVACqWPcJSnrEDgOBqP6sCpf951znRl8Cz8AX_TMMbTgCUwz4wqAiDWUOrioEQRUWFeE-VI4y6ngiCuBz80_Q_bWNgTOews0ZjyPET8sY25Hjiok1K3v_mh4kLgrEWYJXqnXbNSHUn4iakCbwsGo0yi3rMRsegeHDqRlPRZJXylsiFUwjc
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sun, 02 Jul 2023 07:13:42 GMT
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEK6v_LLx1ztegAsV4f6198w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 4903 23 B
163 B 46ms
45ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjmoLXcATAB&v=APEucNVACqWPcJSnrEDgOBqP6sCpf951znRl8Cz8AX_TMMbTgCUwz4wqAiDWUOrioEQRUWFeE-VI4y6ngiCuBz80_Q_bWNgTOews0ZjyPET8sY25Hjiok1K3v_mh4kLgrEWYJXqnXbNSHUn4iakCbwsGo0yi3rMRsegeHDqRlPRZJXylsiFUwjc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sun, 02 Jul 2023 07:13:42 GMT
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 61B5 0
20 B 57ms
56ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8425659307067&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 61B5 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8425659307067&version=m202301230201&ct=76&x=1&cor=12266748515599430000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 61B5 102 KB
39 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ChuhdQgi_sJxATTzy4xmhnwtAKA6Dpl1i4z-LuGmKV9zHZpCmQKoTCvqxkInfRxq1A8EaEs_5ikg75MoOe6ILZ7SkuP45_1gtTP5SLgLauvhB19ckLxzzwa1ugZppay-eRyaDk4Nh4g23KznteB3zkuG69rCnCyFDLmmPwWqwgOR7_Pco&dbm_d=AKAmf-AorbJa1OSxDyOIedPPYiAZc1Wsihjw4bkhFjINyqWOlL5F7yNmY7ZY9tNO4b7k4Dkkk2OtwM2Ja_kewEqjxxLkTv6XgqfvA1grd1aMT71GxeOyMwj99L2sa3mcWBDk6ROD8D4_VA4kQngfevTfjkaWU8ZBtbgS_G3gDITaSoh-t8inzWApBZ_N8umpIkjMhd1hCHKCTeVfLW5sztdG9ktTyFcIhlfcjLq3AVrFSjQyN--c2NfUOXQJp6jt688KtcqKdMY9CMK1wLE1-5zJu23xh_ekdrTEYXWWRsa2JavudloPOE6yGQy_9FIMUJTIhwkpde1Rr5Bf2mk_6JHaKTgxTx0HSHiKfm0R3Mb2BHABstvrkCE-DXPMnnCkDcQbcbyzKqnI18DQ6qruNJ0dgHtH_-c4Lxfvf0VkYTTO4St1kCe6Xg_g_4dDqd-AsyGbIXsg2taAbxrFfH2DY3CpZTfMKYScuX9wRw3oFwrOwQeNoIgvZuFu2hftR63ShMsot4hhpPUwQ5Cim-U-5tzfRe63-t4MSM49Oej8E7BHYNX7_krLOWt3m_wIY4sw15uvrAScpboYpaicOFtpoeKyPQkPW-GAQbo_GXd2zyOi7lBilXO5JW-7ja0rlSMslFwSv035i5FeQJvHuE_SrLJk1qStVv6kt2C5coOz5dnMEizb6q1tJb8ajsAn3mpuItu6UIj4OaMOLAn_UUQ7ObsE-4MgdJfhDCS077VAk6DM0S5YU7t__8UMxAWVkpmzcuubAfwuwXy1KKSbEdg3Sy5QPNrJIzph5CYhYYvSMc3jCnfd8cngRI78P337TrxON_CJEMpfWFo9oV3qlBB9d62jHrLQp6eGSjFlMuN8LvtUzRNcMU151d6vjtAsU10gOHyspi8WsLDEBTSXHaWPeY4pK9vlxWj0HYdNTOQuNv-iPzCkvBQlZmXKNaGbw6wNIP9bEZd09MU0kcydFdU0CfDW0VjctlGdO153UZlUGstC9LVv4Z9bNyjJ3152Yam_qL4Tsg2K0pqHznLBEEqFYb2Bwc-milYITU4jN6fTirahoG3uYWyTmgdYEV3w7NNz0iz42fhBiSHpIzaFWEP100jiOnEywJ9QL5wzu3dtLpbiSfrQLBHvwf0tY1hthMyUH5YIHGJpovHj9Mulb15eXzC_0JSLjQWkO3iRpF8W5CzHn9Hw93NfiPOyZ8EUcLh6nM8stN8niSSCj2IcuoZxZJDZhChIj2r15UZC_hTdSoJmhhoVggDrOAHn91gHVfHoWHqHO26nSTkutYSsACFMA6MQnUemSy41QnXro4W2icFuyqa7mhIDFqwbFNW69GMqbPJQXSUyVg4AIq6mJGUlGwEoJJ_RRqFjlODsWl_Ajs6dxjv2xOrKMl_IWfo16skfTVk8fcg8Hm29E-3hHvm7aUAs38SPPBJj-qBSj5EPIKYR56RH-ONCCda60DDneotZJYN3HF5-iMJ6BrBcLByjfog3B9bFwDpGSI6yn3BY-yKKjDgYYwLeBk6CR7VmZfHwQeZ6iIOyRX9u7PSiWYwlJUluJRlv8BJp8ieEK2urDGmLN0DF3-Xbb0hxGElJ9yIeJMiDTfBosG6reqMFdARiF2TULybkMgPuO4HZaeqOqSjamp2ThLnezH_A6WblNG8xuVJxhu4Fz3OMrwrC-4_DZgQpJZ1q9wkLhq-gxITF5WxGcGE4f8alWMon_NYupdmc2t0k8htmmBIDeQV_1zYfKZc5n8dkAhkjoXPGvwguQQdYK7kl0GcTAMFxa0U1vV5zvqtihlDW2secikV7SlwLDoXUlRfdMogxHB-FaRs-pvACIf99lMppCcf0d86BnIdZCy4VHAVWMtpfmWj-sam7QVN1mrAVN1Z3tjnboXKeuEmhW1yemZbAfLvd_eFubY0YP0uskLDfTw2SMkMqdyy2LqTZLyDrGYUecm0NTWnCG8E2HIIGiQv9Dc9n_somLh7PQRzNLJ79xWF0a2SD71uPhaSFqLVRp_dJ_5-rHyq9oWAxZolDxVUP1EkCgOjhAmzI9HBJKXe14U-Mst_4PuBHgTfb3jqpQSzX988wmGyvwVuy5xM6g1t9ju8oFkgx-r9aEK8VuMZ8Z41SZbYbwMWbX0kGgZepreeBOd_5HsBssEKWF5N3KCuuoDZqMILz9m3qhY9vWIP1eA8ALveSWHWnilO78i1ev-NZSp2B6GcRAJnLG8tiUqDTuDmfFebhbbnjQhLxUdlCjzJW67KLAWTwKRqGjO-5GmwBbSjzPAiLcW83jEM6D9_tzDUV3Wd5rzVvFsmwq2elVZ9OEy3gWAi1PWGkjpAmQTzn6oFs2Uq2wCm-ORDF9Dreux2W3PMEzMk2zOx6LBUqAFIKkylIJdYvF69nhax7a7SDz5Nc46a0pwXfi-Vxw8J5_90Vcbe4wCB6ZZ3Eg_vmmdoh-ASnI0J-b_IyaBG27RKkc17glzezxy7VBIYfE9V6dahamt9soHWPViHrUHzQf6c988gjJ_vHLh8suHSqSYMvbMTrbRc0KCxcFBEPV6H3ZFtp8yBzct0-XHKIA43fGa7kn5Xr_CtzXZNVD594lLmN-04t0m1yOQVSB-jcajr9w7ihyrRzZW_qhpmGmkvWPsXyG92GsOt-ANTYKdIBmesM8N5PbGPz5mPFTftqTx3fQ4JD0K4ELaNMsid28L8n2X6jU7LqnHj3zzLkrHYNUQ06O-dUe4oRc2lKGyLbyp98oHzQJgBfljEofxn5gUMI6yFwc4hC2r070OWFGjEbepIO6gNE7BdFH5MrDYd_3v5L85O8SxmAqh-RRNl9n-Bnh19AumQSloARkEpK9VC28Kscir4XTFPMw2eCBhRv02Zr61NnsdhiUAqLyXIvMaRZn9TcJQ-3SnBkoEzT6x0Xr_Uhwj-PwuERH9ybhLDH2pt-VUykSTdJUR9QPfyJsFZM6HJt9ud8UT4yvCqOoYVBAY9Zy4c1a78EkLfkroT2mNBVquRJdZ1an-WX0ijNu_kOFXarsPBcw2RKcn1e0FtWEu_sP0NqObQWHNl9dFe_fe2iYw6tNDU8XxzklfHPO4kwdCse3qJcfyxmORTgXfA9RglEeqTQ_S5ngUq87ANh1ZudYF5di0wseJqnluLX7y6p4lBDGvbVzSjQfEMDZUCgVOi5yI586KbvS61PmM9ubXgln1KqxrVG03XqYuvcLpQPNXWZxNSIo9MP_YGOXyWddMyzQdnZVWj6AzmEIp5PNaBqXZvYq_6vSMmMM-3fSBljsVX0Z5Xjrvlg1NJF_rSxqp81GMkyrdgXozmRs0PU0Q0drmmV2efsQgzpuceODuXHNKXs_dL-CpFGilX_IczP_3S5y80A9LJq07CkMJNT6ErK8pe2cYa9Zz_zLQGuJ4qSaGNhjNj4vOZ85DimpQU_lckbUa24drVEzCNckpSzlchtSFznggTSUEb8Kl6NLRsH8Kygb4S6KQ9CqMl0CzldiJTXhQ&cid=CAQSOwBygQiDplLGDPGb4SGnH7JKamw_lTFAXG1ojyX2Tmv5ayaCl3PObSfVko2uqpPdN3nkx5aLOKGSn7lOGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=12266748515599430000&adk=3690638929&idt=100&cac=0&dtd=59

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

514be458d0c909ff870da871368fda8569d2c0a2458a8d3edfcf2bf5a64758da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39584
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content smwt256.gif
us.ck-ie.com/ Frame 7DA9 0
0 324ms
104ms Document
text/plain 8.2.108.194
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Sun, 02 Jul 2023 07:13:43 GMT
Server: nginx

GET
H2 200 cookie Show response
cm.adform.net/ Frame AAED 43 B
106 B 106ms
35ms Document
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Sun, 02 Jul 2023 07:13:42 GMT
server: nginx

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4118669358599725765/ Frame 49D4 196 KB
26 KB 70ms
21ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4118669358599725765/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c591279b337ccd9eeebce7652b11526d2d0395cee9cc201c89e7f780ec241831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 494483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 26228
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 13:52:19 GMT
expires: Tue, 25 Jun 2024 13:52:19 GMT
last-modified: Wed, 21 Jun 2023 11:45:35 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EE06 0
0 142ms
70ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsswtbcV6UCH4ENlVrB1v-yLHkE_hP9jOECI7n4fHI6xXEJeh5a_g4d-vGXqLD0lkuKS1Yjx4Ak7gi_nph4Reie_wYHw-CbCmDddOc3_huazIGQ5TihtnpJEKvc6xD7Uv3Q3C4kRwNJVOCo2yBi5pHunWxV8PennrAlBKVXVNi_1gFvJszjsVgRVAanBbPJU7ua1xyd1Ci_omo_e_RAeickUW0o9mtYjh8Vuq6AUzB3DNBwS-BSJ3mkYh8hNQ8VjoGMWZiHZJUrBTsz-h-rwkp0vffBFHYReWxjVrOV8Re4OeStAEf9Hiw73YAWfMccEVrm234Wz393n1q3QYwlP1PGLPKsDIYMn0_wGBZJ0lphcXgR5MygUuJbF-a5tfAi0_1u7coOE6gul676HJ54NOb31k-8joEdX2cdaIUv8ydJyB9snP4dLm_auBykd_LffJnGLeMjBP2TrjZIUkEE2pnhb3GvPek9bSxmIpIiz3UjkOjHIiykpWOADIqT8AxkuCEy0jRLfZZKL1ObwNyKedtwvKJ70Ph1hzmPx5bnfXNIkeJ5LSHVjzOML3OCBDFbWRE-WEbuoOHIUgfOC3yO48a4inJvYvZP7rLisjqqPDnTF9-9L-35DeccSHGxSGzqL__frx_NoTZnW-QwLIIcU_b9lXY85p3wWSaCkQdwHlfVJqeg9RULP9L3OMFj_2txU_ZB1o2hLWizOYfG5OXZB6e1WI24RQqOLwJwdnZ-sFfRJ7Ay55a7c8QCs51JsjJwef8lMm7vv9vWAAYUJ3pQ-rVYSiz69TIg2ELQInH7FJsuwQDCyKkM8_Iqm2b6ETQVuP3DiDMM4vWt3-RBK5QRvyhJtZ4T-UFleVG24mGXVuiRFKrgCMbgnrKAwuFZ35S60mPQRM4hC0mgvxbuaJuDTV9zBcfM5JBnk-bI38iZpqXG49Ok_kI4U1lhQ2t4prtoMecJqj3dbMPV5XRS_dLlsxrrNbIeKfP6d2YoPffVciPflqsplmB0WkhrJ6yM-57dRz0FfdeOmeukg1RV2I1pXlkGOlBXKHB97cZLtJ2cc1VGyA0PCT0G8GDPcjwgXRCP6GMwTqq0Ulmt15ZOvVkI_l0NMKuSuUynb2VT2GwE3X78AP_s7aQwp0Rvz5zDy3valWYrweMYfec0jJk5arzEgOrR0hSEqzOg3kxfW4hNI2ae1UTvkRwPNgnKWcWopsk4elGPp1ODh3UqsisXRmcpVi3x3zvJ6jUNVMIQT4vCoC6xJwACJDHr5pBtCFUen3z17Nf-q7yZ9G1aNqT0&sai=AMfl-YSICdjpjv4utapTGl9GuM4mkc1ACF5tDLs0vz4rQuxnu53ugJ2YMUkBNupVRDeBTGEkjnygc9nFFmo6TJMjAusLaoAYMJYzNQdwBN-p5jnKnEA4_nDrNOeCqOMx1-c4h-AUo2AbnIKErST0n0b0aanYnbpXBpBNH8-XoHEiCX1wdxASn0aP79nxjZj06ZIgMFd3FKFjsi49uiLQFJJXW_sQf9PY4GnEk-6SZ4bXG0sBEku5_Fk-qLL9YqBb-eNxwLFA&sig=Cg0ArKJSzBINMPOIFJ9lEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=206&cbvp=1&cstd=203&cisv=r20230627.67109&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 02 Jul 2023 07:13:42 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 02 Jul 2023 07:13:42 GMT

GET
H2

200

2377327c42426363114219bafb1fe1 Show response
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 0C79
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/freewheel/2377327c42426363114219bafb1fe1?gdpr_consent=&gdpr=0

0
459 B

37ms
37ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/freewheel/2377327c42426363114219bafb1fe1?gdpr_consent=&gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7e051673bee53a8e-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Jul 2023 07:13:43 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Sun, 02 Jul 2023 07:13:42 GMT
Expires: Sun, 02 Jul 2023 07:13:42 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/2377327c42426363114219bafb1fe1?gdpr_consent=&gdpr=0
Pragma: no-cache
Server: nginx
x-sticky-vk: 1688282022894080-521

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E74 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8594883970649&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E74 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8594883970649&version=m202301230201&ct=76&x=1&cor=7629567881427154000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4E74 92 KB
37 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMKTjn3v4scF8c6ZrefpId2_B4Kx67sv73TC1fHE2OjlDSwwsJG7r7XdQPZ8JA0f3Rqsw2hz2SqXSLKbzdYoKgeizwV3Uzgte8Ha3BTEFNl3xLibQ&cry=1&dbm_d=AKAmf-CulIQgvCtvQsfkFKpqPkKOcH93C_-3llOH7pVog9O4FXbzRrEoh0P5w7UQM-SQJnTiTWxtQIpzdtssNmGZowbOmYhT7UE2MCpDKT70S8dDu_Rruir1tOH6zRLPulZsT3tsWOfnXw36xoM6ELoH-IoiNuAKijXJYsbptqkMlxVU3uW3uZKl0HRs4te7hKn1SxOnY-9U-aIz6jpC2tKRB6qsVEvVc2iMtG5zmaQB-ULr0dvMzSbBORDPyB0sm5_voOW3PECnW5J3OAEHrhwbrLIwzFMjabIfbkER4nL5RrCldOBllc0iwXxOeNLQYOxNaiDA3GzDDqfLV_qnTZMTEth2GLHUjUnkARYiDgiCxonTMpXY1cexDcYcg8BbsgWPRFZJKykg5Xsf4v68K3LJtQMAnyNJoM52o2X3gxn9GZpyQvqTOxi5V0TrhzS6IAuDA-Rrr6KvzOCHdfl9bKJocLDouDFCn4tCy3imWXcjkK4RXSPOu7d_ZS2905z0IoZeQVBRz0aCyc6oAD0DAAvNbFghPSQcWDo5PLU6cNvCIvJ727iGGdFZpM2lDwmasYm18zuExSwUks-kaaGNH8BNIb8TJkypAYZv9oL8iC4CQKxwgRkVceitaCGrJkgnWTRtdlYNIKaH_TITZnhdNX30COpapjFXB-DXC70_i-UI53VwCru8yYpcaJcO4VZ6OvX4B7uY3eyavnTMFfb_iAkAqFsvNdMbph2Sn1scH_VNGK1Vni9V9cNWEiTjlgiOyezmjmed6P-UVsaTu3pJN096iOUJNrJQWL6bLmYFqrf0yBug-BkfE-E2M8duk8615oPUvKDy6BFjsBfjGi-hp0zKJHzYEbBWHDTrJKkGsSF9UY2d6WcOHUKvXM6nKHZNBCdh9QgFCLX2vluHs4ONatRhWGccdLridhkNHaTw7qdvZYPF_Z1y5ag-JaEzSPzfZWkbeRy81TmIK1Stq5bfHoiUd5DnF6U8m57GZuhmoo2EuZ3iI2gOU9PEumoCgQxy71ups7Gyhdlle-uKg3wIYfnBVxWdL9zjMxCYc4DTZAGA5vmoegdIYx9CIMgDpj85HIFrCNEfXhv5I2_yeNtSMNJjo80hCVZNyipcuBasVcxw63T28jhtZusLdFzFpbMwQsJiqiF32lcAUqLhBIgpJuqzvr9CqZMhAKZFOjGBZFXmsuxmSe1JToZCNFemiueWm8-ruEn4bfKzN_UVlTkPOh8yMICR1AARtD6Axzb-yPYorjzdkd--Hnqb1OTrWhGSIuLEVtyMKJFGrfC9usYBAvC2NuGV9Dh-IicY6587Gb4O6PX4R3I_GXJhFev0e8d4LAxZ8ZDgaK9obTwxpN9s4crWR1yQuDRjUDQbK2dsA0qEN8y85-gFyFaGAq8cXev3GmvC3-mmzMuMyz_omu9X5765QWwEWW07IWhQOxFlyAwKCZjkAW-FcOTYJ9QfRdwHqinegrwGEkGFSzecVQgEDrk3Aht5c85jh3_j7mY8AaxlRDwfcSAWGHmDztNQiLoaGwWZ8JM2GyLZl1u-3BYb0VKXfK1QH71Wjubu9XKpM9F_lHyivp0MacMIG2fhYBuJ1WhBSgPh5oF7cgRLYzkhwf9IBisAlRUJYQSxFzrtIBCEPn0Nsl4s_CGGSYh2hcePHhLWuazOC96S59b83WoKUSfuG8Dx4ViI2fL5OQ-Im0VqHVWvKxkeFdbpe_xixpIWC0Gs30waFLcwgKbAfvV_ZBQESTPHqEGl-f4lH5J7Hkn7n2XS3f6E6y8jxtrMcHihuf9v43GCTHDul7JoWHk925JryxfaPYiy9uQctPIhesqQbAfxH03GrGSAcpt1YjbEXHj-h_Ivz8hXSJqEaHtikWR2HQqEl_4JkzBwqnci1aZGVTXAg8WhZASLKk11fLk4_bWEq8-2tlaI3JwDxZhodzVcSUrOoGp19xXl90iFlmj8cANwoPhmQRz2F18eZE8_M5j8ofwXbcdUlJWEwhub7eLh21-L63FOmNNUtjZ-UrbL7kffOEdf_6GjXYCy3NHkGQ3fOT6_Ls5b7Wvy6NNcGan3cK4tICWzQhDSNEFQDOcR7lSyCi4ltkCkJdZkqfRxr3wKR-iJ91ZaqDDXyjJknldCi9Ck5ogYzBfdCOmbyI2eQur8cHUAe-5En-x74UAJDLt90C9zoyassfs4woqsCM6OCoHaYciWwuCsmpRD9UjET3EF5bmj8QAEsRnakZveNuMQybpuMrWH0aPovcj0Npkk6LTve4fUvH74ncaSlCU2I1P6vVHXzXRFqb_JcfiD4ciNFvok0KfHD-exLnbBsUgRymULDtzhJdQnJ5688HyrtILLxhGXorijH4mPLyCSvfT1omgznAvyqFCS6MjdQRnhNOoN30Y7nNYDZ4U9g5F0Ei8_g9V90XfjQLiefJ5Hdu_xmVNGP2TMI0-Qh3vTuWYncioZS6LoOgdi77hjnifD2m8rcdxabebPiBGNif9EfGLhvMcGj4tCGRmFPY6uybSFVIIwiZEzh0AS6sCrOT1f8CIZxCqolBl9UuuQ0mpx_dT5sdwijbNq01qaDHjD5hL8xZN0H-YJgxBcxhgHJJixu_btdq6V4HKK0VguYO1wTItRrGj7xm-ldCkoKtuE_WWi539sJ0hiDn3lcLNEsFkiEEjojF-OmI8-HQGFhpi38oAUgg5qVv1Y5kfgvq2emYtMn_rsRKAeefzMKr7rpSzfXOyGxCVP2EmE3ASPMib7llQMOrfLQVhDJKRKbW_OEDmEY0XshH50zsxHXzxDYwE4JFNNYXyYLnbhwwja2eK2XAlc9aIDtvqpwrJaOS4DksLsX6N850OgZzpn2APbZHzBkz0oQiPKf-1t6BxanDVnyxYtmiYsD0rzfpBcU28ANdMzHMWN1fKaUCNXKqUShhDnp1DMMt_85sV6KCUtAyhe2UqwRDm3yYSRW0d7Wm9HrBII1HcenfIqj9pUCkw2HH4ctR6yVFoV-1zlse9s4gFKae4xBfyihzXvbHcbUQP7as-UGuE85oau-_nYi88NobclA19Iba5V1aSMiyQrPWyyoD_gxskaSU7ajBBlFCZ9Fu_Tiwi6xrQrvVQ1bxEVz4MpQ-E3zrMqs2CV3Pa_W85e9haGEGFYTEnQMdY1V3Wrs8PDlHlxGhEJuBObUPoc3wy3eBlgmjAYxjX_7Usk4QSGHstsYvc4eklUtf04LI-D34CCHC3eoYuGzOlMFLWz9OTqbw5u3qExL7RtsNpeqsBT7ft4HhtJJEJqQKjxLbpQaCTS4lCIH54PaDLjD6LONrC8HyuF6nUwfA4zsMZPLaLNvZ3UgrtekdkCHCqiorbNKR-VfXAw46EZ_cHDMnmlDcRV7tseVz4eDuhpKR7iHPBQx6003rSotamluMozw2qM9Tx-Cwq1NiG2D2I8RQG3MaTZI9Z0DnOpPMeiC4GjlINoFYmodniSEXEplGMc-pOPbopYl6xB9UaBR0B5_46Hhm86eatd2yErbfO8JgCwQTNNshbOIrM2dq9IP3X238V-5X0aN_sCglvKnqoVNnVMTjfcVZx34gdWEbp0DSP_NlSMmN79zomxz9B45UR-7vfZOwyPnHwJmQ12N0RWBs9wUlyKrHefIUHpHu0nOLm7atVJTQrq_twy6hykB4fbKRLY1YS3Yo22X9g04OZKHB16_eVXd3sVsvwVSvR4aNuzglMOnR9yG6_UAHf_nBY1U7qg2jLjojIzVHqPgINWYiPa8dhIS9FH1IS-Bgk&cid=CAQSOwBygQiDplLGDPGb4SGnH7JKamw_lTFAXG1ojyX2Tmv5ayaCl3PObSfVko2uqpPdN3nkx5aLOKGSn7lOGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=7629567881427154000&adk=1033480531&idt=205&cac=0&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b87c832d20dbb71d291abd0ef98bb4da7516fbd79408dfb5d61e30a40631f94b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37892
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B82 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3845014994173&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B82 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3845014994173&version=m202301230201&ct=76&x=1&cor=15789368646106372000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4B82 102 KB
39 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CK4haQTGqGvHOE5DGJsar3vqPCyh7UR87xB812bbSZfkR7KCivST8Jbt0WGWGDoEGN1JvfBH9K6RnCTzEJdWAOSqNc6qiTbMQDnKFvuHsjOgAj-fblZ90IWKe2m6_acnjX9llIcqrOArs42RCTXYFWyMJa3DymU_BDNmjchz-6wjTZogc&dbm_d=AKAmf-AzduHFpITTLpS_TNfGdG6l4E0_CMx7YYbsqZWJVbseMQKCY5EXm2Nnfo8Bfn3IGLtZOyaDeUhoAqy0wSptDzifJHOVm8d5ZZ3wYxjzidOU_F-uUGpUepISMzAAPy8scDunCbSB6T9Bn4SHeQczxV_MCiXuibGYk-6_Ly-gpLRtal1s74hkEnaH38B4qzpsOO2PAPsdAiRIOq78-mt3H-jaMnigIN6fux-limT75CYd5vCSFBGL43ckfViGQmzvjuoFntaghVXlIK5914WOQdis3H4dep2UcaB7KxYOlbdSz6lGcvga-OmV36-GzDjFoS0I1K7kOhuTUYXaMtGj2Uubi_glX2baToScmzdvEtwrD9XLEhJR_Mp1VF0CDbIZH5f8mmbRBB282iFCrj_2CNlU09mZpn8ZH3jDE4WqB74Vs3VzFHsxUFPw753V-WagC_83wR7wK-c8CITw4PmLGCivv23bzg5TB4MvjD1jCvR155lpDFfRhSsele-OECmc_BvNnR8Ur_ssXtXfN4fWVBhlXlXp0SjXhYS8fSPs9Go5E5H1LPsERv4VWDIagkvj97L7UIAu4bXYqNW_wUEPAUqHf_L3KfIfNYcerBJ0kdHv0AdFR2d5PnK9VL6sO0EYuCXhQRidcyAG_-PD57zE0nu_yov1LP28SHvPgLE0WMYeM5BjSlcXMr42MR9Ksb4PjRYeh4JWkMgHganADVmrnJ3cAqTYkMfY7HfSaTwDnNLF7M0v2fNye49huU6TtASh60EvFMLU99mF-rjhL7V4cvJ9HsaUPCMPpNBeDld7iZ3P3tqi-2mbE7_zZITxNFXEGDVixzuq-6GAqoRgp946zXi6RXhx1YpoIbZwchUuc0ferRrq7f2ueF8YsSjtqCX3WDu65YaTDYhiBTLaIP4WZkBrKoSTq4rY4D-ZICyne6aREGzxKyqh6ivjiqiD5a6zQpgunBqsw3kWGn5y6FlESqjC37jZqsaO4do4gx0KM_hFmyDnWHQKe7HihMHrIxmibONCh_jR3apon9XPBGVWn7yhqotBdw_r1RMeP4X24lhrdaAzjZaVus7h5ZsJtR3qRlKnlx2zFB2y1Hc0Sg8CwNy9oyiWrZwzQZmAfsk1eeoqtvyGOphJHmfiEh8MbtL9PfhDK-zw2PDPkuds1UkSzLAsSPPQZrgUEX8IGvwB10GlASarLdeAzRgDOriEPPgCfyysyeei7jgjeBnUnkiGKGi8uJ089wsDvtkZBUHVwVdtz5kOui-F5tdukueYWTdujzr9G3cZAAYUyCCI3UYW4rWmArPyAElXh-PJZjYuV8iEDFu5YoX4W-dd8QrJIyVCgcORfqG05lmVKcKSn3pna6nZb-Rs451oEDJ0W0P7N3hyrQg6eEK2GQQQZClPkrnqbbIi9Y0OSSBPIBjAj0UZab8R3InCnF3QfB7sBey2jOWwAJwsi21eZQ3i7EE3-r_p805Kb62muLrgMehzVWAmcf8zC2G_MYaQY_4FL2tJP0Mlz6QCylkSAg8CX5kl3R5bcbnkOiYJAzMbbrbqmwiGCnYbwvPyfLee65yLuxF5ITD80iRYgfHPlUPCFAMzyun0rbUFMSq79a9-WvlQcs5ZeBPmemXwjCm3F7xCfaJFaUmHYAaTiB1VWSrDdPm5ojYpANhvnIuIuGqeGToh7P99nXnAAuqjWSMPhvjU57JBHo2GA5CjWpi_-UUWkqKNBOcnyUbrY3ry0LuLYdE8Zu-8PDWSPQnIiv2aV5sa0ZPOWXKLBWauNVgZQ3879HPNSlDm69RGzcII6TclYngx5TroNpaKh5xlsqRghLYtNpwUvkvJbCqd-CzAaFjBeAItDmduupVaCvu1wZVcStgOIs8SqnFQamjrDHPj7nJKOmZQb8SwTCPnvBZ8tVxxiKrxdWXmxAItRslszQ9TbInDiI6OxGk9h-7gOd-LmaPE_X7mg7zGMbM8nt8H96woemw3Hs6yiZ0FPiKElJu7LwVb4U3RjDDJyKOmQ20cKrhCjQ4DN0yPoTZJqjAu9rZSJAlyCgasH8Hv2iu2STUjujAZ2iVnOweZABj3dvAhXJkT9fgwsGWUcO_0-acbxQ8wAHJZRS7AzPzlc8B15SkC6HDqUj8Tdr_WPz-99GVaOgMtp631Q5VfaHxewPq0NUZsMzdzrpaaYY2xIWkU4VN-1pA8nTAnEYcYKgj4zQmaGUThFS6dN0EjfsbP1yiZVuAajFrkqHiCNniBJS4Th_fXjkBfrHuWn_Ex_iAyFrbZ2qV4TpChl8GO9Pt0_yVTwfi3PQl51itB2-L0-Tamv_is-tS-CSsdu2xqv_5DvWNT67dpZNV8WIhPvNc6R5TVh0kDrQAUWTy97rOI-cs7-X7Rs4G1jrtGKTLFzuQlHQkR5LMVxesYnhSQXyjhwlmWgHTUBjAq56DJiNswOV0xnxv7yvKUVN9zISIqwaonX9hqOtT5qCnTT8wzmcEBBNK5mkzYrOAHGbnaEbU5E7Ig_vRuAo4JVqCe3AoWMrATkDwQEJBNRbLwqZpQKC057HEMlrfW9YAyoyM59CxEKMcQC0JymMFN22zW73DiHEJ-vyQsHDHdr6TlhWoedvC8sQItFDSMDmXEYN16X9cqC-7Mwa9jS25K2cUcOApsybyaObz1uPiwEVL_8bcOegRp-AzyscNxBgr_EiNHD0sbcOHVf4mYLFQYpHricQLZwLTMsLOd-zHQpC6bobChMflhAcW7tkcb3Va3gizYBvYgqxGXrqbmJBvy-T6BLRTiANpdh5jcnS91VVPi51cHmrmVGESYdlLz9NZ5YCyhohLNoNY3jgKAWvRAvAt3X-O0eaWK3a5gEgue1mamTRSq9pENtmpLNH20QUXIQiM8IGnfSqWkqjL21FxrdSKlyYJlt2UH8s9zYboeRpiI9zRULG2QmVf3gCkgJbfnPWX5Sor9YwWWcc49Vca-KfxWaZTbo_JyeW_qqosjjQ_yGWRXgvecQTjSXLa9CU7a6PKMWNFIL5xkT1Ag1O1JfZJue52_uQZ66Yqgymgkofnv2FsOTlKzo6xmOppG2wZuN4TLwqpfs_qh_XttMbarovSj8dGzEUq8-j5I0sNbZBcWZt_g0kMLRNZbSnVvGC9GjoZiGpSNTvd8-u76Cmrteh5Sw8_fA581HtWyHnHCo-GLkNozHrkCBNj9LQ5-6VemhPjWI9oJsnoGYfNGsNG69roaorlkNNbwGRtS_nOyY_NoNfVfQs3tdBP3Y1kwD1a6IgvT_AOAmDtygs3bCUfJ9nMC2CnHCOLwlMDNG9Y8lda-JiV8TdqgA9FQqwjzvokZ1amN89pNvHgAbCgNoo385aWMRyE2ylFCPHT9-Y-nk1i8S4-mgi5lClzwNMYg6k82ejOQUCAUbhXyTQybMWekU1u0lNe_OVewp5T6CFLEz0Q7D2WhMhCxIH3nqv69SrJmtB1ZscHYL6FJKAB-1ChMR0VTYPWm3LeihS0_CzRU3RfDNIs37vchZes&cid=CAQSOwBygQiDplLGDPGb4SGnH7JKamw_lTFAXG1ojyX2Tmv5ayaCl3PObSfVko2uqpPdN3nkx5aLOKGSn7lOGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=15789368646106372000&adk=4188270525&idt=181&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6c1596a5d5d537040c91b62d3f9b686a2f2fc5395e9b872920cabb63557faad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39662
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1113 0
20 B 62ms
56ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2772372375619&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1113 0
20 B 57ms
56ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2772372375619&version=m202301230201&ct=76&x=1&cor=4031263784859718700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1113 92 KB
37 KB 73ms
71ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKwzqAOU-5C6MmlJ_0u7aJidd_Ci_3mNMzmvBZjS5gZeP3P4zGtOSCoi52HYgTgXNknUllJlfOdRLUN9qa4fJHCzN8GGapZ7MkdIL0gzOJ26px9bA&cry=1&dbm_d=AKAmf-Dgz9MYeUUr-6xXMwiYduXXQc3nczQn3B3z8Oteb2bSL3YTARPCOvLincKMvXQIhhGCQJ11u3AoNcW8WU7Ixrbnx1sSY3J2xhe8DJYbMDRitqaFkd7vKmNG7ndJXhyfMNsu2R2OGTV7r0p1BI5A-xDbEBACvhif0wyIECiC6a894Vu-V_RXkVsCukbgPHxJSTKGFsZEUswXKZpyC8bBAXT5rMseloyygRQASGX-uszuZM1lnN4_mYK84kLqyGga0YIXRTzPCCOvNdyQaR9EvBHvZSJZT1vNCpFv_1VuvNI-TSCm2GHbYxAPxeVbcFcdsSxCySh2erxhF5GJ9iBzXakYSUZ37fRca5svQffa2Ls1xxR2PHdXpqTuewnCoBw1U6PSc_cKHrmeLQmlRp7GzRTg6KoA4Hk_wdtYmbDNJxKR8pZVochGrS5t9ArrJJgBp0FTfVMq88aTC3LpOgShx-bRi4fWIywB4b1qEVe2bEyuWZqhYhexjk6qsKxA2qbQb3eO6UkWK4zHUNfTCpxpWH3TIrZrkEYPmA-mEbxg8M5Js8MHej_5hd1gfMdLOWyef-HsjnfIr7o1Wcq8dBEE0MkWEh9gljGEoLfcmMOCnt5A_SAY7VvItEqaBj0NZ4HefNYn_3kj2SFKPpynTvrHQIo3UZ1O6sLp2iuLigmJ9_D4UvrWE2n4Apnc6AWr_UfY9XQES60Am3DeG0jxpRazAExicZhUKBib8qKN1cHDpEcL3tEq7ykXbGsX9-Z2x7GUyretoXXFG5rLVgiZfk8yYCPtLNCDFOLvGdPV8z6nX1AGeqGZjK2Abf1kR5RhRftvphyg79uoCejLMyBoETuHUZZMHQWbSesBJ8Hgx9bjRuo0E7SO32sE1lYcsS0mibE49w1F2Vyd27tmvUwk-FMMD76ScdtofWjS5nxPd-Q8aPPLxyrCuaWfaAqa9zem25r34ULpwHyQxvjSJCl4mSDRc0Nl3SZi6kj_ssLfOfsvf4GfAm8RzEQTq93AkBtXDQ_-Pv6bqggjRSdv1pJmAj7ssV9aLYIydQe5za7EBrFL-p70aB06ydVvRwociVbukuKrlf-iUMSBeuF4MMQdbS0RDsKJ8_o3dihMDrhPcKP_PiVvZQ5odk1N8xPNxWbQEzmLsO_G6Y9C0WnAGP4yfq5eIPBPb57gz-__uDAM6NPq7e-HssSU1kyvM10v3FeawRFmsYIT9nTXZpl1fX8mtD6tWt8CXiHmDfKbCsocuWDh8Jn23NEFWU0NPLbchR7hghrwf8PwViQWNiI-M4e6aU-0HLZMGmS07QM4Nc6t2Hj0sAo1y2osxKOTPEwMFC2uyry1uviSf3PzZygBgPat3Fpruqy6iIb9fQUB9PfT0lJALQ93UY9TxqzMyeDV1TTbER1Aj1i0egNSSc-o9vpGJX-COA-tjuktmM-vCan7n8r0N0aomvZrwNiW_1aZycQ0y1o-n58m7zSP3SiAsdGCZ4iPzZ2CrtZSN349vhwwf_tWyGNVP54gF_83a9UdDNhgsP7u_mmpQuBhlP2th3hm6rz435aP7BWXV3dFsWnCf30fWp-zuCrRxBQHdk_rrhdBq8cttxR4mRBKylC2re120_zDmV9oFXMxx_JrCd5RNbH7gXr06LWlLbWRp1BzHX9YMTQtGb3XeTt4l_KYwyasqjI4LLIZlxf1liagpReSmggA9SSzMcbisktyqHOdeNnOdt00eJJ15Bp6oJkS6yeAqy3_FOE5kWwg4D21GntQCgQwWhZUxt93IF_E-vCWSXf3WEyBABQshoAp3St9Zy1dLMCSflErtRV3VAvT-kemdsPkzN8iwrutb7buxjc2Rb-_aeYrE7njl7aL-p5nPsob5x-RhKLzFIpcGXNCQ61ty8PotcspDVkRAp8A3w5U85W3peQjH_KvGrufAWJ-V0ej9qbQCN2nhxAxxsCD8x_oweFrdYuL0lon2R85YUd2kjHVmQ5bEKjthIQNVuBgCF8exJCEhhU4Aifm7l6cz0cPHldq1C4LcTF6ttBk_X3EvosCdzQdxWJLYKFcQCzNWFKB_UDSlsB7EzeDthLXgbzpkKNGnELEv9Xx9ikLnAOmT6VNp2aU80ce-m37NH_1L6YL1O-EQInKoWZdn4VH6n8oa9hIy9KGZSFtUisXf52DnbS1PZb9abdS6xsRIQgka7psJ-zhmQqlZLJ3q6zZKYB5Da_zNDKv_P19CCH9vfSqmKRUATnrwgSpEWFdFmGSmdK1UFMA35gpxL_gHyhLY7mJP9HaBcwniUgAE4iL893I8MSmBhKa1-ai_YC6Vxym6FsexZVvImdgPWP82rRJBwcU-_Ty7irkTI5HsKr4A71zcRouTU6PngtjnJGW5BRStGs4-8lDXRSc0MiTNTnwUw1gTaVv1XqUne-klgIrbvL46Xw_H0-m-uGyr4WRPuDA-KNuYJQl1DtgSFlr-smdx1BsUaKuV8pu0Dq8-MbDeF5GviVhc50sHVy5b7i3BvQHLvZwgfsI4PdCxX-4WcSCWE9SDoDXSR0O5Np7_TuJJw_tBpaWmaUcGjwnSBwLXMwnvDfHOu4Hn0NSzENR2KhRz1caAz7CWh8zSyBodvRM5TBHsvXhJjtW_L-_CZ_ABihae7UBWcUz4Wk5AKu8y0uo3iqLqVOBhuMpwdk0WkZ3DbCAyqwKrg6PTlzG90Y3EOXbUo6lo-7W4GQgtsJQiWahhhE_KNycZKoMdG_Z94fnBkqGnXcaoefD4pZ9khRjg3YLNjJ1VyP9CdlDr3MMVd3xmX2QaTvwKStEzwKOnVFpiZEO_aLAfbh0C1j77MutHa_ZSRV1DoPxcLQfyCO7BOohE1WCgM_DWkSfZxbsdhh4XeqmJpy03qJYaPKKdWeUm9-YNEt6d-_KyHuZ6VyfNUBrobWLyrD7nNNkmFXTlTbqkToKimnB_yZxxBxYPO3Zrv3Z1XX8gLfneJSwqQeNIX1al9woxZxKwWz2ds299WHElay3tCpqGqDsURnaUu8YJuFiEeAEn_daOyni4iE7fVJoRXO9yAyrSZ3HJhPXQs7Jb1roBDFZQxy1CjEs6lqiOpEit__C5NLdGnTLTgCfIyU89VYy-_3Lb7Ez0fJ3aBFvaV1xqpi9xMMR4qYqkJ4cwqWbwgab6QBzZRi8sg7jfYeZDNyHSJ_n8qlrY8oiolxBOpl6vmkOmLn4gFy6KZjkdWTo18veaPO2vxJUF9_XAXxebQn7RucAIkVerLOWw-6gZB9k-ncszIUBoov-byrtXpG8Y2l8vIPYRvtnoU7jjXiH9RtpNlYzZ1HdYIos_NbbVAQq1ch7ChaUHXI_Ph_-CacNcAgyKtdDLF_s2tTs8MslYd77bUxQHRRcKHXe55QNqs5DdpZHS2HSsfPOC__ppjMYQFfs6OFexZJf-PgzrZcLuIWBIy2oFFGmMomIqz_ng_kWtKxHucGtgTDD2O0WEnKG4ndoTEYRnjhx21fYQvew6x6rca3GwFDwcG-j11GYQOtB4jPyezxaR3iUNO2ePgHYTVw8QpxEziqdlhOov6_fOqBDQZZ9SLEg2aqigZGVPz8lbu9YjAK2KwMnooX0o94WWh_fID6YdNXNsrDfy5ts4_HKDFhddCYZD7v9bAuN4hubFW_VwRv0_8v99HXgp_gy6MBndfVhwlIwc8wv5-D3LUhrR6pBKDlN03n-7-AhzUGP39T2o5_BQGM-9XgH8I7feAh9QUhAVofHd7nljZRedUXbBEAScuc56OHPMHA&cid=CAQSOwBygQiDplLGDPGb4SGnH7JKamw_lTFAXG1ojyX2Tmv5ayaCl3PObSfVko2uqpPdN3nkx5aLOKGSn7lOGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=4031263784859718700&adk=3037181500&idt=196&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da7dcd0006746c8d5c6f52d54e252df6b91b7077263f27615715a4d12a7bec54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37840
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js Show response
pagead2.googlesyndication.com/bg/ Frame DFD1 37 KB
14 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 10:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 162273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14631
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 10:09:09 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame EE06
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1484042/72188330/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013030159&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20259277643&bidurl=ht...
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_piOhZNW7HM6XjuwPv4Wd8A4&cbFunctionName=goog_wrapCb_piOhZNW7HM6XjuwPv4Wd8A4&true_pb=https%3A%2F%2Fstatic.adsa...

