celebs.walla.co.il Open in urlscan Pro
54.230.167.13 Public Scan

URL: https://weather.walla.co.il/

URL: https://mail.walla.co.il/
Title: וואלה! דוארקרא דואר

URL: https://news.walla.co.il/
Title: חדשות

URL: https://news.walla.co.il/breaking
Title: מבזקים

URL: https://sports.walla.co.il/
Title: ספורט

URL: https://news.walla.co.il/category/5108
Title: ויראלי

URL: https://e.walla.co.il/
Title: תרבות

URL: https://finance.walla.co.il/
Title: כסף

URL: https://healthy.walla.co.il/
Title: בריאות

URL: https://food.walla.co.il/
Title: אוכל

URL: https://travel.walla.co.il/
Title: תיירות

URL: https://tech.walla.co.il/
Title: Tech

URL: https://b.walla.co.il/
Title: ברנז'ה

URL: https://fashion.walla.co.il/
Title: אופנה

URL: https://cars.walla.co.il/
Title: רכב

URL: https://www.sheee.co.il/
Title: sheee

URL: https://home.walla.co.il/
Title: בית ועיצוב

URL: https://fun.walla.co.il/
Title: כיף

URL: https://help.walla.co.il/
Title: עזרה

URL: https://fantasy-sport1.walla.co.il/?utm_source=app&utm_medium=hamburger&utm_campaign=RM_WallaSport
Title: ליגת החלומות

URL: https://mekomi.walla.co.il/
Title: מקומי

URL: https://gaming.walla.co.il/
Title: גיימינג

URL: https://www.wallashops.co.il/?utm_source=wallahp1&utm_medium=walla&utm_campaign=hpnemalakniut_1
Title: קניות

URL: https://www.drushim.co.il/
Title: דרושים

URL: https://www.yad2.co.il/?utm_source=walla&utm_medium=logo

URL: https://marketing.walla.co.il/
Title: שיווק ודיגיטל

URL: https://horoscope.walla.co.il/zodiacs
Title: הורוסקופ

URL: https://nadlan.walla.co.il/
Title: נדל"ן

URL: https://tld.walla.co.il/
Title: טוב לדעת

URL: https://beauty.walla.co.il/
Title: ביוטי

URL: https://yarokkl.walla.co.il/
Title: שומרים על כדור הארץ

URL: https://law.walla.co.il/
Title: משפטי

URL: https://horoscope.walla.co.il/
Title: רוח

URL: https://judaism.walla.co.il/
Title: יהדות

URL: https://www.walla.co.il/podcast
Title: פודקאסטים

URL: https://healthy.walla.co.il/category/594
Title: הורות וילדים

URL: https://www.walla.co.il/magazine/
Title: magazine

URL: https://mazaltov.walla.co.il/
Title: מזל טוב

URL: https://now.walla.co.il/
Title: NOW

URL: https://calendar.walla.co.il/
Title: לוח שנה

URL: https://tv-guide.walla.co.il/
Title: לוח שידורים

URL: https://www.walla.co.il/track
Title: מעקב משלוחים

URL: https://walla.co.il/shabbat-times
Title: כניסת שבת

URL: https://www.b144.co.il/?sitecode=10&subsitecode=1406&site=walla&utm_source=walla&utm_medium=header
Title: B144

URL: https://mazaltov.walla.co.il/weddingdresses/
Title: שמלות כלה

URL: https://perfectmatch.walla.co.il/
Title: חיבורים מושלמים

URL: https://mumlazim.walla.co.il/
Title: מומלצים

URL: https://b144.walla.co.il/
Title: עסקים קטנים

URL: https://yoram.walla.co.il/
Title: לימודים

URL: https://career.walla.co.il/
Title: חיפוש עבודה

URL: https://paisculture.walla.co.il/
Title: פיס בתרבות

URL: https://tmirecycle.walla.co.il/
Title: קיץ של מחזור

URL: https://starkist.walla.co.il/
Title: כל מה שטוב בטונה

URL: https://www.democratv.org/
Title: דמוקרטTV

URL: https://thetop.walla.co.il/
Title: הטופ

URL: https://dogsandcats.walla.co.il/
Title: כלבים וחתולים

URL: https://galil.walla.co.il/
Title: גליל, תשאלו כל דחליל

URL: https://www.wallashops.co.il/%D7%93%D7%99%D7%9C-%D7%99%D7%95%D7%9E%D7%99?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=dilyomi
Title: דיל יומי

URL: https://www.wallashops.co.il/?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=wallashops
Title: וואלה!שופס

URL: https://www.wallashops.co.il/?utm_source=WALLA&utm_medium=text_linkHP&utm_campaign=mivtzeim
Title: מבצעים

URL: https://www.wallatours.co.il/zimmer/
Title: צימרים

URL: https://www.wallaprint.co.il/?utm_source=WALLA&utm_medium=HP&utm_campaign=PRINTtext
Title: אלבומים

URL: https://tld.walla.co.il/category/13221
Title: weshow

URL: https://vod.walla.co.il/movies
Title: סרטים

URL: https://vod.walla.co.il/tvshows
Title: סדרות

URL: https://viva.walla.co.il/
Title: ויוה

URL: https://help.walla.co.il/section/12344
Title: כתבו לנו

URL: https://dcx.walla.co.il/walla/terms/terms.pdf
Title: תנאי שימוש

URL: https://dcx.walla.co.il/walla_news_files/a516a87cfcaef229b342c437fe2b95f7.pdf
Title: מדיניות פרטיות

URL: https://www.walla.co.il/about
Title: אודות

URL: https://apps.walla.co.il/
Title: אפליקציות

URL: https://www.walla.co.il/writers
Title: כתבים

URL: https://www.walla.co.il/archive
Title: ארכיון

URL: https://www.walla.co.il/rss
Title: RSS

URL: https://vod.walla.co.il/

URL: https://play.google.com/store/apps/details?id=com.walla
Title: אפליקציית אנדרויד

URL: https://itunes.apple.com/il/app/walla!-!ww-lh/id336751384?mt=8
Title: אפליקציית אייפון

URL: https://twitter.com/wallanews
Title: טוויטר

URL: https://facebook.com/wallacelebs
Title: פייסבוק

URL: https://tags.walla.co.il/%D7%92'%D7%A0%D7%99%D7%A4%D7%A8_%D7%9C%D7%95%D7%A4%D7%96
Title: ג'ניפר לופז

URL: https://tags.walla.co.il/%D7%92'%D7%A7%D7%99_%D7%90%D7%96%D7%95%D7%9C%D7%90%D7%99
Title: ג'קי אזולאי

URL: https://tags.walla.co.il/%D7%99%D7%A2%D7%9C_%D7%A9%D7%9C%D7%91%D7%99%D7%94
Title: יעל שלביה

URL: https://tags.walla.co.il/%D7%A2%D7%95%D7%9E%D7%A8_%D7%90%D7%93%D7%9D
Title: עומר אדם

URL: https://tags.walla.co.il/%D7%99%D7%94%D7%95%D7%93%D7%94_%D7%9C%D7%95%D7%99
Title: יהודה לוי

URL: https://www.faltenfreialtern.com/anti-falten-methode-4-ob?obOrigUrl=true
Title: Nobelpreisgekröntes Protein mit Wirkung bei Falten faltenfreialtern.com | ממומן

URL: https://www.outbrain.com/what-is/default/he

URL: https://gesundmachtschlank-aktion.de/selbsttest-artikel-ob?obOrigUrl=true
Title: „Bauchfett kann mit diesem Hormon-Test gelöst werden" Apotheken Kompass | ממומן

URL: https://plarium.com/landings/de/desktop/raid/replica_vik_rdoapp?plid=530761&pxl=outbrain&PublisherID=$publisher_name$_$section_id$&placement=00eb583e90ac6352349b7aa96e6d22e4a3&adpartnerset=006b3ab5a8ff37bb0551041a5dd46f044a&clickID=$ob_click_id$&obOrigUrl=true
Title: Dieses Spiel ist so schön. Wenn Sie einen Computer haben, ist es ein Muss. Raid: Shadow Legends | ממומן

URL: https://tags.walla.co.il/
Title: תגיות וואלה!

URL: https://tags.walla.co.il/%D7%90%D7%91%D7%A0%D7%A8_%D7%A0%D7%AA%D7%A0%D7%99%D7%94%D7%95
Title: אבנר נתניהו

URL: https://tags.walla.co.il/%D7%90%D7%95%D7%A8%D7%98%D7%9C_%D7%A2%D7%9E%D7%A8
Title: אורטל עמר

URL: https://tags.walla.co.il/%D7%90%D7%95%D7%A8%D7%A0%D7%94_%D7%93%D7%A5
Title: אורנה דץ

URL: https://tags.walla.co.il/%D7%90%D7%9F_%D7%96%D7%99%D7%95%D7%99
Title: אן זיוי

URL: https://tags.walla.co.il/%D7%90%D7%A0%D7%92'%D7%9C%D7%99%D7%A0%D7%94_%D7%92'%D7%95%D7%9C%D7%99
Title: אנג'לינה ג'ולי

URL: https://tags.walla.co.il/%D7%91%D7%9F_%D7%90%D7%9C_%D7%AA%D7%91%D7%95%D7%A8%D7%99
Title: בן אל תבורי

URL: https://tags.walla.co.il/%D7%91%D7%9F_%D7%90%D7%A4%D7%9C%D7%A7
Title: בן אפלק

URL: https://tags.walla.co.il/%D7%91%D7%9F_%D7%96%D7%99%D7%A0%D7%99
Title: בן זיני

URL: https://tags.walla.co.il/%D7%91%D7%A8%D7%90%D7%93_%D7%A4%D7%99%D7%98
Title: בראד פיט

URL: https://tags.walla.co.il/%D7%92'%D7%95%D7%90%D7%9F_%D7%A7%D7%95%D7%9C%D7%99%D7%A0%D7%A1
Title: ג'ואן קולינס

URL: https://tags.walla.co.il/%D7%94%D7%90%D7%97_%D7%94%D7%92%D7%93%D7%95%D7%9C
Title: האח הגדול

URL: https://tags.walla.co.il/%D7%94%D7%90%D7%97_%D7%94%D7%92%D7%93%D7%95%D7%9C_2022
Title: האח הגדול 2022

URL: https://tags.walla.co.il/%D7%97%D7%AA%D7%95%D7%A0%D7%94_%D7%9E%D7%9E%D7%91%D7%98_%D7%A8%D7%90%D7%A9%D7%95%D7%9F
Title: חתונה ממבט ראשון