1 KB
1 KB

21ms
20ms

Script
application/javascript

2600:9000:223f:3e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_piOhZNW7HM6XjuwPv4Wd8A4&cbFunctionName=goog_wrapCb_piOhZNW7HM6XjuwPv4Wd8A4&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:3e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 17:26:18 GMT
x-amz-version-id: c567TBReTKM9m7VfCfOmpAHbFN80zD8c
content-encoding: gzip
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 481646
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 26 Jun 2023 17:26:15 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: pmkvic7ZuCPZfpxdg9B4URmrZD8xF0XM42T7afdKmpKiztAK2S82-g==

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
server: nginx
x-server-name: app19.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_piOhZNW7HM6XjuwPv4Wd8A4&cbFunctionName=goog_wrapCb_piOhZNW7HM6XjuwPv4Wd8A4&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 59C5 91 KB
23 KB 91ms
28ms Script
application/javascript 2600:9000:223f:3e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 24507446
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: j0Ed8WxFlPzFKBD_lyrBUr6UGt9aHIdnKhMRqeJ5S3tpilEN6eZAhQ==

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1484042/72185571/ Frame 61B5 245 KB
74 KB 45ms
45ms Script
application/javascript 63.32.196.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1484042/72185571/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013030159&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20259277643&bidurl=https://www.walla.co.il/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hGlMmstQpvSSJSmQG1z2BK
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.196.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-196-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 07d7a6289f26ec2bd52fa4d67f02f1273d9c34819dfdaf81c7c7139b5c9eabca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:42 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 61B5 111 KB
39 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Origin: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 13:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62448
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 13:52:54 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame 61B5 11 KB
4 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ChuhdQgi_sJxATTzy4xmhnwtAKA6Dpl1i4z-LuGmKV9zHZpCmQKoTCvqxkInfRxq1A8EaEs_5ikg75MoOe6ILZ7SkuP45_1gtTP5SLgLauvhB19ckLxzzwa1ugZppay-eRyaDk4Nh4g23KznteB3zkuG69rCnCyFDLmmPwWqwgOR7_Pco&dbm_d=AKAmf-AorbJa1OSxDyOIedPPYiAZc1Wsihjw4bkhFjINyqWOlL5F7yNmY7ZY9tNO4b7k4Dkkk2OtwM2Ja_kewEqjxxLkTv6XgqfvA1grd1aMT71GxeOyMwj99L2sa3mcWBDk6ROD8D4_VA4kQngfevTfjkaWU8ZBtbgS_G3gDITaSoh-t8inzWApBZ_N8umpIkjMhd1hCHKCTeVfLW5sztdG9ktTyFcIhlfcjLq3AVrFSjQyN--c2NfUOXQJp6jt688KtcqKdMY9CMK1wLE1-5zJu23xh_ekdrTEYXWWRsa2JavudloPOE6yGQy_9FIMUJTIhwkpde1Rr5Bf2mk_6JHaKTgxTx0HSHiKfm0R3Mb2BHABstvrkCE-DXPMnnCkDcQbcbyzKqnI18DQ6qruNJ0dgHtH_-c4Lxfvf0VkYTTO4St1kCe6Xg_g_4dDqd-AsyGbIXsg2taAbxrFfH2DY3CpZTfMKYScuX9wRw3oFwrOwQeNoIgvZuFu2hftR63ShMsot4hhpPUwQ5Cim-U-5tzfRe63-t4MSM49Oej8E7BHYNX7_krLOWt3m_wIY4sw15uvrAScpboYpaicOFtpoeKyPQkPW-GAQbo_GXd2zyOi7lBilXO5JW-7ja0rlSMslFwSv035i5FeQJvHuE_SrLJk1qStVv6kt2C5coOz5dnMEizb6q1tJb8ajsAn3mpuItu6UIj4OaMOLAn_UUQ7ObsE-4MgdJfhDCS077VAk6DM0S5YU7t__8UMxAWVkpmzcuubAfwuwXy1KKSbEdg3Sy5QPNrJIzph5CYhYYvSMc3jCnfd8cngRI78P337TrxON_CJEMpfWFo9oV3qlBB9d62jHrLQp6eGSjFlMuN8LvtUzRNcMU151d6vjtAsU10gOHyspi8WsLDEBTSXHaWPeY4pK9vlxWj0HYdNTOQuNv-iPzCkvBQlZmXKNaGbw6wNIP9bEZd09MU0kcydFdU0CfDW0VjctlGdO153UZlUGstC9LVv4Z9bNyjJ3152Yam_qL4Tsg2K0pqHznLBEEqFYb2Bwc-milYITU4jN6fTirahoG3uYWyTmgdYEV3w7NNz0iz42fhBiSHpIzaFWEP100jiOnEywJ9QL5wzu3dtLpbiSfrQLBHvwf0tY1hthMyUH5YIHGJpovHj9Mulb15eXzC_0JSLjQWkO3iRpF8W5CzHn9Hw93NfiPOyZ8EUcLh6nM8stN8niSSCj2IcuoZxZJDZhChIj2r15UZC_hTdSoJmhhoVggDrOAHn91gHVfHoWHqHO26nSTkutYSsACFMA6MQnUemSy41QnXro4W2icFuyqa7mhIDFqwbFNW69GMqbPJQXSUyVg4AIq6mJGUlGwEoJJ_RRqFjlODsWl_Ajs6dxjv2xOrKMl_IWfo16skfTVk8fcg8Hm29E-3hHvm7aUAs38SPPBJj-qBSj5EPIKYR56RH-ONCCda60DDneotZJYN3HF5-iMJ6BrBcLByjfog3B9bFwDpGSI6yn3BY-yKKjDgYYwLeBk6CR7VmZfHwQeZ6iIOyRX9u7PSiWYwlJUluJRlv8BJp8ieEK2urDGmLN0DF3-Xbb0hxGElJ9yIeJMiDTfBosG6reqMFdARiF2TULybkMgPuO4HZaeqOqSjamp2ThLnezH_A6WblNG8xuVJxhu4Fz3OMrwrC-4_DZgQpJZ1q9wkLhq-gxITF5WxGcGE4f8alWMon_NYupdmc2t0k8htmmBIDeQV_1zYfKZc5n8dkAhkjoXPGvwguQQdYK7kl0GcTAMFxa0U1vV5zvqtihlDW2secikV7SlwLDoXUlRfdMogxHB-FaRs-pvACIf99lMppCcf0d86BnIdZCy4VHAVWMtpfmWj-sam7QVN1mrAVN1Z3tjnboXKeuEmhW1yemZbAfLvd_eFubY0YP0uskLDfTw2SMkMqdyy2LqTZLyDrGYUecm0NTWnCG8E2HIIGiQv9Dc9n_somLh7PQRzNLJ79xWF0a2SD71uPhaSFqLVRp_dJ_5-rHyq9oWAxZolDxVUP1EkCgOjhAmzI9HBJKXe14U-Mst_4PuBHgTfb3jqpQSzX988wmGyvwVuy5xM6g1t9ju8oFkgx-r9aEK8VuMZ8Z41SZbYbwMWbX0kGgZepreeBOd_5HsBssEKWF5N3KCuuoDZqMILz9m3qhY9vWIP1eA8ALveSWHWnilO78i1ev-NZSp2B6GcRAJnLG8tiUqDTuDmfFebhbbnjQhLxUdlCjzJW67KLAWTwKRqGjO-5GmwBbSjzPAiLcW83jEM6D9_tzDUV3Wd5rzVvFsmwq2elVZ9OEy3gWAi1PWGkjpAmQTzn6oFs2Uq2wCm-ORDF9Dreux2W3PMEzMk2zOx6LBUqAFIKkylIJdYvF69nhax7a7SDz5Nc46a0pwXfi-Vxw8J5_90Vcbe4wCB6ZZ3Eg_vmmdoh-ASnI0J-b_IyaBG27RKkc17glzezxy7VBIYfE9V6dahamt9soHWPViHrUHzQf6c988gjJ_vHLh8suHSqSYMvbMTrbRc0KCxcFBEPV6H3ZFtp8yBzct0-XHKIA43fGa7kn5Xr_CtzXZNVD594lLmN-04t0m1yOQVSB-jcajr9w7ihyrRzZW_qhpmGmkvWPsXyG92GsOt-ANTYKdIBmesM8N5PbGPz5mPFTftqTx3fQ4JD0K4ELaNMsid28L8n2X6jU7LqnHj3zzLkrHYNUQ06O-dUe4oRc2lKGyLbyp98oHzQJgBfljEofxn5gUMI6yFwc4hC2r070OWFGjEbepIO6gNE7BdFH5MrDYd_3v5L85O8SxmAqh-RRNl9n-Bnh19AumQSloARkEpK9VC28Kscir4XTFPMw2eCBhRv02Zr61NnsdhiUAqLyXIvMaRZn9TcJQ-3SnBkoEzT6x0Xr_Uhwj-PwuERH9ybhLDH2pt-VUykSTdJUR9QPfyJsFZM6HJt9ud8UT4yvCqOoYVBAY9Zy4c1a78EkLfkroT2mNBVquRJdZ1an-WX0ijNu_kOFXarsPBcw2RKcn1e0FtWEu_sP0NqObQWHNl9dFe_fe2iYw6tNDU8XxzklfHPO4kwdCse3qJcfyxmORTgXfA9RglEeqTQ_S5ngUq87ANh1ZudYF5di0wseJqnluLX7y6p4lBDGvbVzSjQfEMDZUCgVOi5yI586KbvS61PmM9ubXgln1KqxrVG03XqYuvcLpQPNXWZxNSIo9MP_YGOXyWddMyzQdnZVWj6AzmEIp5PNaBqXZvYq_6vSMmMM-3fSBljsVX0Z5Xjrvlg1NJF_rSxqp81GMkyrdgXozmRs0PU0Q0drmmV2efsQgzpuceODuXHNKXs_dL-CpFGilX_IczP_3S5y80A9LJq07CkMJNT6ErK8pe2cYa9Zz_zLQGuJ4qSaGNhjNj4vOZ85DimpQU_lckbUa24drVEzCNckpSzlchtSFznggTSUEb8Kl6NLRsH8Kygb4S6KQ9CqMl0CzldiJTXhQ&cid=CAQSOwBygQiDplLGDPGb4SGnH7JKamw_lTFAXG1ojyX2Tmv5ayaCl3PObSfVko2uqpPdN3nkx5aLOKGSn7lOGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=12266748515599430000&adk=3690638929&idt=100&cac=0&dtd=59

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:55:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47896
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 17:55:26 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 61B5 30 KB
11 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:57:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47770
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 17:57:32 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 61B5 41 KB
13 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 345853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 07:09:29 GMT

GET
H2 204 v1
match.sharethrough.com/universal/ Frame ED17 0
0 80ms
29ms Document
text/plain 18.192.138.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.138.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-138-207.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Sun, 02 Jul 2023 07:13:42 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 49D4 32 KB
11 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4118669358599725765/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4118669358599725765/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 04:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9710
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 03 Jul 2023 04:31:52 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EE06 43 B
215 B 384ms
113ms Image
image/gif 2600:1f18:1aca:4280:a825:de6:4efd:399e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=435ebc46-63b2-2d78-2296-19e0610f80c9&tv=%7Bc:hbWQzA,pingTime:-3,time:70,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:70,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B64~0%5D,as:%5B64~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tIPNjxS+11%7C12%7C13%7C14%7C15%7C16*.1484042-72188330%7C161%7C162%7C163%7C164%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1d1%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m,idMap:16*,rmeas:1,rend:0,renddet:DIV,siq:20%7D&br=c
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a825:de6:4efd:399e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EE06 43 B
215 B 380ms
113ms Image
image/gif 2600:1f18:1aca:4280:a825:de6:4efd:399e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=435ebc46-63b2-2d78-2296-19e0610f80c9&tv=%7Bc:hbWQzC,pingTime:-6,time:72,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:72,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B66~0%5D,as:%5B66~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tIPNjxS+11%7C12%7C13%7C14%7C15%7C16*.1484042-72188330%7C161%7C162%7C163%7C164%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1d1%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m,idMap:16*,rmeas:1,rend:0,renddet:DIV,siq:20%7D&tpiLookup=ao:www.walla.co.il*&br=c
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a825:de6:4efd:399e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2498 1 KB
643 B 25ms
22ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85050
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 07:36:12 GMT
etag: 48472445140208031
expires: Sun, 02 Jul 2023 07:36:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 61B5 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc49240ecd9bdacdb243ee1d6b3bfb84435f267bfe066688085d0a98813f182a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 204
No Content smw888.gif
us.ck-ie.com/ Frame 5948 0
0 231ms
107ms Document
text/plain 8.2.108.194
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Sun, 02 Jul 2023 07:13:43 GMT
Server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EE06 43 B
216 B 320ms
112ms Image
image/gif 2600:1f18:1aca:4280:a825:de6:4efd:399e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=435ebc46-63b2-2d78-2296-19e0610f80c9&tv=%7Bc:hbWQAC,pingTime:-2,time:134,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:937,beZ:938,mfA:940,cmA:941,inA:941,inZ:945,prA:945,prZ:952,si:957,poA:958,poZ:977,cmZ:977,mfZ:977,loA:1009,loZ:1012,ltA:1071,ltZ:1071%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:134,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B128~0%5D,as:%5B128~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tIPNjxS+11%7C12%7C13%7C14%7C15%7C16*.1484042-72188330%7C161%7C162%7C163%7C164%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1d1%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m,idMap:16*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,siq:20,sinceFw:113,readyFired:true%7D&br=c
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a825:de6:4efd:399e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4E74 172 KB
60 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Origin: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 13:52:35 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame 4E74 11 KB
4 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMKTjn3v4scF8c6ZrefpId2_B4Kx67sv73TC1fHE2OjlDSwwsJG7r7XdQPZ8JA0f3Rqsw2hz2SqXSLKbzdYoKgeizwV3Uzgte8Ha3BTEFNl3xLibQ&cry=1&dbm_d=AKAmf-CulIQgvCtvQsfkFKpqPkKOcH93C_-3llOH7pVog9O4FXbzRrEoh0P5w7UQM-SQJnTiTWxtQIpzdtssNmGZowbOmYhT7UE2MCpDKT70S8dDu_Rruir1tOH6zRLPulZsT3tsWOfnXw36xoM6ELoH-IoiNuAKijXJYsbptqkMlxVU3uW3uZKl0HRs4te7hKn1SxOnY-9U-aIz6jpC2tKRB6qsVEvVc2iMtG5zmaQB-ULr0dvMzSbBORDPyB0sm5_voOW3PECnW5J3OAEHrhwbrLIwzFMjabIfbkER4nL5RrCldOBllc0iwXxOeNLQYOxNaiDA3GzDDqfLV_qnTZMTEth2GLHUjUnkARYiDgiCxonTMpXY1cexDcYcg8BbsgWPRFZJKykg5Xsf4v68K3LJtQMAnyNJoM52o2X3gxn9GZpyQvqTOxi5V0TrhzS6IAuDA-Rrr6KvzOCHdfl9bKJocLDouDFCn4tCy3imWXcjkK4RXSPOu7d_ZS2905z0IoZeQVBRz0aCyc6oAD0DAAvNbFghPSQcWDo5PLU6cNvCIvJ727iGGdFZpM2lDwmasYm18zuExSwUks-kaaGNH8BNIb8TJkypAYZv9oL8iC4CQKxwgRkVceitaCGrJkgnWTRtdlYNIKaH_TITZnhdNX30COpapjFXB-DXC70_i-UI53VwCru8yYpcaJcO4VZ6OvX4B7uY3eyavnTMFfb_iAkAqFsvNdMbph2Sn1scH_VNGK1Vni9V9cNWEiTjlgiOyezmjmed6P-UVsaTu3pJN096iOUJNrJQWL6bLmYFqrf0yBug-BkfE-E2M8duk8615oPUvKDy6BFjsBfjGi-hp0zKJHzYEbBWHDTrJKkGsSF9UY2d6WcOHUKvXM6nKHZNBCdh9QgFCLX2vluHs4ONatRhWGccdLridhkNHaTw7qdvZYPF_Z1y5ag-JaEzSPzfZWkbeRy81TmIK1Stq5bfHoiUd5DnF6U8m57GZuhmoo2EuZ3iI2gOU9PEumoCgQxy71ups7Gyhdlle-uKg3wIYfnBVxWdL9zjMxCYc4DTZAGA5vmoegdIYx9CIMgDpj85HIFrCNEfXhv5I2_yeNtSMNJjo80hCVZNyipcuBasVcxw63T28jhtZusLdFzFpbMwQsJiqiF32lcAUqLhBIgpJuqzvr9CqZMhAKZFOjGBZFXmsuxmSe1JToZCNFemiueWm8-ruEn4bfKzN_UVlTkPOh8yMICR1AARtD6Axzb-yPYorjzdkd--Hnqb1OTrWhGSIuLEVtyMKJFGrfC9usYBAvC2NuGV9Dh-IicY6587Gb4O6PX4R3I_GXJhFev0e8d4LAxZ8ZDgaK9obTwxpN9s4crWR1yQuDRjUDQbK2dsA0qEN8y85-gFyFaGAq8cXev3GmvC3-mmzMuMyz_omu9X5765QWwEWW07IWhQOxFlyAwKCZjkAW-FcOTYJ9QfRdwHqinegrwGEkGFSzecVQgEDrk3Aht5c85jh3_j7mY8AaxlRDwfcSAWGHmDztNQiLoaGwWZ8JM2GyLZl1u-3BYb0VKXfK1QH71Wjubu9XKpM9F_lHyivp0MacMIG2fhYBuJ1WhBSgPh5oF7cgRLYzkhwf9IBisAlRUJYQSxFzrtIBCEPn0Nsl4s_CGGSYh2hcePHhLWuazOC96S59b83WoKUSfuG8Dx4ViI2fL5OQ-Im0VqHVWvKxkeFdbpe_xixpIWC0Gs30waFLcwgKbAfvV_ZBQESTPHqEGl-f4lH5J7Hkn7n2XS3f6E6y8jxtrMcHihuf9v43GCTHDul7JoWHk925JryxfaPYiy9uQctPIhesqQbAfxH03GrGSAcpt1YjbEXHj-h_Ivz8hXSJqEaHtikWR2HQqEl_4JkzBwqnci1aZGVTXAg8WhZASLKk11fLk4_bWEq8-2tlaI3JwDxZhodzVcSUrOoGp19xXl90iFlmj8cANwoPhmQRz2F18eZE8_M5j8ofwXbcdUlJWEwhub7eLh21-L63FOmNNUtjZ-UrbL7kffOEdf_6GjXYCy3NHkGQ3fOT6_Ls5b7Wvy6NNcGan3cK4tICWzQhDSNEFQDOcR7lSyCi4ltkCkJdZkqfRxr3wKR-iJ91ZaqDDXyjJknldCi9Ck5ogYzBfdCOmbyI2eQur8cHUAe-5En-x74UAJDLt90C9zoyassfs4woqsCM6OCoHaYciWwuCsmpRD9UjET3EF5bmj8QAEsRnakZveNuMQybpuMrWH0aPovcj0Npkk6LTve4fUvH74ncaSlCU2I1P6vVHXzXRFqb_JcfiD4ciNFvok0KfHD-exLnbBsUgRymULDtzhJdQnJ5688HyrtILLxhGXorijH4mPLyCSvfT1omgznAvyqFCS6MjdQRnhNOoN30Y7nNYDZ4U9g5F0Ei8_g9V90XfjQLiefJ5Hdu_xmVNGP2TMI0-Qh3vTuWYncioZS6LoOgdi77hjnifD2m8rcdxabebPiBGNif9EfGLhvMcGj4tCGRmFPY6uybSFVIIwiZEzh0AS6sCrOT1f8CIZxCqolBl9UuuQ0mpx_dT5sdwijbNq01qaDHjD5hL8xZN0H-YJgxBcxhgHJJixu_btdq6V4HKK0VguYO1wTItRrGj7xm-ldCkoKtuE_WWi539sJ0hiDn3lcLNEsFkiEEjojF-OmI8-HQGFhpi38oAUgg5qVv1Y5kfgvq2emYtMn_rsRKAeefzMKr7rpSzfXOyGxCVP2EmE3ASPMib7llQMOrfLQVhDJKRKbW_OEDmEY0XshH50zsxHXzxDYwE4JFNNYXyYLnbhwwja2eK2XAlc9aIDtvqpwrJaOS4DksLsX6N850OgZzpn2APbZHzBkz0oQiPKf-1t6BxanDVnyxYtmiYsD0rzfpBcU28ANdMzHMWN1fKaUCNXKqUShhDnp1DMMt_85sV6KCUtAyhe2UqwRDm3yYSRW0d7Wm9HrBII1HcenfIqj9pUCkw2HH4ctR6yVFoV-1zlse9s4gFKae4xBfyihzXvbHcbUQP7as-UGuE85oau-_nYi88NobclA19Iba5V1aSMiyQrPWyyoD_gxskaSU7ajBBlFCZ9Fu_Tiwi6xrQrvVQ1bxEVz4MpQ-E3zrMqs2CV3Pa_W85e9haGEGFYTEnQMdY1V3Wrs8PDlHlxGhEJuBObUPoc3wy3eBlgmjAYxjX_7Usk4QSGHstsYvc4eklUtf04LI-D34CCHC3eoYuGzOlMFLWz9OTqbw5u3qExL7RtsNpeqsBT7ft4HhtJJEJqQKjxLbpQaCTS4lCIH54PaDLjD6LONrC8HyuF6nUwfA4zsMZPLaLNvZ3UgrtekdkCHCqiorbNKR-VfXAw46EZ_cHDMnmlDcRV7tseVz4eDuhpKR7iHPBQx6003rSotamluMozw2qM9Tx-Cwq1NiG2D2I8RQG3MaTZI9Z0DnOpPMeiC4GjlINoFYmodniSEXEplGMc-pOPbopYl6xB9UaBR0B5_46Hhm86eatd2yErbfO8JgCwQTNNshbOIrM2dq9IP3X238V-5X0aN_sCglvKnqoVNnVMTjfcVZx34gdWEbp0DSP_NlSMmN79zomxz9B45UR-7vfZOwyPnHwJmQ12N0RWBs9wUlyKrHefIUHpHu0nOLm7atVJTQrq_twy6hykB4fbKRLY1YS3Yo22X9g04OZKHB16_eVXd3sVsvwVSvR4aNuzglMOnR9yG6_UAHf_nBY1U7qg2jLjojIzVHqPgINWYiPa8dhIS9FH1IS-Bgk&cid=CAQSOwBygQiDplLGDPGb4SGnH7JKamw_lTFAXG1ojyX2Tmv5ayaCl3PObSfVko2uqpPdN3nkx5aLOKGSn7lOGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=7629567881427154000&adk=1033480531&idt=205&cac=0&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:55:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 17:55:26 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 4E74 30 KB
11 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:57:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 17:57:32 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4E74 41 KB
13 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 345854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 07:09:29 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1484042/72188194/ Frame 4B82 245 KB
74 KB 45ms
45ms Script
application/javascript 63.32.196.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1484042/72188194/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013030159&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20259277643&bidurl=https://www.walla.co.il/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gkZ5cf4lBU0iLSzp0UfVLx
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.196.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-196-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: cc1c65a5e2df31d664ce9159f791f3083c3f6f2a46615976ed3821e05e4112a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4B82 111 KB
39 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Origin: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 13:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 13:52:54 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame 4B82 11 KB
4 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CK4haQTGqGvHOE5DGJsar3vqPCyh7UR87xB812bbSZfkR7KCivST8Jbt0WGWGDoEGN1JvfBH9K6RnCTzEJdWAOSqNc6qiTbMQDnKFvuHsjOgAj-fblZ90IWKe2m6_acnjX9llIcqrOArs42RCTXYFWyMJa3DymU_BDNmjchz-6wjTZogc&dbm_d=AKAmf-AzduHFpITTLpS_TNfGdG6l4E0_CMx7YYbsqZWJVbseMQKCY5EXm2Nnfo8Bfn3IGLtZOyaDeUhoAqy0wSptDzifJHOVm8d5ZZ3wYxjzidOU_F-uUGpUepISMzAAPy8scDunCbSB6T9Bn4SHeQczxV_MCiXuibGYk-6_Ly-gpLRtal1s74hkEnaH38B4qzpsOO2PAPsdAiRIOq78-mt3H-jaMnigIN6fux-limT75CYd5vCSFBGL43ckfViGQmzvjuoFntaghVXlIK5914WOQdis3H4dep2UcaB7KxYOlbdSz6lGcvga-OmV36-GzDjFoS0I1K7kOhuTUYXaMtGj2Uubi_glX2baToScmzdvEtwrD9XLEhJR_Mp1VF0CDbIZH5f8mmbRBB282iFCrj_2CNlU09mZpn8ZH3jDE4WqB74Vs3VzFHsxUFPw753V-WagC_83wR7wK-c8CITw4PmLGCivv23bzg5TB4MvjD1jCvR155lpDFfRhSsele-OECmc_BvNnR8Ur_ssXtXfN4fWVBhlXlXp0SjXhYS8fSPs9Go5E5H1LPsERv4VWDIagkvj97L7UIAu4bXYqNW_wUEPAUqHf_L3KfIfNYcerBJ0kdHv0AdFR2d5PnK9VL6sO0EYuCXhQRidcyAG_-PD57zE0nu_yov1LP28SHvPgLE0WMYeM5BjSlcXMr42MR9Ksb4PjRYeh4JWkMgHganADVmrnJ3cAqTYkMfY7HfSaTwDnNLF7M0v2fNye49huU6TtASh60EvFMLU99mF-rjhL7V4cvJ9HsaUPCMPpNBeDld7iZ3P3tqi-2mbE7_zZITxNFXEGDVixzuq-6GAqoRgp946zXi6RXhx1YpoIbZwchUuc0ferRrq7f2ueF8YsSjtqCX3WDu65YaTDYhiBTLaIP4WZkBrKoSTq4rY4D-ZICyne6aREGzxKyqh6ivjiqiD5a6zQpgunBqsw3kWGn5y6FlESqjC37jZqsaO4do4gx0KM_hFmyDnWHQKe7HihMHrIxmibONCh_jR3apon9XPBGVWn7yhqotBdw_r1RMeP4X24lhrdaAzjZaVus7h5ZsJtR3qRlKnlx2zFB2y1Hc0Sg8CwNy9oyiWrZwzQZmAfsk1eeoqtvyGOphJHmfiEh8MbtL9PfhDK-zw2PDPkuds1UkSzLAsSPPQZrgUEX8IGvwB10GlASarLdeAzRgDOriEPPgCfyysyeei7jgjeBnUnkiGKGi8uJ089wsDvtkZBUHVwVdtz5kOui-F5tdukueYWTdujzr9G3cZAAYUyCCI3UYW4rWmArPyAElXh-PJZjYuV8iEDFu5YoX4W-dd8QrJIyVCgcORfqG05lmVKcKSn3pna6nZb-Rs451oEDJ0W0P7N3hyrQg6eEK2GQQQZClPkrnqbbIi9Y0OSSBPIBjAj0UZab8R3InCnF3QfB7sBey2jOWwAJwsi21eZQ3i7EE3-r_p805Kb62muLrgMehzVWAmcf8zC2G_MYaQY_4FL2tJP0Mlz6QCylkSAg8CX5kl3R5bcbnkOiYJAzMbbrbqmwiGCnYbwvPyfLee65yLuxF5ITD80iRYgfHPlUPCFAMzyun0rbUFMSq79a9-WvlQcs5ZeBPmemXwjCm3F7xCfaJFaUmHYAaTiB1VWSrDdPm5ojYpANhvnIuIuGqeGToh7P99nXnAAuqjWSMPhvjU57JBHo2GA5CjWpi_-UUWkqKNBOcnyUbrY3ry0LuLYdE8Zu-8PDWSPQnIiv2aV5sa0ZPOWXKLBWauNVgZQ3879HPNSlDm69RGzcII6TclYngx5TroNpaKh5xlsqRghLYtNpwUvkvJbCqd-CzAaFjBeAItDmduupVaCvu1wZVcStgOIs8SqnFQamjrDHPj7nJKOmZQb8SwTCPnvBZ8tVxxiKrxdWXmxAItRslszQ9TbInDiI6OxGk9h-7gOd-LmaPE_X7mg7zGMbM8nt8H96woemw3Hs6yiZ0FPiKElJu7LwVb4U3RjDDJyKOmQ20cKrhCjQ4DN0yPoTZJqjAu9rZSJAlyCgasH8Hv2iu2STUjujAZ2iVnOweZABj3dvAhXJkT9fgwsGWUcO_0-acbxQ8wAHJZRS7AzPzlc8B15SkC6HDqUj8Tdr_WPz-99GVaOgMtp631Q5VfaHxewPq0NUZsMzdzrpaaYY2xIWkU4VN-1pA8nTAnEYcYKgj4zQmaGUThFS6dN0EjfsbP1yiZVuAajFrkqHiCNniBJS4Th_fXjkBfrHuWn_Ex_iAyFrbZ2qV4TpChl8GO9Pt0_yVTwfi3PQl51itB2-L0-Tamv_is-tS-CSsdu2xqv_5DvWNT67dpZNV8WIhPvNc6R5TVh0kDrQAUWTy97rOI-cs7-X7Rs4G1jrtGKTLFzuQlHQkR5LMVxesYnhSQXyjhwlmWgHTUBjAq56DJiNswOV0xnxv7yvKUVN9zISIqwaonX9hqOtT5qCnTT8wzmcEBBNK5mkzYrOAHGbnaEbU5E7Ig_vRuAo4JVqCe3AoWMrATkDwQEJBNRbLwqZpQKC057HEMlrfW9YAyoyM59CxEKMcQC0JymMFN22zW73DiHEJ-vyQsHDHdr6TlhWoedvC8sQItFDSMDmXEYN16X9cqC-7Mwa9jS25K2cUcOApsybyaObz1uPiwEVL_8bcOegRp-AzyscNxBgr_EiNHD0sbcOHVf4mYLFQYpHricQLZwLTMsLOd-zHQpC6bobChMflhAcW7tkcb3Va3gizYBvYgqxGXrqbmJBvy-T6BLRTiANpdh5jcnS91VVPi51cHmrmVGESYdlLz9NZ5YCyhohLNoNY3jgKAWvRAvAt3X-O0eaWK3a5gEgue1mamTRSq9pENtmpLNH20QUXIQiM8IGnfSqWkqjL21FxrdSKlyYJlt2UH8s9zYboeRpiI9zRULG2QmVf3gCkgJbfnPWX5Sor9YwWWcc49Vca-KfxWaZTbo_JyeW_qqosjjQ_yGWRXgvecQTjSXLa9CU7a6PKMWNFIL5xkT1Ag1O1JfZJue52_uQZ66Yqgymgkofnv2FsOTlKzo6xmOppG2wZuN4TLwqpfs_qh_XttMbarovSj8dGzEUq8-j5I0sNbZBcWZt_g0kMLRNZbSnVvGC9GjoZiGpSNTvd8-u76Cmrteh5Sw8_fA581HtWyHnHCo-GLkNozHrkCBNj9LQ5-6VemhPjWI9oJsnoGYfNGsNG69roaorlkNNbwGRtS_nOyY_NoNfVfQs3tdBP3Y1kwD1a6IgvT_AOAmDtygs3bCUfJ9nMC2CnHCOLwlMDNG9Y8lda-JiV8TdqgA9FQqwjzvokZ1amN89pNvHgAbCgNoo385aWMRyE2ylFCPHT9-Y-nk1i8S4-mgi5lClzwNMYg6k82ejOQUCAUbhXyTQybMWekU1u0lNe_OVewp5T6CFLEz0Q7D2WhMhCxIH3nqv69SrJmtB1ZscHYL6FJKAB-1ChMR0VTYPWm3LeihS0_CzRU3RfDNIs37vchZes&cid=CAQSOwBygQiDplLGDPGb4SGnH7JKamw_lTFAXG1ojyX2Tmv5ayaCl3PObSfVko2uqpPdN3nkx5aLOKGSn7lOGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=15789368646106372000&adk=4188270525&idt=181&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:55:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 17:55:26 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 4B82 30 KB
11 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:57:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 17:57:32 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4B82 41 KB
13 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 345854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 07:09:29 GMT

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 1113 172 KB
60 KB 35ms
26ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Origin: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 13:52:35 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame 1113 11 KB
4 KB 32ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKwzqAOU-5C6MmlJ_0u7aJidd_Ci_3mNMzmvBZjS5gZeP3P4zGtOSCoi52HYgTgXNknUllJlfOdRLUN9qa4fJHCzN8GGapZ7MkdIL0gzOJ26px9bA&cry=1&dbm_d=AKAmf-Dgz9MYeUUr-6xXMwiYduXXQc3nczQn3B3z8Oteb2bSL3YTARPCOvLincKMvXQIhhGCQJ11u3AoNcW8WU7Ixrbnx1sSY3J2xhe8DJYbMDRitqaFkd7vKmNG7ndJXhyfMNsu2R2OGTV7r0p1BI5A-xDbEBACvhif0wyIECiC6a894Vu-V_RXkVsCukbgPHxJSTKGFsZEUswXKZpyC8bBAXT5rMseloyygRQASGX-uszuZM1lnN4_mYK84kLqyGga0YIXRTzPCCOvNdyQaR9EvBHvZSJZT1vNCpFv_1VuvNI-TSCm2GHbYxAPxeVbcFcdsSxCySh2erxhF5GJ9iBzXakYSUZ37fRca5svQffa2Ls1xxR2PHdXpqTuewnCoBw1U6PSc_cKHrmeLQmlRp7GzRTg6KoA4Hk_wdtYmbDNJxKR8pZVochGrS5t9ArrJJgBp0FTfVMq88aTC3LpOgShx-bRi4fWIywB4b1qEVe2bEyuWZqhYhexjk6qsKxA2qbQb3eO6UkWK4zHUNfTCpxpWH3TIrZrkEYPmA-mEbxg8M5Js8MHej_5hd1gfMdLOWyef-HsjnfIr7o1Wcq8dBEE0MkWEh9gljGEoLfcmMOCnt5A_SAY7VvItEqaBj0NZ4HefNYn_3kj2SFKPpynTvrHQIo3UZ1O6sLp2iuLigmJ9_D4UvrWE2n4Apnc6AWr_UfY9XQES60Am3DeG0jxpRazAExicZhUKBib8qKN1cHDpEcL3tEq7ykXbGsX9-Z2x7GUyretoXXFG5rLVgiZfk8yYCPtLNCDFOLvGdPV8z6nX1AGeqGZjK2Abf1kR5RhRftvphyg79uoCejLMyBoETuHUZZMHQWbSesBJ8Hgx9bjRuo0E7SO32sE1lYcsS0mibE49w1F2Vyd27tmvUwk-FMMD76ScdtofWjS5nxPd-Q8aPPLxyrCuaWfaAqa9zem25r34ULpwHyQxvjSJCl4mSDRc0Nl3SZi6kj_ssLfOfsvf4GfAm8RzEQTq93AkBtXDQ_-Pv6bqggjRSdv1pJmAj7ssV9aLYIydQe5za7EBrFL-p70aB06ydVvRwociVbukuKrlf-iUMSBeuF4MMQdbS0RDsKJ8_o3dihMDrhPcKP_PiVvZQ5odk1N8xPNxWbQEzmLsO_G6Y9C0WnAGP4yfq5eIPBPb57gz-__uDAM6NPq7e-HssSU1kyvM10v3FeawRFmsYIT9nTXZpl1fX8mtD6tWt8CXiHmDfKbCsocuWDh8Jn23NEFWU0NPLbchR7hghrwf8PwViQWNiI-M4e6aU-0HLZMGmS07QM4Nc6t2Hj0sAo1y2osxKOTPEwMFC2uyry1uviSf3PzZygBgPat3Fpruqy6iIb9fQUB9PfT0lJALQ93UY9TxqzMyeDV1TTbER1Aj1i0egNSSc-o9vpGJX-COA-tjuktmM-vCan7n8r0N0aomvZrwNiW_1aZycQ0y1o-n58m7zSP3SiAsdGCZ4iPzZ2CrtZSN349vhwwf_tWyGNVP54gF_83a9UdDNhgsP7u_mmpQuBhlP2th3hm6rz435aP7BWXV3dFsWnCf30fWp-zuCrRxBQHdk_rrhdBq8cttxR4mRBKylC2re120_zDmV9oFXMxx_JrCd5RNbH7gXr06LWlLbWRp1BzHX9YMTQtGb3XeTt4l_KYwyasqjI4LLIZlxf1liagpReSmggA9SSzMcbisktyqHOdeNnOdt00eJJ15Bp6oJkS6yeAqy3_FOE5kWwg4D21GntQCgQwWhZUxt93IF_E-vCWSXf3WEyBABQshoAp3St9Zy1dLMCSflErtRV3VAvT-kemdsPkzN8iwrutb7buxjc2Rb-_aeYrE7njl7aL-p5nPsob5x-RhKLzFIpcGXNCQ61ty8PotcspDVkRAp8A3w5U85W3peQjH_KvGrufAWJ-V0ej9qbQCN2nhxAxxsCD8x_oweFrdYuL0lon2R85YUd2kjHVmQ5bEKjthIQNVuBgCF8exJCEhhU4Aifm7l6cz0cPHldq1C4LcTF6ttBk_X3EvosCdzQdxWJLYKFcQCzNWFKB_UDSlsB7EzeDthLXgbzpkKNGnELEv9Xx9ikLnAOmT6VNp2aU80ce-m37NH_1L6YL1O-EQInKoWZdn4VH6n8oa9hIy9KGZSFtUisXf52DnbS1PZb9abdS6xsRIQgka7psJ-zhmQqlZLJ3q6zZKYB5Da_zNDKv_P19CCH9vfSqmKRUATnrwgSpEWFdFmGSmdK1UFMA35gpxL_gHyhLY7mJP9HaBcwniUgAE4iL893I8MSmBhKa1-ai_YC6Vxym6FsexZVvImdgPWP82rRJBwcU-_Ty7irkTI5HsKr4A71zcRouTU6PngtjnJGW5BRStGs4-8lDXRSc0MiTNTnwUw1gTaVv1XqUne-klgIrbvL46Xw_H0-m-uGyr4WRPuDA-KNuYJQl1DtgSFlr-smdx1BsUaKuV8pu0Dq8-MbDeF5GviVhc50sHVy5b7i3BvQHLvZwgfsI4PdCxX-4WcSCWE9SDoDXSR0O5Np7_TuJJw_tBpaWmaUcGjwnSBwLXMwnvDfHOu4Hn0NSzENR2KhRz1caAz7CWh8zSyBodvRM5TBHsvXhJjtW_L-_CZ_ABihae7UBWcUz4Wk5AKu8y0uo3iqLqVOBhuMpwdk0WkZ3DbCAyqwKrg6PTlzG90Y3EOXbUo6lo-7W4GQgtsJQiWahhhE_KNycZKoMdG_Z94fnBkqGnXcaoefD4pZ9khRjg3YLNjJ1VyP9CdlDr3MMVd3xmX2QaTvwKStEzwKOnVFpiZEO_aLAfbh0C1j77MutHa_ZSRV1DoPxcLQfyCO7BOohE1WCgM_DWkSfZxbsdhh4XeqmJpy03qJYaPKKdWeUm9-YNEt6d-_KyHuZ6VyfNUBrobWLyrD7nNNkmFXTlTbqkToKimnB_yZxxBxYPO3Zrv3Z1XX8gLfneJSwqQeNIX1al9woxZxKwWz2ds299WHElay3tCpqGqDsURnaUu8YJuFiEeAEn_daOyni4iE7fVJoRXO9yAyrSZ3HJhPXQs7Jb1roBDFZQxy1CjEs6lqiOpEit__C5NLdGnTLTgCfIyU89VYy-_3Lb7Ez0fJ3aBFvaV1xqpi9xMMR4qYqkJ4cwqWbwgab6QBzZRi8sg7jfYeZDNyHSJ_n8qlrY8oiolxBOpl6vmkOmLn4gFy6KZjkdWTo18veaPO2vxJUF9_XAXxebQn7RucAIkVerLOWw-6gZB9k-ncszIUBoov-byrtXpG8Y2l8vIPYRvtnoU7jjXiH9RtpNlYzZ1HdYIos_NbbVAQq1ch7ChaUHXI_Ph_-CacNcAgyKtdDLF_s2tTs8MslYd77bUxQHRRcKHXe55QNqs5DdpZHS2HSsfPOC__ppjMYQFfs6OFexZJf-PgzrZcLuIWBIy2oFFGmMomIqz_ng_kWtKxHucGtgTDD2O0WEnKG4ndoTEYRnjhx21fYQvew6x6rca3GwFDwcG-j11GYQOtB4jPyezxaR3iUNO2ePgHYTVw8QpxEziqdlhOov6_fOqBDQZZ9SLEg2aqigZGVPz8lbu9YjAK2KwMnooX0o94WWh_fID6YdNXNsrDfy5ts4_HKDFhddCYZD7v9bAuN4hubFW_VwRv0_8v99HXgp_gy6MBndfVhwlIwc8wv5-D3LUhrR6pBKDlN03n-7-AhzUGP39T2o5_BQGM-9XgH8I7feAh9QUhAVofHd7nljZRedUXbBEAScuc56OHPMHA&cid=CAQSOwBygQiDplLGDPGb4SGnH7JKamw_lTFAXG1ojyX2Tmv5ayaCl3PObSfVko2uqpPdN3nkx5aLOKGSn7lOGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.walla.co.il%2F&ds=l&xdt=1&iif=1&cor=4031263784859718700&adk=3037181500&idt=196&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:55:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 17:55:26 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 1113 30 KB
11 KB 30ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:57:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Jul 2023 17:57:32 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1113 41 KB
13 KB 31ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 345854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 07:09:29 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E2BC 1 KB
643 B 32ms
26ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85051
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 07:36:12 GMT
etag: 48472445140208031
expires: Sun, 02 Jul 2023 07:36:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4E74 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41ac6fe1c7ce3c02d17c542b90833b35dca3c7c6ade9841b5c835377c854d0d5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AD3F 1 KB
643 B 24ms
23ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85051
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 07:36:12 GMT
etag: 48472445140208031
expires: Sun, 02 Jul 2023 07:36:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4B82 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a22cc5748a06d981663519144c8c6d8e43af24eb07b97454ef9952bb8acdcede

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 81DC 1 KB
643 B 25ms
24ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85051
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 07:36:12 GMT
etag: 48472445140208031
expires: Sun, 02 Jul 2023 07:36:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1113 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce5287c9f614aef1409cd507254cab1839cbdebb3fb948df5be29e86e35b2352

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 feed-card-placeholder.20230629-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 42ms
35ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230629-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37140037494dec1a218e487e4f90f689395c1ebf22ff924d0e58e53ded53c44d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: OV8nifalOtrgymZsP1c9Fnc7RnX0OKP7
content-encoding: gzip
via: 1.1 varnish
date: Sun, 02 Jul 2023 07:13:43 GMT
x-amz-request-id: ZQRC9E4XYXEBC9G7
age: 249777
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: Vu037H0aWXxknTtigrPKT4/cx/r2C11tWkqw3VF/sAr5jHas9SfbhaH9A6fspyp0uNrOYo6oIM8=
x-served-by: cache-fra-eddf8230098-FRA
last-modified: Thu, 29 Jun 2023 09:50:47 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1688282023.272297,VS0,VE0
etag: "097f7b103b91587a0d1ee1f0966cf363"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 81
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 387352

GET
H2 200 userx.20230629-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 28ms
27ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230629-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12c4a658d4ed5d43e41cc3c6b3015cc469acfad9c83d6553cb3f4281e957b257

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: tcRrif9XTt_I9w1p0.6Pmxr2ZsSC7zFN
content-encoding: gzip
via: 1.1 varnish
date: Sun, 02 Jul 2023 07:13:43 GMT
x-amz-request-id: XSFHQJHNS77QV63P
age: 249710
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: yjGuE6/P5TXbxXcYn8AbHxU7iEZLuoLQZMQnfIu3bP/asqWKHDg0QTEH1mJ1uR9WR0yer+Jt6j0=
x-served-by: cache-fra-eddf8230098-FRA
last-modified: Thu, 29 Jun 2023 09:51:53 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1688282023.281528,VS0,VE0
etag: "c52000edc3360ebc62587167a701e85e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 80
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 80750

GET
H2 200 distance-from-article.20230629-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 28ms
27ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230629-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ccb01c75ad366038f5d3737484612357c88bc04c73e587f8d80513704475327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: Fc1b.Y3wi2SRWrwQWwDqhq5ZIzGsIZbv
content-encoding: gzip
via: 1.1 varnish
date: Sun, 02 Jul 2023 07:13:43 GMT
x-amz-request-id: RC8DJRHCH4EZF2WD
age: 249791
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1135
x-amz-id-2: n2woU0wHfigD0HpKB4RO/d/gcZPopINK1NGdCyMs6TqfF/UaOAxy4eB7cQxYQh06SBqWZrB202Q=
x-served-by: cache-fra-eddf8230098-FRA
last-modified: Thu, 29 Jun 2023 09:50:32 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1688282023.282386,VS0,VE0
etag: "2214837018247272a0bf67a35e51f98e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 75
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 416600

GET
H2 200 article-detection.20230629-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 28ms
28ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230629-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-walla/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29b895e95b22317d30e7cdbccfc282004f70520704c55d16a07eba29e563f8dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: x0t63.HAJ3kxpRvOrmYbS072ct1pNP3b
content-encoding: gzip
via: 1.1 varnish
date: Sun, 02 Jul 2023 07:13:43 GMT
x-amz-request-id: H5GDT7YFEREVWZ94
age: 249812
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1236
x-amz-id-2: 179pkAWc40svAv/bv4bgZkq/GH8nd5Z3K39VyyL8TOUN0UsCISgxqzh//UU6EowpHydM1X92ywA=
x-served-by: cache-fra-eddf8230098-FRA
last-modified: Thu, 29 Jun 2023 09:50:11 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1688282023.282381,VS0,VE0
etag: "fdcaf5e8630efd38cdb14cb7aefa2ff5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 68
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 416519

POST
H2 204 abtests
am-trc-events.taboola.com/wallail-walla/log/3/ 0
246 B 36ms
31ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/wallail-walla/log/3/abtests?route=AM:AM:V&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1688282023292%7D&tim=07%3A13%3A43.292&id=5807&llvl=2&ri=67995145c6b17501c8a2011d09702d64&sd=v2_7c96b1e9b2b98832260328b58135abb5_9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926_1688282022_1688282022_CIi3jgYQk-FcGNeDzauRMSABKAEwODib4wlAjooQSPG12QNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926&pi=/&wi=2990753527669053458&pt=home&vi=1688282022359&
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230629-3-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.walla.co.il
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/wallail-walla/log/3/ 0
230 B 35ms
30ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/wallail-walla/log/3/abtests?route=AM:AM:V&lti=deflated&ri=67995145c6b17501c8a2011d09702d64&sd=v2_7c96b1e9b2b98832260328b58135abb5_9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926_1688282022_1688282022_CIi3jgYQk-FcGNeDzauRMSABKAEwODib4wlAjooQSPG12QNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926&pi=/&wi=2990753527669053458&pt=home&vi=1688282022359&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22blockedVideo%22%2C%22type%22%3A1%2C%22eventTime%22%3A1688282023256%7D&tim=07%3A13%3A43.256&id=7954&llvl=2&cv=20230629-3-RELEASE&
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/wallail-walla/log/3/ 0
230 B 35ms
30ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/wallail-walla/log/3/abtests?route=AM:AM:V&lti=deflated&ri=67995145c6b17501c8a2011d09702d64&sd=v2_7c96b1e9b2b98832260328b58135abb5_9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926_1688282022_1688282022_CIi3jgYQk-FcGNeDzauRMSABKAEwODib4wlAjooQSPG12QNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926&pi=/&wi=2990753527669053458&pt=home&vi=1688282022359&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1688282023265%7D&tim=07%3A13%3A43.266&id=6305&llvl=2&cv=20230629-3-RELEASE&
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 26ms
24ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Sun, 02 Jul 2023 07:13:43 GMT
x-amz-request-id: KH3H54SRP4YPB9PB
age: 112
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: mP0nZ+4KDBKHVDyhuUEzb3LuG90df21M5809hL3yrjZ20OaHTMiCTGdDl6kK0Ov0/jyat3qi0Ao=
x-served-by: cache-fra-eddf8230098-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1688282023.318384,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 2
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 168

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 2498
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPHkfoAddXSq6p68XEW3srE&google_cver=1&google_push=AaAOQGESVvBQj6U4kGdxyCn4QXbJZOyRdAXQlHA_N2a69-9arnhA5lDpt4unPw-AZFvTOPnsOuF3_303O717hoyA8ELaZint6eY
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODkwMDQzOTAzMTY2MjQ3Mzg1Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPHkfoAddXSq6p68XEW3srE&google_cver=1

43 B
398 B

112ms
32ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPHkfoAddXSq6p68XEW3srE&google_cver=1
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPHkfoAddXSq6p68XEW3srE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2498
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOoEMmlayf674McJG18CL5A&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOoEMmlayf674McJG18CL5A&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MGdkVzFURUkxUWZSaGQ1&google_gid=CAESEOoEMmlayf674McJG18CL5A&google_cver=1&google_push=AaAOQGF0_3Wde1jUF8kcg-3GcRQDK6Qk471rEQWNncD3rQk...

170 B
188 B

48ms
48ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MGdkVzFURUkxUWZSaGQ1&google_gid=CAESEOoEMmlayf674McJG18CL5A&google_cver=1&google_push=AaAOQGF0_3Wde1jUF8kcg-3GcRQDK6Qk471rEQWNncD3rQk5kzEwQjlT5Ssu7JHaIZ0WwVjYBMI1vClyFA_7_4r9sOjLpQCGAq9D

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 02 Jul 2023 07:13:42 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-036c9e308bb7e39b5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MGdkVzFURUkxUWZSaGQ1&google_gid=CAESEOoEMmlayf674McJG18CL5A&google_cver=1&google_push=AaAOQGF0_3Wde1jUF8kcg-3GcRQDK6Qk471rEQWNncD3rQk5kzEwQjlT5Ssu7JHaIZ0WwVjYBMI1vClyFA_7_4r9sOjLpQCGAq9D
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 2498
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-U-xbR_v8YIBgabLjRuFhPOqYc7LDrP2nDo5tmQ&google_push=PUSH_DATA
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

43 B
369 B

31ms
31ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 127379
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 274
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2498
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELs6UbJAtYp5Udf1tvCeocs&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELs6UbJAtYp5Udf1tvCeocs&google_hm=ZKEjpsvxJchzRiGMKPI2ugAADSQAAAAB&google_nid=index&google_push=AaAOQGEszE7gJlEsN5wHYiujUcuCmhv5W9cuD...

170 B
188 B

32ms
31ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELs6UbJAtYp5Udf1tvCeocs&google_hm=ZKEjpsvxJchzRiGMKPI2ugAADSQAAAAB&google_nid=index&google_push=AaAOQGEszE7gJlEsN5wHYiujUcuCmhv5W9cuDKwo90y4q9WlMmKrt_WlSdv9BZxAnDHzk2nC8pb9dKrPpTFwxcbzc79dJTG-l18O

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 02 Jul 2023 07:13:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELs6UbJAtYp5Udf1tvCeocs&google_hm=ZKEjpsvxJchzRiGMKPI2ugAADSQAAAAB&google_nid=index&google_push=AaAOQGEszE7gJlEsN5wHYiujUcuCmhv5W9cuDKwo90y4q9WlMmKrt_WlSdv9BZxAnDHzk2nC8pb9dKrPpTFwxcbzc79dJTG-l18O
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2498
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESED7Buut5M46s1qksyZD-nfQ&google_cver=1&google_push=AaAOQGG7EdD4Erd0Lyk70-Hs015SjsXcqKH3uqRSLgVyPCbpZVe1LC8X8Zw5_G-__-aPUiRdJahWDcthNHqFWuTc9...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGG7EdD4Erd0Lyk70-Hs015SjsXcqKH3uqRSLgVyPCbpZVe1LC8X8Zw5_G-__-aPUiRdJahWDcthNHqFWuTc9svj5Dh8NrT4&google_hm=G6XxJGZH__q39tT-QoWEGkvk

170 B
188 B

32ms
32ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGG7EdD4Erd0Lyk70-Hs015SjsXcqKH3uqRSLgVyPCbpZVe1LC8X8Zw5_G-__-aPUiRdJahWDcthNHqFWuTc9svj5Dh8NrT4&google_hm=G6XxJGZH__q39tT-QoWEGkvk

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 02 Jul 2023 07:13:43 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGG7EdD4Erd0Lyk70-Hs015SjsXcqKH3uqRSLgVyPCbpZVe1LC8X8Zw5_G-__-aPUiRdJahWDcthNHqFWuTc9svj5Dh8NrT4&google_hm=G6XxJGZH__q39tT-QoWEGkvk
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2498
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESENN3jFp6R7F9vsNoJjLEfyM&google_cver=1&google_push=AaAOQGFdVjpsIF5kmeKEU9JUMLZowTG8Ll3589Ld4xgiz4XNN9IATvqw1PhWSfIC8bvJgt6OkvhKlxWEcTBGzF7SJhr6S7...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESENN3jFp6R7F9vsNoJjLEfyM&google_cver=1&google_push=AaAOQGFdVjpsIF5kmeKEU9JUMLZowTG8Ll3589Ld4xgiz4XNN9IATvqw1PhWSfIC8bvJgt6OkvhKlxWEcTBGzF7S...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=EFmo7J7US7CWZHvp6x1_ig&google_push=AaAOQGFdVjpsIF5kmeKEU9JUMLZowTG8Ll3589Ld4xgiz4XNN9IATvqw1PhWSfIC8bvJgt6OkvhKlxWEcTBGzF7...

170 B
188 B

35ms
34ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=EFmo7J7US7CWZHvp6x1_ig&google_push=AaAOQGFdVjpsIF5kmeKEU9JUMLZowTG8Ll3589Ld4xgiz4XNN9IATvqw1PhWSfIC8bvJgt6OkvhKlxWEcTBGzF7SJhr6S76W9hTZ

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=EFmo7J7US7CWZHvp6x1_ig&google_push=AaAOQGFdVjpsIF5kmeKEU9JUMLZowTG8Ll3589Ld4xgiz4XNN9IATvqw1PhWSfIC8bvJgt6OkvhKlxWEcTBGzF7SJhr6S76W9hTZ
access-control-allow-origin: *
date: Sun, 02 Jul 2023 07:13:43 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 2498 0
44 B 40ms
39ms Image
text/plain 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESELdJfXIX3rdBoc7NnaD2QsU&google_cver=1&google_push=AaAOQGErymjetktuhtyivHH7z4J9GdhYuYPEtj1bwVy8-HLFGaux_kxKGz437wEbveY9uT2HY-X9gqKLE9oP8ILa92TUB0bIdc0k
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:43 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2498 0
12 B 30ms
29ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L81TNOHdfBV5LNYKeF8bRSoCNj-QmBhe-gRiz4n3ehpB3DL2rU5Ou--waL_LSvUX5mIZz4

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 61B5
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1484042/72185571/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013030159&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20259277643&bidurl=ht...
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_piOhZKn8MYun9u8P6p6vKA&cbFunctionName=goog_wrapCb_piOhZKn8MYun9u8P6p6vKA&true_pb=https%3A%2F%2Fstatic.adsafe...

1 KB
1 KB

21ms
20ms

Script
application/javascript

2600:9000:223f:3e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_piOhZKn8MYun9u8P6p6vKA&cbFunctionName=goog_wrapCb_piOhZKn8MYun9u8P6p6vKA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:3e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 17:26:18 GMT
x-amz-version-id: c567TBReTKM9m7VfCfOmpAHbFN80zD8c
content-encoding: gzip
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 481646
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 26 Jun 2023 17:26:15 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 2QmB4iU37421tbhXk-jreLGVNsIicIgt5RvMQESvK2--ZWnyKvLxyw==

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: nginx
x-server-name: app14.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_piOhZKn8MYun9u8P6p6vKA&cbFunctionName=goog_wrapCb_piOhZKn8MYun9u8P6p6vKA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 14AE 91 KB
23 KB 24ms
24ms Script
application/javascript 2600:9000:223f:3e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 24507447
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: ImZDeL9YZ_POmZdqOzf8XgZrI7CdSCh-5UAsoifZnV04aVx5OMPvhQ==

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 04E8 22 KB
8 KB 23ms
23ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 345790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 07:10:33 GMT
expires: Thu, 27 Jun 2024 07:10:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/1802642303269007491/ Frame 12ED 189 KB
25 KB 22ms
22ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1802642303269007491/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94cda7fcf2004b0840c83ee33adbe808c5a80792bdf1c4243ac04610ccfd50ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 494478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 26016
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 13:52:25 GMT
expires: Tue, 25 Jun 2024 13:52:25 GMT
last-modified: Tue, 20 Jun 2023 11:03:53 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 61B5 0
0 70ms
69ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsthZS940cWltjZxRiPGB-8_sneZqijINDJARKbBe3tuWeXJp-6RDHgFD7DujX5Hw0uzepHDpTzLpOUyQRVtYWidPTyyZbHI12z8OO1gZ8FHyn1OVO3vp1Mr7faafDgZSdhqg4QuyeRTXdfL8b_yzDGU1Opi4oPVADbS8dxmBFrRCOJzy5bLV6O5On96PyOGULg2BMdq9EAAqoNoc9c8kDTSduo8SwdtU4-0xXC-bBTUs_KLp0V5C1Y_TmZH6YtAl6axBzbQbu7s0a5nUYcxyYJWIoAi0kDxJ9Lp31oTqp6gQJ8cDzIgl-L9MMnSRySQG8QMn_G--p-ohYS-B9jZQFJ_Tu3NV2OXww-1Z4ngC6i4Aswa6KTcT7Vb0H0bV-la4IlsQMKT7mnx_qdLPfIOD3erzPtDhA7LvQxoXtKLPSD6VIWOWK2nVB7jONaW79VZhsC7487ZMvKIfrWOE8vZ9cngizq3NhOhFd_EwcYPqiZKmjg8zHXsGyNDQMIfoaP2FKS7SUCTi4ncHwpW-D1-Teuj2ICBsWBJ-sF67JgqhX_SnRJsbmiMmYZbzf0k5DiqQmNjrc8JP28DjXBr5fGwLNyzvQFzpqUAbuhsH-6NegYlukIvRgICwqbd4x8ia1qtP3U4Vh4e5Y1cBNX_0Xp1V2Tu_Npl-BfEU7dMvo6xmouS8yHBGDvIfb0rPI9bUvbabvdajG1U56DaC7xMMu1NtNpqEkO4SsMfVmX87HcJb4JnY_MlKCmyW6Ccrqu9l1Coy2NEj7dD5DtuQP-FHW30Yty_GKhsudjiqpC7uBHius2eC9ggC_Ytl9oUpGGf0HmbTroIqEhcf8HcF-BiSItk92Qa0SlQiCh6SY_z-d9SMPg63NbYog5dON2F4_9sqHvSd6_q9I2ZikZvO8_6mVUPxEbYrooFbyE2n3ujyBDzP8OQEERjW7I7oUpgyIZQWUKdZdSaSXG08hcIQ9B2sLNaw9mVWkZpOUvHAtj0Nn42OyfgqEbrpwG-8VJiKeZYxY2Ja6G12Zwg-e3oLzYV_iw3DTYuieKtCDnZ9AVqsCcFeQNvHLXk74eBHBfRcF9fnswqncCI9cGFLbhqHmPnA3evCf0kqhA5GMCAGdQ6b4_e8XIOQopcq2x1BSeUzm5fYTy4jhS2gr77sZRJzGus4dTNFlORixazIsOvlUOgWzjxLE4p-KckBlXt6QtdmW6hDa4fbOVsigkdoaoPtGPWtkXrHcfS1uyIMReO0-AEiKD8KB9CRPyLPhj_5IGNwa7VFF5XFR25vV5t&sai=AMfl-YRj4QmZ1wZBehNal9i24DmLKuRbxIj2OA3Ie0vGNFNGOyMZDbiWWs39jDND64TgtEV_Rg4tSNgChc07EHaK-cHLQ3D0aL13mQcdW7vaLtqam8R56ks_BFuGNA6bnf0kPEwfwnhLMVfcwZuehk2UhNLVks7XpA5r8o21Z5yZTGzAfAKC38I-e8hqZrFmWHI_rcnCYiflZURKGsaYbChLzsdEu4Fj5j-FRWYa5VLkExUMVRtiDN3i7Uf4qkvybysws4KH&sig=Cg0ArKJSzDd7-AgcYMgpEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=519&cbvp=1&cstd=517&cisv=r20230627.18402&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 02 Jul 2023 07:13:43 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 02 Jul 2023 07:13:43 GMT

GET
H2 204 social
am-trc-events.taboola.com/wallail-walla/log/3/ 0
230 B 33ms
30ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/wallail-walla/log/3/social?route=AM:AM:V&lti=deflated&ri=67995145c6b17501c8a2011d09702d64&sd=v2_7c96b1e9b2b98832260328b58135abb5_9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926_1688282022_1688282022_CIi3jgYQk-FcGNeDzauRMSABKAEwODib4wlAjooQSPG12QNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926&pi=/&wi=2990753527669053458&pt=home&vi=1688282022359&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.walla.co.il%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D%22%2C%22sec%22%3A%22%D7%95%D7%95%D7%90%D7%9C%D7%94%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fimages.wcdn.co.il%2Ff_auto%2Cq_auto%2Cw_1200%2Ct_54%2F3%2F1%2F3%2F6%2F3136860-46.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=07%3A13%3A43.474&id=4010&llvl=2&cv=20230629-3-RELEASE&
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 v5
metrics.getrockerbox.com/track/ 44 B
554 B 184ms
121ms Image
image/gif 172.64.141.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metrics.getrockerbox.com/track/v5?source=weight_watchers_subscription_germany&tier_one=taboola&tier_two=25992760&tier_three=3705966425&tier_four=wallail-walla&tier_five=Desktop&auction_id=2023-07-02+07%3A13%3A43&referrer=walla.co.il&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_232}
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.141.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qz2XChyK9x6Kvyso1DD%2B8Vk5nYblfJXAmoQTjFCvTqqFULaYjVMbWwvIBVSqOfYb0Rnmf8deuEJQFdPqAyHsILl%2BiXrBit3JubNRW4miccKtv53a1KakJfycXiL4DeQeHBQP%2Bvd5R5ne1Ig%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 7e051677294f360a-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 204 bulk-metrics Show response
am-trc-events.taboola.com/wallail-walla/log/3/ 0
246 B 31ms
31ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/wallail-walla/log/3/bulk-metrics?route=AM%3AAM%3AV&lti=deflated&bulkSize=6
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230629-3-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.walla.co.il
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 97eb4215d600b559a5e2eead2af12b91.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
16 KB 29ms
28ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/97eb4215d600b559a5e2eead2af12b91.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: aebba18a234b37cccc52f0e6b64c0dad5a481c8d8b9322bbb01147086963c87c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 4
date: Sun, 02 Jul 2023 07:13:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/97eb4215d600b559a5e2eead2af12b91.jpg
age: 160273
edge-cache-tag: 436611143381496171480583057124273126203,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag: 436611143381496171480583057124273126203,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 431
req-referer: https://www.t-online.de/
content-length: 15572
x-request-id: 97233f53bc7484af83b0340b2da1120c
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100106-IAD, cache-iad-kjyo7100063-IAD, cache-chi-kigq8000022-CHI, cache-iad-kiad7000176-IAD, cache-fra-eddf8230098-FRA
last-modified: Fri, 30 Jun 2023 08:27:15 GMT
server: nginx
x-timer: S1688282024.503884,VS0,VE4
etag: "9227c767a937975c4141796467a90a75"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 2d7857a12e72340e4d7c1bcf6e6330da.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 4 KB
4 KB 28ms
25ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2d7857a12e72340e4d7c1bcf6e6330da.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3fdff2f6c4345abea5d8eeb384be02227decde0a3248f0e0f4778df04186703

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 02 Jul 2023 07:13:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2d7857a12e72340e4d7c1bcf6e6330da.png
age: 1100982
edge-cache-tag: 472499167655769110684359121848319962942,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag: 472499167655769110684359121848319962942,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 104
req-referer: https://www.watson.de/
content-length: 3782
x-request-id: 0df43c7c919dedd10ffc27fd4dd139af
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200045-IAD, cache-iad-kiad7000074-IAD, cache-chi-kigq8000035-CHI, cache-iad-kcgs7200082-IAD, cache-fra-eddf8230098-FRA
last-modified: Sat, 10 Jun 2023 18:57:08 GMT
server: nginx
x-timer: S1688282024.511790,VS0,VE0
etag: "ae9adbb7ae9a22274737e211aaa39908"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 1, 11417

GET
H2 200 f512257f5b0f25b148010613e94ecf73.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 20 KB
21 KB 35ms
32ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f512257f5b0f25b148010613e94ecf73.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 17b7491029c4c671d86599440632d4a0d05535c51b1ea4f5bbaf970f5ae3693f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 02 Jul 2023 07:13:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f512257f5b0f25b148010613e94ecf73.jpg
age: 1555937
edge-cache-tag: 330204137618178086028089897559364653017,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag: 330204137618178086028089897559364653017,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 405
req-referer: https://www.doithouses.com/
content-length: 20354
x-request-id: c2d701b5170165b0f37c8b912ac44194
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200111-IAD, cache-iad-kcgs7200044-IAD, cache-sna10730-LGB, cache-iad-kjyo7100136-IAD, cache-fra-eddf8230098-FRA
last-modified: Tue, 13 Jun 2023 18:18:24 GMT
server: nginx
x-timer: S1688282024.511407,VS0,VE2
etag: "5d233a3167e2b5344629b0e6dd06f2c0"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 ecc23307b55208633021ba3328f45fab.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
16 KB 27ms
26ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ecc23307b55208633021ba3328f45fab.png
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6cd90ef02bbff5c919e724bd0818f6e6735877a2fe37c8fa6afdba308d58ca4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 02 Jul 2023 07:13:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ecc23307b55208633021ba3328f45fab.png
age: 2128735
edge-cache-tag: 472651082444787377986284472528334815808,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
cache-tag: 472651082444787377986284472528334815808,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 256
expiration: expiry-date="Thu, 29 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.express.de/
content-length: 15060
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000139-IAD, cache-iad-kiad7000110-IAD, cache-lga21931-LGA, cache-iad-kjyo7100173-IAD, cache-fra-eddf8230098-FRA
last-modified: Mon, 29 May 2023 15:11:14 GMT
server: nginx
x-timer: S1688282024.511410,VS0,VE1
etag: "a14ebc56ddc8654479721dcd53e27b8b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 44, 1

GET
H2 200 dfffba9d6d581cd018e96fc9c02616bb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 33 KB
34 KB 27ms
27ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dfffba9d6d581cd018e96fc9c02616bb.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8e4127529cabcaa6f9bc00596628e689e79781891ed2fee638f38c192445cdab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 02 Jul 2023 07:13:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dfffba9d6d581cd018e96fc9c02616bb.jpg
age: 2142695
edge-cache-tag: 613177463163970658061009495802295666233,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
cache-tag: 613177463163970658061009495802295666233,542528622032317967375890746257052262100,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 109
expiration: expiry-date="Mon, 19 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://likeitviral.com/trending/ein-einblick-in-das-nettovermogen-deiner-lieblingsstars-bastianschweinsteiger-tb/92
content-length: 33614
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200064-IAD, cache-iad-kjyo7100109-IAD, cache-lga21972-LGA, cache-iad-kcgs7200159-IAD, cache-fra-eddf8230098-FRA
last-modified: Fri, 19 May 2023 05:26:49 GMT
server: nginx
x-timer: S1688282024.511578,VS0,VE1
etag: "a0675e111e5684f1e4d4a16b2d70234b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 8, 1

GET
H2 200 efafba1b4be41392c1399a9adc8d8e2f.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_767%2Cx_0%2Cy_32/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 46 KB
47 KB 27ms
27ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_767%2Cx_0%2Cy_32/http%3A//cdn.taboola.com/libtrc/static/thumbnails/efafba1b4be41392c1399a9adc8d8e2f.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3455ddfdb42e51c599b261aeea159a7441848bd31ebd4d814b03cf29bdbac7c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 02 Jul 2023 07:13:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_767%2Cx_0%2Cy_32/http%3A//cdn.taboola.com/libtrc/static/thumbnails/efafba1b4be41392c1399a9adc8d8e2f.jpg
age: 152935
edge-cache-tag: 466912076305415742367633116483477321124,563519246717604454202794887202904615848,29ecf9b93bbf306179626feeda1fab70
cache-tag: 466912076305415742367633116483477321124,563519246717604454202794887202904615848,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 491
req-referer: https://ads.taboola.com/
content-length: 46858
x-request-id: 91f14a7b78a8027394430ead19eee74c
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200166-IAD, cache-iad-kcgs7200048-IAD, cache-chi-kigq8000146-CHI, cache-iad-kiad7000118-IAD, cache-fra-eddf8230098-FRA
last-modified: Thu, 01 Jun 2023 14:29:44 GMT
server: nginx
x-timer: S1688282024.512557,VS0,VE0
etag: "5561eaf52ee9ac2f367e05d906065dcf"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 3, 57