URL: https://tags.walla.co.il/%D7%9B%D7%A8%D7%99%D7%A1%D7%98%D7%99%D7%90%D7%A0%D7%95_%D7%A8%D7%95%D7%A0%D7%90%D7%9C%D7%93%D7%95
Title: כריסטיאנו רונאלדו

URL: https://tags.walla.co.il/%D7%A0%D7%95%D7%9B%D7%9C_%D7%94%D7%98%D7%99%D7%A0%D7%93%D7%A8
Title: נוכל הטינדר

URL: https://tags.walla.co.il/%D7%A1%D7%A0%D7%93%D7%A8%D7%94_%D7%A8%D7%99%D7%A0%D7%92%D7%9C%D7%A8
Title: סנדרה רינגלר

URL: https://tags.walla.co.il/%D7%A7%D7%99%D7%9D_%D7%A7%D7%A8%D7%93%D7%A9%D7%99%D7%90%D7%9F
Title: קים קרדשיאן

URL: https://tags.walla.co.il/%D7%A9%D7%92%D7%91_%D7%9E%D7%A9%D7%94
Title: שגב משה

URL: https://tld.walla.co.il/item/3518092?lm_supplier=16893&lm_bc=12255
Title: חיי מין ללא פשרות: "זה הציל לי את הסקס והזוגיות"מוגש מטעם גברא

URL: http://www.oref.org.il/11093-he/Pakar.aspx
Title: פיקוד העורף

URL: https://news.walla.co.il/category/1
Title: חדשות בארץ

URL: https://bama.bio/b2b
Title: הבמה שלך באינטרנט

URL: https://www.maariv.co.il/jewishism/shabat-times
Title: כניסת שבת

URL: https://www.hamal.co.il/
Title: חמ"ל

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://ib.adnxs.com/getuid?https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=48e98942-48d1-4f05-b49f-df1207778589&adnxsUserId=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fledger.crowdad.io%2Fmap-id%3FpublisherId%3DWALLA%26publisherUserId%3D%26kaUserId%3D48e98942-48d1-4f05-b49f-df1207778589%26adnxsUserId%3D%24UID HTTP 302
https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=48e98942-48d1-4f05-b49f-df1207778589&adnxsUserId=6626432182696934703

Request Chain 138

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/freewheel/197989fb3a444bc4dd42b9bb5ec946d1

Request Chain 139

https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/owzFE6pO0i0pW5G8B1jp?pi=smilewanted&tc=1

Request Chain 140

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=3353d6c1212b798680435778d5550051

Request Chain 142

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

Request Chain 144

https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/improve/b0e662ec-7e27-4e5c-b257-ba251a9e7ae3&partner_id=1010

Request Chain 153

https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YwNbELtI0s1x7uwB15qodAAA%261204

Request Chain 178

https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=9e81d121-2205-11ed-b611-143d56a10306 HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/spotx/9e81d0d9-2205-11ed-b611-143d56a10306

Request Chain 198

https://ad.ad-srv.net/request.php?zone=ekhj812lu0jl&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&documentReferer=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&ancestorOrigins=https%3A%2F%2Fcelebs.walla.co.il&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:11263&extVar[]=XR_DOM_RTB:celebs.walla.co.il&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FUDb-j7CVkz8j2lGmsy2HPwAAAIA9Cuc_xICZrcRViD_k9zb92Y-UP1mOhrjeLrkTL_3dOfbQ9VsPWwNjAAAAANK3FAH_KwAASicAAAIAAAAgft4M-aQfAAAAAABVU0QAVVNEACwBWAKQkQAAAAABAQUCAAAAANgAaihVDAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521XRiL1gjFiI0TEKD8-WYY-cl-IAAoADF7FK5H4XqUPzoJQU1TMzo2MTE2QIwvSa1M-KV-3u8_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMzo2MTE2%2Fbn%3D96976%2Fclickenc%3D HTTP 302
https://ad.ad-srv.net/request.php?zone=ekhj812lu0jl&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&documentReferer=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&ancestorOrigins=https%3A%2F%2Fcelebs.walla.co.il&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:11263&extVar[]=XR_DOM_RTB:celebs.walla.co.il&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FUDb-j7CVkz8j2lGmsy2HPwAAAIA9Cuc_xICZrcRViD_k9zb92Y-UP1mOhrjeLrkTL_3dOfbQ9VsPWwNjAAAAANK3FAH_KwAASicAAAIAAAAgft4M-aQfAAAAAABVU0QAVVNEACwBWAKQkQAAAAABAQUCAAAAANgAaihVDAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521XRiL1gjFiI0TEKD8-WYY-cl-IAAoADF7FK5H4XqUPzoJQU1TMzo2MTE2QIwvSa1M-KV-3u8_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMzo2MTE2%2Fbn%3D96976%2Fclickenc%3D&uidRedirect=1

Request Chain 201

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnZb9DSYdzDyXjTeA3dnhg&google_cver=1

Request Chain 202

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwNbELtI0s1x7uwB15qodAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnZb9DSYdzDyXjTeA3dnhg&google_cver=1

Request Chain 203

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMiuwVz-wcUwm2xpjym8DU4&google_cver=1

Request Chain 204

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjYyNjQzMjE4MjY5NjkzNDcwMw%3D%3D

Request Chain 207

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnZb9DSYdzDyXjTeA3dnhg&google_cver=1

Request Chain 208

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwNbELtI0s1x7uwB15qodAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnZb9DSYdzDyXjTeA3dnhg&google_cver=1

Request Chain 209

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMiuwVz-wcUwm2xpjym8DU4&google_cver=1

Request Chain 210

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjYyNjQzMjE4MjY5NjkzNDcwMw%3D%3D

Request Chain 220

https://ad.ad-srv.net/request.php?zone=is3zmzpwh1j5&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=673a1697e3100LADCSNnI6VQZmL9uulvlC9HYWkxmikufFmA1fYCyZFdSNnWb48mZgZYl_vli0vGW58FDWqIFiLmWG9mYM9FV3pGbp9XBcHmA1x0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=30056900051683901467949012059027&redirectClick=https%3A%2F%2Fad27.ad-srv.net%2Fc%2Fp233q5xpgofs5rk%3Ftprde%3D HTTP 302
https://ad.ad-srv.net/request.php?zone=is3zmzpwh1j5&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=673a1697e3100LADCSNnI6VQZmL9uulvlC9HYWkxmikufFmA1fYCyZFdSNnWb48mZgZYl_vli0vGW58FDWqIFiLmWG9mYM9FV3pGbp9XBcHmA1x0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=30056900051683901467949012059027&redirectClick=https%3A%2F%2Fad27.ad-srv.net%2Fc%2Fp233q5xpgofs5rk%3Ftprde%3D&uidRedirect=1

Request Chain 225

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202206_es_hunger_dv_pros_339769042&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
https://d.adtriba.com/px.gif

Request Chain 233

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202206_es_hunger_dv_pros_339769045&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
https://d.adtriba.com/px.gif

Request Chain 238

https://www.awin1.com/cshow.php?s=2519517&v=14098&q=379074&r=559379&pv=0&pref1=73733200051684201649443012059027 HTTP 302
https://media.kaspersky.com/de/affiliates/22_Q1_B2C_DACH-DE_KTS-promo_60-OFF_Affiliates_120x600.png

Request Chain 247

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGntvDKS3QCB77qhXV2pPCo&google_cver=1&google_push=AehlK4C0noNyqDiviIdhZoa6Sz3wsqyJZfg_Z5RHJoNS6gG_7bJ2tGEEc56vydJgVMzPlgWYxdpbs6TzyQnaeAy7zGWlCKGMZuErzg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4C0noNyqDiviIdhZoa6Sz3wsqyJZfg_Z5RHJoNS6gG_7bJ2tGEEc56vydJgVMzPlgWYxdpbs6TzyQnaeAy7zGWlCKGMZuErzg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGntvDKS3QCB77qhXV2pPCo&google_cver=1&google_push=AehlK4C0noNyqDiviIdhZoa6Sz3wsqyJZfg_Z5RHJoNS6gG_7bJ2tGEEc56vydJgVMzPlgWYxdpbs6TzyQnaeAy7zGWlCKGMZuErzg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4C0noNyqDiviIdhZoa6Sz3wsqyJZfg_Z5RHJoNS6gG_7bJ2tGEEc56vydJgVMzPlgWYxdpbs6TzyQnaeAy7zGWlCKGMZuErzg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 248

https://um.simpli.fi/gp_match?google_gid=CAESEC1JOfDda03bQqk452i0YXw&google_cver=1&google_push=AehlK4ABRKihSdQ8Ikc6r7S_Iv-y8FFK9ZPWI6YR_u7BBtgMHkf3_HShnTUjfiyiFYE_Bh8wXr-EEEuomr3Z89O7_gVW28M0CQau6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A7EBC20217204F729B1DDD59D411A27B&google_push=AehlK4ABRKihSdQ8Ikc6r7S_Iv-y8FFK9ZPWI6YR_u7BBtgMHkf3_HShnTUjfiyiFYE_Bh8wXr-EEEuomr3Z89O7_gVW28M0CQau6Q

Request Chain 250

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGh6I2j92XrimfVhd-Z0aOc&google_cver=1&google_push=AehlK4B-MQAamAVfOyCjw-WbpGbkeHku5fQTipRF-jr7La1pbfT9-31m1Qynna8nDguhSVHcxyvlxIFwZNrT4LrH7jNSOwHUtzNF6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEzNDY0NjM2MzI3MDI4MTM1OA%3D%3D&google_push=AehlK4B-MQAamAVfOyCjw-WbpGbkeHku5fQTipRF-jr7La1pbfT9-31m1Qynna8nDguhSVHcxyvlxIFwZNrT4LrH7jNSOwHUtzNF6Q

Request Chain 251

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHfEm-CiD4N2iEbJpCq4iOk&google_cver=1&google_push=AehlK4CAdmi2M-rcCvJ0RSdrj3-BQ5LsDBra0WktK8P6vzlc9ZWWwek_o2fVWVPzpwgwFCWa0-64zGzBeXPVmTnnKX9a0JWIJK2w7Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4CAdmi2M-rcCvJ0RSdrj3-BQ5LsDBra0WktK8P6vzlc9ZWWwek_o2fVWVPzpwgwFCWa0-64zGzBeXPVmTnnKX9a0JWIJK2w7Q&google_hm=MjQwNjIyMjU4NDM1NTg3MTE4Mw%3D%3D