GET
H2 200 a03cf23a4e01be7a84b7f050ac538371
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
5 KB 28ms
28ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a03cf23a4e01be7a84b7f050ac538371
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3caa403ec3243c60ccbfb9fec1181b912ea8e215304c845ec687968b1a132ed6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 02 Jul 2023 07:13:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a03cf23a4e01be7a84b7f050ac538371
age: 1124093
edge-cache-tag: 298990444512914700562599217191983172211,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag: 298990444512914700562599217191983172211,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 79
expiration: expiry-date="Fri, 14 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.walla.co.il/
content-length: 4642
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200124-IAD, cache-iad-kiad7000082-IAD, cache-chi-klot8100054-CHI, cache-iad-kjyo7100078-IAD, cache-fra-eddf8230098-FRA
last-modified: Tue, 13 Jun 2023 15:41:34 GMT
server: nginx
x-timer: S1688282024.535990,VS0,VE1
etag: "dd3515447e78963cc09e711dbf05880c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 4, 1

GET
H2 200 a51df26a9b0e09be8ced57700e59e4f4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
6 KB 25ms
25ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a51df26a9b0e09be8ced57700e59e4f4.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b8b3ae86f02df316f3360d7ec066c866c50c9b4393d3a4ef07a369e29b66a9a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 02 Jul 2023 07:13:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a51df26a9b0e09be8ced57700e59e4f4.jpg
age: 1920185
edge-cache-tag: 435183009805915956542206236064026534285,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag: 435183009805915956542206236064026534285,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 106
expiration: expiry-date="Tue, 20 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://telehealthdave.com/
content-length: 5970
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000026-IAD, cache-iad-kjyo7100095-IAD, cache-lga21965-LGA, cache-iad-kiad7000152-IAD, cache-fra-eddf8230098-FRA
last-modified: Sat, 20 May 2023 19:53:50 GMT
server: nginx
x-timer: S1688282024.540197,VS0,VE1
etag: "f028cd87304faefe9d028c21725c7d56"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 82, 1

GET
H2 200 3565275-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/6/5/ 14 KB
14 KB 38ms
38ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/6/5/3565275-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cea7a486a8af3cb2edfa41b4ecc4ce5d9f068e27551bba534ba058f93094a444

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 14
date: Sun, 02 Jul 2023 07:13:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/6/5/3565275-46.jpg
age: 1707
edge-cache-tag: 364953243595977242726713921555686689248,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 364953243595977242726713921555686689248,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 112
req-referer: https://www.walla.co.il/
content-length: 14140
x-request-id: c1a60166e6075e79b22dce9658e0b4b6
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100117-IAD, cache-iad-kjyo7100108-IAD, cache-lga21952-LGA, cache-iad-kiad7000115-IAD, cache-fra-eddf8230098-FRA
last-modified: Sun, 02 Jul 2023 06:38:15 GMT
server: nginx
x-timer: S1688282024.539809,VS0,VE14
etag: "6c549070a3906238a8858df6d7b12c7f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 3, 1

GET
H2 200 3561169-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/6/1/ 17 KB
17 KB 28ms
27ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/6/1/3561169-46.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bf6076a718ee2c441dcba8cb0d19f81372ed228a81cb99a3ee8966e4b25febb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 02 Jul 2023 07:13:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_289%2Cw_520%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/6/1/3561169-46.jpg
age: 950486
edge-cache-tag: 411495149196669753256457121293526075488,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 411495149196669753256457121293526075488,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 172
req-referer: https://www.walla.co.il/
content-length: 16984
x-request-id: 09536dd2e6f09d402d9ed3707ded5d36
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000154-IAD, cache-iad-kiad7000069-IAD, cache-sna10738-LGB, cache-iad-kcgs7200131-IAD, cache-fra-eddf8230098-FRA
last-modified: Wed, 21 Jun 2023 07:08:08 GMT
server: nginx
x-timer: S1688282024.541080,VS0,VE2
etag: "04e7eb43da57c422258b3d0dc3e89da1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 5, 1

GET
H2 200 b2d8afd866dfe68927c57f5396263447.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 12 KB
12 KB 25ms
25ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b2d8afd866dfe68927c57f5396263447.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b7d541c743b445a54cf0c1f8a51352500499ccdf610705850f372db2c467c5ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 02 Jul 2023 07:13:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b2d8afd866dfe68927c57f5396263447.jpg
age: 2153369
edge-cache-tag: 620570126640732156417701910443845224029,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag: 620570126640732156417701910443845224029,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 80
expiration: expiry-date="Mon, 03 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.hoerzu.de/
content-length: 11866
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000022-IAD, cache-iad-kiad7000168-IAD, cache-sna10751-LGB, cache-iad-kiad7000094-IAD, cache-fra-eddf8230098-FRA
last-modified: Fri, 02 Jun 2023 08:29:16 GMT
server: nginx
x-timer: S1688282024.544163,VS0,VE0
etag: "70449fec082b1a08dfbcf1d1b7fe42c6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 62, 3

GET
H2 200 98a4f66daf12b57ba81b72ecd3b2636c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 26ms
25ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98a4f66daf12b57ba81b72ecd3b2636c.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0a06cf8c5c33628b09b521fd022700bc0d1fae88a2501637b024f72a3290775c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 02 Jul 2023 07:13:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98a4f66daf12b57ba81b72ecd3b2636c.jpg
age: 2295022
edge-cache-tag: 356456638816400831873983126532522531544,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag: 356456638816400831873983126532522531544,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 66
req-referer: https://www.tippsundtricks.co/sonstiges/redcup/?utm_campaign=zand10t8&utm_source=Taboola&utm_medium=native&utm_term=cdm-itwissensieddasde&utm_content=dqsd2sciZrr41He7_TFS3FtW6veRRep6n1FHrwBFd3s=&tclid=GiCpTUr5kPMMvE87ymStaOfPptqg4HFKbshHtwcMfpoZ8iD7rkMo4fWVm9mb4vqcAQ
content-length: 5272
x-request-id: 571235b425d6a8922a2c703952413f87
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000070-IAD, cache-iad-kjyo7100033-IAD, cache-lga21964-LGA, cache-iad-kjyo7100073-IAD, cache-fra-eddf8230098-FRA
last-modified: Mon, 05 Jun 2023 16:23:44 GMT
server: nginx
x-timer: S1688282024.545526,VS0,VE2
etag: "b3c8fae110db2be82e61df2d747af088"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 52, 1

GET
H2 200 070d2e0d-7450-44bd-a1ea-0c3de55fbb98__u5nfwQC8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 13 KB
14 KB 24ms
24ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/070d2e0d-7450-44bd-a1ea-0c3de55fbb98__u5nfwQC8.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b1d235534bb8b8dfeda9a547ae5a99272a4c235f6d56843d869b52c43444ffb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 02 Jul 2023 07:13:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/070d2e0d-7450-44bd-a1ea-0c3de55fbb98__u5nfwQC8.jpg
age: 2575383
edge-cache-tag: 429811095010435726690074369115185388426,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
cache-tag: 429811095010435726690074369115185388426,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 56
expiration: expiry-date="Thu, 22 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.walla.co.il/
content-length: 13164
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000148-IAD, cache-iad-kiad7000142-IAD, cache-chi-klot8100062-CHI, cache-iad-kcgs7200106-IAD, cache-fra-eddf8230098-FRA
last-modified: Mon, 22 May 2023 20:14:48 GMT
server: nginx
x-timer: S1688282024.561509,VS0,VE1
etag: "74cec39d6ff552b8a4871b55814dc5f5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 13, 1

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 61B5 43 B
215 B 114ms
113ms Image
image/gif 2600:1f18:1aca:4280:a825:de6:4efd:399e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=e824cd45-8a73-f634-68d0-8945ed0119ca&tv=%7Bc:hbWQJ2,pingTime:-3,time:218,type:v,im:%7BpBlk:86%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:44%7D,%7Br:r,w:160,h:600,t:210%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:218,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:43,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B213~0%5D,as:%5B205~0.0,8~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tIPNjEW+11%7C12%7C13%7C14%7C15%7C161%7C162%7C1631%7C164%7C165%7C17%7C18%7C19%7C1a%7C1b%7C1c*.1484042-72185571%7C1c1%7C1c2%7C1d1%7C1d2%7C1e1%7C1e2%7C1f1%7C1f2%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1c*,rmeas:1,rend:0,renddet:svg.us,siq:45%7D&br=c
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a825:de6:4efd:399e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 61B5 43 B
215 B 113ms
113ms Image
image/gif 2600:1f18:1aca:4280:a825:de6:4efd:399e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=e824cd45-8a73-f634-68d0-8945ed0119ca&tv=%7Bc:hbWQJ3,pingTime:-6,time:219,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:219,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:43,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B215~0%5D,as:%5B205~0.0,10~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tIPNjEW+11%7C12%7C13%7C14%7C15%7C161%7C162%7C1631%7C164%7C165%7C17%7C18%7C19%7C1a%7C1b%7C1c*.1484042-72185571%7C1c1%7C1c2%7C1d1%7C1d2%7C1e1%7C1e2%7C1f1%7C1f2%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1c*,rmeas:1,rend:0,renddet:svg.us,siq:45%7D&tpiLookup=ao:www.walla.co.il*&br=c
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a825:de6:4efd:399e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/11065803848835661824/ Frame FCA8 47 KB
12 KB 33ms
30ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=Mvw8ALzR6M&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 07:13:43 GMT
expires: Mon, 01 Jul 2024 07:13:43 GMT
last-modified: Wed, 15 Feb 2023 15:30:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4E74 0
0 70ms
70ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHIZ2qtZa8a13x-9Crx5BlMJpm64TKlQE4mromPVQ71vE3NnZ8kJhhoICWAEAqYQGFJFGWNr_HZEF8XcJkT_v2xcGUReMc3H8nL2vin-PkAR-Eayl1GGLpZ4sz_u2mcblYMopLgZTfj7l516QmU8WO4WfKKKlm5FEpdHW8KsyWyCfszpVPWHw-s38V1LLBL1dEcKYyK893TTKyvGEa3YwrL76_-ImHk9aU8ATkPUZfJRCgtGouTt27mVJrLdfrzite46vRsI-bi9tjyzlZRYfQkpb2_m7e-CTEgaJj8VZWQVJ54lk8Md6U4X9BFfPu5d0ASpNk3M5GA5dc5Qe_d9eTYKQ9lk-hAtOZO0BwtiIDzG-bUBNEbn0AhB6QbtQm08Hb-QEsuh4mD2RMcihG4piEy9pws2AVUwxayMEkyt0IAfOBDyFTYFw2-wvg9MkiqGuMwG3vbpbT_EcssF3ubZtZx2Y5PCTkx75LTtJb8ZAUiQXt6Fon5SlDrBjBQV5PEMdXTRKbXMb7L4aSUxIzsl2RgNLZWXiyuM0u8-5AGa8rnu2tl1ehRXmuO94VAYQOpXA1YI76hDDWuINvPZ0fw9WuL0lXdCxr1cQMtikcktBLIJpmRonvyNXi4ISGy0NrbyZ3BICFYIwcPV8a4_8vmI1FSWRInxwCyySlxc3VCw1AnMB35XAMMuE6Sfjjmo_GSH0aPTD2QYfSLMyAfNJFEK8D_IuXoQJQOEeWDJYIG-QCGOAFVOhni-bfCw8v53qmLlXXeEFpQd_Qp3UO4pnJZPF5Xgb1mJiAmuVQ6_6kJi-Na0llit9jg4XD6UOgBDUry8pOklxEoPyK8V9kle4WC9LpVpClFd8Zq4qxEILrU47DuJxClZomSUalBSnrM-2J1RCCVnXk8SKDmUEb20DGLhxR74iP4ox1drIGdedN9rYoFXfRSJQwEc7qXgTIuHr7ov0weg7vZfTtLCmf6N4lDC5W0V7j3cR0lVUNxjf5_TO_Z-bqCEyj8fmvQYJjlwgOlluTNHI1JQz1Azw_l47buxYr_G1NUh0AZfvHYNAJ7UvziQafSSoGUfRkrfm9uBX4HhWsJybUD9I0ZImnGLtTHoBqCmw6F5Om_Fk35HQ3zDyiboBbENQa_2_JyFF1nGl4zWJFrIySkD1o0vn-eKQG6i4ofUsQd4M9W9EyHHZfXwXtxipRPqlv2ljJ46VP08q6ficrf0GA7_XX2_xnSegI-764qXVHuxdxPY7ZcBqab9D9Zl9iwWnKchxAATBCCDhqGDBWEom55tpHc5Nt-Ia4tuLeJYuwxxc1RILz9WxJ6ib_OHmtyTQ&sai=AMfl-YTVsNwCVD7mPeFvppfKjIYTO1wPQOp_xoUgLMvWYij4-0_65n8vAMplswEAgd4UATGqdPQJfyFV86J2HXQYQMy0Ih3Caiw7460YyIyoOjNfpwHe_0pG-nenUweckq6c5BHyODZg6CGhR5LWYEF7Z1AnsrucyHUbqgj_CrsfEyA22EbvZ7KM_8bPC7-LLEdDyh86FHuPfJI7aPMSMWbpVC29KQrUxN7Sl41L8jihaEfKRV-6CmMqwbxGRWOa9dl5RgMy_YqEoEIvNNIhMqT-1DlpkfV7VQ&sig=Cg0ArKJSzJ6cgozh0ZnWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=558&cbvp=1&cstd=547&cisv=r20230627.22289&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 02 Jul 2023 07:13:43 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 02 Jul 2023 07:13:43 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 4B82
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1484042/72188194/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013030159&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20259277643&bidurl=ht...
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_piOhZN2PNquQjuwPtcKGmAk&cbFunctionName=goog_wrapCb_piOhZN2PNquQjuwPtcKGmAk&true_pb=https%3A%2F%2Fstatic.adsa...

1 KB
1 KB

24ms
24ms

Script
application/javascript

2600:9000:223f:3e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_piOhZN2PNquQjuwPtcKGmAk&cbFunctionName=goog_wrapCb_piOhZN2PNquQjuwPtcKGmAk&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:3e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 17:26:18 GMT
x-amz-version-id: c567TBReTKM9m7VfCfOmpAHbFN80zD8c
content-encoding: gzip
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 481646
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 26 Jun 2023 17:26:15 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: rv3a67XCwUymCJsG_zg6bxjNuGJicn8t9HfefM5QmS7N4UcZMJYeQQ==

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: nginx
x-server-name: app17.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_piOhZN2PNquQjuwPtcKGmAk&cbFunctionName=goog_wrapCb_piOhZN2PNquQjuwPtcKGmAk&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 0287 91 KB
23 KB 23ms
23ms Script
application/javascript 2600:9000:223f:3e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 24507447
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: GZ7xUoJVgTI6ygCvmczBkOSfTuAmZpxhfI0yPVW3wHoko4T4x8qm8w==

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/11065803848835661824/ Frame 2EA5 47 KB
12 KB 30ms
29ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=54b8cuUXhB&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c779f4fa5bf396269317b6ccc5bd0259ff6b28d9dc40eb75cf47aa245b0bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 07:13:43 GMT
expires: Mon, 01 Jul 2024 07:13:43 GMT
last-modified: Wed, 15 Feb 2023 15:30:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1113 0
0 66ms
66ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstgO2hxY1UfH82KmJbAYa9BIM4DR2nLjUM4ewMPgjKkANBcAkImeuMgekXmzOwU-2eAN27nZY5mUaSMYXlydwNr-eE7_EFNtJNk4bys3yDRwNxCsMvg08q-5YH98saPmXCEyshvpRFSlRGQPr-3MFmI29tNPHLCVHMnupNMZF1sYpB7tqu5QzMiJJtspBTanryG41WpYrkyqMZ-lGhB2bv9w-EISSsK40HvHda1jmv3DN5Wmbov1OVBdZ5Su9dyLlSC51X6FXkWzLmwxtPeNvmoM_Z5l_n_pRs57yjmhWtc6XUa4gWh-GwlzXJjUCzpZeOoQWzHGhH6_NtF6bacwBMbR47k9Mmx0L_LOzUTRYEk6Ptryg0iwVfrOCZiy-akdlNp3237IoEW5J_Uj60w_8kt3V3IpnthZGTSx7i2-gSyQlJbntJ_cWhAgJLi2i0do8WXS1oz2WbAPkGb-aTLynohrRfdcXBOrCUop_a2Nsac1iFrUha-J9qfcfmSBby6m_SHkkD-VaJtD1e-HkRw8rdnN8Ox-SRlF89dIdJs2Abg-hkhDJePdMkd4RT6S5EHJHmaxWy1fDJTN1fW2PgJLjsf2KjU0Ksp1-GGE7T2VXqRfxeYX1LZEPt6V3OZVIGtss3OZfZUaOYtyLSNkaUCMokXkKJSGs88QgE4_Tzdo4m1mF2wpOI_IgWAHGjFJf6fiiEnr1TgJbuoGMzl7TDaAtS8zIovR3ivgmufveCGEnxdQZsOYp-ijm4g7urpnD0IgI1kQ-rH5RLT6SyK5LQrCYUvLvx_HB7la9p71gqfGDJx2kxB4PeJ_g0XaJ1N7sJA4ZUUQKgrnn3X8G6rLN8e1BFG02xKh6FTVMiqZaNtF6Ooiggyj7tTRLidBeriLr7xkozAWPG6nYwy7FMWKsFyhsm2UM0m6G_Ii-ie1E20CvHiQxA6SlPl4J4NmpJ1DqdS8CerhDaGYVlHxZFYEzkZq9vikIv2xonk1i4_7Ch3I_T-WvtMAOAJITfoN8izwTd-xkYzgwCzOga9MnEVusl0N7ZYM4esQBNe-LzdIbQ0S9P9whRXkBl5JXopyQEXz2OQRx8mX8y7QHRZrDQG2xq7MmEgUnO3q8pAGFbl_Y6V-HlexjXd7eb0UbuCw6LE9EA8bnTP9ZSC5YqJuO4g3XC3ZLmZVyEfsIMOn25cwwghuJyotGb3ZjX6bFwQ-7QofN1BJLxUrP11A0-zeTRXTzgqC0dDvLtpG1CJTSNPLy2EWRAuEbhuoIGHXvsaX4CiacI4-D47CMpk5cblbRmZ9sKwP7ViKkxlc_41PfRdNtDzjaSSCxddn3Y&sai=AMfl-YRG9K7hNQcBsSVyYGzJEyVDlN7e3fYd5kiQRiwS52V20U6bGG56Wz6mIDmbBZacTdTYmVSwAAfPySI2zQon_nkAbHrkOq0KBmEEfs5LI82Pdl1Io9k6x_joVCi1jXGM36MXsIK4RIek4tDXki5A_l8C1RvDVvjRH5871eNt48tiEInsHUvPn0X1TX5_OGuly2R0CFlReOy6iNb565BYSpjhvUCGpQixQeVbFs5KtPpZ2O-mKY_XnALwrOdYiDg9wuHbNwkBipGtEum-3jJmfEmprLlWUg&sig=Cg0ArKJSzO2ePp-QkftsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=611&cbvp=1&cstd=602&cisv=r20230627.70732&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 02 Jul 2023 07:13:43 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 02 Jul 2023 07:13:43 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 12ED 32 KB
11 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1802642303269007491/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1802642303269007491/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 04:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9711
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 03 Jul 2023 04:31:52 GMT

GET
H2 200 d6bd5fd06026ee711952c5a1890dedc3.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1918%2Cx_1%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 315 KB
315 KB 24ms
24ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1918%2Cx_1%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6bd5fd06026ee711952c5a1890dedc3.jpg
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cd4e733b7d18b2fb82fe031f754ea633609da5a89e5534842680b95df31cd14a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 02 Jul 2023 07:13:43 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1918%2Cx_1%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d6bd5fd06026ee711952c5a1890dedc3.jpg
age: 314600
edge-cache-tag: 585238590223238505254998803227407996621,590157331415152252093426097456838095893,29ecf9b93bbf306179626feeda1fab70
cache-tag: 585238590223238505254998803227407996621,590157331415152252093426097456838095893,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1691
req-referer: https://ads.taboola.com/
content-length: 322146
x-request-id: 53f668b2218dd0a828093fd24ebeb63d
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100053-IAD, cache-iad-kiad7000088-IAD, cache-sna10737-LGB, cache-iad-kcgs7200154-IAD, cache-fra-eddf8230098-FRA
last-modified: Wed, 31 May 2023 13:50:32 GMT
server: nginx
x-timer: S1688282024.692566,VS0,VE0
etag: "7e758809dcf1eb1d11699736edcef924"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1918

GET
H2 206 bjkl08fdsm3wczkmgo4o.mp4
cdn.taboola.com/libtrc/static/video/v1685364560/ 650 KB
651 KB 48ms
47ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1685364560/bjkl08fdsm3wczkmgo4o.mp4
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 69cb0df3113c147bef8606e88354ed8ec88c9dca988bce7fe47e27ae97133d55

Request headers

Referer: https://www.walla.co.il/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: xH0rR5y4kfeDSlMhB7UH3_ikocM5.Kws
date: Sun, 02 Jul 2023 07:13:43 GMT
via: 1.1 varnish
x-amz-request-id: AGFA7DGY8QN2SN5D
age: 78
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-665316/665317
x-amz-replication-status: COMPLETED
Content-Length: 665317
x-amz-id-2: GatWN6e+OOAbz0g1zn5/gin4drofyAacWBKk9QIB6lq6Ups/j6DDUDc6pjSAU6HEj3WQJ3q11Ks=
x-served-by: cache-fra-eddf8230098-FRA
last-modified: Mon, 29 May 2023 12:49:28 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1688282024.694857,VS0,VE1
etag: "10ecdad868f7facbfd136c1502d3f4fe"
content-type: video/mp4;codecs=avc1
abp: 58
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 206 wz2qpc8dap8do274pytc.mp4
cdn.taboola.com/libtrc/static/video/v1679066610/ 651 KB
652 KB 48ms
48ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1679066610/wz2qpc8dap8do274pytc.mp4
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c12a96d6ea4b132e2534943d6990dbd0d4ce0df974d9ad4ecbbbfdc9036429b4

Request headers

Referer: https://www.walla.co.il/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: qSxy1rCPDi3G.g.Yj4kfb1kVwsNnuEUw
date: Sun, 02 Jul 2023 07:13:43 GMT
via: 1.1 varnish
x-amz-request-id: 8KW5DEDXGABN0281
age: 50
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-666525/666526
x-amz-replication-status: COMPLETED
Content-Length: 666526
x-amz-id-2: +DUM0v3q/k4qPaT0/wN/FMV/QBSqhZ1fW9/dsYZZ7H8YgKOw8Fz8RnXYVKINdesCWkhxq7jhAIo=
x-served-by: cache-fra-eddf8230098-FRA
last-modified: Fri, 17 Mar 2023 15:23:37 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1688282024.694908,VS0,VE1
etag: "3fc38617845ef231e1837c1da0a2c575"
content-type: video/mp4;codecs=avc1
abp: 78
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 debug
am-trc-events.taboola.com/wallail-walla/log/2/ 0
89 B 30ms
30ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/wallail-walla/log/2/debug?tim=07%3A13%3A43.688&type=usage&msg=image_utils-event-1688282023688&llvl=2&id=249&cv=20230629-3-RELEASE&lt=deflated&file=trcrbox-ui-image-utils&method=&position=&extraData=%7B%22eventName%22%3A%22event-cropping_matched%22%2C%22itemId%22%3A%22~~V1~~-2273205429639411606~~wWtiGQjRQc-l%22%2C%22isCropping%22%3Atrue%7D
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:43 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 29450

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame EE06 0
0 72ms
72ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsswtbcV6UCH4ENlVrB1v-yLHkE_hP9jOECI7n4fHI6xXEJeh5a_g4d-vGXqLD0lkuKS1Yjx4Ak7gi_nph4Reie_wYHw-CbCmDddOc3_huazIGQ5TihtnpJEKvc6xD7Uv3Q3C4kRwNJVOCo2yBi5pHunWxV8PennrAlBKVXVNi_1gFvJszjsVgRVAanBbPJU7ua1xyd1Ci_omo_e_RAeickUW0o9mtYjh8Vuq6AUzB3DNBwS-BSJ3mkYh8hNQ8VjoGMWZiHZJUrBTsz-h-rwkp0vffBFHYReWxjVrOV8Re4OeStAEf9Hiw73YAWfMccEVrm234Wz393n1q3QYwlP1PGLPKsDIYMn0_wGBZJ0lphcXgR5MygUuJbF-a5tfAi0_1u7coOE6gul676HJ54NOb31k-8joEdX2cdaIUv8ydJyB9snP4dLm_auBykd_LffJnGLeMjBP2TrjZIUkEE2pnhb3GvPek9bSxmIpIiz3UjkOjHIiykpWOADIqT8AxkuCEy0jRLfZZKL1ObwNyKedtwvKJ70Ph1hzmPx5bnfXNIkeJ5LSHVjzOML3OCBDFbWRE-WEbuoOHIUgfOC3yO48a4inJvYvZP7rLisjqqPDnTF9-9L-35DeccSHGxSGzqL__frx_NoTZnW-QwLIIcU_b9lXY85p3wWSaCkQdwHlfVJqeg9RULP9L3OMFj_2txU_ZB1o2hLWizOYfG5OXZB6e1WI24RQqOLwJwdnZ-sFfRJ7Ay55a7c8QCs51JsjJwef8lMm7vv9vWAAYUJ3pQ-rVYSiz69TIg2ELQInH7FJsuwQDCyKkM8_Iqm2b6ETQVuP3DiDMM4vWt3-RBK5QRvyhJtZ4T-UFleVG24mGXVuiRFKrgCMbgnrKAwuFZ35S60mPQRM4hC0mgvxbuaJuDTV9zBcfM5JBnk-bI38iZpqXG49Ok_kI4U1lhQ2t4prtoMecJqj3dbMPV5XRS_dLlsxrrNbIeKfP6d2YoPffVciPflqsplmB0WkhrJ6yM-57dRz0FfdeOmeukg1RV2I1pXlkGOlBXKHB97cZLtJ2cc1VGyA0PCT0G8GDPcjwgXRCP6GMwTqq0Ulmt15ZOvVkI_l0NMKuSuUynb2VT2GwE3X78AP_s7aQwp0Rvz5zDy3valWYrweMYfec0jJk5arzEgOrR0hSEqzOg3kxfW4hNI2ae1UTvkRwPNgnKWcWopsk4elGPp1ODh3UqsisXRmcpVi3x3zvJ6jUNVMIQT4vCoC6xJwACJDHr5pBtCFUen3z17Nf-q7yZ9G1aNqT0&sai=AMfl-YSICdjpjv4utapTGl9GuM4mkc1ACF5tDLs0vz4rQuxnu53ugJ2YMUkBNupVRDeBTGEkjnygc9nFFmo6TJMjAusLaoAYMJYzNQdwBN-p5jnKnEA4_nDrNOeCqOMx1-c4h-AUo2AbnIKErST0n0b0aanYnbpXBpBNH8-XoHEiCX1wdxASn0aP79nxjZj06ZIgMFd3FKFjsi49uiLQFJJXW_sQf9PY4GnEk-6SZ4bXG0sBEku5_Fk-qLL9YqBb-eNxwLFA&sig=Cg0ArKJSzBINMPOIFJ9lEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1070&vt=11&dtpt=864&dett=3&cstd=203&cisv=r20230627.67109&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 02 Jul 2023 07:13:43 GMT

GET
H2 206 ksnp7tqtzfe4ugrtinef.mp4
cdn.taboola.com/libtrc/static/video/v1686144424/ 123 KB
123 KB 86ms
86ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1686144424/ksnp7tqtzfe4ugrtinef.mp4
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 09525cd1e3e7e195229db1e2e870695ae09ea5db73352f3efa449c0a58589c74

Request headers

Referer: https://www.walla.co.il/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: z5I8z1q9orUgezz9q64TYezJ5_5h03sI
date: Sun, 02 Jul 2023 07:13:43 GMT
via: 1.1 varnish
x-amz-request-id: EMNK9PJ3YW8VY565
age: 18
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-125576/125577
x-amz-replication-status: COMPLETED
Content-Length: 125577
x-amz-id-2: I4BFAd4+5vwUkWYBcvD+87GUQKUXbrWcX9gNtGClbYOGeh1SvAByFjiS6wCMCaj+5WzAxatgOrY=
x-served-by: cache-fra-eddf8230098-FRA
last-modified: Wed, 07 Jun 2023 13:27:10 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1688282024.702094,VS0,VE1
etag: "7f973af832f9a74b4d44f9846bea7441"
content-type: video/mp4;codecs=avc1
abp: 56
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame E2BC
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPHkfoAddXSq6p68XEW3srE&google_cver=1&google_push=AaAOQGEplzvO4f9TeyJAHA_vAEIYmaqb3WyQl7gazcFLiKwOTpmTZLmQ5Fil5dDiViMdjzKbaExT9uG_7x49TwAbc-FuJk-KOWUbtQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODkwMDQzOTAzMTY2MjQ3Mzg1Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPHkfoAddXSq6p68XEW3srE&google_cver=1

43 B
398 B

30ms
29ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPHkfoAddXSq6p68XEW3srE&google_cver=1
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPHkfoAddXSq6p68XEW3srE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame E2BC 0
104 B 189ms
74ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEJvVq732jPLCYEFp274LV8k&google_cver=1&google_push=AaAOQGFvp8vnQpKdUc7e2pJhM0iJpv21vARirtGm42Q54ZgAT34SP0jRk6QB-CDFK7DZnckOyoB6IX6Zx5eSeVovoHGkQmcHYyAB5w
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame E2BC 43 B
245 B 84ms
31ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEFcASkFSIxS8SpHCsohseGM&google_cver=1&google_push=AaAOQGHXXQX7vl9TtMWTDwwPyxdIOGRA_md4Shp0DF6NNotQ7_IbszBw_LZbnx2F25yyKp4RJQz7D2BfxhN_5GDVvf1LjfDoPi3T
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E2BC
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMIkdq4NWTIjvkvQpZoB6ig&google_cver=1&google_push=AaAOQGEAYBwdw6SzzERoJIMSLRxkIFJEq42JWgCqNKkOEPBmcQB-uxKs4Y2wRnmLSD_gAHMvRay3E9x5-ax2IdGb...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGEAYBwdw6SzzERoJIMSLRxkIFJEq42JWgCqNKkOEPBmcQB-uxKs4Y2wRnmLSD_gAHMvRay3E9x5-ax2IdGbJSwXAlsiqcXhHQ

170 B
188 B

33ms
33ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGEAYBwdw6SzzERoJIMSLRxkIFJEq42JWgCqNKkOEPBmcQB-uxKs4Y2wRnmLSD_gAHMvRay3E9x5-ax2IdGbJSwXAlsiqcXhHQ

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 02 Jul 2023 07:13:43 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGEAYBwdw6SzzERoJIMSLRxkIFJEq42JWgCqNKkOEPBmcQB-uxKs4Y2wRnmLSD_gAHMvRay3E9x5-ax2IdGbJSwXAlsiqcXhHQ
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: fYG_3spfRVK9rPvRyXy1-hnxBuWwKur4T5oA06uiOXQ4LVv-lqxcpQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E2BC
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEA9W0dEsjLSm9FwbgGfunyc&google_cver=1&google_push=AaAOQGHU7t7DSkjjIlnmhBkaj9C7JD_jyFy0vc3FAk_KPM1dSuyb0asqyUKH8seRZzj01Wsqbsk-08T6XTGZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHU7t7DSkjjIlnmhBkaj9C7JD_jyFy0vc3FAk_KPM1dSuyb0asqyUKH8seRZzj01Wsqbsk-08T6XTGZcX0aoyKWB-LYreAOPg

170 B
188 B

32ms
32ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHU7t7DSkjjIlnmhBkaj9C7JD_jyFy0vc3FAk_KPM1dSuyb0asqyUKH8seRZzj01Wsqbsk-08T6XTGZcX0aoyKWB-LYreAOPg

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGHU7t7DSkjjIlnmhBkaj9C7JD_jyFy0vc3FAk_KPM1dSuyb0asqyUKH8seRZzj01Wsqbsk-08T6XTGZcX0aoyKWB-LYreAOPg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

/
onetag-sys.com/match/ Frame E2BC
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEA9W0dEsjLSm9FwbgGfunyc&google_cver=1&google_push=AaAOQGECKJXdBE0DZbQ-jDnL3UEO5PhkysypFkJwG2vJMIZj6IWG7cTyDNd1ipf30VYxwi2AWCMALYe-bB8...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGECKJXdBE0DZbQ-jDnL3UEO5PhkysypFkJwG2vJMIZj6IWG7cTyDNd1ipf30VYxwi2AWCMALYe-bB8Cj4MLGzOowjGcwcBdNuQ
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

23ms
23ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E2BC
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBhi-ijiOUAYJ5QpA2UUXFU&google_cver=1&google_push=AaAOQGFUNv7Uw_lYp...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjA2Mzk4MjM2MTc2Nzc2NjY5Ng%3D%3D&google_gid=CAESEBhi-ijiOUAYJ5QpA2UUXFU&google_cver=1&google_push=AaAOQGFUNv7Uw_lYpJD4Dl-nzlVMS6TB9o...

170 B
188 B

36ms
35ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjA2Mzk4MjM2MTc2Nzc2NjY5Ng%3D%3D&google_gid=CAESEBhi-ijiOUAYJ5QpA2UUXFU&google_cver=1&google_push=AaAOQGFUNv7Uw_lYpJD4Dl-nzlVMS6TB9oLKaq1iDSvm-FnMpRUeC8OeJLEjnKELd2vDJbEqTkH8E12YgE4QZzXG8ym6eDTOlsa_QPA

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 02 Jul 2023 07:13:43 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1e0f720e-bb6c-48d7-a6f1-d805f0a6032b
Server: nginx/1.23.4
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NjA2Mzk4MjM2MTc2Nzc2NjY5Ng%3D%3D&google_gid=CAESEBhi-ijiOUAYJ5QpA2UUXFU&google_cver=1&google_push=AaAOQGFUNv7Uw_lYpJD4Dl-nzlVMS6TB9oLKaq1iDSvm-FnMpRUeC8OeJLEjnKELd2vDJbEqTkH8E12YgE4QZzXG8ym6eDTOlsa_QPA
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E2BC 0
12 B 30ms
29ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lgc3VIOzK77f9qvXl0bCXkCH9ZHWNmKAJboFL0qosC3v9BHu5-6nAgO1YQtyl78p7_yFInzPI

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 61B5 43 B
215 B 116ms
116ms Image
image/gif 2600:1f18:1aca:4280:a825:de6:4efd:399e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=e824cd45-8a73-f634-68d0-8945ed0119ca&tv=%7Bc:hbWQLy,pingTime:-2,time:374,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:830,beZ:831,mfA:833,cmA:834,inA:834,inZ:838,prA:838,prZ:869,si:874,poA:876,bl:916,poZ:917,cmZ:917,mfZ:917,loA:1049,loZ:1052,ltA:1204,ltZ:1204%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:44%7D,%7Br:r,w:160,h:600,t:210%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:374,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:43,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B370~0%5D,as:%5B205~0.0,165~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tIPNjxS+11%7C12%7C13%7C14%7C15%7C16.1484042-72188330%7C161%7C162%7C1631%7C164%7C165%7C17%7C18%7C19%7C1a%7C1b%7C1c*.1484042-72185571%7C1c1%7C1c2%7C1d1%7C1d2%7C1e1%7C1e2%7C1f1%7C1f2%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1c*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:svg.us,siq:45,sinceFw:328,readyFired:true%7D&br=c
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a825:de6:4efd:399e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD3F
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOoEMmlayf674McJG18CL5A&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MGdkVzFURUkxUWZSaGQ1&google_gid=CAESEOoEMmlayf674McJG18CL5A&google_cver=1&google_push=AaAOQGEvQ4eIuAtV8QCsqB4L02F5z-WXMDpC29ZOG1NZFIV...

170 B
188 B

35ms
35ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MGdkVzFURUkxUWZSaGQ1&google_gid=CAESEOoEMmlayf674McJG18CL5A&google_cver=1&google_push=AaAOQGEvQ4eIuAtV8QCsqB4L02F5z-WXMDpC29ZOG1NZFIV0a_rfHwWnavu91MqCSGtnW-zjs8HwyJFBxgFt0rU8HvvEYD84av1x

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 02 Jul 2023 07:13:43 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-782-g97d928b#rel-ec2-master i-0caa68a19e3c1fdac@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MGdkVzFURUkxUWZSaGQ1&google_gid=CAESEOoEMmlayf674McJG18CL5A&google_cver=1&google_push=AaAOQGEvQ4eIuAtV8QCsqB4L02F5z-WXMDpC29ZOG1NZFIV0a_rfHwWnavu91MqCSGtnW-zjs8HwyJFBxgFt0rU8HvvEYD84av1x
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD3F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHMwxwbv2MKR5SDLnG9chtI&google_cver=1&google_push=AaAOQGGH-qZ0A4rXbqS1DHkBjw0Tmy5rERuaVnrCLVD6IW87l84TkLaMhpfCUEf9RfyqzJnj4lXIJb1vetLDDGwv...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGH-qZ0A4rXbqS1DHkBjw0Tmy5rERuaVnrCLVD6IW87l84TkLaMhpfCUEf9RfyqzJnj4lXIJb1vetLDDGwv-XFJ7kaHeRA

170 B
188 B

35ms
33ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGH-qZ0A4rXbqS1DHkBjw0Tmy5rERuaVnrCLVD6IW87l84TkLaMhpfCUEf9RfyqzJnj4lXIJb1vetLDDGwv-XFJ7kaHeRA

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 02 Jul 2023 07:13:43 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x5 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AaAOQGGH-qZ0A4rXbqS1DHkBjw0Tmy5rERuaVnrCLVD6IW87l84TkLaMhpfCUEf9RfyqzJnj4lXIJb1vetLDDGwv-XFJ7kaHeRA
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 02 Jul 2023 07:13:42 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame AD3F 70 B
264 B 50ms
49ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENTKmss_i64P8XhDGwS9vPU&google_cver=1&google_push=AaAOQGFjMz12mCJKRiQK8BIg5Kfq-o11Lwjm45jpQDFPnPIQyE4ocDDyJPxQ7Dn9-34zZvCZ0zP_wZE3tjw77ztAzUMj0bfd6uwv
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame AD3F
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-U-xbR_v8YIBgabLjRuFhPOqYc7LDrP2nDo5tmQ&google_push=PUSH_DATA
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

43 B
368 B

30ms
29ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 96402
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 274
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD3F
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMIkdq4NWTIjvkvQpZoB6ig&google_cver=1&google_push=AaAOQGETKkDZeOmQ00-EMTN5O3mT4SyXHsAfUHUYJFlHg8QJ2mGt7R38Vv9m6wC-v-S89KbEU77xJxZxVu4Ld5xF...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGETKkDZeOmQ00-EMTN5O3mT4SyXHsAfUHUYJFlHg8QJ2mGt7R38Vv9m6wC-v-S89KbEU77xJxZxVu4Ld5xFlqScv2QBKwEc

170 B
188 B

34ms
33ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGETKkDZeOmQ00-EMTN5O3mT4SyXHsAfUHUYJFlHg8QJ2mGt7R38Vv9m6wC-v-S89KbEU77xJxZxVu4Ld5xFlqScv2QBKwEc

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 02 Jul 2023 07:13:43 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGETKkDZeOmQ00-EMTN5O3mT4SyXHsAfUHUYJFlHg8QJ2mGt7R38Vv9m6wC-v-S89KbEU77xJxZxVu4Ld5xFlqScv2QBKwEc
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: l-97mSRpzNLnoTxQxwxuA7kXJXv3v3GEEGHXfoupslOomf6Fn-59pQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD3F
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEA9W0dEsjLSm9FwbgGfunyc&google_cver=1&google_push=AaAOQGEdBKHI65wt6ZJWihUj-X9nycOlRb3OhC2BV3TpmQN3cWqXECtepKd7O7sZqyEKWZ_113PMjYXdHLQT...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEdBKHI65wt6ZJWihUj-X9nycOlRb3OhC2BV3TpmQN3cWqXECtepKd7O7sZqyEKWZ_113PMjYXdHLQT_cL3ZSSvav7HBNY

170 B
188 B

37ms
37ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEdBKHI65wt6ZJWihUj-X9nycOlRb3OhC2BV3TpmQN3cWqXECtepKd7O7sZqyEKWZ_113PMjYXdHLQT_cL3ZSSvav7HBNY

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGEdBKHI65wt6ZJWihUj-X9nycOlRb3OhC2BV3TpmQN3cWqXECtepKd7O7sZqyEKWZ_113PMjYXdHLQT_cL3ZSSvav7HBNY
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD3F
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESENN3jFp6R7F9vsNoJjLEfyM&google_cver=1&google_push=AaAOQGHLYlBAI5JX6Jdksie__fpar3cjJwQLjhrlpsNEjvxsTvHfyyVDwXqdJ-_DYCSrEdx2cy1Wm1b1ElTlSk8_k0MVLZ...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=EFmo7J7US7CWZHvp6x1_ig&google_push=AaAOQGHLYlBAI5JX6Jdksie__fpar3cjJwQLjhrlpsNEjvxsTvHfyyVDwXqdJ-_DYCSrEdx2cy1Wm1b1ElTlSk8...

170 B
188 B

35ms
34ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=EFmo7J7US7CWZHvp6x1_ig&google_push=AaAOQGHLYlBAI5JX6Jdksie__fpar3cjJwQLjhrlpsNEjvxsTvHfyyVDwXqdJ-_DYCSrEdx2cy1Wm1b1ElTlSk8_k0MVLZmnyiOv

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=EFmo7J7US7CWZHvp6x1_ig&google_push=AaAOQGHLYlBAI5JX6Jdksie__fpar3cjJwQLjhrlpsNEjvxsTvHfyyVDwXqdJ-_DYCSrEdx2cy1Wm1b1ElTlSk8_k0MVLZmnyiOv
access-control-allow-origin: *
date: Sun, 02 Jul 2023 07:13:43 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AD3F 0
12 B 37ms
36ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IzXcZPGNgSp9MZsbqvEdp2nSz-7d41FFZkawjKl7N-VSUid1BX5L7aMKRSj20TVTIzEtJl

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 81DC 35 B
464 B 92ms
29ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELS-nh8F4ZWVsbZEKpEmaco&google_cver=1&google_push=AaAOQGFd5M9EoIX14cmUDClxtVv_OGvCUGnS9dMJf1OkYXrvX8HAfc8YKLDyC7Jh5pml7FMipcmh6Y14AjwPWwQBdk3dJyPefI-D

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 81DC 70 B
264 B 49ms
46ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESENTKmss_i64P8XhDGwS9vPU&google_cver=1&google_push=AaAOQGFO_wEer4FLLzJtPNYbsJBHshAAhNWZhVCw0_HbGEI4x3f394xQI1Ja7sjbW2berCqJ3EeBOYw241b7qf1ZKFntNq2E7So
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 81DC
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIZgMeEWukKjJPq48I4a46Y&google_cver=1&google_push=AaAOQGG0-UzsLLOUSOEeVDr3Es7EF5zYlPwEnU9H-knJH1AhyGrKrMhiAQBr_HwgfGeYR9PD3UPZ9eLtscAfnA...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1MTExNjA3MDk0MjI3NTczMg%3D%3D&google_push=AaAOQGG0-UzsLLOUSOEeVDr3Es7EF5zYlPwEnU9H-knJH1AhyGrKrMhiAQBr_HwgfGeYR9PD3UPZ9eLtscAfnAuZYK...

170 B
188 B

32ms
32ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1MTExNjA3MDk0MjI3NTczMg%3D%3D&google_push=AaAOQGG0-UzsLLOUSOEeVDr3Es7EF5zYlPwEnU9H-knJH1AhyGrKrMhiAQBr_HwgfGeYR9PD3UPZ9eLtscAfnAuZYKqzgWByC55C

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI1MTExNjA3MDk0MjI3NTczMg%3D%3D&google_push=AaAOQGG0-UzsLLOUSOEeVDr3Es7EF5zYlPwEnU9H-knJH1AhyGrKrMhiAQBr_HwgfGeYR9PD3UPZ9eLtscAfnAuZYKqzgWByC55C
Date: Sun, 02 Jul 2023 07:13:43 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 81DC
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESENN3jFp6R7F9vsNoJjLEfyM&google_cver=1&google_push=AaAOQGGDbM-rj6EzCZ2vHWC29AtcV3I_t6Kl8wHZT66Sc23Irk1EG6Rie-EvUpujio9Ogjin5IW-oeI2YsPNHoK1hpkr-8...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=EFmo7J7US7CWZHvp6x1_ig&google_push=AaAOQGGDbM-rj6EzCZ2vHWC29AtcV3I_t6Kl8wHZT66Sc23Irk1EG6Rie-EvUpujio9Ogjin5IW-oeI2YsPNHoK...

170 B
188 B

46ms
45ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=EFmo7J7US7CWZHvp6x1_ig&google_push=AaAOQGGDbM-rj6EzCZ2vHWC29AtcV3I_t6Kl8wHZT66Sc23Irk1EG6Rie-EvUpujio9Ogjin5IW-oeI2YsPNHoK1hpkr-8P04Qtc

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=EFmo7J7US7CWZHvp6x1_ig&google_push=AaAOQGGDbM-rj6EzCZ2vHWC29AtcV3I_t6Kl8wHZT66Sc23Irk1EG6Rie-EvUpujio9Ogjin5IW-oeI2YsPNHoK1hpkr-8P04Qtc
access-control-allow-origin: *
date: Sun, 02 Jul 2023 07:13:43 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 81DC
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
https://sync.targeting.unrulymedia.com/csync/RX-3c699ecb-c8dc-4768-9794-0ebd3d628f2a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGGhX57Gfw6plEwcz1aTp...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGGhX57Gfw6plEwcz1aTp93TuLZIAAlgGK022d3f3pWt0RzD4AN5EqSlGMT9LF9_12txn6T3LdjKFdLyBF-KZTWBRRMMEjuM&google_hm=AzxpnsvI3Edol5QOvT1ijyo

170 B
188 B

33ms
32ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGGhX57Gfw6plEwcz1aTp93TuLZIAAlgGK022d3f3pWt0RzD4AN5EqSlGMT9LF9_12txn6T3LdjKFdLyBF-KZTWBRRMMEjuM&google_hm=AzxpnsvI3Edol5QOvT1ijyo

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGGhX57Gfw6plEwcz1aTp93TuLZIAAlgGK022d3f3pWt0RzD4AN5EqSlGMT9LF9_12txn6T3LdjKFdLyBF-KZTWBRRMMEjuM&google_hm=AzxpnsvI3Edol5QOvT1ijyo
date: Sun, 02 Jul 2023 07:13:43 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX3c699ecbc8dc476897940ebd3d628f2a003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 81DC
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGNQOjVn35hRYud4DMON0as&google_cver=1&google_push=AaAOQGHNVZtOfn199KMm3jt0NWF0_fgNaU0nPaHMarg2okymUroakBDZ0ZqfvsQDsHjZQCcFowIXr-HnM-Qbw35m5eNSOJazrtM
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGHNVZtOfn199KMm3jt0NWF0_fgNaU0nPaHMarg2okymUroakBDZ0ZqfvsQDsHjZQCcFowIXr-HnM-Qbw35m5eNSOJazrtM...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzc5NDE5ODg1MzkzMjcwNTIyMDAyMg%3D%3D&google_push=AaAOQGHNVZtOfn199KMm3jt0NWF0_fgNaU0nPaHMarg2okymUroakBDZ...

170 B
188 B

34ms
33ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzc5NDE5ODg1MzkzMjcwNTIyMDAyMg%3D%3D&google_push=AaAOQGHNVZtOfn199KMm3jt0NWF0_fgNaU0nPaHMarg2okymUroakBDZ0ZqfvsQDsHjZQCcFowIXr-HnM-Qbw35m5eNSOJazrtM

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzc5NDE5ODg1MzkzMjcwNTIyMDAyMg%3D%3D&google_push=AaAOQGHNVZtOfn199KMm3jt0NWF0_fgNaU0nPaHMarg2okymUroakBDZ0ZqfvsQDsHjZQCcFowIXr-HnM-Qbw35m5eNSOJazrtM
date: Sun, 02 Jul 2023 07:13:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 81DC
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIjL9e0bY...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEIj...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=97b7e5ef-f0a2-4b27-bd88-2cb1b7aa3068&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

32ms
31ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=97b7e5ef-f0a2-4b27-bd88-2cb1b7aa3068&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=97b7e5ef-f0a2-4b27-bd88-2cb1b7aa3068&%%GOOGLE_PUSH_PAIR%%
date: Sun, 02 Jul 2023 07:13:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 81DC 0
12 B 52ms
51ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KW-TS5tfe6k5q5BnCV2xMl3pNHOdgroyOKmj1-2m2v3XXOb_mMHn-t6J_CdhWyCobdGwGe4Q

Requested by

Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FD4A 22 KB
8 KB 26ms
25ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 345790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 07:10:33 GMT
expires: Thu, 27 Jun 2024 07:10:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame FCA8 118 KB
40 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=Mvw8ALzR6M&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=Mvw8ALzR6M&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 13:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62467
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 13:52:36 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame FCA8 63 KB
25 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=Mvw8ALzR6M&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=Mvw8ALzR6M&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:13:43 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4B82 43 B
215 B 114ms
113ms Image
image/gif 2600:1f18:1aca:4280:a825:de6:4efd:399e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=3e472016-4c8a-9a78-1b8f-45c4f65645da&tv=%7Bc:hbWQLZ,pingTime:-3,time:130,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:29%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:130,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B125~0%5D,as:%5B125~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tIPNjJj+11%7C12%7C13%7C14%7C15%7C161%7C162%7C1631%7C164%7C165%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1c5%7C1d1%7C1d2%7C1d3%7C1e*.1484042-72188194%7C1e1%7C1e2%7C1f1%7C1f2%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1e*,rmeas:1,rend:0,renddet:svg.us,siq:30%7D&br=c
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a825:de6:4efd:399e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4B82 43 B
215 B 113ms
113ms Image
image/gif 2600:1f18:1aca:4280:a825:de6:4efd:399e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=3e472016-4c8a-9a78-1b8f-45c4f65645da&tv=%7Bc:hbWQM0,pingTime:-6,time:131,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:132,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B126~0%5D,as:%5B126~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tIPNjJj+11%7C12%7C13%7C14%7C15%7C161%7C162%7C1631%7C164%7C165%7C17%7C18%7C19%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1c5%7C1d1%7C1d2%7C1d3%7C1e*.1484042-72188194%7C1e1%7C1e2%7C1f1%7C1f2%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1e*,rmeas:1,rend:0,renddet:svg.us,siq:30%7D&tpiLookup=ao:www.walla.co.il*&br=c
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a825:de6:4efd:399e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 204 debug
am-trc-events.taboola.com/wallail-walla/log/2/ 0
89 B 37ms
33ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/wallail-walla/log/2/debug?tim=07%3A13%3A43.778&type=usage&msg=image_utils-event-1688282023778&llvl=2&id=1039&cv=20230629-3-RELEASE&lt=deflated&file=trcrbox-ui-image-utils&method=&position=&extraData=%7B%22eventName%22%3A%22event-cropping_matched%22%2C%22itemId%22%3A%22~~V1~~-7585865775816500648~~g3muipq4kUtN%22%2C%22isCropping%22%3Atrue%7D
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:43 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 29444

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EE06 42 B
64 B 115ms
66ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvAJ8L7idS_6PwQ68JdesWaYS2QjJqtRJr7Dwjwt-n2Lsc23ljfX9jSEzPskU3hZI9sMlUSTjh9caX5j0IL49yFaCW9XkPEoMm1CVP-e0RRD1CB5jXzJAhyzgJlbWX1q5PbFje_27MV1Y8o&sai=AMfl-YRpG3y3Ov48xxBbgi55rAYxihpb5ueRQAv1ko1OlkuzNS3pBuTw896uz4dKjQJ3Q5h0TGrgRAnny7QGhA5c_Wv9PG2rKrj6lksGmhONlkxVL_aKyyYnLLZqdcc&sig=Cg0ArKJSzARCpyWc-UM-EAE&cid=CAQSOwBygQiDZbA6Gvwt18TEw1LwnL6I0YOBwIP3_X0YpzGfQ31P7pj-iKsidAbY9bOkD1_b-SbJUnnJhcILGAE&id=lidar2&mcvt=1093&p=173,436,263,1164&mtos=0,1093,1093,1093,1093&tos=0,1093,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=885339186&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688282021951&rpt=723&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 bulk-metrics Show response
am-trc-events.taboola.com/wallail-walla/log/3/ 0
246 B 34ms
34ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/wallail-walla/log/3/bulk-metrics?route=AM%3AAM%3AV&lti=deflated&bulkSize=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230629-3-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.walla.co.il
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 2EA5 118 KB
40 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=54b8cuUXhB&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=54b8cuUXhB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 13:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62467
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 13:52:36 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2EA5 63 KB
25 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=54b8cuUXhB&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=54b8cuUXhB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:13:43 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 526D 22 KB
8 KB 24ms
24ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 345790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 07:10:33 GMT
expires: Thu, 27 Jun 2024 07:10:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6979344487117963557/ Frame BBFB 197 KB
25 KB 27ms
26ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6979344487117963557/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d37e2451287e9eba5aab78c671eea1e7c27ed52234cdd59f0a2510ea6ef8a0b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 494495
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 26003
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 13:52:08 GMT
expires: Tue, 25 Jun 2024 13:52:08 GMT
last-modified: Tue, 20 Jun 2023 11:06:57 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4B82 0
0 79ms
79ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv63XjrMGyZ5gshy7XoZuwZXqalEFYhI2pTDmOyRwqgcVp-PtiUCD7XSm3SlULW24tMSPu8mD4YEZYqg1sTFeS2Ci-jMmQ7bMIZZhFtcuHwOnovxev5S5Mtj0u8VvHNFTjeKkbFdbipT_FVZeilE4R11FtFEPpUj0K6-odaDr5eFSBfKWSzQR2DNfilJn4LVsNYOvTdjjwJYwiupAb6OqL65D1TcPTqiU1zX9VdxGnoHUsSn4jhesc4UZ3_xXStVo1u9OOfm-sPgts93boMXKddUadULxRrkL7AyMLhthmDLzI2A7NFPSpmNU_vflYGvSXhHjnjCUbC7q-pO90w39w_Wyg-JuJ9RJukkbCDMTUeZ7agOSp_WCyOZWCgZbmjtTYVkYxyV2uY6HrQXkoZTUTDVLMjv_D4HWBwoiKXeg9Yq8vJbokKdkcaGyMieM7v_p1Iqcv3QK_8cCMXmiUMm3UV2DRh_aGZVjt5QWBtJWEP436V6hhBMxxX6LykmgAdMqllZQWYwnHLZSPImxkT3dEypD_HFQnmAVmQ521hcAjBrx3vWIXSXLqP1VMmH-WzGBU599bkZRlag5XbVENT_AEwYEsmIYQCY12mTEWg_6J1Hb4E7yTcs5O0tgGhMRVBvjB5cgbuQQmHGZCp_S80k2yhZaLaac57Qm8gYXSndtPCUzd2SpyFZ6DuAeJQcIQ_-K0TfNDLuYWGIW2jonK6VpM1y6z606tNkFOPBQAr4-B4vOxtEckXk2UOcUzi5rZhT-6CazZt225bpM5NC4lag8lEcgMFfwRuVwUnJJwkqxL9W3YajoNpRqQpjh_zdnfig50f783nQqhg4nJaTS2Ca1Xl8plL4xJ5kLiGHpCmWuxI5n-zS5a9B9o-Aci5jPBcBoBShyxkq1EScCF-Jjc5E3KKKM7uQjmOk5wALCybg-2kvlxFdq-J-0WsPu_Ga4QSgktZoUH3a9aeRVnOmah2M3n1G7jqL3XIR96v43NnPiGkL7w0B26bQlGvq4YS5lXjBVS9u1NMOpgmO2yYjCkEIGm6FiOB2T3mRgSCaO-ufz0EHjGT6H0JhZFudpN3XqYIj2vc_R0njNmBWJ5vX_9xlxe3CYi_qVD2tZxGZx2u8piWK0513AYZ4ZIgak0xTgay04kVLeZjMe6RXvhSxS0HlSHNS-ZuWgk1YEu57WH09TFkOvCPpCBg2DOAU7Pz3S9Oo4RdQgTxJ2L6NKVNLIMSEteyfEXXZ4Ym0jbA-lsyY9XTydEI9-aEDOKVqD1f-C6aQE8APOz3lvBtZowIVro&sai=AMfl-YSlnUFD2D4onDux6IZCqs-ahfYgR4MiM6GUZzraMd4KrD4MTrpBOevxB1Y5SjsiQ12dlLvGhYpB3rkzeG9t9bPGw6FVK9g2Z6AumfT85S-QZ--rDb-qpfwJtcZGOcGZEKgJIs-5s3BcGqoEiTu69KpJxWIlIxmvaPIITwH4BETdy-4qpVgjWzIJ3p30tbiW1TvPplbUXzlFJTGqu8DLfChEa5Zgy9t36JZqFMw2Z5RSDuhOQ5EO5Z7XbFcKloK47u66&sig=Cg0ArKJSzAyr0kpYXtdWEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=803&cbvp=1&cstd=801&cisv=r20230627.99088&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 02 Jul 2023 07:13:43 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 02 Jul 2023 07:13:43 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 09BD 22 KB
8 KB 24ms
24ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 345790
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 07:10:33 GMT
expires: Thu, 27 Jun 2024 07:10:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4B82 43 B
215 B 112ms
112ms Image
image/gif 2600:1f18:1aca:4280:a825:de6:4efd:399e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=3e472016-4c8a-9a78-1b8f-45c4f65645da&tv=%7Bc:hbWQOe,pingTime:-2,time:269,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1075,beZ:1076,mfA:1078,cmA:1079,inA:1079,inZ:1083,prA:1083,prZ:1099,si:1105,poA:1106,poZ:1126,cmZ:1126,mfZ:1126,loA:1206,loZ:1209,ltA:1344,ltZ:1344%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:29%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:269,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B263~0%5D,as:%5B263~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tIPNjxS+11%7C12%7C13%7C14%7C15%7C16.1484042-72188330%7C161%7C162%7C1631%7C164%7C165%7C17%7C18%7C19%7C1a%7C1b%7C1c.1484042-72185571%7C1c1%7C1c2%7C1c3%7C1c4%7C1c5%7C1d1%7C1d2%7C1d3%7C1e*.1484042-72188194%7C1e1%7C1e2%7C1f1%7C1f2%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1e*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,siq:30,sinceFw:238,readyFired:true%7D&br=c
Requested by: Host: f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com
URL: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a825:de6:4efd:399e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:43 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame BBFB 32 KB
11 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979344487117963557/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6979344487117963557/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 04:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9711
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 03 Jul 2023 04:31:52 GMT

GET
BLOB 206
Partial Content 036d790d-940c-4623-a416-e3776bb68586
https://www.walla.co.il/ Frame C0EC 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.walla.co.il/036d790d-940c-4623-a416-e3776bb68586
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2

200

playlist.m3u8 Show response
amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/ Frame C0EC
Redirect Chain

https://cdn-uw2-prod.tsv2.amagi.tv/linear/amg01742-walla-wallanews-ono/playlist.m3u8
https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8

5 KB
1 KB

111ms
35ms

XHR
application/x-mpegurl

99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: /
Resource Hash: 22f4994e6b0f5bae9951f3fc066f03edb4f1bd46d644fdd461fc8771b6706eb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:44 GMT
via: 1.1 google, 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
content-encoding: gzip
last-modified: Sun, 02 Jul 2023 07:13:44 GMT
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: null
x-cache: Miss from cloudfront
cache-control: max-age=0
access-control-allow-credentials: true
x-amz-cf-id: _5xQWQsskcbhgqwBsyIwo0G6VCW8lws1u7ZB8jw4tVOt-jozvJ9MCQ==

Redirect headers

date: Sun, 02 Jul 2023 07:13:44 GMT
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
vary: origin
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/playlist.m3u8
access-control-allow-origin: https://www.walla.co.il
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0
x-amz-cf-id: avD7cFcjqyusoevRVcQi5uZBwWcVinA3dhet8h9BPahwYMrrzkO_Ng==

GET
H3 200 oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js Show response
pagead2.googlesyndication.com/bg/ Frame 04E8 37 KB
14 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 10:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 162274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14631
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 10:09:09 GMT

GET
H2 200 bridge3.578.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C907 709 KB
226 KB 30ms
21ms Document
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4895c44118a86780663c6e877b78922dda0ddb83051b4b1d22ed786415868af1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 64346
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 231472
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 13:21:17 GMT
expires: Sun, 30 Jun 2024 13:21:17 GMT
last-modified: Wed, 07 Jun 2023 16:35:26 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame C0EC 44 KB
16 KB 37ms
34ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:13:43 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame C0EC 107 B
122 B 32ms
32ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.walla.co.il

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 debug
am-trc-events.taboola.com/wallail-walla/log/2/ 0
89 B 35ms
35ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/wallail-walla/log/2/debug?tim=07%3A13%3A43.988&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=3548&cv=20230629-3-RELEASE&lt=deflated&pct=1
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:43 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 29836

GET
H2 204 abtests
am-trc-events.taboola.com/wallail-walla/log/3/ 0
230 B 31ms
30ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/wallail-walla/log/3/abtests?route=AM:AM:V&lti=deflated&ri=67995145c6b17501c8a2011d09702d64&sd=v2_7c96b1e9b2b98832260328b58135abb5_9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926_1688282022_1688282022_CIi3jgYQk-FcGNeDzauRMSABKAEwODib4wlAjooQSPG12QNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926&pi=/&wi=2990753527669053458&pt=home&vi=1688282022359&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22feed-distance-from-article-end%22%2C%22type%22%3A%22114.28125%22%2C%22eventTime%22%3A1688282024026%7D&tim=07%3A13%3A44.026&id=7370&llvl=2&cv=20230629-3-RELEASE&
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:44 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EE06 43 B
215 B 114ms
114ms Image
image/gif 2600:1f18:1aca:4280:a825:de6:4efd:399e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=435ebc46-63b2-2d78-2296-19e0610f80c9&tv=%7Bc:hbWQRb,pingTime:-10,time:1161,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1688282024048%7C%7C61bc07a23cffb01c57088da7b73c25dc%7C%7Cdc0a08e416cd7f8471c71ad711523ca3%7C%7C241209112cb1bbd3fef2e21710bf6a03%7C%7C7e0a101785f748f5edd6057f1f3f14f5%7C%7Cbed2e2dcac49248854d68fb8f7261a44%7C%7C0499a222a828fef084eb44d7380993b3%7C%7C6f51165c183daa8aa187feba1a1bb357%7C%7C1663701684%7D
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a825:de6:4efd:399e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:44 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 TUI_smile.svg
s0.2mdn.net/creatives/assets/3060934/ Frame 49D4 1 KB
631 B 22ms
22ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3060934/TUI_smile.svg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ad42648baede16996541d1293446e9b2a0df02bb5305b6e5131255872b37ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4118669358599725765/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 409
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 603
x-xss-protection: 0
last-modified: Tue, 27 Nov 2018 13:48:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:21:55 GMT

GET
H3 200 tb_logo.svg
s0.2mdn.net/creatives/assets/4910664/ Frame 49D4 5 KB
2 KB 35ms
33ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4910664/tb_logo.svg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

510e21325dc04a49e11b960b7eb05c89fab87b58e9dfededb0085da40d618a20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4118669358599725765/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2150
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 13:05:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:16:26 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 49D4 2 KB
1 KB 36ms
34ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/cta_jetzt_buchen.svg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9f7ca92ac484587069e344faf7ecd9f82c53739d5008d5adcfafa7e705d9ba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4118669358599725765/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 998
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 10:03:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:16:27 GMT

GET
H3 200 txt_160x600_sparen.svg
s0.2mdn.net/creatives/assets/4923930/ Frame 49D4 3 KB
2 KB 28ms
26ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4923930/txt_160x600_sparen.svg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2de293d583a6ec122882e9bb5f064df8058d79bda07d192e9d0cb5d99eed9a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4118669358599725765/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1596
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 08:25:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:16:27 GMT

GET
H3 200 txt_160x600_40.svg
s0.2mdn.net/creatives/assets/4923930/ Frame 49D4 2 KB
969 B 34ms
32ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4923930/txt_160x600_40.svg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485b7554ed0dffe4d13bfeb661cd96daaed0d0676b8b75fcef24c6c8446ef3fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4118669358599725765/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 736
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 934
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 08:25:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:16:28 GMT

GET
H3 200 txt_160x600_bis_zu.svg
s0.2mdn.net/creatives/assets/4923930/ Frame 49D4 2 KB
1 KB 36ms
34ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4923930/txt_160x600_bis_zu.svg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f130f4db7115f1b41912386aa95b56d8218900619d4fc7c9519ec3228d8f393b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4118669358599725765/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1094
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 08:25:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:16:27 GMT

GET
H3 200 txt_300x250_lm40.svg
s0.2mdn.net/creatives/assets/4923930/ Frame 49D4 2 KB
1 KB 33ms
31ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4923930/txt_300x250_lm40.svg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a31f36feca1ee301f0edce1d69a3375f5f741e7c89b293ef719f7d0a6d682649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4118669358599725765/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:06:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1089
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 09:33:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:21:56 GMT

GET
H3 200 txt_last_minute.svg
s0.2mdn.net/creatives/assets/4910664/ Frame 49D4 5 KB
2 KB 33ms
32ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4910664/txt_last_minute.svg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

674c43d36f3380fcfc51d8677f7f016c8b74321d27f0dca6b4a73ee2b72284b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4118669358599725765/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 409
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2194
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 13:08:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:21:55 GMT

GET
H3 200 728x90_rad_grad_tb.svg
s0.2mdn.net/creatives/assets/4910664/ Frame 49D4 6 KB
1 KB 28ms
27ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4910664/728x90_rad_grad_tb.svg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b58b6ee63b0b7e4d1be94c77901866fddf5beba19a58325cd423385d6c7c42a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4118669358599725765/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:00:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 805
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1334
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 08:20:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:15:19 GMT

GET
H3 200 728x90_1_kv2.jpg
s0.2mdn.net/creatives/assets/4923930/ Frame 49D4 17 KB
17 KB 29ms
28ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4923930/728x90_1_kv2.jpg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88fc70b5aba55bdacd78424e3edbc7f8f50e7a0d858acf39922f29d0338f9024

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4118669358599725765/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:00:49 GMT
x-content-type-options: nosniff
age: 775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16953
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 08:03:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:15:49 GMT

GET
H3 200 728x90_1_kv1.jpg
s0.2mdn.net/creatives/assets/4923930/ Frame 49D4 23 KB
23 KB 30ms
28ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4923930/728x90_1_kv1.jpg

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56b1cf97c3fe33774cdf732ce1774015ea091d6eeec62552b1909e381d300eea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4118669358599725765/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:00:49 GMT
x-content-type-options: nosniff
age: 775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23742
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 08:02:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:15:49 GMT

GET
BLOB 200
OK 02e0bd48-8750-48c7-b8fe-a0cfe5fee5df
https://www.walla.co.il/ Frame C0EC 6 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.walla.co.il/02e0bd48-8750-48c7-b8fe-a0cfe5fee5df
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 443343d25e80e7e80b0ed2f16bb6aeab2fa933b1ec58470234ef3505eb56e73e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 5872
Content-Type: application/javascript

GET
BLOB 200
OK 22530ecd-0e99-4371-9d1a-bc2cc6363793
https://www.walla.co.il/ Frame C0EC 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.walla.co.il/22530ecd-0e99-4371-9d1a-bc2cc6363793
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31f4c5a62160b5b5551d04087e5b4d28a320414b826e210c82030e179badfcfd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 80351
Content-Type: application/javascript

GET
BLOB 200
OK f71f657d-74bf-450d-be14-ecc481aff92f
https://www.walla.co.il/ Frame C0EC 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.walla.co.il/f71f657d-74bf-450d-be14-ecc481aff92f
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31f4c5a62160b5b5551d04087e5b4d28a320414b826e210c82030e179badfcfd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 80351
Content-Type: application/javascript

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 61B5 0
0 62ms
61ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsthZS940cWltjZxRiPGB-8_sneZqijINDJARKbBe3tuWeXJp-6RDHgFD7DujX5Hw0uzepHDpTzLpOUyQRVtYWidPTyyZbHI12z8OO1gZ8FHyn1OVO3vp1Mr7faafDgZSdhqg4QuyeRTXdfL8b_yzDGU1Opi4oPVADbS8dxmBFrRCOJzy5bLV6O5On96PyOGULg2BMdq9EAAqoNoc9c8kDTSduo8SwdtU4-0xXC-bBTUs_KLp0V5C1Y_TmZH6YtAl6axBzbQbu7s0a5nUYcxyYJWIoAi0kDxJ9Lp31oTqp6gQJ8cDzIgl-L9MMnSRySQG8QMn_G--p-ohYS-B9jZQFJ_Tu3NV2OXww-1Z4ngC6i4Aswa6KTcT7Vb0H0bV-la4IlsQMKT7mnx_qdLPfIOD3erzPtDhA7LvQxoXtKLPSD6VIWOWK2nVB7jONaW79VZhsC7487ZMvKIfrWOE8vZ9cngizq3NhOhFd_EwcYPqiZKmjg8zHXsGyNDQMIfoaP2FKS7SUCTi4ncHwpW-D1-Teuj2ICBsWBJ-sF67JgqhX_SnRJsbmiMmYZbzf0k5DiqQmNjrc8JP28DjXBr5fGwLNyzvQFzpqUAbuhsH-6NegYlukIvRgICwqbd4x8ia1qtP3U4Vh4e5Y1cBNX_0Xp1V2Tu_Npl-BfEU7dMvo6xmouS8yHBGDvIfb0rPI9bUvbabvdajG1U56DaC7xMMu1NtNpqEkO4SsMfVmX87HcJb4JnY_MlKCmyW6Ccrqu9l1Coy2NEj7dD5DtuQP-FHW30Yty_GKhsudjiqpC7uBHius2eC9ggC_Ytl9oUpGGf0HmbTroIqEhcf8HcF-BiSItk92Qa0SlQiCh6SY_z-d9SMPg63NbYog5dON2F4_9sqHvSd6_q9I2ZikZvO8_6mVUPxEbYrooFbyE2n3ujyBDzP8OQEERjW7I7oUpgyIZQWUKdZdSaSXG08hcIQ9B2sLNaw9mVWkZpOUvHAtj0Nn42OyfgqEbrpwG-8VJiKeZYxY2Ja6G12Zwg-e3oLzYV_iw3DTYuieKtCDnZ9AVqsCcFeQNvHLXk74eBHBfRcF9fnswqncCI9cGFLbhqHmPnA3evCf0kqhA5GMCAGdQ6b4_e8XIOQopcq2x1BSeUzm5fYTy4jhS2gr77sZRJzGus4dTNFlORixazIsOvlUOgWzjxLE4p-KckBlXt6QtdmW6hDa4fbOVsigkdoaoPtGPWtkXrHcfS1uyIMReO0-AEiKD8KB9CRPyLPhj_5IGNwa7VFF5XFR25vV5t&sai=AMfl-YRj4QmZ1wZBehNal9i24DmLKuRbxIj2OA3Ie0vGNFNGOyMZDbiWWs39jDND64TgtEV_Rg4tSNgChc07EHaK-cHLQ3D0aL13mQcdW7vaLtqam8R56ks_BFuGNA6bnf0kPEwfwnhLMVfcwZuehk2UhNLVks7XpA5r8o21Z5yZTGzAfAKC38I-e8hqZrFmWHI_rcnCYiflZURKGsaYbChLzsdEu4Fj5j-FRWYa5VLkExUMVRtiDN3i7Uf4qkvybysws4KH&sig=Cg0ArKJSzDd7-AgcYMgpEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1220&vt=11&dtpt=701&dett=3&cstd=517&cisv=r20230627.18402&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 02 Jul 2023 07:13:44 GMT