Request Chain 252

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEOOUSQdbNm7j9qSTmXpiLUM&google_cver=1&google_push=AehlK4A-qqog3I87iPdEb8N3QUF4FvlGNqhrcyjmBEcaawMut1eFw4qPZXWskNSA52FvM_PYyXc1ylMbGwHi4lnG1QCla61qvHNaKg HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4A-qqog3I87iPdEb8N3QUF4FvlGNqhrcyjmBEcaawMut1eFw4qPZXWskNSA52FvM_PYyXc1ylMbGwHi4lnG1QCla61qvHNaKg&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1661164305429 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b7c844c7-5d82-43d8-9462-242bc8b7e5ee-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4A-qqog3I87iPdEb8N3QUF4FvlGNqhrcyjmBEcaawMut1eFw4qPZXWskNSA52FvM_PYyXc1ylMbGwHi4lnG1QCla61qvHNaKg%26google_hm%3DA7fIRMddgkPYlGIkK8i35e4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4A-qqog3I87iPdEb8N3QUF4FvlGNqhrcyjmBEcaawMut1eFw4qPZXWskNSA52FvM_PYyXc1ylMbGwHi4lnG1QCla61qvHNaKg&google_hm=A7fIRMddgkPYlGIkK8i35e4

Request Chain 254

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGf2d1rtM8vQiIXV5laQ4ps&google_cver=1&google_push=AehlK4C2fP0ty0ZdRJWnJiW0cbjjr1vg88Lsdj15iju_Poxj36L4eSZVYZZTOAXsJImipXXSoGapW2lC-G_m7a4QtUoPW1oAxDQ5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4C2fP0ty0ZdRJWnJiW0cbjjr1vg88Lsdj15iju_Poxj36L4eSZVYZZTOAXsJImipXXSoGapW2lC-G_m7a4QtUoPW1oAxDQ5

Request Chain 255

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGntvDKS3QCB77qhXV2pPCo&google_cver=1&google_push=AehlK4CW9IdUOvsMGQcEmhMhpVZ-spmdJGMTUx9-CWGzJA20uOW308OJgWuy-3G5jvducv_lYiLJTiDZtPZMsWiIen_AxNle4kE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4CW9IdUOvsMGQcEmhMhpVZ-spmdJGMTUx9-CWGzJA20uOW308OJgWuy-3G5jvducv_lYiLJTiDZtPZMsWiIen_AxNle4kE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGntvDKS3QCB77qhXV2pPCo&google_cver=1&google_push=AehlK4CW9IdUOvsMGQcEmhMhpVZ-spmdJGMTUx9-CWGzJA20uOW308OJgWuy-3G5jvducv_lYiLJTiDZtPZMsWiIen_AxNle4kE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4CW9IdUOvsMGQcEmhMhpVZ-spmdJGMTUx9-CWGzJA20uOW308OJgWuy-3G5jvducv_lYiLJTiDZtPZMsWiIen_AxNle4kE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 256

https://ads.travelaudience.com/google_pixel?google_gid=CAESEO4scKCfsvE8cNUlGxD7iyw&google_cver=1&google_push=AehlK4BVbkROPXDHLayVCyr5LLTamQvAAkC-NAxUhhV5bipUcNIElvl_ddSfRGpTNYQ95qaeMnnh_paN1QGHzURK0CcKbkAJySh0 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ITp3B1smQ3iUYzsugBi6GQ2&google_push=AehlK4BVbkROPXDHLayVCyr5LLTamQvAAkC-NAxUhhV5bipUcNIElvl_ddSfRGpTNYQ95qaeMnnh_paN1QGHzURK0CcKbkAJySh0

Request Chain 257

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHfEm-CiD4N2iEbJpCq4iOk&google_cver=1&google_push=AehlK4BCHI-ze17J3vIky_2BANolsvlbOHxI-Zx43EcgkvWVv7cPlB4mHcXN2_xSCdEmKysTIJSkI_eJoJgmhKyNuw3hsgnyAAuu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4BCHI-ze17J3vIky_2BANolsvlbOHxI-Zx43EcgkvWVv7cPlB4mHcXN2_xSCdEmKysTIJSkI_eJoJgmhKyNuw3hsgnyAAuu&google_hm=MTcyMTAzOTA3NzA2MDIwODMxOA%3D%3D

Request Chain 258

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEOOUSQdbNm7j9qSTmXpiLUM&google_cver=1&google_push=AehlK4C1_saKeSeF1y91yEvrTSRF01J0CTkMzcHDtehPGdM0awdPRNa9aPWHusxmuySjXF2BIoCXDsfC1erj47kG7v7Y2v1J5VQ HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4C1_saKeSeF1y91yEvrTSRF01J0CTkMzcHDtehPGdM0awdPRNa9aPWHusxmuySjXF2BIoCXDsfC1erj47kG7v7Y2v1J5VQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1661164305429 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b7c844c7-5d82-43d8-9462-242bc8b7e5ee-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4C1_saKeSeF1y91yEvrTSRF01J0CTkMzcHDtehPGdM0awdPRNa9aPWHusxmuySjXF2BIoCXDsfC1erj47kG7v7Y2v1J5VQ%26google_hm%3DA7fIRMddgkPYlGIkK8i35e4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4C1_saKeSeF1y91yEvrTSRF01J0CTkMzcHDtehPGdM0awdPRNa9aPWHusxmuySjXF2BIoCXDsfC1erj47kG7v7Y2v1J5VQ&google_hm=A7fIRMddgkPYlGIkK8i35e4

Request Chain 259

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEN3jXDTeeWRGI75i0gRusjw&google_cver=1&google_push=AehlK4D_U729_2zAxOEPgZEtzCqgXbcCrK0D0cS0J05tarZwA08VwDYJRGCExuX3GE9b-u2FhmnEz6L16qvVTzueLvTA1HB_za3KhQ HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEN3jXDTeeWRGI75i0gRusjw&google_cver=1&google_push=AehlK4D_U729_2zAxOEPgZEtzCqgXbcCrK0D0cS0J05tarZwA08VwDYJRGCExuX3GE9b-u2FhmnEz6L16qvVTzueLvTA1HB_za3KhQ&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JSkNTZXpwRTJ1RjV2WjBqcVNZSjFaRXZTMU5IUno5WX5B&google_push=AehlK4D_U729_2zAxOEPgZEtzCqgXbcCrK0D0cS0J05tarZwA08VwDYJRGCExuX3GE9b-u2FhmnEz6L16qvVTzueLvTA1HB_za3KhQ

Request Chain 302

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcelebs.walla.co.il%2F&domain=celebs.walla.co.il&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=BASC8Hx3YjhxVE1JQnNDNWd6ZGhic2FweWdhWXN0Qm1Rc1J1cXIzcHY4Rk5XeDBhVmplUlRpb1lNem55OU5sTHdhKzNqVkdoUEhtcnUybkY0TE9Na002THN0VlhrbGc0SHFVZ0w5TWZQQWY2d0hPUXFvanJUS3I5TFpibWk1dXQ0cDROTFZTK0JtbTMwTitIcGxmZTJQdmdJT3NFY2syblVWMUk4UlpGSndEamcyRnZkYzNZb2Zod0IwcEw3d2U1U3pEZHpzWWkxRVBhZXAyOUFlUmR1N2FTS1ZXYjFjaFMwYmg5SllJTUgvTS82ajBId2ZJbDNxdk56MVhmcnlQTXBRS0VofA&cppv=2

Request Chain 322

https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/owzFE6pO0i0pW5G8B1jp?pi=smilewanted

Request Chain 325

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=3353d6c1212b798680435778d5550051

Request Chain 326

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwNbELtI0s1x7uwB15qodAAABLQAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwNbELtI0s1x7uwB15qodAAABLQAAAAB&dcc=t

Request Chain 330

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1661250707&gdpr=1

Request Chain 332

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

Request Chain 334

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

Request Chain 337

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc0TUM0NlAtMS1FRUs1

Request Chain 338

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L74MC46P-1-EEK5

Request Chain 339

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZXznE-cCT_i4q8qb67_kew&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZXznE-cCT_i4q8qb67_kew

Request Chain 340

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKH3m0q8SmAzvcDxL8Itp1c&google_cver=1

Request Chain 341

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDQ0YWZlODJjMWM2MjQ0ZGFhYjM0YmJmMzMzMTg5NzcxZWEyMmM4MA

Request Chain 342

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L74MC46P-1-EEK5&sigv=1&esig=2~ab32aae0c1584b46f6be170ac6b1c5d07346fcbb

Request Chain 343

https://id.rlcdn.com/709414.gif HTTP 307
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e

Request Chain 345

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

Request Chain 352

https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0

Request Chain 353

https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent= HTTP 307
https://csync.smilewanted.com/set_partner_userid_get/loopme/45d14802-494b-438b-b0ba-bd52de7d03c5?gdpr_consent=null&gdpr=0

Request Chain 354

https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent= HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-k.pJ_BNE2uHxREBnHRQ8DY0KcFZ1grjYKdWTn9c-~A&gdpr=0&gdpr_consent=

Request Chain 355

https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
https://csync.smilewanted.com/set_partner_userid_get/openx/56fa1a4b-12dc-44b8-92c9-94cc180921a8

Request Chain 369

https://gum.criteo.com/sid/json?origin=publishertag&domain=walla.co.il&sn=ChromeSyncframe&so=3&topUrl=celebs.walla.co.il&bundle=jBpIwV94UWVMSDFYJTJGZFRacmhwJTJCVENkbzVoN3Y0ejZSMyUyQjVlZ0Z5eU51VUFnc2kwRjclMkZaMWslMkJXJTJGM3BEQTE4VUZETm9SbkhnSUNvNlVqTnZ6SFo5NSUyQm9PbGVXRTA5SXM3RmpSZ2pYSE1tNGlFNFVabzVhS2x6TENNcTEyUXJXT1NjMFpu&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=uo2DbnxjUXl2N01WTiswWUJLbEdWTTJQc1YwSUZtWTZqdjNmMlRjWDdyeUREV2dOUlZuVG54bklpa2NnOGJtWFRLclIyUXovc2NUS1l4ZHdUUnQ3NXpXOGZpcThXQlF1TWd1SElwK2JSbUVZdW9zbTIyVEhNcnNUWHJLMGZBdk93ZFdCVkpDbEVjWC8zOWlWdzhSbCtmRkZEUkV0b3UzOHdaSzFLNDRaTmo1OFp5OGNuakEyNWU1ajM5a2owbTdtNjRQMDU3Q0ltSXhmNHdjbTlaMm5DYXppTGRXTkdpWFMxK0E2V0NwZ3Q4SlI2UjVKTVJQbDRqdE54S25xcGtKSWNnY2VjZE96V2lSaUxUSk54bVNmZWpra1ZXYXM0dy9Fa2duSlVvQU1QTGY2Zm9xVT18&cppv=2

372 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 3602 Show response
celebs.walla.co.il/category/ 252 KB
106 KB 1926ms
1389ms Document
text/html 54.230.167.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.167.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-167-13.icn51.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 17062460ecb6b3a20b13a650983586ad0f14671d15f447dd7d8173a92b4cbed1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=900
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 22 Aug 2022 10:31:41 GMT
etag: W/"3eff7-v86n3TgvsTbdVHykWOHZkIb5idM"
server: openresty/1.15.8.1
vary: Accept-Encoding
via: 1.1 70fa2d688a6a04566eba85681d44174a.cloudfront.net (CloudFront)
x-amz-cf-id: BkD_fDxpyW59Cvlc6aHXJct-kbkJWxj3A5q2fmJ-97yDOG8ALLYsbg==
x-amz-cf-pop: ICN51-C2
x-cache: Miss from cloudfront
x-cached: MISS

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 61ms
25ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fce3e3ae8dc82cfecf05aa91f1eb660df2a81ee7b98cf57776c27ac10c11b949

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28490
x-xss-protection: 0
server: sffe
etag: "1310 / 336 of 1000 / last-modified: 1661157893"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 22 Aug 2022 10:31:41 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 90ms
20ms Script
application/x-javascript 2600:9000:2304:5000:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:5000:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 09:07:52 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:57:56 GMT
server: nginx
age: 5029
etag: W/"62d75314-5d6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 19d23243200e63f987eb95cd84ad557c.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: VIE50-P1
x-amz-cf-id: HF8ar9SJVxs3pBRre-PG7qoF8jPm_axqikB7qDzJ844t3Wpra6Aetw==
expires: Mon, 22 Aug 2022 11:07:52 GMT

GET
H2 200 pubads_impl_2022081501.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
131 KB 775ms
23ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 21 Aug 2022 16:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66102
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133600
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:36:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 21 Aug 2023 16:10:00 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 929 B
943 B 832ms
83ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=celebs.walla.co.il

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

server-18-66-122-119.fra60.r.cloudfront.net

Software

cafe /

Resource Hash

b871923654778763fd71842789637b9fef7bab1bd30f17a70fe4e2e0e81ee57a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Aug 2022 10:31:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 306
x-xss-protection: 0
expires: Mon, 22 Aug 2022 10:31:42 GMT

GET
H2 200 mobile.svg
celebs.walla.co.il/public/assets/logo/ 1 KB
1005 B 895ms
895ms Image
image/svg+xml 54.230.167.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://celebs.walla.co.il/public/assets/logo/mobile.svg
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.167.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-167-13.icn51.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 0049a61681f009097e433d79763495def6c0a29963c2349643b10bad537266d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/category/3602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:42 GMT
content-encoding: gzip
last-modified: Mon, 22 Aug 2022 06:33:57 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: ICN51-C2
etag: W/"437-182c4420408"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
via: 1.1 70fa2d688a6a04566eba85681d44174a.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-id: azud2i2qdNbhH_GU8iqzZvbfpLymaI94ycEoppsDg70IHNF4yJ4scQ==
x-cached: MISS

GET
H2 200 logo_new.svg
celebs.walla.co.il/public/assets/logo/ 1 KB
956 B 263ms
262ms Image
image/svg+xml 54.230.167.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://celebs.walla.co.il/public/assets/logo/logo_new.svg
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.167.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-167-13.icn51.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a6cbbfde0f8fa5053ac3b8a87d712870edae2c840f56df167e4c33f31e61e84b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/category/3602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:14:51 GMT
content-encoding: gzip
last-modified: Mon, 22 Aug 2022 06:33:57 GMT
server: openresty/1.15.8.1
age: 1011
etag: W/"4bf-182c4420408"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 70fa2d688a6a04566eba85681d44174a.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: ICN51-C2
x-amz-cf-id: ZK5OuhPuZYeSrQDZyxl3nALHB1qF3kfA6Lvw02JxhyKew1TT5KujoQ==
x-cached: MISS

GET
H2 200 yad2.png
celebs.walla.co.il/public/assets/icons/ 1 KB
1 KB 263ms
262ms Image
image/png 54.230.167.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://celebs.walla.co.il/public/assets/icons/yad2.png
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.167.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-167-13.icn51.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a374b60100f2559a33f142d53bf332d5efad58e505683bff5cf0523abacc0274

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/category/3602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:14:51 GMT
via: 1.1 70fa2d688a6a04566eba85681d44174a.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 06:33:57 GMT
server: openresty/1.15.8.1
age: 1011
etag: W/"488-182c4420408"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: ICN51-C2
accept-ranges: bytes
content-length: 1160
x-cached: MISS
x-amz-cf-id: U9kAW7hHTEuK94wn9NjtkPxkmFzi61sLBI4VqAYA2g0t-nk1ug_pBA==

GET
H2 200 vod.png
celebs.walla.co.il/public/assets/icons/ 1 KB
2 KB 267ms
265ms Image
image/png 54.230.167.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://celebs.walla.co.il/public/assets/icons/vod.png
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.167.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-167-13.icn51.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 7ff6e89ef0a4dcb72ed72196173642deb38c4b539baf3d7030ba8e122c284475

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/category/3602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:14:51 GMT
via: 1.1 70fa2d688a6a04566eba85681d44174a.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 06:33:57 GMT
server: openresty/1.15.8.1
age: 1011
etag: W/"4a6-182c4420408"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: ICN51-C2
accept-ranges: bytes
content-length: 1190
x-cached: MISS
x-amz-cf-id: pjt_O2xCGHMXqeSRzEICHFA0WGOfWw1VvDm1LiiYtB47AKQZ_75aFA==

GET
H2 200 new-logo-walla-negativ.png
celebs.walla.co.il/public/assets/icons/ 636 B
1000 B 263ms
262ms Image
image/png 54.230.167.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://celebs.walla.co.il/public/assets/icons/new-logo-walla-negativ.png
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.167.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-167-13.icn51.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: f6a69ae74374cd68efa0256c89a99d1cccbb7095e33ffb88d1ae54ee900d4741

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/category/3602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:14:51 GMT
via: 1.1 70fa2d688a6a04566eba85681d44174a.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 06:33:57 GMT
server: openresty/1.15.8.1
age: 1011
etag: W/"27c-182c4420408"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: ICN51-C2
accept-ranges: bytes
content-length: 636
x-cached: MISS
x-amz-cf-id: gFVdMH4ihBrOyPvgmmzBDrSkxYMlnYDEnXJBzt_oQQG-gpYEB0kEnA==

GET
H/1.1 200
OK walla-v2-prod.js Show response
cdn.valuad.cloud/hb/ 965 KB
263 KB 263ms
14ms Script
application/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

1218ba03831f16c292d0730e099276a0183d4a0fe9ff9b5ddfc7558fff5cc87b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 22 Aug 2022 10:31:42 GMT
Content-Encoding: gzip
Connection: Keep-Alive
Last-Modified: Wed, 17 Aug 2022 16:14:49 GMT
x-amz-request-id: tx00000000000000700cf2b-0063027aee-2b9ea74d-fra1a
etag: "dfb3405b099855d79f132f81c9939b43"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1661164302.dop168.fr8.t,1661164302.cds288.fr8.shn,1661164302.dop168.fr8.t,1661164302.cds218.fr8.c
Content-Type: application/javascript
cache-control: public, max-age=86400
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 269063

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 383 KB
76 KB 70ms
24ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T728TH

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2972f1ec03bdab1b7c44c3c57e25f3f13cc423ac2f16af58428f16c1d78a5604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77049
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Aug 2022 10:31:42 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 501 KB
69 KB 71ms
25ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGMK7ZS

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e1adeef794902b0e38e76abf959c60c6013772120e39a1c0f2a498e4311009f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70438
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Aug 2022 10:31:42 GMT

GET
H2 200 wallawb.js Show response
cf.dxmcdn.com/dta/ 4 KB
2 KB 244ms
8ms Script
application/javascript 2600:9000:20eb:400:11:da61:a100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.dxmcdn.com/dta/wallawb.js
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:400:11:da61:a100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94c0a6a1ca27813a96c8286b7e1e6dee5b6af23babad416606784366748417b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: qZmD6iSiSNKopHEgv3XRn4Et4epkBb1Z
content-encoding: gzip
last-modified: Sun, 29 May 2022 13:46:35 GMT
server: AmazonS3
age: 7726
etag: W/"c6a8b1a7ee5ce83efe089c14c99eefad"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
date: Mon, 22 Aug 2022 08:24:23 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: j-C_3TDDyZsmQUlkR790rECmbzPS_IXjeMBaWn14IuNs8z-aqiwRtg==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 21ms
20ms Script
application/x-javascript 2600:9000:2304:5000:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:5000:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 08:57:12 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:50:34 GMT
server: nginx
age: 5670
etag: W/"62d7515a-933f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 19d23243200e63f987eb95cd84ad557c.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: VIE50-P1
x-amz-cf-id: JumRmK6nSuh5TH8jMMJ-7o6GDFaujJ9tJnt-aUFHHcOGObG91flQjg==
expires: Mon, 22 Aug 2022 10:57:12 GMT

GET
H2 200 almoni-neue-aaa-600.woff
celebs.walla.co.il/public/font/almoni/ 58 KB
59 KB 270ms
270ms Font
font/woff 54.230.167.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://celebs.walla.co.il/public/font/almoni/almoni-neue-aaa-600.woff
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.167.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-167-13.icn51.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer: https://celebs.walla.co.il/category/3602
Origin: https://celebs.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:14:51 GMT
via: 1.1 70fa2d688a6a04566eba85681d44174a.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 06:33:57 GMT
server: openresty/1.15.8.1
age: 1011
etag: W/"e954-182c4420408"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
x-amz-cf-pop: ICN51-C2
accept-ranges: bytes
content-length: 59732
x-cached: MISS
x-amz-cf-id: YfvzsNI1Zc9wguIZse0gJBbDFWYccHJhqPzynjL_X1VkhDzrSvaAHw==

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 174 B
494 B 331ms
105ms XHR
application/json 2a04:4e42:400::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=walla.co.il&domain=celebs.walla.co.il&path=%2Fcategory%2F3602
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 17aed8ce6f73a4a4dc487ea525f6f8a8b9c0af4423538719c9bb50bc9fe7b8c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:42 GMT
content-encoding: gzip
x-cache-hits: 0
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 141
x-served-by: cache-fra19138-FRA
access-control-allow-origin: *
x-timer: S1661164303.583445,VS0,VE98
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sat, 20 Aug 2022 10:31:42 GMT