GET
H3 200 oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js Show response
pagead2.googlesyndication.com/bg/ Frame FD4A 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 10:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 162275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14631
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 10:09:09 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4E74 0
0 60ms
60ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuHIZ2qtZa8a13x-9Crx5BlMJpm64TKlQE4mromPVQ71vE3NnZ8kJhhoICWAEAqYQGFJFGWNr_HZEF8XcJkT_v2xcGUReMc3H8nL2vin-PkAR-Eayl1GGLpZ4sz_u2mcblYMopLgZTfj7l516QmU8WO4WfKKKlm5FEpdHW8KsyWyCfszpVPWHw-s38V1LLBL1dEcKYyK893TTKyvGEa3YwrL76_-ImHk9aU8ATkPUZfJRCgtGouTt27mVJrLdfrzite46vRsI-bi9tjyzlZRYfQkpb2_m7e-CTEgaJj8VZWQVJ54lk8Md6U4X9BFfPu5d0ASpNk3M5GA5dc5Qe_d9eTYKQ9lk-hAtOZO0BwtiIDzG-bUBNEbn0AhB6QbtQm08Hb-QEsuh4mD2RMcihG4piEy9pws2AVUwxayMEkyt0IAfOBDyFTYFw2-wvg9MkiqGuMwG3vbpbT_EcssF3ubZtZx2Y5PCTkx75LTtJb8ZAUiQXt6Fon5SlDrBjBQV5PEMdXTRKbXMb7L4aSUxIzsl2RgNLZWXiyuM0u8-5AGa8rnu2tl1ehRXmuO94VAYQOpXA1YI76hDDWuINvPZ0fw9WuL0lXdCxr1cQMtikcktBLIJpmRonvyNXi4ISGy0NrbyZ3BICFYIwcPV8a4_8vmI1FSWRInxwCyySlxc3VCw1AnMB35XAMMuE6Sfjjmo_GSH0aPTD2QYfSLMyAfNJFEK8D_IuXoQJQOEeWDJYIG-QCGOAFVOhni-bfCw8v53qmLlXXeEFpQd_Qp3UO4pnJZPF5Xgb1mJiAmuVQ6_6kJi-Na0llit9jg4XD6UOgBDUry8pOklxEoPyK8V9kle4WC9LpVpClFd8Zq4qxEILrU47DuJxClZomSUalBSnrM-2J1RCCVnXk8SKDmUEb20DGLhxR74iP4ox1drIGdedN9rYoFXfRSJQwEc7qXgTIuHr7ov0weg7vZfTtLCmf6N4lDC5W0V7j3cR0lVUNxjf5_TO_Z-bqCEyj8fmvQYJjlwgOlluTNHI1JQz1Azw_l47buxYr_G1NUh0AZfvHYNAJ7UvziQafSSoGUfRkrfm9uBX4HhWsJybUD9I0ZImnGLtTHoBqCmw6F5Om_Fk35HQ3zDyiboBbENQa_2_JyFF1nGl4zWJFrIySkD1o0vn-eKQG6i4ofUsQd4M9W9EyHHZfXwXtxipRPqlv2ljJ46VP08q6ficrf0GA7_XX2_xnSegI-764qXVHuxdxPY7ZcBqab9D9Zl9iwWnKchxAATBCCDhqGDBWEom55tpHc5Nt-Ia4tuLeJYuwxxc1RILz9WxJ6ib_OHmtyTQ&sai=AMfl-YTVsNwCVD7mPeFvppfKjIYTO1wPQOp_xoUgLMvWYij4-0_65n8vAMplswEAgd4UATGqdPQJfyFV86J2HXQYQMy0Ih3Caiw7460YyIyoOjNfpwHe_0pG-nenUweckq6c5BHyODZg6CGhR5LWYEF7Z1AnsrucyHUbqgj_CrsfEyA22EbvZ7KM_8bPC7-LLEdDyh86FHuPfJI7aPMSMWbpVC29KQrUxN7Sl41L8jihaEfKRV-6CmMqwbxGRWOa9dl5RgMy_YqEoEIvNNIhMqT-1DlpkfV7VQ&sig=Cg0ArKJSzJ6cgozh0ZnWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1143&vt=11&dtpt=585&dett=3&cstd=547&cisv=r20230627.22289&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 02 Jul 2023 07:13:44 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4E74 42 B
64 B 64ms
64ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8tFMzUhhlRERPrYf4-RuUze_UwN2jZNRZHJ-nyQu_B-2av7Bq7dMUMJG0p3PeobHFymZpP4BdO21AmjChgGv91xlZBtsb028pOeO2cTKYvNXGclq41xrAO5wV95_G81yA_9pms3QsDtKA&sai=AMfl-YSzyPodqvKLTNnjpH1ht1E9vlPEBmZUfJCpIZJEqw3qYYh_vodADNtkV30cTpPd_o0LAkOV7XoeeGtR7ydmpIsEZT3Ul74pV7fokj5Gq0-WX5eLfw3m-CGrNzU&sig=Cg0ArKJSzPpCIe9lGyVdEAE&cid=CAQSOwBygQiDplLGDPGb4SGnH7JKamw_lTFAXG1ojyX2Tmv5ayaCl3PObSfVko2uqpPdN3nkx5aLOKGSn7lOGAE&id=lidar2&mcvt=1097&p=840,515,1090,815&mtos=0,1097,1097,1097,1097&tos=0,1097,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=1717219177&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688282022512&rpt=601&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1113 0
0 61ms
61ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstgO2hxY1UfH82KmJbAYa9BIM4DR2nLjUM4ewMPgjKkANBcAkImeuMgekXmzOwU-2eAN27nZY5mUaSMYXlydwNr-eE7_EFNtJNk4bys3yDRwNxCsMvg08q-5YH98saPmXCEyshvpRFSlRGQPr-3MFmI29tNPHLCVHMnupNMZF1sYpB7tqu5QzMiJJtspBTanryG41WpYrkyqMZ-lGhB2bv9w-EISSsK40HvHda1jmv3DN5Wmbov1OVBdZ5Su9dyLlSC51X6FXkWzLmwxtPeNvmoM_Z5l_n_pRs57yjmhWtc6XUa4gWh-GwlzXJjUCzpZeOoQWzHGhH6_NtF6bacwBMbR47k9Mmx0L_LOzUTRYEk6Ptryg0iwVfrOCZiy-akdlNp3237IoEW5J_Uj60w_8kt3V3IpnthZGTSx7i2-gSyQlJbntJ_cWhAgJLi2i0do8WXS1oz2WbAPkGb-aTLynohrRfdcXBOrCUop_a2Nsac1iFrUha-J9qfcfmSBby6m_SHkkD-VaJtD1e-HkRw8rdnN8Ox-SRlF89dIdJs2Abg-hkhDJePdMkd4RT6S5EHJHmaxWy1fDJTN1fW2PgJLjsf2KjU0Ksp1-GGE7T2VXqRfxeYX1LZEPt6V3OZVIGtss3OZfZUaOYtyLSNkaUCMokXkKJSGs88QgE4_Tzdo4m1mF2wpOI_IgWAHGjFJf6fiiEnr1TgJbuoGMzl7TDaAtS8zIovR3ivgmufveCGEnxdQZsOYp-ijm4g7urpnD0IgI1kQ-rH5RLT6SyK5LQrCYUvLvx_HB7la9p71gqfGDJx2kxB4PeJ_g0XaJ1N7sJA4ZUUQKgrnn3X8G6rLN8e1BFG02xKh6FTVMiqZaNtF6Ooiggyj7tTRLidBeriLr7xkozAWPG6nYwy7FMWKsFyhsm2UM0m6G_Ii-ie1E20CvHiQxA6SlPl4J4NmpJ1DqdS8CerhDaGYVlHxZFYEzkZq9vikIv2xonk1i4_7Ch3I_T-WvtMAOAJITfoN8izwTd-xkYzgwCzOga9MnEVusl0N7ZYM4esQBNe-LzdIbQ0S9P9whRXkBl5JXopyQEXz2OQRx8mX8y7QHRZrDQG2xq7MmEgUnO3q8pAGFbl_Y6V-HlexjXd7eb0UbuCw6LE9EA8bnTP9ZSC5YqJuO4g3XC3ZLmZVyEfsIMOn25cwwghuJyotGb3ZjX6bFwQ-7QofN1BJLxUrP11A0-zeTRXTzgqC0dDvLtpG1CJTSNPLy2EWRAuEbhuoIGHXvsaX4CiacI4-D47CMpk5cblbRmZ9sKwP7ViKkxlc_41PfRdNtDzjaSSCxddn3Y&sai=AMfl-YRG9K7hNQcBsSVyYGzJEyVDlN7e3fYd5kiQRiwS52V20U6bGG56Wz6mIDmbBZacTdTYmVSwAAfPySI2zQon_nkAbHrkOq0KBmEEfs5LI82Pdl1Io9k6x_joVCi1jXGM36MXsIK4RIek4tDXki5A_l8C1RvDVvjRH5871eNt48tiEInsHUvPn0X1TX5_OGuly2R0CFlReOy6iNb565BYSpjhvUCGpQixQeVbFs5KtPpZ2O-mKY_XnALwrOdYiDg9wuHbNwkBipGtEum-3jJmfEmprLlWUg&sig=Cg0ArKJSzO2ePp-QkftsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1189&vt=11&dtpt=578&dett=3&cstd=602&cisv=r20230627.70732&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 02 Jul 2023 07:13:44 GMT

GET
H3 200 oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js Show response
pagead2.googlesyndication.com/bg/ Frame 526D 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 10:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 162275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14631
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 10:09:09 GMT

GET
H3 200 oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js Show response
pagead2.googlesyndication.com/bg/ Frame 09BD 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 10:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 162275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14631
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 10:09:09 GMT

POST
H2 200 _.gif
counter.snackly.co/ 0
85 B 127ms
127ms Ping
image/gif 2606:4700:10::6816:48ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.snackly.co/_.gif
Requested by: Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/20300/mi-1.17.0.38.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 02 Jul 2023 07:13:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
access-control-allow-origin: https://www.walla.co.il
cache-control: max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7e05167bba2c2be5-FRA
access-control-allow-headers: Content-Type
content-length: 0
expires: Sun, 02 Jul 2023 07:13:44 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 61B5 43 B
215 B 113ms
113ms Image
image/gif 2600:1f18:1aca:4280:a825:de6:4efd:399e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=e824cd45-8a73-f634-68d0-8945ed0119ca&tv=%7Bc:hbWQVs,pingTime:-10,time:988,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1688282024048%7C%7C61bc07a23cffb01c57088da7b73c25dc%7C%7Cdc0a08e416cd7f8471c71ad711523ca3%7C%7C241209112cb1bbd3fef2e21710bf6a03%7C%7C7e0a101785f748f5edd6057f1f3f14f5%7C%7Cbed2e2dcac49248854d68fb8f7261a44%7C%7C0499a222a828fef084eb44d7380993b3%7C%7C6f51165c183daa8aa187feba1a1bb357%7C%7C1663701684,im:%7BpWait:171,pci:%7Btdr:790%7D,pLoad:830%7D,sca:%7Bspg:435ebc46-63b2-2d78-2296-19e0610f80c9%7D%7D
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a825:de6:4efd:399e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:44 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4B82 42 B
64 B 65ms
65ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuPaXSZnoofvn8QW8RSbimUidhnqsvRcU_yCaAiTVu-OGRokas7rqHvYg0gGdk5p7CoDkWNnfCaIjidaIx_0YAFPBPgjrhdJq5JyyEAwvMG_ph1cN6dQ61dVBvEFYdDsv1b5xv6TYwuR9Eh&sai=AMfl-YTB1jvzwoGgFykE-bNbzZleTYLO97W-gg0FuP7udgQ6slvLAKOROA7lqzAj5HFkBHFQJQkdeDo3BcnzU_twVkyoxfcrhxk2zH0NxCWiCvcMvWhN0wXOKKcs2J8&sig=Cg0ArKJSzFu9JnkR7r8GEAE&cid=CAQSOwBygQiDplLGDPGb4SGnH7JKamw_lTFAXG1ojyX2Tmv5ayaCl3PObSfVko2uqpPdN3nkx5aLOKGSn7lOGAE&id=lidar2&mcvt=1077&p=840,199,1090,499&mtos=0,1077,1077,1077,1077&tos=0,1077,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=1472875564&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688282022522&rpt=639&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame FCA8 47 KB
47 KB 27ms
27ms Font
font/woff2 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=Mvw8ALzR6M&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:05:58 GMT
x-content-type-options: nosniff
age: 466
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:20:58 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame FCA8 46 KB
46 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=Mvw8ALzR6M&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:00:53 GMT
x-content-type-options: nosniff
age: 771
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:15:53 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FCA8 7 KB
6 KB 64ms
63ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1df6a3143d9ebcc1756e1e682c56c00d0d2c55a7f2c3b3447f5cec20a8eba63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5676
x-xss-protection: 0

GET
H3 200 60005582_20230403055448209_APP_iPhone_14_Pro_Max_Watch-Ultra.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame FCA8 27 KB
27 KB 32ms
31ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230403055448209_APP_iPhone_14_Pro_Max_Watch-Ultra.png

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e3e6ec523836351b5ed090d20ee28948242138f9cfb7bc592850d05342cbccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=Mvw8ALzR6M&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 13:55:34 GMT
x-content-type-options: nosniff
age: 62290
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27236
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 12:54:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 13:55:34 GMT

GET
H3 200 60005582_20220825085147454_300x250_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame FCA8 28 KB
28 KB 43ms
42ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085147454_300x250_BG.png

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04fbd20b04ad6a98e605ce6014aaef976cc9a47a939e621c19d801fc59650c91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=Mvw8ALzR6M&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 18:16:39 GMT
x-content-type-options: nosniff
age: 46625
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28198
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 15:51:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 18:16:39 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame FCA8 43 B
609 B 120ms
41ms Image
image/gif 141.101.90.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=29118705_4307561_354695495_145340772_PO1501A20230606&ref=29118705_4307561_354695495_145340772_PO1501A20230606
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 07:13:44 GMT
via: 1.1 varnish-live-1-1
CF-Cache-Status: HIT
age: 2820314
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Wed, 10 May 2023 18:30:14 GMT
Server: cloudflare
etag: "2b-5fb5b10159980"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 613220182
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7e05167c9ba535f8-FRA
Expires: Mon, 01 Jul 2024 07:13:44 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4B82 0
0 60ms
60ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv63XjrMGyZ5gshy7XoZuwZXqalEFYhI2pTDmOyRwqgcVp-PtiUCD7XSm3SlULW24tMSPu8mD4YEZYqg1sTFeS2Ci-jMmQ7bMIZZhFtcuHwOnovxev5S5Mtj0u8VvHNFTjeKkbFdbipT_FVZeilE4R11FtFEPpUj0K6-odaDr5eFSBfKWSzQR2DNfilJn4LVsNYOvTdjjwJYwiupAb6OqL65D1TcPTqiU1zX9VdxGnoHUsSn4jhesc4UZ3_xXStVo1u9OOfm-sPgts93boMXKddUadULxRrkL7AyMLhthmDLzI2A7NFPSpmNU_vflYGvSXhHjnjCUbC7q-pO90w39w_Wyg-JuJ9RJukkbCDMTUeZ7agOSp_WCyOZWCgZbmjtTYVkYxyV2uY6HrQXkoZTUTDVLMjv_D4HWBwoiKXeg9Yq8vJbokKdkcaGyMieM7v_p1Iqcv3QK_8cCMXmiUMm3UV2DRh_aGZVjt5QWBtJWEP436V6hhBMxxX6LykmgAdMqllZQWYwnHLZSPImxkT3dEypD_HFQnmAVmQ521hcAjBrx3vWIXSXLqP1VMmH-WzGBU599bkZRlag5XbVENT_AEwYEsmIYQCY12mTEWg_6J1Hb4E7yTcs5O0tgGhMRVBvjB5cgbuQQmHGZCp_S80k2yhZaLaac57Qm8gYXSndtPCUzd2SpyFZ6DuAeJQcIQ_-K0TfNDLuYWGIW2jonK6VpM1y6z606tNkFOPBQAr4-B4vOxtEckXk2UOcUzi5rZhT-6CazZt225bpM5NC4lag8lEcgMFfwRuVwUnJJwkqxL9W3YajoNpRqQpjh_zdnfig50f783nQqhg4nJaTS2Ca1Xl8plL4xJ5kLiGHpCmWuxI5n-zS5a9B9o-Aci5jPBcBoBShyxkq1EScCF-Jjc5E3KKKM7uQjmOk5wALCybg-2kvlxFdq-J-0WsPu_Ga4QSgktZoUH3a9aeRVnOmah2M3n1G7jqL3XIR96v43NnPiGkL7w0B26bQlGvq4YS5lXjBVS9u1NMOpgmO2yYjCkEIGm6FiOB2T3mRgSCaO-ufz0EHjGT6H0JhZFudpN3XqYIj2vc_R0njNmBWJ5vX_9xlxe3CYi_qVD2tZxGZx2u8piWK0513AYZ4ZIgak0xTgay04kVLeZjMe6RXvhSxS0HlSHNS-ZuWgk1YEu57WH09TFkOvCPpCBg2DOAU7Pz3S9Oo4RdQgTxJ2L6NKVNLIMSEteyfEXXZ4Ym0jbA-lsyY9XTydEI9-aEDOKVqD1f-C6aQE8APOz3lvBtZowIVro&sai=AMfl-YSlnUFD2D4onDux6IZCqs-ahfYgR4MiM6GUZzraMd4KrD4MTrpBOevxB1Y5SjsiQ12dlLvGhYpB3rkzeG9t9bPGw6FVK9g2Z6AumfT85S-QZ--rDb-qpfwJtcZGOcGZEKgJIs-5s3BcGqoEiTu69KpJxWIlIxmvaPIITwH4BETdy-4qpVgjWzIJ3p30tbiW1TvPplbUXzlFJTGqu8DLfChEa5Zgy9t36JZqFMw2Z5RSDuhOQ5EO5Z7XbFcKloK47u66&sig=Cg0ArKJSzAyr0kpYXtdWEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1287&vt=11&dtpt=484&dett=3&cstd=801&cisv=r20230627.99088&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.walla.co.il
URL: https://www.walla.co.il/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 02 Jul 2023 07:13:44 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 71ms
70ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306270101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdea6fc96a1cdb3844d78e5126ba24e3f9e1a57264e4ddda45f333bbefa5e762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11201
x-xss-protection: 0

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame FCA8 26 KB
26 KB 21ms
21ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=Mvw8ALzR6M&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:08:05 GMT
x-content-type-options: nosniff
age: 339
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:23:05 GMT

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 2EA5 47 KB
47 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=54b8cuUXhB&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:05:58 GMT
x-content-type-options: nosniff
age: 466
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:20:58 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 2EA5 46 KB
46 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=54b8cuUXhB&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:00:53 GMT
x-content-type-options: nosniff
age: 771
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:15:53 GMT

GET
H3 200 60005582_20230403055448209_APP_iPhone_14_Pro_Max_Watch-Ultra.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 2EA5 27 KB
27 KB 28ms
28ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230403055448209_APP_iPhone_14_Pro_Max_Watch-Ultra.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=54b8cuUXhB&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e3e6ec523836351b5ed090d20ee28948242138f9cfb7bc592850d05342cbccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=54b8cuUXhB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 13:55:34 GMT
x-content-type-options: nosniff
age: 62290
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27236
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 12:54:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 13:55:34 GMT

GET
H3 200 60005582_20220825085147454_300x250_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 2EA5 28 KB
28 KB 31ms
31ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085147454_300x250_BG.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=54b8cuUXhB&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04fbd20b04ad6a98e605ce6014aaef976cc9a47a939e621c19d801fc59650c91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=54b8cuUXhB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 18:16:39 GMT
x-content-type-options: nosniff
age: 46625
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28198
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 15:51:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 18:16:39 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 2EA5 43 B
609 B 87ms
39ms Image
image/gif 141.101.90.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=29118705_4307561_354695495_145340772_PO1501A20230606&ref=29118705_4307561_354695495_145340772_PO1501A20230606
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=54b8cuUXhB&t=1&renderingType=2&ev=01_250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 07:13:44 GMT
via: 1.1 varnish-live-1-1
CF-Cache-Status: HIT
age: 2820314
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Wed, 10 May 2023 18:30:14 GMT
Server: cloudflare
etag: "2b-5fb5b10159980"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 613220182
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7e05167ca93f35ed-FRA
Expires: Mon, 01 Jul 2024 07:13:44 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2EA5 7 KB
6 KB 67ms
66ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bffbd2bb2f4f842b45b8cdc3fb3e7091316226ae53b31875f6b68791e580a67a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5616
x-xss-protection: 0

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 2EA5 26 KB
26 KB 23ms
22ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11065803848835661824/300x250.html?e=69&leftOffset=0&topOffset=0&c=54b8cuUXhB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:08:05 GMT
x-content-type-options: nosniff
age: 339
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:23:05 GMT

GET
H3 200 TUI_smile.svg
s0.2mdn.net/creatives/assets/3060934/ Frame 12ED 1 KB
631 B 22ms
21ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3060934/TUI_smile.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1802642303269007491/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ad42648baede16996541d1293446e9b2a0df02bb5305b6e5131255872b37ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1802642303269007491/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 409
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 603
x-xss-protection: 0
last-modified: Tue, 27 Nov 2018 13:48:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:21:55 GMT

GET
H3 200 tb_logo.svg
s0.2mdn.net/creatives/assets/4910664/ Frame 12ED 5 KB
2 KB 23ms
21ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4910664/tb_logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1802642303269007491/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

510e21325dc04a49e11b960b7eb05c89fab87b58e9dfededb0085da40d618a20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1802642303269007491/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2150
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 13:05:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:16:26 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 12ED 2 KB
1 KB 24ms
22ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/cta_jetzt_buchen.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1802642303269007491/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9f7ca92ac484587069e344faf7ecd9f82c53739d5008d5adcfafa7e705d9ba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1802642303269007491/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 998
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 10:03:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:16:27 GMT

GET
H3 200 txt_160x600_sparen.svg
s0.2mdn.net/creatives/assets/4923930/ Frame 12ED 3 KB
2 KB 25ms
23ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4923930/txt_160x600_sparen.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1802642303269007491/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2de293d583a6ec122882e9bb5f064df8058d79bda07d192e9d0cb5d99eed9a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1802642303269007491/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1596
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 08:25:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:16:27 GMT

GET
H3 200 txt_160x600_40.svg
s0.2mdn.net/creatives/assets/4923930/ Frame 12ED 2 KB
969 B 26ms
24ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4923930/txt_160x600_40.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1802642303269007491/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485b7554ed0dffe4d13bfeb661cd96daaed0d0676b8b75fcef24c6c8446ef3fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1802642303269007491/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 736
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 934
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 08:25:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:16:28 GMT

GET
H3 200 txt_160x600_bis_zu.svg
s0.2mdn.net/creatives/assets/4923930/ Frame 12ED 2 KB
1 KB 27ms
25ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4923930/txt_160x600_bis_zu.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1802642303269007491/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f130f4db7115f1b41912386aa95b56d8218900619d4fc7c9519ec3228d8f393b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1802642303269007491/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1094
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 08:25:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:16:27 GMT

GET
H3 200 txt_160x600_lm40.svg
s0.2mdn.net/creatives/assets/4923930/ Frame 12ED 2 KB
1 KB 29ms
27ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4923930/txt_160x600_lm40.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1389eede623c28b5de80d6aaf8f400eb58f11b43bce597e520f2ea855f443d01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1802642303269007491/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1132
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 08:25:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:15:22 GMT

GET
H3 200 txt_last_minute_2lines.svg
s0.2mdn.net/creatives/assets/4910664/ Frame 12ED 5 KB
2 KB 28ms
26ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4910664/txt_last_minute_2lines.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2bba974f9ebec375500df1bfb9ad617df22e82c645a2c089bfd860f2ca55eb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1802642303269007491/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2199
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 08:56:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:15:22 GMT

GET
H3 200 160x600_grad_bigger_tb.svg
s0.2mdn.net/creatives/assets/4910664/ Frame 12ED 2 KB
750 B 29ms
27ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4910664/160x600_grad_bigger_tb.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32c9c74b680ae036133293a11766b00c696550b6cde8637a772dbc482998951e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1802642303269007491/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 713
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 06:17:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:15:22 GMT

GET
H3 200 160x600_rad_grad_tb.svg
s0.2mdn.net/creatives/assets/4910664/ Frame 12ED 6 KB
1 KB 27ms
25ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4910664/160x600_rad_grad_tb.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51258220a3c990c88b05e1888cdf659218955a0fffa4b428cbb728ce0b93bad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1802642303269007491/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1353
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 08:47:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:15:22 GMT

GET
H3 200 160x600_1_kv2.jpg
s0.2mdn.net/creatives/assets/4923930/ Frame 12ED 9 KB
9 KB 30ms
27ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4923930/160x600_1_kv2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d502abbf1568ce1349c3c42e154638b538d1caa39f63c986afba45991f0838d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1802642303269007491/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:02:01 GMT
x-content-type-options: nosniff
age: 703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9684
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 08:02:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:17:01 GMT

GET
H3 200 160x600_1_kv1.jpg
s0.2mdn.net/creatives/assets/4923930/ Frame 12ED 21 KB
21 KB 29ms
25ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4923930/160x600_1_kv1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

678347795884afb99b5335ecabd9184b8b1fb8e76d2225de452cb3ecc348f309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1802642303269007491/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:02:01 GMT
x-content-type-options: nosniff
age: 703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21549
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 08:03:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:17:01 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FCA8 17 KB
6 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Jul 2023 07:13:44 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DFD1 0
20 B 59ms
58ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLhZOpiOhZNW7HM6XjuwPv4Wd8A4AAAAAOAHgBAI&bg=!7-yl7LjNAAb90kgr3dI7ADkAdvg8Wke6lfgVP9vQOMxcNrVkmwuAjZxp0WMCfRXaAVc_0EGUgslHS9cF9obDJscFq5nIMtw02HsCAAAE8FIAAAADaAEHmQL_qpxg0iFHsp10sbV8aaWY-nfJLIE1jkOIffiErUwOgJajm16T7M4UpDxYQ-4GPQaKzEba3kOZTtoIe9mGBgDeptKxP3mK9pLGnQbUYJLwxGWp2nFQ4M4_fgJTg8fQB5aNvNye3wB52YcJsgjHPlL_HykOo6ccAUAjqBmUD_l825oQarOu_si_LUvrXjk4Malk_4EjJ0KZjQgMMtvfGi3TMM-YkcsYyTd43EJDel8CSBIKA2a7ZtU-vzk1LEHfbaw-P3cmrQJC61FTTy7-SUU_bBsiAnCLK3KYR1PtND53I-otryjo_k9hWDZFfLme8RJT8-UsD8g08zc7cfzbaTtFbB1ctiU49XQkJCaVmqnhhHwD4Y4ssAc74UWFdGE6LQhiCbU-edA3XfpFqA6W3OsKTePPv-7g89bMtwWFo41palgCwvO_ktDOrJP0bm3mv4LhXCGHEJDtrtu3L9AHfLUHi49BxMJPiUkDAL7mL6B2oJTw3k0_3FQCCq5NcEjDTIDyfZyWrsjny5ohQwKB0MuD5SdUND-yaOr3aYPCiqwZVfk2Ffkc0-nWuSWloWi-l4F4vkTAd829OYC9fTST-h8cRN9Xodk14Q8slRfwlBcCRyh4IztZPt92dIxU_VNMg_CS9N6wX4D1sUsDJMFrQ9Zis8vTTY1PcELKLy8pCbXIRPh0eyzmuc_HsvoFJkgpmbWy0EGqSpkt9-US1FjwkB1Ca_VYPdYEr48KErSdsttxAsAQDQWgoDRq9lFH3XxnGpYuvNAsreedHckYPZK4MwlyrzUvmrSHH5KelycwCVpgBrePBT5p5o1Jq-O63INk1zx-1nGUzTSdpClP1KvStQ-9aqw0t8Y7N4Ss19zqN8BXNQkBHrCvJfZDgmGparPTrQp2SXDEpsCcWbbRd7fg_jeSkBWEP9EK57XhUeEn2JppD8FfMcdcwKKmBHQhTHapgoJRKWX6Ir8bb0FC6UvrPvwrG0GsNxrRA2CV2O-k9UU-tGLpkGOdyTatmbdEVjSFB2A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Jul 2023 07:13:44 GMT

GET
H2 200 index.m3u8 Show response
amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb57341a65736c909bcd3a78d1f943829f7b3dcb0e6c886470af4a9765d97800dbe8ae84ae5b910c4c9e1fc061017d360439cd1dd56c49c1da6... Frame C0EC 13 KB
1 KB 35ms
35ms XHR
application/x-mpegurl 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://amg01742-walla-wallanews-ono-btlna.amagi.tv/playlist/amg01742-walla-wallanews-ono/cb57341a65736c909bcd3a78d1f943829f7b3dcb0e6c886470af4a9765d97800dbe8ae84ae5b910c4c9e1fc061017d360439cd1dd56c49c1da63b820743c4b21fdcde00080dd0d0cb1df11292ca36265299a7369cc350f7bd2ec5a2f803ebe764c53cb017c593f88f258ac724cc59e0f8c7c2c95acd469291e0b09ce1f04faa55da4e1e25b57cc3af0e71e1e952a10fa834a98d301ba81810e83128e27f7099e94f38dd51482879232a156d0d2683256152d44abf2b93cccb8be4c7bfb562d541354e8bae18f245ea37233907c62a9c503da06dc8635841a59d3b13980e542ed4709d5a5e44dabefc6b7ca81f4c5b639520fda979389f33936ae71f2a5a4f57c708ae2117149830ab247796bc5a89346c7ab74e79c3866fb459312e0e8905d8415cad5f5ad00f100dfd5fb88380d6c66160e8f5398480cb13df077b2c71f2d5d0211e3ca158cb1d050346d5895c070e0534ae995dbd89f3932c4364f01a8788f0f4c2ced247c70e01afc9817659d695fd66273a80e75c869d48c01d9eb9be90f30b09ee047fc64e0fc4af1fe10a660391653e2a6620f0b192a83bb285c69218376e5d5cbf37e4655bfa083ad96214d6d53205b028fedf063dbdf905b7a38f51377303a406dd56eb04ed00f4e0c2bb36ef0a41b7b88036160a69036535e6381dbf3e6a3d3d94fa170c3c59f6f7bc585c2ba0adde7745f9a111b21f66b94/64/640x360_642400/index.m3u8
Requested by: Host: www.walla.co.il
URL: https://www.walla.co.il/public/9330_0e7a460c49891bee9871_0e7a460c49891bee9871_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: /
Resource Hash: 2932f25d3e43f336a01d931219e932f5fdb5bb62c131782d23149002ad7ec1ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:44 GMT
via: 1.1 google, 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
content-encoding: br
last-modified: Sun, 02 Jul 2023 07:13:44 GMT
x-amz-cf-pop: FRA6-C1
x-cache-status: FRA-fa985ced, miss
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/x-mpegURL
access-control-allow-origin: https://www.walla.co.il
x-cache: Miss from cloudfront
cache-control: max-age=1
access-control-allow-credentials: true
accept-ranges: none
x-amz-cf-id: FCFfaGiq47Xye-3b9C44fVt1LNNkS50su189zXwAhhPoAHvooZbxIQ==

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2EA5 17 KB
6 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Jul 2023 07:13:44 GMT

POST
H2 204 bulk Show response
trc.taboola.com/wallail-walla/log/3/ 0
381 B 58ms
58ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/wallail-walla/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=6
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230629-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 11
date: Sun, 02 Jul 2023 07:13:44 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 8092
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-fra-eddf8230098-FRA
pragma: no-cache
server: nginx
x-timer: S1688282025.587768,VS0,VE11
content-type: image/gif
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 TUI_smile.svg
s0.2mdn.net/creatives/assets/3060934/ Frame BBFB 1 KB
631 B 23ms
21ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3060934/TUI_smile.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979344487117963557/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ad42648baede16996541d1293446e9b2a0df02bb5305b6e5131255872b37ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6979344487117963557/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 409
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 603
x-xss-protection: 0
last-modified: Tue, 27 Nov 2018 13:48:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:21:55 GMT

GET
H3 200 tb_logo.svg
s0.2mdn.net/creatives/assets/4910664/ Frame BBFB 5 KB
2 KB 24ms
21ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4910664/tb_logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979344487117963557/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

510e21325dc04a49e11b960b7eb05c89fab87b58e9dfededb0085da40d618a20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6979344487117963557/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2150
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 13:05:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:16:26 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4364511/ Frame BBFB 2 KB
1 KB 25ms
23ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/cta_jetzt_buchen.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979344487117963557/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9f7ca92ac484587069e344faf7ecd9f82c53739d5008d5adcfafa7e705d9ba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6979344487117963557/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 998
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 10:03:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:16:27 GMT

GET
H3 200 txt_160x600_sparen.svg
s0.2mdn.net/creatives/assets/4923930/ Frame BBFB 3 KB
2 KB 25ms
23ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4923930/txt_160x600_sparen.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979344487117963557/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2de293d583a6ec122882e9bb5f064df8058d79bda07d192e9d0cb5d99eed9a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6979344487117963557/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1596
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 08:25:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:16:27 GMT

GET
H3 200 txt_160x600_40.svg
s0.2mdn.net/creatives/assets/4923930/ Frame BBFB 2 KB
969 B 26ms
24ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4923930/txt_160x600_40.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979344487117963557/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485b7554ed0dffe4d13bfeb661cd96daaed0d0676b8b75fcef24c6c8446ef3fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6979344487117963557/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 736
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 934
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 08:25:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:16:28 GMT

GET
H3 200 txt_160x600_bis_zu.svg
s0.2mdn.net/creatives/assets/4923930/ Frame BBFB 2 KB
1 KB 28ms
26ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4923930/txt_160x600_bis_zu.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979344487117963557/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f130f4db7115f1b41912386aa95b56d8218900619d4fc7c9519ec3228d8f393b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6979344487117963557/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1094
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 08:25:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:16:27 GMT

GET
H3 200 txt_300x250_lm40.svg
s0.2mdn.net/creatives/assets/4923930/ Frame BBFB 2 KB
1 KB 27ms
26ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4923930/txt_300x250_lm40.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979344487117963557/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a31f36feca1ee301f0edce1d69a3375f5f741e7c89b293ef719f7d0a6d682649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6979344487117963557/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:06:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1089
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 09:33:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:21:56 GMT

GET
H3 200 txt_last_minute.svg
s0.2mdn.net/creatives/assets/4910664/ Frame BBFB 5 KB
2 KB 28ms
27ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4910664/txt_last_minute.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6979344487117963557/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

674c43d36f3380fcfc51d8677f7f016c8b74321d27f0dca6b4a73ee2b72284b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6979344487117963557/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 409
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2194
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 13:08:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:21:55 GMT

GET
H3 200 300x250_rad_grad_tb.svg
s0.2mdn.net/creatives/assets/4910664/ Frame BBFB 7 KB
1 KB 30ms
28ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4910664/300x250_rad_grad_tb.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45ff58d3a61b60063d8c0822c7861a5d56ceadf930700311027bdb408f3648b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6979344487117963557/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:07:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1327
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 07:23:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:22:01 GMT

GET
H3 200 300x250_2_kv2.jpg
s0.2mdn.net/creatives/assets/4923930/ Frame BBFB 37 KB
37 KB 31ms
29ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4923930/300x250_2_kv2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7583e698cc7c530655373450df99d3904faca8123f6c1b76ccf6ae3f253a8c81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6979344487117963557/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:01:40 GMT
x-content-type-options: nosniff
age: 724
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38042
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 08:02:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:16:40 GMT

GET
H3 200 300x250_2_kv1.jpg
s0.2mdn.net/creatives/assets/4923930/ Frame BBFB 26 KB
26 KB 30ms
29ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4923930/300x250_2_kv1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d289002dd1d04fb610541e1195a8ca2748d44add188569366867b44f585340d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6979344487117963557/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:01:14 GMT
x-content-type-options: nosniff
age: 750
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26387
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 08:02:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 07:16:14 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C907 43 KB
8 KB 350ms
271ms XHR
text/xml 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=43010785%2Fwallanews%2Fmain%2Fpre_desktop&sz=635x360%7C640x480%7C640x480%7C640x360%7C635x360&url=https%3A%2F%2Fwww.walla.co.il%2F&description_url=https%3A%2F%2Fwww.walla.co.il%2F&cust_params=app_name%3Dfalse%26providerId%3D0%26item_id%3D0%26vertical_id%3D173%26vertical_name%3D%D7%95%D7%95%D7%90%D7%9C%D7%94%26category_id%3D0%26item_type%3D%26exclusive%3Dnot%26login%3Dno%26isMobileApp%3Dfalse&output=xml_vmap1&vpi=1&gdfp_req=1&env=vp&unviewed_position_start=1&vpa=click&vpmute=1&sdkv=h.3.578.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=3763514115&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&media_url=blob%3Ahttps%253a%2F%2Fwww.walla.co.il%2F94938c6b-bba7-4bba-b28c-c9f3809d3757&sid=50D227B1-CBB6-4593-A9FC-D2F989926EF9&a3p=EhsKDDMzYWNyb3NzLmNvbRix-8yrkTFIAFICCGQSGQoKdWlkYXBpLmNvbRix-8yrkTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGO7_zKuRMUgAUgIIahIcCg1jcndkY250cmwubmV0GLH7zKuRMUgAUgIIZBIZCgpwdWJjaWQub3JnGIH_zKuRMUgAUgIIahLCAQoIcnRiaG91c2USrAErQmNLMVMwa1VWc3Z4QWptOWtSc09Jc3RQUTdRV3RaZGtQeUFMQnZKR0Nnc3RUdlFZL01kRXhYY1UyamhKK2JXYzVlbnJ6Z2pYQUw4VVpJenZMUk9WSzNCbk5ERWVZVjJJc1lGZm90NlpMQmxvaXBndVBka3VYQmZINGIwN3J4NEl0RVFIQUZkUG45RHdCR2pLZ1l0RG1mZkhHdWhBY0RxRXVLT2xOb0tPY0U9GKCBzauRMUgAEh0KDmVzcC5jcml0ZW8uY29tGLH7zKuRMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lTbTQ1WlVob2JqQlVlWEZvYjJVcmMzQXpkMGRZZHowOUluMD0YoYLNq5ExSAA.&nel=0&eid=44731965%2C44752711%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fwww.walla.co.il%2F&top=https%3A%2F%2Fwww.walla.co.il%2F&loc=https%3A%2F%2Fwww.walla.co.il%2Fpublic%2Fplayer.html%3Fautoplay%3Dtrue%26imaAdUnit%3D43010785%252Fwallanews%252Fmain%252Fpre_desktop%26imaKeyValues%3D%257B%2522app_name%2522%253Afalse%252C%2522providerId%2522%253A0%252C%2522item_id%2522%253A0%252C%2522vertical_id%2522%253A173%252C%2522vertical_name%2522%253A%2522%25D7%2595%25D7%2595%25D7%2590%25D7%259C%25D7%2594%2522%252C%2522category_id%2522%253A0%252C%2522item_type%2522%253A%2522%2522%252C%2522exclusive%2522%253A%2522not%2522%252C%2522login%2522%253A%2522no%2522%252C%2522isMobileApp%2522%253Afalse%257D%26muted%3Dtrue%26player%3Dwalla%26stream%3Dhttps%253A%252F%252Fcdn-uw2-prod.tsv2.amagi.tv%252Flinear%252Famg01742-walla-wallanews-ono%252Fplaylist.m3u8%26url%3Dhttps%253A%252F%252Fwww.walla.co.il%252F%26ver%3D2023&dlt=1688282021080&idt=3224&dt=1688282024619&cookie=ID%3D3fe622a37625deea%3AT%3D1688282021%3ART%3D1688282021%3AS%3DALNI_MaqdbUTDdHBgDI0ZmY-zgXO2blawQ&gpic=UID%3D00000c8c125d5705%3AT%3D1688282021%3ART%3D1688282021%3AS%3DALNI_MaiOK2LvIrc5fVK2MYw0YZWpCRQVA&correlator=2794465637762429&scor=1610326330176494&ged=ve4_td4_tt1_pd4_la4000_er1700.200.1700.200_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9a930a0615ad6e8122eee4ad08abab70ea1261665fab90996a943c407653626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:44 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7689
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 61B5 42 B
64 B 71ms
65ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvXf5pSCpDelfoRJ7X5QOwWAs5YIfJNJhvum4DX3EEb4vl15dK-6pGcA81L5zhT7SJ1JFqXhIrQbuoQKfYI1PPTBa63Ids5gjTVzYekeIZgywpan-i_avgbKw6DJRU1LgQ_CCoMm92e79m9&sai=AMfl-YSXHKV6qJu93MDC5yKupyNXKmNJ7OAPpYo3m3uAt0bkSFfQFrDmbnSZJCtVLjQDisHg4QNkOSWiqSiItY5zigWSkispaDql-u2cbOyUoXOuyN0OPxikmVyUbOQ&sig=Cg0ArKJSzN9DGaV8CdW-EAE&cid=CAQSOwBygQiDplLGDPGb4SGnH7JKamw_lTFAXG1ojyX2Tmv5ayaCl3PObSfVko2uqpPdN3nkx5aLOKGSn7lOGAE&id=lidar2&mcvt=1114&p=161,1558,201,1599&mtos=1114,1114,1114,1114,1114&tos=1114,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2273020715&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688282022496&rpt=501&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 52ms
52ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 03 Jul 2023 07:13:44 GMT

GET
H3 200 oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A30 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 10:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 162275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14631
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 10:09:09 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EE06 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9316006003845&version=m202301230201&ct=76&x=1&cor=16729808716967373000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 11E8 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 27895
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 23:28:49 GMT
expires: Sun, 30 Jun 2024 23:28:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 88FC 783 B
535 B 36ms
35ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9eec693c90277ed5a435b5fd105759d035e9a61e3b8f10257122c1137cf8bbe2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-N2qb-8x3hmwOLuBdmjNHJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-N2qb-8x3hmwOLuBdmjNHJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 07:13:44 GMT
expires: Sun, 02 Jul 2023 07:13:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A57 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 10:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 162275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14631
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 10:09:09 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4B82 43 B
215 B 114ms
114ms Image
image/gif 2600:1f18:1aca:4280:a825:de6:4efd:399e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=3e472016-4c8a-9a78-1b8f-45c4f65645da&tv=%7Bc:hbWR3Z,pingTime:-10,time:1246,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1688282024048%7C%7C61bc07a23cffb01c57088da7b73c25dc%7C%7Cdc0a08e416cd7f8471c71ad711523ca3%7C%7C241209112cb1bbd3fef2e21710bf6a03%7C%7C7e0a101785f748f5edd6057f1f3f14f5%7C%7Cbed2e2dcac49248854d68fb8f7261a44%7C%7C0499a222a828fef084eb44d7380993b3%7C%7C6f51165c183daa8aa187feba1a1bb357%7C%7C1663701684,im:%7Bpci:%7Btdr:714%7D%7D,sca:%7Bspg:435ebc46-63b2-2d78-2296-19e0610f80c9%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a825:de6:4efd:399e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:44 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EE06 43 B
215 B 113ms
113ms Image
image/gif 2600:1f18:1aca:4280:a825:de6:4efd:399e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=435ebc46-63b2-2d78-2296-19e0610f80c9&tv=%7Bc:hbWR4h,time:1973,type:e,im:%7Bpci:%7Btdr:1185%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:710,o:1263,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1257~0,0~75%5D,as:%5B1257~728.90%5D%7D%7D,%7Bsl:i,t:1263,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:99,obst:0,th:0,reas:,bkn:%7Bpiv:%5B710~75%5D,as:%5B710~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:302,fm:tIPNjxS+11%7C12%7C13%7C14%7C15%7C16*.1484042-72188330%7C161%7C162%7C163%7C164%7C17%7C18%7C19%7C1a%7C1b%7C1c.1484042-72185571%7C1c1%7C1d1%7C1e.1484042-72188194%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:20,sis:679%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a825:de6:4efd:399e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:44 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 61B5 43 B
215 B 113ms
113ms Image
image/gif 2600:1f18:1aca:4280:a825:de6:4efd:399e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=e824cd45-8a73-f634-68d0-8945ed0119ca&tv=%7Bc:hbWR4n,pingTime:0,time:1541,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:44%7D,%7Br:r,w:160,h:600,t:210%7D,%7Bpiv:100,vs:i,r:,t:1541%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1541,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:43,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1536~0,1~100%5D,as:%5B205~0.0,1332~160.600%5D%7D%7D,%7Bsl:i,t:1541,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1536~0,1~100%5D,as:%5B205~0.0,1332~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:302,fm:tIPNjxS+11%7C12%7C13%7C14%7C15%7C16.1484042-72188330%7C161%7C162%7C1631%7C164%7C165%7C17%7C18%7C19%7C1a%7C1b%7C1c*.1484042-72185571%7C1c1%7C1c2%7C1d1%7C1d2%7C1e.1484042-72188194%7C1e1%7C1e2%7C1f1%7C1f2%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1c*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:45,sis:602%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a825:de6:4efd:399e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:44 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3419 15 KB
6 KB 41ms
40ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.walla.co.il

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 07:13:44 GMT
server: Kestrel
server-processing-duration-in-ticks: 1061715
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 136ms
67ms XHR
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-176eb"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 03 Jul 2023 07:13:44 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
702 B 24ms
24ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Sun, 02 Jul 2023 07:13:45 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 2823
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230098-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1688282025.060520,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 35
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 937

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3419
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=3&topUrl=www.walla.co.il&bundle=q5_Jn19mcyUyQmJDdzVGQmdQdnlaZWc4YnpBdGFxZzE4UyUyQk1aSDd6b1VHMW0wTkxzOWQl...
https://mug.criteo.com/sid?cpp=-bkFbXxHaGxMeTZZZG5vdDVzQiszc2lwazg4eDY4ZU51dnlGSTRuRXcyTVB0LzBmSWVCcGYzTm95V3NoSnMzOUwxaTNPY3VBMWJJa2YrVlIyTDIwcUU2a1p6U3ovNnp1L0hDSlJlS2YzVjRHVFN3bEpOQ0oyV084NVFOUm...