GET
H2 200 wallaicons.woff
celebs.walla.co.il/public/font/fonticon/ 15 KB
15 KB 368ms
367ms Font
font/woff 54.230.167.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://celebs.walla.co.il/public/font/fonticon/wallaicons.woff
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.167.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-167-13.icn51.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer: https://celebs.walla.co.il/category/3602
Origin: https://celebs.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:14:51 GMT
via: 1.1 70fa2d688a6a04566eba85681d44174a.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 06:33:57 GMT
server: openresty/1.15.8.1
age: 1011
etag: W/"3bdc-182c4420408"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
x-amz-cf-pop: ICN51-C2
accept-ranges: bytes
content-length: 15324
x-cached: MISS
x-amz-cf-id: ZSpKMcG2W5R1OZK-e_-UAP1N_PIJjoyP1mDjermNif9JoIQtuXN-3w==

GET
H2 200 almoni-neue-aaa-200.woff
celebs.walla.co.il/public/font/almoni/ 58 KB
59 KB 972ms
971ms Font
font/woff 54.230.167.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://celebs.walla.co.il/public/font/almoni/almoni-neue-aaa-200.woff
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.167.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-167-13.icn51.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 86603f4ce9518ae254073f2db409d9ea59f3344a0a37a9064b27d353fc487d5c

Request headers

Referer: https://celebs.walla.co.il/category/3602
Origin: https://celebs.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:42 GMT
via: 1.1 70fa2d688a6a04566eba85681d44174a.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 06:33:57 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: ICN51-C2
etag: W/"e848-182c4420408"
x-cache: Miss from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 59464
x-cached: MISS
x-amz-cf-id: J1KqrzNFirYrFKXt7sIQWyMZAYGPubrGEadik6AUCYkn0KsA6fPTxA==

GET
H2 200 almoni-neue-aaa-800.woff
celebs.walla.co.il/public/font/almoni/ 58 KB
58 KB 979ms
979ms Font
font/woff 54.230.167.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://celebs.walla.co.il/public/font/almoni/almoni-neue-aaa-800.woff
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.167.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-167-13.icn51.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: ab5efe24966aca3d3addf00730f734a3fd62d552cc8c5dee2a837c057d62856a

Request headers

Referer: https://celebs.walla.co.il/category/3602
Origin: https://celebs.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:42 GMT
via: 1.1 70fa2d688a6a04566eba85681d44174a.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 06:33:57 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: ICN51-C2
etag: W/"e65c-182c4420408"
x-cache: Miss from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 58972
x-cached: MISS
x-amz-cf-id: pN_6imfL77EgrT_T7q9Sy_q_5CFDJqPfK0NyobGqQYxcO1x8CLPCTA==

GET
H2 200 148_248b4149632420b886ad_248b4149632420b886ad_walla.js Show response
celebs.walla.co.il/public/ 11 KB
4 KB 396ms
395ms Script
application/javascript 54.230.167.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://celebs.walla.co.il/public/148_248b4149632420b886ad_248b4149632420b886ad_walla.js
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.167.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-167-13.icn51.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: bdf39a7fddcfb048c35c871282ce0f1de7866e18be3cf1353da9262b509fa0e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/category/3602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 07:03:02 GMT
content-encoding: gzip
last-modified: Mon, 22 Aug 2022 06:37:09 GMT
server: openresty/1.15.8.1
age: 12519
etag: W/"2b34-182c444f208"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 70fa2d688a6a04566eba85681d44174a.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: ICN51-C2
x-amz-cf-id: IHiJZiKeddsdenMNkm6SUIKl8okvKkWoJdqKGx-HgAWr9cRWjzb6lQ==
x-cached: MISS

GET
H2 200 666_a754b947ab37692f33c5_a754b947ab37692f33c5_walla.js Show response
celebs.walla.co.il/public/ 307 KB
100 KB 409ms
408ms Script
application/javascript 54.230.167.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://celebs.walla.co.il/public/666_a754b947ab37692f33c5_a754b947ab37692f33c5_walla.js
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.167.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-167-13.icn51.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: e8980ce9ff6014145007d58e0a4b1d503ef200dab33c19fa57aed0445549c7d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/category/3602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 07:03:03 GMT
content-encoding: gzip
last-modified: Mon, 22 Aug 2022 06:37:09 GMT
server: openresty/1.15.8.1
age: 12519
etag: W/"4cdb8-182c444f208"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 70fa2d688a6a04566eba85681d44174a.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: ICN51-C2
x-amz-cf-id: 3t6COcbUKlg6DbdOZwtTKfJmtVUViKRjJ4QiqrZJYBZGfqVN3D5vgg==
x-cached: MISS

GET
H2 200 main_f2f7e5612901e6e74d54_f2f7e5612901e6e74d54_walla.js Show response
celebs.walla.co.il/public/ 1 MB
249 KB 409ms
408ms Script
application/javascript 54.230.167.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://celebs.walla.co.il/public/main_f2f7e5612901e6e74d54_f2f7e5612901e6e74d54_walla.js
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.167.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-167-13.icn51.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: c6cd2f306b26eb88c68ae2ff7e9f58d7abd14ec157ccc73470aed43bbec9c188

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/category/3602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 07:03:03 GMT
content-encoding: gzip
last-modified: Mon, 22 Aug 2022 06:37:09 GMT
server: openresty/1.15.8.1
age: 12519
etag: W/"1122db-182c444f208"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 70fa2d688a6a04566eba85681d44174a.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: ICN51-C2
x-amz-cf-id: QNPvEc2b1IEdVNyZXlvSJSsWGGIJ0dgYB3bUws6z0O4ZFQ5l0HCSLg==
x-cached: MISS

GET
H2 200 252_ac6585b8615b80eee9bf_ac6585b8615b80eee9bf_walla.js Show response
celebs.walla.co.il/public/ 19 KB
6 KB 410ms
409ms Script
application/javascript 54.230.167.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://celebs.walla.co.il/public/252_ac6585b8615b80eee9bf_ac6585b8615b80eee9bf_walla.js
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.167.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-167-13.icn51.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 2d9e5ddf3350ffa9ce25db3270c54cd041adae212f17de412da84479c904abb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/category/3602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 07:03:03 GMT
content-encoding: gzip
last-modified: Mon, 22 Aug 2022 06:37:09 GMT
server: openresty/1.15.8.1
age: 12519
etag: W/"4b23-182c444f208"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 70fa2d688a6a04566eba85681d44174a.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: ICN51-C2
x-amz-cf-id: 0bDaJ4lZAWmoCYx8vgcN_PqpypXqrxCrdHEoNqXdtyxoRCUQZ954ZQ==
x-cached: MISS

GET
H2 200 697_a77f240eefecff25edd8_a77f240eefecff25edd8_walla.js Show response
celebs.walla.co.il/public/ 54 KB
13 KB 435ms
434ms Script
application/javascript 54.230.167.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://celebs.walla.co.il/public/697_a77f240eefecff25edd8_a77f240eefecff25edd8_walla.js
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.167.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-167-13.icn51.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: f37d313e2bc0912d119a2a39eed573321b77a02b0ac85885b5eae3819006d49e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/category/3602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 07:03:03 GMT
content-encoding: gzip
last-modified: Mon, 22 Aug 2022 06:37:09 GMT
server: openresty/1.15.8.1
age: 12519
etag: W/"d743-182c444f208"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 70fa2d688a6a04566eba85681d44174a.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: ICN51-C2
x-amz-cf-id: TVSBa3j6UUc4NvD7EoifSvuI4OQwzr3s3jEO3pi49nnjj6p4_4CUVw==
x-cached: MISS

GET
H2 200 vertical_8b7ed50df7ee201c6e64_8b7ed50df7ee201c6e64_walla.js Show response
celebs.walla.co.il/public/ 376 KB
76 KB 470ms
469ms Script
application/javascript 54.230.167.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://celebs.walla.co.il/public/vertical_8b7ed50df7ee201c6e64_8b7ed50df7ee201c6e64_walla.js
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.167.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-167-13.icn51.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: b4aae76a11a337e8a27b081d31b34b3b2bd67c3d13536e8e3cbea845e554adc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/category/3602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 07:03:03 GMT
content-encoding: gzip
last-modified: Mon, 22 Aug 2022 06:37:09 GMT
server: openresty/1.15.8.1
age: 12519
etag: W/"5df87-182c444f208"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 70fa2d688a6a04566eba85681d44174a.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: ICN51-C2
x-amz-cf-id: utL89SVFBwP3JyFgpF2FdiHpmatEinDPeBxW91PRSrUdkH9ZIUTbfA==
x-cached: MISS

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 205 KB
71 KB 210ms
18ms Script
application/x-javascript 2.21.185.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.185.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c6a4a4b9633569ddf06238e5bedd237ad307b6e865b027fe46c04a91f251a1d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:42 GMT
content-encoding: gzip
last-modified: Mon, 22 Aug 2022 08:03:17 GMT
etag: "15-imT840bq6M9BAiU79JYnaMFw2Go"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 6896d6a0ee389e862b8ef1c033fdb464
timing-allow-origin: *, *
content-length: 72150

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 300ms
95ms Image
image/gif 34.239.29.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=walla.co.il&p=%2Fcategory%2F3602&u=B2FVQHChaOsACYKBJ&d=celebs.walla.co.il&g=20047&g0=%D7%A1%D7%9C%D7%91%D7%A1&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=6383&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3003&t=C4udzcCJFhxLPJCYeDNXJ5oDgR1yN&V=136&i=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%9C%D7%91%D7%A1%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%94%D7%9E%D7%A4%D7%95%D7%A8%D7%A1%D7%9E%D7%99%D7%9D%20%D7%95%D7%94%D7%A8%D7%9B%D7%99%D7%9C%D7%95%D7%AA%20%D7%94%D7%9B%D7%99%20%D7%A2%D7%93%D7%9B%D7%A0%D7%99%D7%95%D7%AA%20%D7%91%D7%96%D7%9E%D7%9F%20%D7%90%D7%9E%D7%AA&tz=0&sn=1&sv=dihkSDTaLEIMP5ATC1L7FzBSs5R6&sd=1&im=061b2fff&_
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.29.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-29-88.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:42 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 122ms
13ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5145
date: Mon, 22 Aug 2022 09:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 22 Aug 2022 11:05:57 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
18 KB 196ms
91ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T728TH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

977a2e79ce3b985d18b2dd84401ab84ea8846eeb4b5b6a1b75d4884686a62128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17434
x-xss-protection: 0
server: cafe
etag: 430741580945515585
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 22 Aug 2022 10:31:42 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 114ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aba13e76e0dfc68cd2710d1745d55c6b210cb2bec6ecd14a541615b685af8564

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26535
x-xss-protection: 0
pragma: public
x-fb-debug: 5wDtlp1VuaoDT/XAby09GI/39JgJ8K1XP4uAVj3G97nY8mCSHceddUwTkf5TCh1M+/mcmmjB9X0MQmqupIgP+A==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 22 Aug 2022 10:31:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK widget-c.js Show response
d29k50lkkhkjby.cloudfront.net/19762286-74a3/5/ 745 B
1 KB 111ms
7ms Script
application/javascript 18.66.92.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d29k50lkkhkjby.cloudfront.net/19762286-74a3/5/widget-c.js
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.92.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-92-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8099a196b2170630895f07f2cfe3300a710f47f9f15aa5a574e44237cff91619

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Tue, 10 May 2022 03:35:54 GMT
Via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 09 Feb 2017 14:13:37 GMT
Server: AmazonS3
Age: 9010549
ETag: "ddea3a811593486529ca061aaabe4dee"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=29030400, public
X-Amz-Cf-Pop: FRA56-P2
Accept-Ranges: bytes
Content-Length: 745
X-Amz-Cf-Id: dgh5jcGvBwEy2WwQkG0WlwAhTajics3huuGN0qEx7AGzheATMHPwVw==

GET
H2 403 bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js
cdn.permutive.com/ 0
0 66ms
12ms Script
text/html 104.19.149.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/bdbae668-c577-4545-8fc2-4ad4eab52b2c-web.js?d=2022-08-22
Requested by: Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 kahoona-idx-live.js Show response
d2r08ja41ypc0t.cloudfront.net/WALLA/ 13 KB
5 KB 60ms
7ms Script
application/javascript 2600:9000:223e:ba00:4:1c73:c740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Requested by: Host: cf.dxmcdn.com
URL: https://cf.dxmcdn.com/dta/wallawb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:ba00:4:1c73:c740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23ee019ef2423927859a995212bc2fc6e330a49de57bfd433e648444a9a31d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 14:52:50 GMT
content-encoding: br
last-modified: Sun, 21 Aug 2022 14:52:46 GMT
server: AmazonS3
age: 70733
etag: W/"ca90d6cc3542cf1609b65b01ee19121d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: OZL6_DRkRAsQu5zYU9lvzzd9NQ3Sr722
via: 1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
content-type: application/javascript
x-amz-cf-id: Sa77QVvg4OGxwY5hq5WfEufxz-EKI2yg15S-0R3jOGISlEJi8ps05Q==

GET
H/1.1 200
OK widget.js Show response
d2muzdhs7lpmo0.cloudfront.net/ 0
568 B 45ms
12ms Script
text/javascript 18.66.137.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2muzdhs7lpmo0.cloudfront.net/widget.js?id=19762286&secure&9228691
Requested by: Host: d29k50lkkhkjby.cloudfront.net
URL: https://d29k50lkkhkjby.cloudfront.net/19762286-74a3/5/widget-c.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-146.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:18 GMT
Content-Encoding: gzip
Connection: keep-alive
Age: 24
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript; charset=UTF-8
Via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache="set-cookie"
X-Amz-Cf-Pop: FRA60-P4
Content-Length: 20
X-Amz-Cf-Id: RJ8JRoY4N7MuNOGQMKF4cb-7UttiIiDRSxIaA7opWayvc6qNQUbLJQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 28ms
28ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2017877472&t=pageview&_s=1&dl=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&ul=en-us&de=UTF-8&dt=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%9C%D7%91%D7%A1%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%94%D7%9E%D7%A4%D7%95%D7%A8%D7%A1%D7%9E%D7%99%D7%9D%20%D7%95%D7%94%D7%A8%D7%9B%D7%99%D7%9C%D7%95%D7%AA%20%D7%94%D7%9B%D7%99%20%D7%A2%D7%93%D7%9B%D7%A0%D7%99%D7%95%D7%AA%20%D7%91%D7%96%D7%9E%D7%9F%20%D7%90%D7%9E%D7%AA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1915354423&gjid=1861969864&cid=361264882.1661164303&tid=UA-4780630-1&_gid=495573451.1661164303&_r=1&gtm=2wg8h0T728TH&cd1=&cd2=22&cd3=3602&cd4=&cd6=&cd7=&cd8=&cd24=0&cd26=&cd27=&cd28=&cd29=&cd30=&cd31=&cd32=%D7%A1%D7%9C%D7%91%D7%A1&cd33=not&cd34=&cd51=&cd53=&cd54=&cd55=&cd56=&cd59=&cd62=&cd63=&cd65=no&cd69=1&cd76=&cd98=&cd107=&cd108=no&cd109=no&cd110=&cd113=1&cd115=https%3A%2F%2Fcelebs.walla.co.il&cd116=0&z=414305318

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://celebs.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1616785908557850 Show response
connect.facebook.net/signals/config/ 293 KB
85 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1616785908557850?v=2.9.77&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

546c5ff47e84e2a5adf722061ea37976c7623e4478051faf0c64e5f634a67afa

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86259
x-xss-protection: 0
pragma: public
x-fb-debug: QISinebGhua9gz/b/EOE3aXsZPiEMuIYMeIh7iJAByWU7uh3ZZDGD7+L7yRhwzBN1AIWEXdfv9ZylaoAkmC3fw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 22 Aug 2022 10:31:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 init
hb-dot-valuad.appspot.com/ Frame 0
0 248ms
104ms Preflight
text/html 2a00:1450:400c:c1b::99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/init?d=pubsub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1b::99 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-request-id,x-vad-version
Access-Control-Request-Method: POST
Origin: https://celebs.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-request-id,x-vad-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://celebs.walla.co.il
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 22 Aug 2022 10:31:42 GMT
server: Google Frontend
x-cloud-trace-context: 460f0019594ceede1b298ae07d5525d3
x-request-id: undefined

POST
H3 200 init Show response
hb-dot-valuad.appspot.com/ 38 B
87 B 142ms
103ms Fetch
application/json 2a00:1450:400c:c1b::99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/init?d=pubsub
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c1b::99 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Accept: application/json
Referer: https://celebs.walla.co.il/
x-request-id: 780fa54c-4562-4b10-896b-98c4a2ee4ce3
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
x-vad-version: 0.8.3
Content-Type: application/json

Response headers

date: Mon, 22 Aug 2022 10:31:42 GMT
content-encoding: gzip
server: Google Frontend
etag: W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://celebs.walla.co.il
x-cloud-trace-context: 2821e760afbdaad8c2da46ffc5b9e847
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64
x-request-id: undefined

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 144ms
19ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-4780630-1&cid=361264882.1661164303&jid=1915354423&gjid=1861969864&_gid=495573451.1661164303&_u=YEBAAEAAAAAAAC~&z=457215247

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 22 Aug 2022 10:31:42 GMT
content-type: text/plain
access-control-allow-origin: https://celebs.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 170717926997655 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/170717926997655?v=2.9.77&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2b26ff454ff85d0314a51e7bfebcfbba899a17144990fd78cdb3125893214fbd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85897
x-xss-protection: 0
pragma: public
x-fb-debug: Zg2uOweGEHYugInhzaYiOe2MpNZPft6qlfJ0iYNEXDfnFO1/C7v4+TwgcgpSo/O9u0+pnglGXZGVqvW1AkRvRQ==
x-frame-options: DENY
date: Mon, 22 Aug 2022 10:31:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1661163945260
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 119ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1616785908557850&ev=PageView&dl=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&rl=&if=false&ts=1661164302695&sw=1600&sh=1200&v=2.9.77&r=stable&ec=0&o=30&fbp=fb.2.1661164302694.1448035634&it=1661164302626&coo=false&rqm=GET

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 22 Aug 2022 10:31:42 GMT

GET
H2

200

map-id
ledger.crowdad.io/
Redirect Chain

https://ib.adnxs.com/getuid?https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=48e98942-48d1-4f05-b49f-df1207778589&adnxsUserId=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fledger.crowdad.io%2Fmap-id%3FpublisherId%3DWALLA%26publisherUserId%3D%26kaUserId%3D48e98942-48d1-4f05-b49f-df1207778589%26adnxsUserId%3D%24UID
https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=48e98942-48d1-4f05-b49f-df1207778589&adnxsUserId=6626432182696934703

0
38 B

286ms
32ms

Image
text/plain

34.251.36.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=48e98942-48d1-4f05-b49f-df1207778589&adnxsUserId=6626432182696934703
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Server: 34.251.36.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-36-59.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:42 GMT
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 08a7e5a3-48a4-4a38-b9f3-0d84ddbb6788
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ledger.crowdad.io/map-id?publisherId=WALLA&publisherUserId=&kaUserId=48e98942-48d1-4f05-b49f-df1207778589&adnxsUserId=6626432182696934703
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/ 3 KB
2 KB 130ms
26ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/964224610/?random=1661164302701&cv=9&fst=1661164302701&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%9C%D7%91%D7%A1%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%94%D7%9E%D7%A4%D7%95%D7%A8%D7%A1%D7%9E%D7%99%D7%9D%20%D7%95%D7%94%D7%A8%D7%9B%D7%99%D7%9C%D7%95%D7%AA%20%D7%94%D7%9B%D7%99%20%D7%A2%D7%93%D7%9B%D7%A0&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0053e815ac09eba0d84d3d04cdc55e2440c8fc743936232e3f7484e9e4b4655a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1080
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
5 KB 110ms
7ms Script
application/javascript 18.66.97.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-73.fra56.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 09:59:30 GMT
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
server: nginx/1.20.0
age: 1948
etag: "61b8b8ab-1090"
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 4240
x-amz-cf-id: NJe6wsStcfgRtb4QBKiKYXWbrIogn91apXwrRLGxbqYGOxBGOkYjwg==
expires: Mon, 22 Aug 2022 10:59:14 GMT

GET
H2 200 fi_client.js Show response
ecdn.firstimpression.io/ 347 KB
92 KB 110ms
8ms Script
application/javascript 18.66.122.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.0 / PHP/8.0.14

Resource Hash

10f53c5206089aa86a4f8a34706a967236be397994df1f891672cad5a40e2d11

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 09:33:02 GMT
content-encoding: br
etag: W/"6db2b1f576b492ce789bd5762c3d802c"
last-modified: Mon, 22 Aug 2022 09:33:02 UTC
server: nginx/1.20.0
age: 3520
x-powered-by: PHP/8.0.14
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: M0RaVUIw-YIQrWiva3JwWFZANvmmp6S_raLFaG5JKyK3qbJ8y0OwoA==
x-xss-protection: 0