433 B
653 B

40ms
39ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=-bkFbXxHaGxMeTZZZG5vdDVzQiszc2lwazg4eDY4ZU51dnlGSTRuRXcyTVB0LzBmSWVCcGYzTm95V3NoSnMzOUwxaTNPY3VBMWJJa2YrVlIyTDIwcUU2a1p6U3ovNnp1L0hDSlJlS2YzVjRHVFN3bEpOQ0oyV084NVFOUmtjUkZ6ZFZzN3VwZXpPTTZBM2dhK2IvTzRMem9ybFE1MCtUazcvaVMwdXlJaW0xUXl3cXdWMkszK3R1VkZYaGoyNGJHVGZQY2x4eU5QM0hnTEh6NGNhK2RlNlZHenBldTlIc2ovcmNCN3ViRE5LYitYZCtBOEo0S002SUplZGZZZlphazRTUDA1clEzM3Buc1cxWGFtbFNvbEtHcmRPdGRYZmZnQmhYWDBMQzVGVmw0UXQvWT18&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

897b7a3bb356370cbd5fb3ee6453b5c1e8116715c3be664d602c349977e69c81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:44 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 950794
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=-bkFbXxHaGxMeTZZZG5vdDVzQiszc2lwazg4eDY4ZU51dnlGSTRuRXcyTVB0LzBmSWVCcGYzTm95V3NoSnMzOUwxaTNPY3VBMWJJa2YrVlIyTDIwcUU2a1p6U3ovNnp1L0hDSlJlS2YzVjRHVFN3bEpOQ0oyV084NVFOUmtjUkZ6ZFZzN3VwZXpPTTZBM2dhK2IvTzRMem9ybFE1MCtUazcvaVMwdXlJaW0xUXl3cXdWMkszK3R1VkZYaGoyNGJHVGZQY2x4eU5QM0hnTEh6NGNhK2RlNlZHenBldTlIc2ovcmNCN3ViRE5LYitYZCtBOEo0S002SUplZGZZZlphazRTUDA1clEzM3Buc1cxWGFtbFNvbEtHcmRPdGRYZmZnQmhYWDBMQzVGVmw0UXQvWT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 281216
content-length: 0
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 109ms
37ms Preflight
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 02 Jul 2023 07:13:44 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 195215
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
373 B 36ms
36ms XHR
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.walla.co.il%2F&domain=www.walla.co.il&cw=1&pbt=1&lsw=1

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 318008
expires: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame FF30 281 B
554 B 95ms
37ms Document
text/html 23.37.63.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-63-179.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 02 Jul 2023 07:13:45 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 4F51 16 KB
6 KB 25ms
25ms Document
text/html 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=135172
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sun, 02 Jul 2023 07:13:45 GMT
expires: Mon, 03 Jul 2023 20:46:37 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 / Show response
csync.smilewanted.com/ Frame C73E 6 KB
2 KB 41ms
41ms Document
text/html 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a3db859de4405b7116e9e60167236cbaee551e80a0efb6d26d3f20ceb3f9e3f

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7e051680dc773a8e-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Jul 2023 07:13:45 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 4E7B 0
0 23ms
23ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1688282021757

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 1E4F 37 B
139 B 25ms
24ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Sun, 02 Jul 2023 07:13:45 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5497 52 KB
17 KB 109ms
27ms Document
text/html 184.30.16.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-183.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 02 Jul 2023 07:13:45 GMT
ETag: "623de86a-cf34"
Expires: Mon, 03 Jul 2023 07:13:47 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 8699 0
80 B 127ms
127ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/wallacoil-prod.js?timestamp=1688256000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 02 Jul 2023 07:13:45 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 88FC 0
0 56ms
56ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306270101&jk=1456132369863478&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame C907 0
54 B 1418ms
524ms Ping
image/gif 2404:6800:4002:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ljl3iz36&c=1826126223231&slotId=913063111615.5&eee=missing-element&bi=missing-id&vast_v=3.0&wta=1&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4002:825::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
24ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1455705248&t=event&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=IMAPluginLoaded&el=&_u=aHDAAEABEAAAACAUI~&jid=&gjid=&cid=1031612647.1688282021&tid=UA-4780630-1&_gid=1000806957.1688282021&gtm=45He36s0n71T728TH&cd1=1031612647.1688282021&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd10=0&cd20=no&cd22=0&cd23=0&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=0&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=&cd116=0&cd122=GTM%20video%20event%20To%20GA&cd123=https%3A%2F%2Fwww.walla.co.il%2F&cd124=&cd35=editorial&cd38=Live&cd39=Live&cd44=true&cd47=Live&cd49=&cd50=Live&cd72=true&z=2084520686

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 07:20:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 86018
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 04E8 0
20 B 60ms
60ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXgG5piOhZKn8MYun9u8P6p6vKAAAAAA4AeAEAg&bg=!NTalNmLNAAb90kgr3dI7ADkAdvg8Wvx74R32zkCsqcwRR5tNcsk4mekmLkRvpYrmekpLKWvJBTS0BjhIdEmwDgQ64yE5TKeIip0CAAAC8VIAAAACaAEHCgCTYMCi2niA5D011dF-ORXY6J70jiUtEDDpkpxxPgTmICBmgOz2QfcfZSuFKoderjctbkGzQZErGAzNJlrG-XFSkBstgluTW6O-MX2T83U-AtZilGXp7ekQnCirkH7fEPUoEwdLwt0ALFgShpnVRjbN9ERIuCxfw7xOMW2DEUKxu7fHgO1GYta5tSQvTvhNGArkbX-DmQLyYaQqvVLcLMs4aoigeqdd0S2Av9rdeZeKq99Y7ugbpf0_dChmC2g_Yu-tN585gQSMUAObtqLgzgcaUw67bMjR5nn0zx96R2G2eV_wTfv06GDfHaoo2HL1XJaMIEGKbvD1bQPe8rv6FCcJr_XLehGKIVahHnWe3DbmrRcqvdauhwFrIu9dD4T-BUdcwpKmm13S2_GplWaFp0aLL7vF483aW56L4G-7SlXGqBeNtQJu_P3V5RFuIOEHkNwm-tQuOJHHRgfmnHDdWkv988tIuya7AMmG8MAsfFMcaTb1ANJ4mFZNEnAIhQKLKoiUrxKkars0gU-iQNnwf3mOkfevtt8qjsnVH_r7PN6rpRjPrLPH9HEFhAesIsdC6uJeSjWGq58C_lpnvZvisBcC7cYMgZF9NKepAenTfoGwGDVegMOC0eIzOghq3Le1RFFSqZkCKvT1cK_3Kn2gIgrNN3j1_3VFgjF01lSQKlSJt9bpweV0mAuuIbkMFiw3AgpmIqLfvxs2m_Yspk_Oqx1-F65pZIjjIenutsgskd--my1rPkIKW1soLzctJOQb76DT3NYdjOp2-CaCaMuSrUy8KDvT-E_Wssn-SHEK6d4i-XTRAkgq09Q13rFwArpnoOHOXxkbvObV96a8hY4YdV8klFuwBvYro5tr9-bTmIWMPezWH5wyBPHe2YJgjhtu7JqFrnVfdza7m-SwndGMtZGXU-Uq41QTfG_FQ85pB2kY9BRt4hKkhZmQyFWHt6WbXmSMccKu6rZPNAA1HWf8lL-b0DmQr6nGtxwWhgyWFf6Y-6fLY03_lwQEEveNy2zo_nwtnHAtM2DqG1T4Udj9xeyCYaU-YE7Io4szZZuOhTCYPE5w_ChJD5wnUBVo6QQnl3QQED_wHKc9qfP0ILEq7oo9nrF-wwDmeiCElD_xBN8k9d5ayCS7TfG46icoG6B8sStwSi5Dyu3IV47bN3_zO4TvmerXWDCJewUFZaczmdwbMDg_nfxOy-ohKQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js Show response
pagead2.googlesyndication.com/bg/ Frame 11E8 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oBMhIGozJCmZhanrY2s6Nzm7GdNkvCqEaGjKud4M6yI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01321206a3324299985a9eb636b3a3739bb19d364bc2a846868cab9de0ceb22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 10:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 162276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14631
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Jun 2024 10:09:09 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EE06 43 B
215 B 118ms
118ms Image
image/gif 2600:1f18:1aca:4280:a825:de6:4efd:399e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=435ebc46-63b2-2d78-2296-19e0610f80c9&tv=%7Bc:hbWR9w,pingTime:1,time:2298,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D,%7Bpiv:99,vs:i,r:,t:1263%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1035,o:1263,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1257~0,0~75%5D,as:%5B1257~728.90%5D%7D%7D,%7Bsl:i,t:1263,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:99,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1035~75%5D,as:%5B1035~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:223,fm:tIPNjxS+11%7C12%7C13%7C14%7C15%7C16*.1484042-72188330%7C161%7C162%7C163%7C164%7C17%7C18%7C19%7C1a%7C1b%7C1c.1484042-72185571%7C1c1%7C1d1%7C1e.1484042-72188194%7C1e1%7C1f1%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:20,sis:679%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a825:de6:4efd:399e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 61B5 0
20 B 57ms
56ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8425659307067&version=m202301230201&ct=76&x=1&cor=12266748515599430000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 4F51 3 KB
3 KB 29ms
29ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=21368980&p=160447&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 569dea5cea0d90a16671b42f566e00a7a4ea657b802d6fe10a619c0f398f5bae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 02 Jul 2023 07:13:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame C907 31 KB
17 KB 170ms
70ms XHR
text/xml 142.250.13.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-B8eGU3VbDX8jqTEm2TDyb26bgx5IKMIFNmQeImRpQU7lG0BJLcbT-fa2t7wUllaqA-kYZX7QT2-ntH-7QCrN6RKsBZNQ&cry=1&dbm_d=AKAmf-B7alP8CbGvEYBe5mGKv8_WStHh8o-fKnh_sUyya6ASGr-e7JYLmdpTYL2RuTFSA4Q8jYWrI18xcwEEyXx5gTRytCQ0ktERNq18cMkTPRIt2h13oTFwy50wOEYhRFxS9uCIUInjR4SZW4NuH02FAoBCK-jK-1mF6JOJyn71Bd4P0AV0GPCsu8g4xnEhE3H67HWM-XNZIC_Gmf3LFyhbVfY4qkiB71Hp4q2VqaVdAiAKxJ2UFkKomTBzZrgK8kmU7bVM5DKQ8T1vRY2GMf4tSDE_cUxo5uTKY3yPxwl-9kNL8LvjYXoQZLmpDN5zhFyVZnlmTcwmNX3SxhuPruRMDWVaCl0WpaXZ6YIyvY7aEUs_C2cbd_2kex_PZXMdDseikQy6do67Z986WBxV30VGd4OLzUa9b9laaytoX913PzzSvWuWAB2ACTGzbo5ARjrwQkO9VurmB--fEzyymiyAQQLwS2YkbpJkYnX-u5Tdb4gX9qLcxzjQqbVrR1vTGO__1IB0LVaipmL-pZL_Xdek8YgajmobZkh9WAyfRssfMgBDeOpIQ_D3m2Alk48itBCMBZqk49_wuRbi_b7BEtg1B5DZvWFKPvn__JBQkteSyf_7vsWjkQcIjnHWgoFiJjMkxB0EqIekKPWayyR-WDfFWS2UrYSkgcDG5UIlD_4yHyDD1JFKjD0hE36qTyJP0jDUSmqR5DsOrOGGOQw1-USCx8XkRS1CGP9TKnp6mqtdJIOny_5cHT-PzNm_cT2P8FwI1Y93y5W-MQEGAO2hBfpwjpWoWtWbfsUeYtg6yE_FsAED1YKbOrvhwdo5Azmi2xAU9KNVZjFxxRihG8sgvcpOfHB-U01QF-c3ryvSX5P6u7rDZeRXprupd7-D1Ppir3TwnO6BEqlk4XK_v7enxo7KsqWNVgvc0ZVKpqqhQ55jk6oSuVj3hH3UZ6qfYryCs01pG3mN1UHQ4I_UPeCbJjPYhjmaDgmBPzo0XdMXRULbtj3cnyd-QGxIu5Dic6TPTbVkgkFylzKg2iWAqgyhonNNPKMFnsqxwe8YT-d5eYzsKru7p9hvAPfgLm5blm46AZaUT8HwuE1SVPe9RKejQ0Z909n9gzcEg1NUmB3H8M7T39YRrxg8-0Jra3fYUPVQgHVv9wxAvmmTjSUNElFjHAwZCGEsHZ3tKZwd1addG3CtC-kWNLV1JBGp_YQNwD-UZ214D1M6c_3UASv7ejTduw93VeuVHkc08QAQU1qYdkvBF5IV0b1c3A_feeuWlKcmsXRtJOLplCmsYHf0chrIzzszUfeoGvpMTpUTHkiNP6iF1gYH7LwTYRlQu7e-MunGmmjXuUGd_uJTmAPszbAoakjbTfWUNTiXdlcW-fanplUNLrNprcutfdmfA7ghLGRuOASRmwRH-EjILIEpRRQUaHTeWUsbpacXB1v-IdzuxsNybAIvjZniJkna_Ii1Gh8uNopPe0wOWax12mYh-7TKBxjeziKeieyEDSPCg4SHUYu4mVIbrCyV_IKSCUPLbpfrMjz07d3Cdfgnu-5vFCH5Tk6TnUaaW-ifIlCCga7rygExcAWeoaFvDvgQikP2qUG4kK4FFl14_uG_LguoA7qx5fc9oh_Hs9oTZAu5CGYni7rWmz8Xh4mpLVHlnHn5Hdfq-lAKCy5HdtPItdztscPdtfGPARDu3JPqrxnKpMvtdQN4ZFlfjmNj5tMdI8abl7Jf11uUUpaGqQXx9cIr6ZbibqJ4dO76M80UKavV45Kl2Mgn6yfYaMr78imhV5hYo-UFIrj4X2OjHgvXss7EvhhaUb5xga_OZ81RNToXEZFoqj7dgqwcHAMoBCz6IVMk6JeopkJlt32KlVnE6DQvuS57Df6EF02ShcpqipmOEVGVN1vMCHYw7LLfzOLulqm4c8U2q2BSYNpkN5gSbXjW5jkSPgwGM6YOHJuJUYqhBD0naNly1PCQstzeyzlHG2KwTyMgPGCZCC-6IbR5zPxxYyxIqPLFRlZxR-W_fEoxcWcAxnIxUL1jbL2LfsvmV3BcoUUXUQideYBE4U9D3rIaBYzfa5h9Qy9jd0eSWGvwMU5B1d-hXy8rBwq4yB3q4MeRuy-G1nYs5Xef6WgqYph3KMPxdF3Ig2pDuHyUk_30NAghvfmoKCEr_37myPOpcUGXfxcIdBlffrWCGAnh-uKEOR47-cHVJTvKIGnfy00DVcpIRLr3FfpejNDPOJmuRM3KHz0PNkMax_9D9H6U7CIhxJe4AotgTdXjSiLoZOc9trwsX0Qi41PQs4w5rKvCCaQkan4lvdW5HAmPjK1bUHDRCaJj5fVW7DObTwn6qAiQi2CkYpmSauFR3nNCgX6rzc-p6mDQmhvCwlVqPjfvT2s5YiYKqu8lU0qhWUR7usnws3WkiIckrk8gOarlumpU5cHB-lcXXCy_PgPXn4RA0GtYJjaIB_u8os9v4OH1Rtjc2UGdm-r-iCiJWLwXF7l5MDyYrPvfbV3hwvPht90P9q7_al2URs08MBANfI8kj_zhmLU2_QclZgnhtZgxNd2nqJRZhIGHM1AfpNx0RFaLF8eJskJ03EsDZF7YaQL4K2vW557aSVHBLw9N5fVgvrZVHy6VX0I6F-D3hVV1I6qV7V4PyzQOlbkPN-fZs3sBhMI-jJDmTdOgYibvFH0bxWAdccYV3qWbFVcW9S3J-Ht9psBS5EPnMKb1fBzTQ8IUOE67fZnXB5560zDg7RdYHFkluo7fLvlR_FM4unSePOwG6z7-5EIxy8BwBm7tR00g3xQHKNfWh7PYoxF9VWrhmI_udfIjtYr9eVgWmXE1jOdY1PCRwMH78guMi_h7IZCyCrMO13yWVf1Y_k8C5wPNDRS8rGVL-xY8ufihRMFxNIrym1uFMri_sjJ8Cg4oZ9YGZ0L1uwGIulM8jb2f1Z1U7LcEcesufJK88KB82COqd9HXZaphwFwA_ZltKyNxOuDQHktgy86m77GJm7gffzSne3z8wiO2spTzIZo3pEVj-ROcqwLa0bmOfkdzCjHfitZL7FRTqnx-JoFvSEsTfw9U927AD-zIBe4nPNcf5qpQOf7bzumd4ocSa1lxGhptZ6976W0KVCBOWotd7e1DF0m2k0baT9U-lCoC63q4cqnu1qdm3LZvhZiF4pyrsXr4FFZ5sdFkasXiNqzrykcIJfcT_v4R88vrk_a0nchjykv381ZNJtWPYhJNkfvtHAU7Epgi1v3LjYojQ7SxE6krESaRoT9UcqpDLn3arxLopBKtK7romJhfSl1fI_EVLBzABSudyugVRS-4i1s7R_BPBIncb0AilrY8apSIU-gH_ENDxh9elZC9617TGAETa1_3ryBjKV1SUra9hVAj6QZ7-s27-aL5-UOe-eZLAqpHI1SdC3DLrgyd64P4Qmq6sJjBAowaIIT1g6llOmohX0Ru56NlfRM6neK1hmTEOYc681JINQMTYDqUfSF7iv9JRR64doVOFSq-L9jdYgc4g-Etfjs0cSI&cid=CAQSOwBygQiDAUxeZNZG_dGIQeqEEkbJ17Bt43O25wG80TdIYbaml_hhh7jPLKzM3wFOSUZGt03mqNpKggKJGAE&vpa=click&vpmute=1&sdkv=h.3.578.0&osd=2&frm=1&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=3763514115&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&media_url=blob%3Ahttps%253a%2F%2Fwww.walla.co.il%2F94938c6b-bba7-4bba-b28c-c9f3809d3757&sid=50D227B1-CBB6-4593-A9FC-D2F989926EF9&a3p=EhsKDDMzYWNyb3NzLmNvbRix-8yrkTFIAFICCGQSGQoKdWlkYXBpLmNvbRix-8yrkTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGO7_zKuRMUgAUgIIahIcCg1jcndkY250cmwubmV0GLH7zKuRMUgAUgIIZBIZCgpwdWJjaWQub3JnGIH_zKuRMUgAUgIIahLCAQoIcnRiaG91c2USrAErQmNLMVMwa1VWc3Z4QWptOWtSc09Jc3RQUTdRV3RaZGtQeUFMQnZKR0Nnc3RUdlFZL01kRXhYY1UyamhKK2JXYzVlbnJ6Z2pYQUw4VVpJenZMUk9WSzNCbk5ERWVZVjJJc1lGZm90NlpMQmxvaXBndVBka3VYQmZINGIwN3J4NEl0RVFIQUZkUG45RHdCR2pLZ1l0RG1mZkhHdWhBY0RxRXVLT2xOb0tPY0U9GKCBzauRMUgAEh0KDmVzcC5jcml0ZW8uY29tGLH7zKuRMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lTbTQ1WlVob2JqQlVlWEZvYjJVcmMzQXpkMGRZZHowOUluMD0YoYLNq5ExSAA.&nel=0&eid=44731965%2C44752711%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&ref=https%3A%2F%2Fwww.walla.co.il%2F&url=https%3A%2F%2Fwww.walla.co.il%2F&dlt=1688282021080&idt=3224&dt=1688282025266&ged=ve4_td4_tt1_pd4_la4000_er1701.200.2048.816_vi0.0.1200.1600_vp0_ts0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.13.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

we-in-f156.1e100.net

Software

cafe /

Resource Hash

fb912bfa9c7bf8f6fe6a9e809befd80b18906b91cfdecf3960bec3417f57bbcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16922
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E74 0
20 B 57ms
56ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8594883970649&version=m202301230201&ct=76&x=1&cor=7629567881427154000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FF30 34 KB
10 KB 27ms
27ms Script
text/html 23.37.63.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-63-179.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4baa0bf22a0763a63d9c4529bb805acbd5e3d49566896d091fb2945c6d5daf91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 07:13:45 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 Jul 2023 19:35:48 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=44502
Connection: keep-alive
Content-Length: 10113
Expires: Sun, 02 Jul 2023 19:35:27 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1113 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2772372375619&version=m202301230201&ct=76&x=1&cor=4031263784859718700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 89ms
88ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230629-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Sun, 02 Jul 2023 07:13:45 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 1884
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-eddf8230098-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1688282025.363146,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 74
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 9158

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame C73E 48 KB
12 KB 36ms
35ms Script
application/javascript 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 408608
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
etag: W/"607873db-c1ce"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7e0516826e0b3a8e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5497 0
860 B 22ms
22ms Script
text/html 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Jul 2023 07:13:45 GMT
AN-X-Request-Uuid: 7c7fa28c-8b4b-4a80-8b1b-8a4ec1527e73
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B82 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3845014994173&version=m202301230201&ct=76&x=1&cor=15789368646106372000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 09BD 0
20 B 60ms
59ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGW5fpiOhZMjuNoaRjuwPk8-HmAcAAAAAOAHgBAI&bg=!HR6lHkrNAAb90kgr3dI7ADkAdvg8WgjBhlw_XEn2LYhOcxDWr9GufqmFhWGldeAVuKYiY4KUC7KnyuCQJ1cWg4ZQfMHx2HJ2nUcCAAACgVIAAAACaAEHCgB-o5TeyvMHdT0tsZONsm1-lrO77QfM7GPMQ0Cyn20WOZxFdY7cx5qYt4GfprwN7ap7Y8hrMgnrnCZ7x-QQw1RKqMKnDBEI0psP91Kbt3n86_jaMmrJG10TmOynQAvMszjNuwk_XsRtLDICZLU8ue_Yd-4IXw5dUhDMJc4tt59ymQMGQZqxK-_4qPGKfi2UdC16gvVWaq3jm6ljVlwOWsOVZ5uYX9rP6IiG7f3hIRCJUH3Ff-ZV1utgMRqfUsJYZqKFIS-SyuoHlEjYdzGKifoSDPUF1Y_0KbXBvfb4qX-muwTTBeqsBCIUj2sknQjw8g5kZCgI6y_gdJbafzva6T7cS9NsTdKmBS2FbuFGg9ZkzNsV6zd-CdUlgoBL0ywaaJlgdsa6sG4rQVVa0m-m_MV5veJOU_i7x7Bnl4hDCLRk0HDbo2CknnQzF0zY1MhYOnGkd7yXlyUFvSioaVgdn7056jpN_rxscGGtv7lxwiKaehhl-H08qzFyMBpgMV5JMSflGhuXms1yfEwd3gtAkeA9f0sgB0K2dhXgcVeJKPuMTGl45ci8Xfrz79bHCnq8yWE45h8cYTzibaH-Q5xYlPM8um-4l7YrUtILue41OOB0o9f0TeWmwn8G1MDKapnNgB2P-wXgegIprc1rkyjKQxOaSORcVYa2epjkZBOwdcV8wFRCQQBtp2fSMfeP-Hap5unDOvwvH1kS77We5u0yuxzJmyfZkkFL6nD73LrM4OHE6bTkMQlh2sGVgx0KUymBfanHi1Cqahf8EC9pJutIvlp1Nrh1fMfpu67VyZtlXMRg_kCIlSQz46-e4GRf7iqaF2lXh9a2jrE1v2UHjhOjC3PYSwmikcSKIl-ZJn6QmVdPwmJqfP_Y1-wu7jpqT3AJ3pnN8kw94X5kMQOG7V-RcIR4EfJEz9q0KxO3rHGnrN7szQqt95IZ4tLXAOYPMjYctEAoznWk-FJX-jhAR2g_IUDhlbyD8PWWIy4lpUa_05eyMLWLHM8UDevqcMW_z0F_yeVROP4ttDPecrncQMLH6nj4Zp_8qga5HOwiQoJwpkgU4_Wz99q1d1_1gHUSpdn_hqEyN35KaZyFke8qwDglK0hHwXfMmuJEukPBK02GX1KmeftIYJSiAqPg8gu58ybRayCxtSusOdKd3qm-04x10fPV0FYMfzRPasC9UxPs5_jCXWGs5o7OIIGo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD4A 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRGMKpiOhZOD4NZ7P7_UPmc2hwAsAAAAAOAHgBAI&bg=!7O-l77vNAAb90kgr3dI7ADkAdvg8WnITw-scXnjlrkZQh_aJm9lJdCJB4fLDtbXHlzwo7DtcsKDn56L4RxBsqoGZ9_G5GDoG1-oCAAAC3VIAAAACaAEHCgBVsys1m2f67tNtS88ToStB4qbMoYIspl_W8_0CxCiiZT2lrKcpw2McyZQ70mkKXArHeS9spvUFy4-TUeIkC40bOnU8o1aqwypTonetxBzoW7HZ8mWII5kC6-Q9gLsnshxlHfk7_7CaTwwXalTDkSJwg9CuDBA9nnaZXlzp5Ey351-25nZDkeFFUy7mJ3yEQ_lBxoA8v3-H4ffHYwBPS6UnB4Y-cQKf1kUogEXb5zicpmFBJpbB0UnCgPYSHaBhR044LRMzG3mLCGcCZTLRgxvReWYFrZt6rUjuywt4QJdJzLaByTw22m4WZi_p0hi7UKEOPt4cBCpAj1qVjxkkSwpzyqcpX8UMgwShO2pgiLYS9lQptezjXop_eHMBDjw56pzxisdox0Cr51YXgDxsD3m4SnyywsuIgkj4KjGuzg6yXrCp6qpuUvLBq1WigPnHZnIc5IdSXb1neszUDv3JETbnilp7fYeqAu9BsufeKr3ryJgIV6bIuuqqN8e5beeYIOdwMqmeDXUzfIpdjDHZFEoMC7WJquWxk0EK_CD3liLvaYEUDls-c1S7ld5hlyMEOf_6PAtyv9a7q2sWg80ZsM-mxdml0lo4W4aZLxFJ04a0ghq1-X1oBbzZhJFma5S81UGfBdHkxJrrr7d9WZ4hX5iAvWgsoZVafZgc-1fMhmQwgDUsL9-PFrWhQmRnM85Zo_OxQspX-5qj3o5ZeKgy85kqObHHT63AF4UNBsNn5DVVzuO1TtYVmVIscS-TW7tP8rmmZYz4JMt3YzOWHOB5itRXEbD9M7PoCxpzkzDAhGArrPZbaqKZEQ5bCzAbkon3lZ_PMFnNnk2xnCgPKaYc6MlPAgGPY2TsLv7n7SJgywsCFyUGrTW3JRzv5DyNuHSPd7X2ubHkIDOdq1UI-kQRKhJcSEOk8yoL4qAjnQaijrOwSzGqu08n-9RicuZQ1lxKzVZh_hyCu-V8dOskkJiVDEaUwHWrQjmznZV2fTZp-Ei8enBVAkSRpIe5xf2Ox1HvMzRLLoLAx6BdPRazfdUQa5SmwISPVWQToOj-sv5ritYQOVP24g9CTzMTYuX93paPJsd01s9j9mSbzkoarvg5zlvXTLfERw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 526D 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFYnwpiOhZN2PNquQjuwPtcKGmAkAAAAAOAHgBAI&bg=!fX6lfirNAAb90kgr3dI7ADkAdvg8WvqPGBDNZrXOVRpYBc3yXwlgpSXNvDTABSvCPn7eDJuikKMe1g5fyxamdWy6aJJonWCqZAkCAAAC0FIAAAADaAEHCgA0Yjl4skFsICwg5rcxBNmbA8T-hbvEbCHuaFHT3m-tJf1bWYZ-M2quGFa4mY6c7oeikQ2oBJkC34MGjC2VrLT_vFuwzQ3CkHGCn7XXchE858D89F7NjFyDtTpTtmya8uRM-Nw4YR3N97mrTawojuOd5qb2qgFXALverYKUBinaHAL_fOOFuXu3i7WrfkBmUK6ZYzFSN5g65AkWuSZv-WXJgmkJM6bkLX_Zfbloo41ZH-DHMs68CeK99Tq99K9VuWv0IaqeiEere8xeOtkhJdRM8kcsat0i4l_9sKUTaRC4deDbGqEpdaWt0_XUGP_AGlB0LQTCbtOTDU_cK6sNeYjzG27VS2p3tSJD5vhMPmnMtVWDccNfOk13TZztWslus5SgHAP2AslQNs2lI3a_BnKdKnY3U7G0zjifus6mpjhtHaVOOEdbzPRrWVknO758GivuMe6oNpZsvZwhUHQ2niLFN-f5sKkdnzfQ2F6vDgnQxGIcTw161MXcwtstewmEeLAb3hugL58-Pbjyn3vs2UAp-QOC3Gp-ORmg9-0qNwysbsuXx4FkE-6pNrcNQ0guUO_aRUWqIgr5aCKVpm3xKBrAbQLNt0DQ44yrN-X5HeV6FiDvtiTnKnOQYCJfhrVsxa_J-WfESxXinuGZhX4PmRd_atjP2JNJ3ArL11m_r2id4aG2_1Bif-_XoeG55DNtSp-zX64tv6duvcnzk3BdRKM9XGz1ttUDqRf5zgukN6T0ZprX6mGON1m-Y1VrXqxeiykvkCMH13-iCLY9s66TIZz66yyUDVZ6v8cCY2uwR7-m_gXSAZiUwHTo3XWAt7fOfrfhvFAXfxwthy0bgkfFnn8kdcplJJBW5EGrNjMpTZh50NAej1swnWu9X5a4FOCqPnfedRaEEmtSyvr_xHcyk-JXo-DdRVtyRGFEy29VAaxbgJQMSjdGuHxp_d7Ifd3-6kXU64ESCl18JXmv1lL_eul-Ma1ZPR80q3v69V9rSCP3Ae-5txU8YJ2Sx2cd2dYdCPWEdKEMNPClQQTMzkZjt91IEZCizC1trg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C907 0
54 B 1076ms
524ms Ping
image/gif 2404:6800:4002:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ljl3izsd&c=1826126223231&slotId=913063111615.5&ghmsh_eids=44731965%2C44752711%2C44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4002:825::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img Show response
sync.mathtag.com/sync/ Frame 8995 43 B
443 B 34ms
34ms Document
image/gif 185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master zrh zrh-pixel-x13 config_version:"1524" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 02 Jul 2023 07:13:45 GMT
Expires: Sun, 02 Jul 2023 07:13:44 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 1031 59fd23a master zrh zrh-pixel-x13 config_version:"1524"

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame BA0C
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8128439130400774114

42 B
275 B

29ms
28ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8128439130400774114
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 02 Jul 2023 07:13:43 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8128439130400774114
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame D067
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
245 B

93ms
32ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 02 Jul 2023 07:13:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 07:13:44 GMT
expires: Sun, 02 Jul 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 666863
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 134C
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329526443594606

42 B
195 B

29ms
28ms

Document
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329526443594606
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 02 Jul 2023 07:13:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Sun, 02 Jul 2023 07:13:45 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329526443594606
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 45EC
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=23C42866-5253-4BCF-8F19-FEA53376B12F&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=23C42866-5253-4BCF-8F19-FEA53376B12F&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

266ms
219ms

Document
image/gif

67.220.226.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=23C42866-5253-4BCF-8F19-FEA53376B12F&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 02 Jul 2023 07:13:45 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: QB3VT944M64A6NZTGEKV

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sun, 02 Jul 2023 07:13:45 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=23C42866-5253-4BCF-8F19-FEA53376B12F&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: XPSTAANK30R1858H077Z

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4F51
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=I8QoZlJTS8-PGf6lM3axLw%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

24ms
24ms

Image
text/html

184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:45 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=135172
accept-ranges: bytes
content-length: 5554
expires: Mon, 03 Jul 2023 20:46:37 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 4F51 49 B
265 B 142ms
44ms Image
image/gif 52.215.144.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=23C42866-5253-4BCF-8F19-FEA53376B12F&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.144.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-144-240.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.21.74
content-length: 49
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 4F51
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3194800787
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=23C42866-5253-4BCF-8F19-FEA53376B12F

0
284 B

84ms
31ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=23C42866-5253-4BCF-8F19-FEA53376B12F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:44 GMT
via: 1.1 google
last-modified: Sun, 02 Jul 2023 07:13:45 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=23C42866-5253-4BCF-8F19-FEA53376B12F
date: Sun, 02 Jul 2023 07:13:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200

p
a.audrte.com/ Frame 4F51
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=23C42866-5253-4BCF-8F19-FEA53376B12F
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NWlsVzdCbTlON0NUVlNZWVRNU2VhblJjdw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=342713563282871321&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

118ms
118ms

Image
image/png

52.72.63.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: HTTP/1.1
Server: 52.72.63.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-63-169.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 07:13:46 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Sun, 02 Jul 2023 07:13:46 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 4F51
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjNDNDI4NjYtNTI1My00QkNGLThGMTktRkVBNTMzNzZCMTJG&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
245 B

86ms
28ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 02 Jul 2023 07:13:44 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 4F51
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENXBma7mvhtjK3REBkSUiBo&google_cver=1