GET
H/1.1 200
OK Y2VsZWJzLndhbGxhLmNvLmls Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
463 B 418ms
18ms XHR
application/json 2.21.185.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/Y2VsZWJzLndhbGxhLmNvLmls
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.185.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-176.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 22 Aug 2022 10:31:43 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=8173
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 428a80ef4a37dd6c4be3fe3a3453aad6
Content-Length: 16
Expires: Mon, 22 Aug 2022 12:47:56 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 33ms
19ms Image
image/gif 2.21.185.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.185.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:42 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Wed, 21 Sep 2022 10:31:42 GMT

POST
H2 200 handshakes Show response
khn.crowdad.io/ 0
107 B 94ms
32ms XHR
text/plain 54.171.173.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://khn.crowdad.io/handshakes
Requested by: Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.173.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-173-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://celebs.walla.co.il
date: Mon, 22 Aug 2022 10:31:42 GMT
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 handshakes
khn.crowdad.io/ Frame 0
0 153ms
30ms Preflight 54.171.173.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://khn.crowdad.io/handshakes
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.173.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-173-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://celebs.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://celebs.walla.co.il
content-length: 0
date: Mon, 22 Aug 2022 10:31:42 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 98ms
52ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4780630-1&cid=361264882.1661164303&jid=1915354423&_u=YEBAAEAAAAAAAC~&z=1449393479

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 89ms
52ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4780630-1&cid=361264882.1661164303&jid=1915354423&_u=YEBAAEAAAAAAAC~&z=1449393479

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 84ms
24ms Image
image/x-icon 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Aug 2022 15:11:29 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 18ms
17ms Image
image/svg+xml 2.21.185.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.185.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:42 GMT
last-modified: Sun, 03 Jul 2022 06:49:40 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1656855957.074767"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Wed, 21 Sep 2022 10:31:42 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/964224610/ 42 B
548 B 67ms
25ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/964224610/?random=1661164302701&cv=9&fst=1661162400000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%9C%D7%91%D7%A1%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%94%D7%9E%D7%A4%D7%95%D7%A8%D7%A1%D7%9E%D7%99%D7%9D%20%D7%95%D7%94%D7%A8%D7%9B%D7%99%D7%9C%D7%95%D7%AA%20%D7%94%D7%9B%D7%99%20%D7%A2%D7%93%D7%9B%D7%A0&fmt=3&is_vtc=1&random=1789175178&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/964224610/ 42 B
548 B 61ms
27ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/964224610/?random=1661164302701&cv=9&fst=1661162400000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&tiba=%D7%95%D7%95%D7%90%D7%9C%D7%94!%20%D7%A1%D7%9C%D7%91%D7%A1%20%7C%20%D7%97%D7%93%D7%A9%D7%95%D7%AA%20%D7%94%D7%9E%D7%A4%D7%95%D7%A8%D7%A1%D7%9E%D7%99%D7%9D%20%D7%95%D7%94%D7%A8%D7%9B%D7%99%D7%9C%D7%95%D7%AA%20%D7%94%D7%9B%D7%99%20%D7%A2%D7%93%D7%9B%D7%A0&fmt=3&is_vtc=1&random=1789175178&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 19ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=170717926997655&ev=PageView&dl=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&rl=&if=false&ts=1661164302848&sw=1600&sh=1200&v=2.9.77&r=stable&ec=0&o=30&fbp=fb.2.1661164302694.1448035634&it=1661164302626&coo=false&rqm=GET

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 22 Aug 2022 10:31:42 GMT

GET
H2 200 spc_fi.php Show response
cdn.firstimpression.io/delivery/ 54 KB
9 KB 172ms
140ms XHR
application/json 13.225.78.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=6960&url=%2Fcategory%2F3602&charset=UTF-8&ch=10&ref=celebs.walla.co.il&viewerId=null&referer=&_firid=72227687
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-13.fra2.r.cloudfront.net
Software: nginx/1.20.0 / PHP/8.0.14
Resource Hash: e823d7579b5cb6517974da0229aee83fbb112428115f07c7ff50539f46552a1e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C2
x-powered-by: PHP/8.0.14
x-cache: Miss from cloudfront
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
access-control-allow-origin: https://celebs.walla.co.il
server: nginx/1.20.0
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: yTqm7BHuyE-wJoV6jUTcYIAwYm5Ehi0OOyQRhTfYmY__oNwNtU6YHg==
expires: 0

GET
H2 200 prebidamp.js Show response
ecdn.firstimpression.io/static/js/ 312 KB
88 KB 25ms
8ms Script
application/javascript 18.66.122.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-119.fra60.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer: https://celebs.walla.co.il/
Origin: https://celebs.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 09:35:44 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 15:30:51 GMT
server: nginx/1.20.0
age: 3359
etag: W/"61b8b8ab-4e128"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: RT8uYt3-MdFNrwb6_Rulha7sXp8SCWIDSMx6H8jYitZB4Twsl59HOQ==
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
expires: Mon, 22 Aug 2022 10:35:44 GMT

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ 26 KB
10 KB 35ms
17ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://celebs.walla.co.il/
Origin: https://celebs.walla.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size: 8874
age: 3704
x-jsd-version: 1.13.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19137-FRA, cache-hhn4071-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fiuH6jL7WkCn0GdD4uXJ9l01J8GwuW3sep3lZUq5BK4TXMvBfEvwbae7TbMTDhZPgOq3ZzW3XY6NkJElQRw0MesB%2F8cCNkksY2fX9o68Iz28xasC8%2FA5dwmpqwLJwQZ7ln%2B%2FrND3F%2BuGdMeEQ3k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 73eaf0be9ba99972-FRA

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 57ms
28ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

sffe /

Resource Hash

adfc9e15adfb30bce78ae0b3a77474ad4202805062aa8b58755c56ac3e4e3100

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28489
x-xss-protection: 0
server: sffe
etag: "1310 / 343 of 1000 / last-modified: 1661157893"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 22 Aug 2022 10:31:43 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 159 KB
41 KB 35ms
8ms Script
application/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 925ed48219a2d3c339c5d288fdae3f965efbca0e5ee4e369b7dcbb04b6ade06f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 22 Aug 2022 10:06:39 GMT
via: 1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
last-modified: Mon, 15 Aug 2022 16:12:00 GMT
server: AmazonS3
age: 1505
etag: W/"52a6bc60961c702869c58b9d159c8e37"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA2-C1
content-encoding: gzip
x-amz-cf-id: tSkv0rrSMAthurCDuxEa7g-mB2a0AdOxZDAWffd1lqpWe_oORCdmQA==

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 414ms
89ms XHR
application/json 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1661164303134&sessionId=c770f5bf-5d25-f3c0-2955-1209c0181199&url=celebs.walla.co.il&cheqSource=1&cheqEvent=3&responseTime=420
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:43 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: a05b187a7988d906b657d2323cc96ab1
Content-Length: 4
Expires: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame B6D2 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://celebs.walla.co.il
Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://celebs.walla.co.il
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 10:31:43 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 391_df5e98fd29f73d607b4e_df5e98fd29f73d607b4e_walla.js Show response
celebs.walla.co.il/public/ 121 KB
36 KB 257ms
257ms Script
application/javascript 54.230.167.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://celebs.walla.co.il/public/391_df5e98fd29f73d607b4e_df5e98fd29f73d607b4e_walla.js
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/public/main_f2f7e5612901e6e74d54_f2f7e5612901e6e74d54_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.167.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-167-13.icn51.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 7ba8fbb7fe453e19a85a7919f4f66bf34568286b7514b20903de7db74d718484

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/category/3602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 07:03:07 GMT
content-encoding: gzip
last-modified: Mon, 22 Aug 2022 06:37:09 GMT
server: openresty/1.15.8.1
age: 12516
etag: W/"1e4c9-182c444f208"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 70fa2d688a6a04566eba85681d44174a.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: ICN51-C2
x-amz-cf-id: 3LcLnBxtVHzE-SB1I-lY4wGhXTnXZ7N-rWpVfCZ34OsDvmNRZvrSIQ==
x-cached: MISS

GET
H2 200 PikudInner_793046046c897b90f78e_793046046c897b90f78e_walla.js Show response
celebs.walla.co.il/public/ 3 KB
2 KB 257ms
257ms Script
application/javascript 54.230.167.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://celebs.walla.co.il/public/PikudInner_793046046c897b90f78e_793046046c897b90f78e_walla.js
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/public/main_f2f7e5612901e6e74d54_f2f7e5612901e6e74d54_walla.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.167.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-167-13.icn51.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 32e55f966e5d42979013d87e8a4de77fd04e331af39070fd2f21404a04aae61b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/category/3602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 07:03:07 GMT
content-encoding: gzip
last-modified: Mon, 22 Aug 2022 06:37:09 GMT
server: openresty/1.15.8.1
age: 12516
etag: W/"cfc-182c444f208"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 70fa2d688a6a04566eba85681d44174a.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: ICN51-C2
x-amz-cf-id: HaNmJ1dpn3pZraue_dOWcQhXgCnhP1VfnYpLdBN5lUatTmNUYSt8tg==
x-cached: MISS

GET
H3 200 page.php Show response
www.facebook.com/plugins/ Frame BC9E 45 KB
14 KB 66ms
66ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallacelebs&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/public/666_a754b947ab37692f33c5_a754b947ab37692f33c5_walla.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eafdb8331003c43202a18c4ac8622825dcc19870b233be564e8dfd164a21ae94

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Mon, 22 Aug 2022 10:31:43 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: lHfagNzKQIlZfbHJgARB0Q/A4ggabf4JgnknrWD2qWhvTf2anCh4YNVbs5nf2jG89nhHse+SjNg76Zy7bU80gg==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 close.png
celebs.walla.co.il/public/assets/ads/ 1 KB
1 KB 731ms
730ms Image
image/png 54.230.167.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://celebs.walla.co.il/public/assets/ads/close.png
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.167.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-167-13.icn51.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 526570790fb55c7376917efb0561bac7302c8946d3cfb0daf15e3669c6ee1ee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/category/3602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:44 GMT
via: 1.1 70fa2d688a6a04566eba85681d44174a.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 06:33:57 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: ICN51-C2
etag: W/"46c-182c4420408"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1132
x-cached: MISS
x-amz-cf-id: FSpGk70iZ5XJNoOM7ANcNA3J4l6xL_wO9LEmcXvVUgmkBMpicmeQAQ==

GET
H2 200 3412487-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_500,t_54/3/4/1/2/ 14 KB
15 KB 65ms
16ms Image
image/avif 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_500,t_54/3/4/1/2/3412487-46.jpg
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 7bd60151c5c5ddf220eafe6e3c8758640f16cdbe26853bbf57ba29eb102141ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 08:41:59 GMT
via: 1.1 varnish, 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
age: 92984
edge-cache-tag: 261115361392729714266943188119322447389,163033824620003494124992686043896153512,d2bce9e04f88d43dd8350e859c701704
cache-tag: 261115361392729714266943188119322447389,163033824620003494124992686043896153512,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 14753
x-request-id: 0bc091016f63f3993c7ae36e605ae655
x-served-by: cache-lga21943-LGA
last-modified: Sun, 21 Aug 2022 08:42:00 GMT
server: cloudinary
x-timer: S1661071316.598750,VS0,VE4049
etag: "627eeef61392a9cb87879bb0a3eaa8bd"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: tPTgZMZ8xlhDsjCq9-ba0VY-46O3scUKdl9ZrrxiiG4MQoW8GLqb7A==
x-cache-hits: 0

GET
H2 200 3422796-46.png
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/2/2/ 5 KB
6 KB 71ms
21ms Image
image/avif 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/2/2/3422796-46.png
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 695684355aff715cbb505f3fdb0761f727933b8a5bff6fbcdd72e98834102585

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 09:05:42 GMT
via: 1.1 varnish, 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
age: 264361
edge-cache-tag: 178660820987800187314990213035566484104,242814604961390431684696376094765483923,d2bce9e04f88d43dd8350e859c701704
cache-tag: 178660820987800187314990213035566484104,242814604961390431684696376094765483923,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 5492
x-request-id: 7c3705a3ab452b833b5a9ea7d37345ca
x-served-by: cache-lga21920-LGA
last-modified: Fri, 19 Aug 2022 09:05:43 GMT
server: cloudinary
x-timer: S1660899942.188985,VS0,VE526
etag: "b51dc8528758d8cd1d9c699962e8677e"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: SqynRqlCGFKN4D3y28dDzpdnktcJ8ad72VjHEy6pAKTLChHRh03Xdg==
x-cache-hits: 0

GET
H2 200 3348249-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/3/4/8/ 4 KB
5 KB 71ms
22ms Image
image/avif 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/3/4/8/3348249-46.jpg
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 8060bc0d7ec4062225b06bce6578940e8d6907b9a414a959e40883906e1a6d25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 09:20:23 GMT
via: 1.1 varnish, 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
age: 349880
edge-cache-tag: 288043015596089181850306694512137818899,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag: 288043015596089181850306694512137818899,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 4178
x-request-id: 143c38162a65cbcc8314a2e5b9b053ff
x-served-by: cache-iad-kjyo7100053-IAD
last-modified: Thu, 18 Aug 2022 09:20:24 GMT
server: cloudinary
x-timer: S1660814423.066512,VS0,VE336
etag: "59f4075dc885e8130c27e5360ddc2844"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: lkB4pifH5PY5gkV-pmUudDPDZOGS0W9QVLvR241cWusm5Cr5Ix6EDQ==
x-cache-hits: 0

GET
H2 200 2232307-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/2/2/3/2/ 10 KB
11 KB 70ms
20ms Image
image/avif 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/2/2/3/2/2232307-46.jpg
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 06d1ad7d2719350395c9c8d7c19f58fcb115451063fd1587c0da6cb2b6ee3461

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 12:45:56 GMT
via: 1.1 varnish, 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
age: 423947
edge-cache-tag: 301199930164425150519382783644219563032,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag: 301199930164425150519382783644219563032,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 10140
x-served-by: cache-iad-kiad7000093-IAD
last-modified: Sat, 01 Jan 2022 16:52:01 GMT
server: cloudinary
x-timer: S1660740356.013189,VS0,VE84
etag: "be707497128868d2544e62243816a6e6"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: sck37vIK9WSoXRDpe7uINjOtZI35Bxk-w29iz8Zg-wxbq1F-CBVgug==
x-cache-hits: 0

GET
H2 200 3284711-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/2/8/4/ 6 KB
7 KB 69ms
20ms Image
image/avif 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/2/8/4/3284711-46.jpg
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 7f9d544139318d93a7e88cd59b6be34d600d86f69c09a18b8672659f1d6f1557

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 11:59:54 GMT
via: 1.1 varnish, 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
age: 945109
edge-cache-tag: 314504507519670538573759068244974966492,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag: 314504507519670538573759068244974966492,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 6381
x-served-by: cache-lga21939-LGA
last-modified: Tue, 31 May 2022 12:14:31 GMT
server: cloudinary
x-timer: S1660219195.670108,VS0,VE1
etag: "c5de3c6f534c2ebd146f22fe37b70460"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: jTuVLGVyY3yAy6R2SwhFMtsCCzsnLWCIqSZ7Lyiqsn6qrAE42QhAzQ==
x-cache-hits: 1

GET
H2 200 3421768-46.png
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/2/1/ 3 KB
4 KB 70ms
21ms Image
image/avif 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/2/1/3421768-46.png
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: d67cebdd1096b2eb41e1e2c38e5f9da09621dd3d7dd7765b555af1aa037e0fe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 10:25:51 GMT
via: 1.1 varnish, 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
age: 605152
edge-cache-tag: 272216793996679056130179728092413978674,242814604961390431684696376094765483923,d2bce9e04f88d43dd8350e859c701704
cache-tag: 272216793996679056130179728092413978674,242814604961390431684696376094765483923,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 3581
x-request-id: 1d0cc7e1aea0de4e63828f82b449af0e
x-served-by: cache-iad-kjyo7100059-IAD
last-modified: Mon, 15 Aug 2022 10:25:50 GMT
server: cloudinary
x-timer: S1660559152.618073,VS0,VE12
etag: "e971ed158a049b0628db4f860c35a8a3"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: aCBgDwBMvp0wX4A38H1Vr4y9t_8rEy473YdspwzF62_1PSy9_OEClw==
x-cache-hits: 1

GET
H2 200 3409567-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_400,t_54/3/4/0/9/ 7 KB
8 KB 50ms
13ms Image
image/avif 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_400,t_54/3/4/0/9/3409567-46.jpeg
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 6de0d56c001cfbd5b92b94cff4f4bfc195a62710692796342a7e6d74a3e93635

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 10:04:11 GMT
via: 1.1 varnish, 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
age: 3025652
edge-cache-tag: 162828009415301591308200810933405595421,99247679483240431186008957634236559711,d2bce9e04f88d43dd8350e859c701704
cache-tag: 162828009415301591308200810933405595421,99247679483240431186008957634236559711,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 7095
x-request-id: a9166664d3cde8073fcc99bdc1f96ad1
x-served-by: cache-lga21931-LGA
last-modified: Mon, 18 Jul 2022 10:04:12 GMT
server: cloudinary
x-timer: S1658138646.323993,VS0,VE5192
etag: "4e5c9eb9d338bf427bcd40fda8d7dc27"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: AJ7UC-FGQvgBXHZ4abTkroS_lT3o9TiitXdslxaKWfCmza_MAOBa0Q==
x-cache-hits: 0

GET
H2 200 3424322-46.png
images.wcdn.co.il/f_auto,q_auto,w_400,t_54/3/4/2/4/ 10 KB
11 KB 50ms
13ms Image
image/avif 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_400,t_54/3/4/2/4/3424322-46.png
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 949f17683c0a802cddc0bd80a6ed8cfc73f48bec3445f9ea044fb509c78d277e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 07:25:56 GMT
via: 1.1 varnish, 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
age: 11147
edge-cache-tag: 183984369492111478196526927166131348657,116951997087031154823664609699217278811,d2bce9e04f88d43dd8350e859c701704
cache-tag: 183984369492111478196526927166131348657,116951997087031154823664609699217278811,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 10447
x-served-by: cache-iad-kjyo7100029-IAD
last-modified: Mon, 22 Aug 2022 07:24:14 GMT
server: cloudinary
x-timer: S1661153156.296272,VS0,VE32
etag: "e0780f3fb39faa4e54b61a6c20aa0203"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: So9Z8w55sxAl7c_7tUVSWlm1b1NP6QFGILlbTHN9oCOXnZV8Rd-49w==
x-cache-hits: 0

GET
H2 200 3424799-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_400,t_54/3/4/2/4/ 11 KB
11 KB 9ms
8ms Image
image/avif 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_400,t_54/3/4/2/4/3424799-46.jpeg
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: 652aec1083d28daf2ee885b2c53765f769108c6c1b1adc22218c571aae5bc465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 08:08:24 GMT
via: 1.1 varnish, 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
age: 8599
edge-cache-tag: 240614596733299440577392886554300028186,99247679483240431186008957634236559711,d2bce9e04f88d43dd8350e859c701704
cache-tag: 240614596733299440577392886554300028186,99247679483240431186008957634236559711,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 10810
x-request-id: 33aee5d9a6ceb270daf3f7ab7cc5e41d
x-served-by: cache-lga21952-LGA
last-modified: Mon, 22 Aug 2022 08:08:25 GMT
server: cloudinary
x-timer: S1661155704.588625,VS0,VE749
etag: "3a71b6846f2e25d8480140f7d87f267b"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: qLc2dqnS9mNqWjqF2_AJTGyMbLugi-fhjEyNofzXXRpjFkz41VmhVA==
x-cache-hits: 0

GET
H2 200 3424179-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_400,t_54/3/4/2/4/ 14 KB
15 KB 14ms
13ms Image
image/avif 18.66.122.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.wcdn.co.il/f_auto,q_auto,w_400,t_54/3/4/2/4/3424179-46.jpeg
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-25.fra60.r.cloudfront.net
Software: cloudinary /
Resource Hash: f8b3d24f8eba8b74d47102fa1d7f8082236f9f9f0bac103b478e5304bb8bd7c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 07:50:07 GMT
via: 1.1 varnish, 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
age: 96096
edge-cache-tag: 312133550629977615328029833980445888161,99247679483240431186008957634236559711,d2bce9e04f88d43dd8350e859c701704
cache-tag: 312133550629977615328029833980445888161,99247679483240431186008957634236559711,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 14563
x-request-id: 34e6db8d9ee5900106ab0f5754b66183
x-served-by: cache-iad-kiad7000024-IAD
last-modified: Sun, 21 Aug 2022 07:50:08 GMT
server: cloudinary
x-timer: S1661068207.502095,VS0,VE1067
etag: "de807053bf71ce59485