42 B
378 B

86ms
29ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENXBma7mvhtjK3REBkSUiBo&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 02 Jul 2023 07:13:44 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENXBma7mvhtjK3REBkSUiBo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 4F51 43 B
609 B 105ms
31ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:45 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 01 Jul 2023 07:13:45 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 4F51
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=342713563282871321

42 B
319 B

30ms
30ms

Image
image/gif

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=342713563282871321
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 02 Jul 2023 07:13:44 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=342713563282871321
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4F51 70 B
264 B 46ms
45ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H2 204 csi
csi.gstatic.com/ Frame C907 0
234 B 1045ms
513ms Ping
image/gif 2404:6800:4002:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~ljl3j01u&c=1826126223231&slotId=913063111615.5&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4002:825::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C907 0
0 55ms
55ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=802999608&message=vl&sdkv=h.3.578.0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C907 0
54 B 1052ms
524ms Ping
image/gif 2404:6800:4002:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~ljl3j02f&c=1826126223231&slotId=913063111615.5&qqid=CNLT99K87_8CFXuK_QcdNckN7Q&fb=ima_html5-lima&sdkv=h.3.578.0&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=1&itv=1&faa=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4002:825::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C907 0
0 55ms
55ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=omid_integration_debug&corr=802999608&message=omo&sdkv=h.3.578.0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/interaction/ Frame C907 42 B
65 B 103ms
59ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHOhFqCOhZNLfLvuU9u8PtZK36A7NpMWSb7-p1aSbEP_1kOPXAhABIJmjzypglbL4gZQHoAHIx7XyAsgBBagDAcgDE5gEAKoEgQJP0PNP131QBqZar58AA4oPwPEZbimWrhLmMVY9tPuAlpg4tsMsknnQg7f2RsjoHNPU4nXCg4KXh_T6WeuHq2FQ8Ag_-b4wM_YEff_UHB6MdTtA3Y1mUle_lzmaoTLATQiuYfs08Ghw9v4RPLU9TIkVbMNBpbdvpTPoMlg46layAeF-orcZX4BBw2SpbB0rWlpupmEDiBelJpgogNoNagcWpsB7PUiZNh0FbztSmXYlprNGMlrNwd5BEBW5Z36d77eq46sO2WYutOM97gR0byKvoyjJLWytV2CIOsPfk9lFG-tKXhnfwMWsL9mEa9nkL0RRogjijXj55TZoBkHvDBudI8AEvsHTyI0E4AQDkAYBoAZOgAeguMqNAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOirNkR0BMA2BMNiBQH2BQB0BUB-BYBgBcB&sigh=fV9Z1Wlf-T0&label=vmap_ad_break_start&sdkv=h.3.578.0&vci=[CREATIVE_PLAYBACK]

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C907 42 B
64 B 61ms
60ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHOhFqCOhZNLfLvuU9u8PtZK36A7NpMWSb7-p1aSbEP_1kOPXAhABIJmjzypglbL4gZQHoAHIx7XyAsgBBagDAcgDE5gEAKoEgQJP0PNP131QBqZar58AA4oPwPEZbimWrhLmMVY9tPuAlpg4tsMsknnQg7f2RsjoHNPU4nXCg4KXh_T6WeuHq2FQ8Ag_-b4wM_YEff_UHB6MdTtA3Y1mUle_lzmaoTLATQiuYfs08Ghw9v4RPLU9TIkVbMNBpbdvpTPoMlg46layAeF-orcZX4BBw2SpbB0rWlpupmEDiBelJpgogNoNagcWpsB7PUiZNh0FbztSmXYlprNGMlrNwd5BEBW5Z36d77eq46sO2WYutOM97gR0byKvoyjJLWytV2CIOsPfk9lFG-tKXhnfwMWsL9mEa9nkL0RRogjijXj55TZoBkHvDBudI8AEvsHTyI0E4AQDkAYBoAZOgAeguMqNAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOirNkR0BMA2BMNiBQH2BQB0BUB-BYBgBcB&sigh=fV9Z1Wlf-T0&label=show_ad&sdkv=h.3.578.0&vci=CiEIAhoLQWRTZW5zZS9BZFggAyoMNjE1OTE5ODM5MDIyQAAKbQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSADKgk1MzQ5NzU1NjMyCTE3NTk0Mjg2N0DjAVIyCOAGEA8lAADwQSgBOgd1bmtub3duQgd1bmtub3duUABaEHVRN0YxaWpRWTFUeURsYUoYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
pubads.g.doubleclick.net/pagead/ Frame C907 0
0 65ms
63ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CV4mQqCOhZNLfLvuU9u8PtZK36A7NpMWSb7-p1aSbEP_1kOPXAhABIJmjzypglbL4gZQHoAHIx7XyAsgBBagDAZgEAKoE_gFP0PNP131QBqZar58AA4oPwPEZbimWrhLmMVY9tPuAlpg4tsMsknnQg7f2RsjoHNPU4nXCg4KXh_T6WeuHq2FQ8Ag_-b4wM_YEff_UHB6MdTtA3Y1mUle_lzmaoTLATQiuYfs08Ghw9v4RPLU9TIkVbMNBpbdvpTPoMlg46layAeF-orcZX4BBw2SpbB0rWlpupmEDiBelJpgogNoNagcWpsB7PUiZNh0FbztSmXYlprNGMlrNwd5BEBW5Z37F7gXA64Hu6_SdKAFUU-YE7KDAE6r6z8H4tuWVGsljmfBds3nQMal_B-yCNy1D3owFoOV7jhBTJIKQWCGv2ZK7gsAEvsHTyI0E4AQDiAWKuaihQ5IFBggDEAIYAZIFBggbEAEYAZIFCggiEAMYA0iTlnaSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB6C4yo0BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQ5ogwGNCyidEB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAbAToqzZEcgTksiqCdATANgTDYgUB9gUAdAVAYAXAbIXHgocCAASFHB1Yi03NjI3NjUwMDg2ODk1NTkwGPHmEw&sigh=DsIzhuw7D0Y&cmd=Ch1jYS12aWRlby1wdWItNDQ5MTY1OTQ5NjM3MjE3MhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&cid=CAQSOwBygQiDAUxeZNZG_dGIQeqEEkbJ17Bt43O25wG80TdIYbaml_hhh7jPLKzM3wFOSUZGt03mqNpKggKJGAE&vt=10&sdkv=h.3.578.0&vci=CiEIAhoLQWRTZW5zZS9BZFggAyoMNjE1OTE5ODM5MDIyQAAKbQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSADKgk1MzQ5NzU1NjMyCTE3NTk0Mjg2N0DjAVIyCOAGEA8lAADwQSgBOgd1bmtub3duQgd1bmtub3duUABaEHVRN0YxaWpRWTFUeURsYUoYAQ..
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame C0EC 0
54 B 1016ms
523ms Ping
image/gif 2404:6800:4002:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ljl3iys4&c=1826126223231&slotId=913063111615.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4002:825::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
pips.taboola.com/ 64 B
245 B 66ms
20ms XHR
text/plain 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 31cfd7591705daef22476653b445634a12407c23426dc464ec0ef90c1d0b4f32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230036-FRA
date: Sun, 02 Jul 2023 07:13:45 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.walla.co.il
cache-control: no-store
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H/1.1

206
Partial Content

29
r3---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame C0EC
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r3---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,ita...

3 MB
0

112ms
24ms

Media
video/mp4

2a00:1450:4001:3c::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/13F243918610146119CD8B82D162C5410BE3F895.24E3250854696A2C13414715521CF9BE6B5C85A9/key/cms1/cms_redirect/yes/mh/FW/mip/2001:1b60:1010:2:1011:bebd:fd3f:e24e/mm/42/mn/sn-4g5e6nzl/ms/onc/mt/1688281133/mv/u/mvi/3/pl/29?cpn=uQ7F1ijQY1TyDlaJ&file=file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:3c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 07:13:45 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Aug 2022 08:21:41 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-3976059/3976060
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 3976060
Expires: Sun, 02 Jul 2023 07:13:45 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-4g5e6nzl.c.2mdn.net/videoplayback/id/cf841da30618bb53/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3804568057/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/13F243918610146119CD8B82D162C5410BE3F895.24E3250854696A2C13414715521CF9BE6B5C85A9/key/cms1/cms_redirect/yes/mh/FW/mip/2001:1b60:1010:2:1011:bebd:fd3f:e24e/mm/42/mn/sn-4g5e6nzl/ms/onc/mt/1688281133/mv/u/mvi/3/pl/29?cpn=uQ7F1ijQY1TyDlaJ&file=file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 691
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame C182 0
703 B 37ms
37ms Document
text/html 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7e051683df943a8e-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Jul 2023 07:13:45 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 7D0E 0
0 23ms
21ms Document
text/plain 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FF30
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGE5NjI1ZDE4OTM0MDFhN2UzY2Q2N2E4OTljODk3YjNlYTAxNWQzNA

170 B
188 B

32ms
32ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGE5NjI1ZDE4OTM0MDFhN2UzY2Q2N2E4OTljODk3YjNlYTAxNWQzNA

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGE5NjI1ZDE4OTM0MDFhN2UzY2Q2N2E4OTljODk3YjNlYTAxNWQzNA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame FF30
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/jquhkavjzBuKjrp3xEERmsn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-CCpy_OFE2oIBb3Z5IYgEnRCA4kFGtuNWLKGHjg--~A

0
239 B

24ms
24ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-CCpy_OFE2oIBb3Z5IYgEnRCA4kFGtuNWLKGHjg--~A
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sun, 02 Jul 2023 07:13:45 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-CCpy_OFE2oIBb3Z5IYgEnRCA4kFGtuNWLKGHjg--~A
content-length: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame FF30
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJL3IX5W-1M-5CW9

0
647 B

251ms
203ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJL3IX5W-1M-5CW9
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:45 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: E55D31559A70491E94E0827C230207C7 Ref B: FRAEDGE1422 Ref C: 2023-07-02T07:13:45Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX/e8pt/p6ieP+nCxBT0Q==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJL3IX5W-1M-5CW9
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FF30
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEpMM0lYNVctMU0tNUNXOQ==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELL6DAy_XoP9P2SyQlKKWwU&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpMM0lYNVctMU0tNUNXOQ==&google_push=

170 B
188 B

31ms
31ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpMM0lYNVctMU0tNUNXOQ==&google_push=

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpMM0lYNVctMU0tNUNXOQ==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
Expires: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame FF30
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-AjIX16USe2BzrDMEgDiCw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=-AjIX16USe2BzrDMEgDiCw

43 B
479 B

53ms
52ms

Image
image/gif

67.220.226.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=-AjIX16USe2BzrDMEgDiCw

Protocol

HTTP/1.1

Server

67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Jul 2023 07:13:46 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TX1GERRX19CMJXDQ0H5N
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=-AjIX16USe2BzrDMEgDiCw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame FF30
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMgPkZ8uMMU-uIWM1A8YyqI&google_cver=1

0
239 B

25ms
25ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMgPkZ8uMMU-uIWM1A8YyqI&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMgPkZ8uMMU-uIWM1A8YyqI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame FF30 70 B
264 B 46ms
44ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame FF30
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=-NLLaWTbSY-502KC2oECPw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-NLLaWTbSY-502KC2oECPw

43 B
479 B

117ms
117ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-NLLaWTbSY-502KC2oECPw

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Jul 2023 07:13:46 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RXTD9BFN6MJAC33NENQ7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=-NLLaWTbSY-502KC2oECPw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 346ms
109ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=9af37b36-c2b1-41c0-8a87-44c9c69b14f0-tuctb9aa926&uad=4e64ec60100a7df3d2892fb7edc432fc5f5abdcd745e2f6d2f821b997ffeb66c&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 02 Jul 2023 07:13:45 GMT
cache-control: no-store
server: nginx

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame ACD6 0
0 189ms
189ms Document
text/plain 63.251.14.14
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.14.14 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS: 14.14.251.63.unassigned.ord.singlehop.net
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Sun, 02 Jul 2023 07:13:45 GMT
X-Sovrn-Pod: ad_ap1sea1

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 11E8 0
10 B 22ms
22ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bUq6Sw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:13:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

/ Show response
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame BC51
Redirect Chain

https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F

95 B
241 B

31ms
31ms

Document
image/png

157.90.211.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.90.211.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.246.211.90.157.clients.your-server.de
Software: nginx/1.14.1 / PHP/8.2.4
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: image/png
date: Sun, 02 Jul 2023 07:13:43 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx/1.14.1
x-powered-by: PHP/8.2.4

Redirect headers

content-type: text/html; charset=UTF-8
date: Sun, 02 Jul 2023 07:13:43 GMT
location: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server: nginx/1.14.1
x-powered-by: PHP/8.2.4

GET
H/1.1 204
No Content smwt256.gif
us.ck-ie.com/ Frame 0A65 0
0 105ms
105ms Document
text/plain 8.2.108.194
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Sun, 02 Jul 2023 07:13:45 GMT
Server: nginx

GET
H2

200

342713563282871321 Show response
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 1F7E
Redirect Chain

https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
https://csync.smilewanted.com/set_partner_userid_get/adform/342713563282871321

0
512 B

35ms
35ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/adform/342713563282871321
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7e051685593c3a8e-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Jul 2023 07:13:45 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-length: 0
content-type: text/plain
date: Sun, 02 Jul 2023 07:13:45 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/adform/342713563282871321
server: nginx

GET
H2 204 v1
match.sharethrough.com/universal/ Frame CC53 0
0 27ms
25ms Document
text/plain 18.192.138.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.138.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-138-207.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Sun, 02 Jul 2023 07:13:45 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 61B5 43 B
215 B 115ms
114ms Image
image/gif 2600:1f18:1aca:4280:a825:de6:4efd:399e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=e824cd45-8a73-f634-68d0-8945ed0119ca&tv=%7Bc:hbWRkJ,pingTime:1,time:2555,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:44%7D,%7Br:r,w:160,h:600,t:210%7D,%7Bpiv:100,vs:i,r:,t:1541%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1014,o:1541,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:43,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1536~0,1~100%5D,as:%5B205~0.0,1332~160.600%5D%7D%7D,%7Bsl:i,t:1541,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1013~100%5D,as:%5B1013~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:225,fm:tIPNjxS+11%7C12%7C13%7C14%7C15%7C16.1484042-72188330%7C161%7C162%7C1631%7C164%7C165%7C17%7C18%7C19%7C1a%7C1b%7C1c*.1484042-72185571%7C1c1%7C1c2%7C1d1%7C1d2%7C1e.1484042-72188194%7C1e1%7C1e2%7C1f1%7C1f2%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1c*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:45,sis:602%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a825:de6:4efd:399e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 61B5 43 B
215 B 114ms
114ms Image
image/gif 2600:1f18:1aca:4280:a825:de6:4efd:399e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=e824cd45-8a73-f634-68d0-8945ed0119ca&tv=%7Bc:hbWRkK,pingTime:1,time:2556,type:c,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:44%7D,%7Br:r,w:160,h:600,t:210%7D,%7Bpiv:100,vs:i,r:,t:1541%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1015,o:1541,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:43,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1536~0,1~100%5D,as:%5B205~0.0,1332~160.600%5D%7D%7D,%7Bsl:i,t:1541,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1014~100%5D,as:%5B1014~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:225,fm:tIPNjxS+11%7C12%7C13%7C14%7C15%7C16.1484042-72188330%7C161%7C162%7C1631%7C164%7C165%7C17%7C18%7C19%7C1a%7C1b%7C1c*.1484042-72185571%7C1c1%7C1c2%7C1d1%7C1d2%7C1e.1484042-72188194%7C1e1%7C1e2%7C1f1%7C1f2%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1c*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:45,sis:602,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a825:de6:4efd:399e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C907 42 B
64 B 69ms
69ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHOhFqCOhZNLfLvuU9u8PtZK36A7NpMWSb7-p1aSbEP_1kOPXAhABIJmjzypglbL4gZQHoAHIx7XyAsgBBagDAcgDE5gEAKoEgQJP0PNP131QBqZar58AA4oPwPEZbimWrhLmMVY9tPuAlpg4tsMsknnQg7f2RsjoHNPU4nXCg4KXh_T6WeuHq2FQ8Ag_-b4wM_YEff_UHB6MdTtA3Y1mUle_lzmaoTLATQiuYfs08Ghw9v4RPLU9TIkVbMNBpbdvpTPoMlg46layAeF-orcZX4BBw2SpbB0rWlpupmEDiBelJpgogNoNagcWpsB7PUiZNh0FbztSmXYlprNGMlrNwd5BEBW5Z36d77eq46sO2WYutOM97gR0byKvoyjJLWytV2CIOsPfk9lFG-tKXhnfwMWsL9mEa9nkL0RRogjijXj55TZoBkHvDBudI8AEvsHTyI0E4AQDkAYBoAZOgAeguMqNAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOirNkR0BMA2BMNiBQH2BQB0BUB-BYBgBcB&sigh=fV9Z1Wlf-T0&label=video_ad_loaded&sdkv=h.3.578.0&vci=CiEIAhoLQWRTZW5zZS9BZFggAyoMNjE1OTE5ODM5MDIyQAAKbQgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSADKgk1MzQ5NzU1NjMyCTE3NTk0Mjg2N0DjAVIyCOAGEA8lAADwQSgBOgd1bmtub3duQgd1bmtub3duUABaEHVRN0YxaWpRWTFUeURsYUoYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content smw888.gif
us.ck-ie.com/ Frame A390 0
0 106ms
106ms Document
text/plain 8.2.108.194
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Sun, 02 Jul 2023 07:13:45 GMT
Server: nginx

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame C907 41 KB
15 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 21:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 380386
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 21:33:59 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C907 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C907 0
28 B 171ms
69ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuxyBrrqPGhDeuSDq2GVpfTy8sKb-e0kK4PYqxt4pMPmPDx4Ua4ACZJhNByZhDcTnZ2ESHKT0d6tKmjsfSOr5DBosDsvFCXW3NIEKmB1V42PhCd4EOKeNHYJmCP58LJBiGweOtVZeWwTkE-oR2UwJ-XV3Wa_mTG2DD1kD8kCIwFW0bpSp95CXUqYYOo8OfTsRNtfYZYbRQIfwOOo904Is_xndLbuYqhUeNIHkZPtZpTni73cDeprvXJVFM-R8P-bZ1uLHRMtn2C7pHRr39A9KuSbsn7Gi0-OQVYPr-tDrCljUtB3rVkizU8CoG4CnNnvh-bVJ6qsOtBEpNWdaP9ief4zITO6RNnoK72ht9J7zQHOAX_xCs2cCaRWAsfB55jnO0lal5huNAY1TrjA5ik0bSe1s0xVPEMiZbjoB6pvU5ymbLLE06OXDhlpR1-7YIXWAGJgHNVVee8FosHd1K0wl1dOF76tdmouOyWVVSEOYIAE_f_Jz36tGH4kx2W3dzwDqGvArlD0_HdXDYK_8irZp-v1GcMBweDCHx86-AEt57aPHTWPohu42dpExiNTfu_wJmTQjT1gQjAkEr1X676U49So1ZACEC4UDGH0155hIpwoS5_n7ux4-dMgbG01d6_T73KlAavMH1Q4SP95VWEAgpT3oX8hZPnT4bbLR8hw9DUK13DSM1uyAQMtQinGq3En4yt6sKGJCraqzmJXrL2QHtcOlomzR-d35YWRkcOuv07PIhCWRcOHbYuFrLXJ0BLO-VD8AtV-oxcB4Wapka5rLTkdc8OdggGOhjBbIsHGfN1lWVMAjzLhwBDfuDHL5CcekZWVgDDsBk4WzidGz9nG9tRgj2JzBn5GzJLwMphPAikCp4q4bFRCbxCYVQN2ZGyQTpiFUKQa8YGPnS1MxAeDb3RbzP0AenW3dl03IUqlFjk_l3kMQiiKDEjMZX_aQudyV7jbpjVVO8B4KZlru4dfBqrd1XbdcnAj2VNQswETtvTZwSONmTZXdB4uYMxyawXAJC3vR73UzvdfRo8pd9wjkJ9eqKeZ4ODP9NSLFY-QbUVSOtNaYhnys_0unoZK81EdHnff6XPt7M7C9lyf_6WM1aIAAQSsUiKNy6W85_-rf0m4KOmUUY8lZmemhUnwkLAVNmOfpfwYke_SFYN3lvfgj-Uops0XT5vlNj8FlE2Z7dW_Fgp80kf3jwpt6ykhqQgllvaxonbfV967TdFMiIYt3luO9tUxm69qeof3BK_t58&sai=AMfl-YTlbX7ukP7KH5ZvGmEmDDWwKKztkHEzWB7rDh5NR2WfCUarTAxxVKbmzwCru2oAXtOO5yPXc696hmO_FUFRrEx2TrAAHDRoy1aH5DS0yACgfRAgdv1LcrQstQVA57pQCjnwJqcbvq__HiK4f8h9_R3awlYg3r_CQ791LER6O_6cESoaWbR3NlGnzsZqih1Cn4hVUUvJR2nERieKmMPxczoziWjlqV9L-eIF6eKAyWisO7DeHL9Wip8r7dMmPSLigyU1&sig=Cg0ArKJSzGmBVpy3XnRzEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.578.0&adurl=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 02 Jul 2023 07:13:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame C907 0
0 64ms
62ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjQsonRASABMAE&v=APEucNU2YzkG_zWU4N9wpc9eZSSD0pRyqkIcGZHEB50_QoOke3sDXwPNypo948ihL-lCxnMz7PZD1FvMHaoyDTeKRZwMbBaJqg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C907 42 B
64 B 64ms
62ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHOhFqCOhZNLfLvuU9u8PtZK36A7NpMWSb7-p1aSbEP_1kOPXAhABIJmjzypglbL4gZQHoAHIx7XyAsgBBagDAcgDE5gEAKoEgQJP0PNP131QBqZar58AA4oPwPEZbimWrhLmMVY9tPuAlpg4tsMsknnQg7f2RsjoHNPU4nXCg4KXh_T6WeuHq2FQ8Ag_-b4wM_YEff_UHB6MdTtA3Y1mUle_lzmaoTLATQiuYfs08Ghw9v4RPLU9TIkVbMNBpbdvpTPoMlg46layAeF-orcZX4BBw2SpbB0rWlpupmEDiBelJpgogNoNagcWpsB7PUiZNh0FbztSmXYlprNGMlrNwd5BEBW5Z36d77eq46sO2WYutOM97gR0byKvoyjJLWytV2CIOsPfk9lFG-tKXhnfwMWsL9mEa9nkL0RRogjijXj55TZoBkHvDBudI8AEvsHTyI0E4AQDkAYBoAZOgAeguMqNAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOirNkR0BMA2BMNiBQH2BQB0BUB-BYBgBcB&sigh=fV9Z1Wlf-T0&label=vast_creativeview&ad_mt=0&sdkv=h.3.578.0&vci=CiEIAhoLQWRTZW5zZS9BZFggAyoMNjE1OTE5ODM5MDIyQAAKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSADKgk1MzQ5NzU1NjMyCTE3NTk0Mjg2N0DjAVI1COAGEA8lAADwQSgBOgd1bmtub3duQgd1bmtub3duSPwCUABaEHVRN0YxaWpRWTFUeURsYUoYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI2e-d07zv_wIVs0cdCR1ZLgiLEAAYACDT2fJTQhMI0tP30rzv_wIVe4r9Bx01yQ3t;met=1;ecn1=1;etm1=0;eid1=11;
ade.googlesyndication.com/ddm/activity/ Frame C907 42 B
107 B 144ms
59ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2e-d07zv_wIVs0cdCR1ZLgiLEAAYACDT2fJTQhMI0tP30rzv_wIVe4r9Bx01yQ3t;met=1;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C907 42 B
64 B 62ms
60ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHOhFqCOhZNLfLvuU9u8PtZK36A7NpMWSb7-p1aSbEP_1kOPXAhABIJmjzypglbL4gZQHoAHIx7XyAsgBBagDAcgDE5gEAKoEgQJP0PNP131QBqZar58AA4oPwPEZbimWrhLmMVY9tPuAlpg4tsMsknnQg7f2RsjoHNPU4nXCg4KXh_T6WeuHq2FQ8Ag_-b4wM_YEff_UHB6MdTtA3Y1mUle_lzmaoTLATQiuYfs08Ghw9v4RPLU9TIkVbMNBpbdvpTPoMlg46layAeF-orcZX4BBw2SpbB0rWlpupmEDiBelJpgogNoNagcWpsB7PUiZNh0FbztSmXYlprNGMlrNwd5BEBW5Z36d77eq46sO2WYutOM97gR0byKvoyjJLWytV2CIOsPfk9lFG-tKXhnfwMWsL9mEa9nkL0RRogjijXj55TZoBkHvDBudI8AEvsHTyI0E4AQDkAYBoAZOgAeguMqNAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOirNkR0BMA2BMNiBQH2BQB0BUB-BYBgBcB&sigh=fV9Z1Wlf-T0&label=part2viewed&ad_mt=0&sdkv=h.3.578.0&vci=CiEIAhoLQWRTZW5zZS9BZFggAyoMNjE1OTE5ODM5MDIyQAAKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSADKgk1MzQ5NzU1NjMyCTE3NTk0Mjg2N0DjAVI1COAGEA8lAADwQSgBOgd1bmtub3duQgd1bmtub3duSPwCUABaEHVRN0YxaWpRWTFUeURsYUoYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI2e-d07zv_wIVs0cdCR1ZLgiLEAAYACDT2fJTQhMI0tP30rzv_wIVe4r9Bx01yQ3t;met=1;ecn1=1;etm1=0;eid1=16;
ade.googlesyndication.com/ddm/activity/ Frame C907 42 B
401 B 144ms
58ms Image
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2e-d07zv_wIVs0cdCR1ZLgiLEAAYACDT2fJTQhMI0tP30rzv_wIVe4r9Bx01yQ3t;met=1;ecn1=1;etm1=0;eid1=16;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C907 42 B
64 B 63ms
61ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHOhFqCOhZNLfLvuU9u8PtZK36A7NpMWSb7-p1aSbEP_1kOPXAhABIJmjzypglbL4gZQHoAHIx7XyAsgBBagDAcgDE5gEAKoEgQJP0PNP131QBqZar58AA4oPwPEZbimWrhLmMVY9tPuAlpg4tsMsknnQg7f2RsjoHNPU4nXCg4KXh_T6WeuHq2FQ8Ag_-b4wM_YEff_UHB6MdTtA3Y1mUle_lzmaoTLATQiuYfs08Ghw9v4RPLU9TIkVbMNBpbdvpTPoMlg46layAeF-orcZX4BBw2SpbB0rWlpupmEDiBelJpgogNoNagcWpsB7PUiZNh0FbztSmXYlprNGMlrNwd5BEBW5Z36d77eq46sO2WYutOM97gR0byKvoyjJLWytV2CIOsPfk9lFG-tKXhnfwMWsL9mEa9nkL0RRogjijXj55TZoBkHvDBudI8AEvsHTyI0E4AQDkAYBoAZOgAeguMqNAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOirNkR0BMA2BMNiBQH2BQB0BUB-BYBgBcB&sigh=fV9Z1Wlf-T0&label=admute&ad_mt=0&sdkv=h.3.578.0&vci=CiEIAhoLQWRTZW5zZS9BZFggAyoMNjE1OTE5ODM5MDIyQAAKcAgBEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSADKgk1MzQ5NzU1NjMyCTE3NTk0Mjg2N0DjAVI1COAGEA8lAADwQSgBOgd1bmtub3duQgd1bmtub3duSPwCUABaEHVRN0YxaWpRWTFUeURsYUoYAQ..

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

0I2Yh6qkmdQnYUqspaUe Show response
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 3C31
Redirect Chain

https://creativecdn.com/cm-notify?pi=smilewanted
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/0I2Yh6qkmdQnYUqspaUe?pi=smilewanted&tc=1

0
580 B

37ms
37ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/0I2Yh6qkmdQnYUqspaUe?pi=smilewanted&tc=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7e0516869a8b3a8e-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Jul 2023 07:13:46 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Sun, 02 Jul 2023 07:13:45 GMT Sun, 02 Jul 2023 07:13:45 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/0I2Yh6qkmdQnYUqspaUe?pi=smilewanted&tc=1
pragma: no-cache

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame F293 23 KB
8 KB 23ms
23ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 79768
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 01 Jul 2023 09:04:17 GMT
expires: Sun, 30 Jun 2024 09:04:17 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

setuid Show response
ib.adnxs.com/prebid/ Frame C964
Redirect Chain

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=9205ad4fd805feef084933d98af06bcb

43 B
1 KB

23ms
23ms

Document
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=9205ad4fd805feef084933d98af06bcb

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid: aa98c8e0-4170-4f16-bd7e-3cafc0022ece
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 02 Jul 2023 07:13:46 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 7e0516865a4f3a8e-FRA
content-type: text/html; charset=UTF-8
date: Sun, 02 Jul 2023 07:13:46 GMT
location: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=9205ad4fd805feef084933d98af06bcb
server: cloudflare

GET
H3 200 9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js Show response
pagead2.googlesyndication.com/bg/ Frame F293 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9sT3o9SHt_8CKWiZImOleDpjc_rECPIYUFPEk3-7T8E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c4f7a3d487b7ff022968992263a5783a6373fac408f2185053c4937fbb4fc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 23:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 30 Jun 2024 23:28:49 GMT

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 0B18 1 KB
864 B 99ms
36ms Document
text/html 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1386
alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: HIT
cf-ray: 7e0516871bb9383b-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Jul 2023 07:13:46 GMT
last-modified: Sun, 02 Jul 2023 06:50:40 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame BAC4 0
0 55ms
37ms Document
text/plain 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://cdn.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7e051687ac3b383b-FRA
date: Sun, 02 Jul 2023 07:13:46 GMT
server: cloudflare

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
22ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1455705248&t=event&_s=1&dl=https%3A%2F%2Fwww.walla.co.il%2F&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%97%D7%93%D7%A9%D7%95%D7%AA.%20%D7%A1%D7%A4%D7%95%D7%A8%D7%98.%20%D7%A1%D7%9C%D7%91%D7%A1.%20%D7%90%D7%95%D7%9B%D7%9C%20-%20%D7%A2%D7%93%D7%9B%D7%95%D7%A0%D7%99%D7%9D%20%D7%95%D7%93%D7%99%D7%95%D7%95%D7%97%D7%99%D7%9D%20%D7%A9%D7%95%D7%98%D7%A4%D7%99%D7%9D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Video&ea=ForcedPlay&el=Google&_u=aHDAAEABEAAAACAUI~&jid=&gjid=&cid=1031612647.1688282021&tid=UA-4780630-1&_gid=1000806957.1688282021&gtm=45He36s0n71T728TH&cd1=1031612647.1688282021&cd2=173&cd3=&cd4=&cd6=&cd7=&cd8=&cd10=0&cd20=no&cd22=0&cd23=0&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%95%D7%95%D7%90%D7%9C%D7%94&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=0&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=&cd116=0&cd122=GTM%20video%20event%20To%20GA&cd123=https%3A%2F%2Fwww.walla.co.il%2F&cd124=&cd35=editorial&cd38=Live&cd39=Live&cd44=true&cd45=Google&cd47=Live&cd49=&cd50=Live&cd72=true&cm9=1&z=2055479102

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Jul 2023 07:20:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 86019
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4B82 43 B
215 B 113ms
113ms Image
image/gif 2600:1f18:1aca:4280:a825:de6:4efd:399e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=3e472016-4c8a-9a78-1b8f-45c4f65645da&tv=%7Bc:hbWRq3,pingTime:1,time:2614,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:29%7D,%7Br:r,w:300,h:250,t:556%7D,%7Bpiv:99,vs:i,r:,t:1601%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1013,o:1601,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:29,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1595~0,0~75%5D,as:%5B550~0.0,1045~300.250%5D%7D%7D,%7Bsl:i,t:1601,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:99,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1013~75%5D,as:%5B1013~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:226,fm:tIPNjxS+11%7C12%7C13%7C14%7C15%7C16.1484042-72188330%7C161%7C162%7C1631%7C164%7C165%7C17%7C18%7C19%7C1a%7C1b%7C1c.1484042-72185571%7C1c1%7C1c2%7C1c3%7C1c4%7C1c5%7C1d1%7C1d2%7C1d3%7C1e*.1484042-72188194%7C1e1%7C1e2%7C1f1%7C1f2%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o,idMap:1e*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:30,sis:555%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:a825:de6:4efd:399e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f618c808295dc4fbb0c254009afd8510.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:46 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F293 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.578.0&bgai=B7IyeqSOhZJn3F7OP9fgP2dyg2AgAAAAAOAHgBAI&bg=!PT6lPmrNAAb90kgr3dI7ADkAdvg8WtEa7VPcUps8eTuxq9YtPRk-EFVja8ZV3n5VnVzYxwBgG-05ovBa9fkthQXy4E183-BWk0QCAAAAm1IAAAACaAEHmQLX3dp9Dq92MhBK3l2LCpScxKQjTcEAm8ahJFa55p0WKe57yqDPD6RPfuCXyeIyb2U-QA46Y7DlkPe-j3hXXadGD-0tjTJCGq8Vime9ZV2l3RlF5Z_DCeGkkTYcMGmUn_ARY7neEXHFIrWqthGpYIxkdeLysxEGmL3uHkRR43REVLH_KOlI0A4MizFjOrxsqO8aleZDE6ao-gi3L29UQ3CNBoSf01A7AhrzgWBn8iKlquEgcF5rv6zKu61bkeyJ1tYhO14M2ywCYzdTpwU-05dK16xEWIz2aQpuD_ydfXm86ieosE7uVePZZyvTSFujedmaZXz1_ZKvyvX12lwGedIwfYvB2kPAphJ04DiiAm0iTavccNZXdmh4hiBs2of0gIEFIuoV_kgs18QzDmuhMSfWQqdUEnbUyRj6gIRiiDhhiZxd41w0JLfElcwlqEOckYB7ctb8Lw7JFglFm7oNum2i3hZNzNC5c-OUeICsB3YNWenISYqiS0WpXXc4Lutz3oJbCGeKXsMVLaQAlmvGE__DKm4XAZh3hD_4s9R23xkYFP9-FDeVbVaHK1b6OGeZmONmxER2i0Ep2JD-kn2QkPpt9yTh-G6BXICJRntA0tte5Ku25silljcL8Im_e7BlnZymAG3O_LLlNaIIUzDWQfK3d5N-xSVNrJNyKuATsKNFQuIcSd3C090l9gQlK14PUFKdqAvtFyHqXX6IiZEmxud-yjectfawtfJjvv1Ww9N1lWkQqs-OkdNPVDlJz9K0DmnE_S3AjkOoZA88kwHRf1FzMb_jtJi6wEaZKehi0gwexLHjyW-tSx44EptD4MHV6713QGfnOpYVIbupLBK3PZgf4hQbhxcWXiXQNqnP8dxXopVDclm9HBp4SsAInd_iGLYCZ7Vdov7OKjaKQ2EQIM7gcnlO8xBQb3nyJOD-SPGa22VgAfV1erNInBaJqlVQG-yER6WeE1KzlA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 07:13:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
59ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306270101&jk=1456132369863478&bg=!k5ClkMTNAAb90kgr3dI7ADkAdvg8Wo4FRil2iWkAwuBdfjWbljqY6Vf9bvId1EKANeGcOI1pzqbqIVeDWUWl1VTndir0EeVKGN4CAAABFFIAAAACaAEHmQKsqE9LpfJ5YlJRLn5DyhatcKHnFKqxcIs6pjOdYG7PNdzkQC1IEqeBHDlT4LXmiXD5UEhaITUbqaNCmOPAudI9kPPknUno3Mf-CZx1PB0hpbPaAHg1JeU485OfZmzygmcnqz4Kql4DWY04F9wIdHzeybyHWcZVWjaffM6OUZMdCoDL7um74gF0-1kMceBWTL1R1ObBW1O_UWonbtP30xatDAUAzhHN7FoGJUjtowBEFStswr4fQVfeNWhJSwfWjZrm7_qLnCmseDOf8Dr1i5dKjirmdp1bpltsDoZ3yIajt_T3U-rO51OH89aMyKmfT0MA5DrKVkcnKQrSTCQfUqCxAfGzYT8_HQsQKzC_K1C-bZgmnumg0ofpPLyjK8JgzcppgVwDHovRH8PR7jnFFW6v-6szYEQ2y2oq2ORs2A7mw9FyjGAIF75Y3tH3AZzLKYTHZtEfNlzeZNrCnOWABp79KczMU_ToI9zYStxgx2a4Sewc5i0JV-5vSP6sUBbdDnmJm-vqigEUSfDjrtk0jBJCpBWlyLqjj8kdHAfCh8l2fzJGav051VgTOGU15XYAfuWacqTHWY1HHs_m13vAh9e3ucTBVeb4cfDERaZoDqRAqqFRxtZ42JMoKvOyIbtQm8djr0Js1RrKuxDpD64XLZW6jzaPjuseYEJiwCHQ7B2S8VLpezettokjEciATDmmbEJ0XHJ7xLzEwpqT2MYpCTB--vVMYcBUzAq5ffi4XseykPkQMLxxTJDXtXGWVApm815SYLjBELSFGaBNqmYyuFZquhfCHSPWRwHuL2zJFKEoZXvBZpMA86lE6Eo3mYI4_3c6invx1jSdFs3OLp5UNeHOIxPXRlsMFCx2YoqKcN75Iih-dA40zjEEZkeErUj3JJHe1PoguVqERdHPo_P2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 3565186-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/3/5/6/5/ 82 KB
82 KB 24ms
23ms Image
image/jpeg 34.160.198.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_1000,t_18/3/5/6/5/3565186-46.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.198.118 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 118.198.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 69c9aacb6e0d3e86057c80943dd63a8aa4dcb6d75190885b2dc8af0c9e099bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 06:17:01 GMT
via: 1.1 google
age: 3405
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83737

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5497 0
860 B 23ms
23ms Script
text/html 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS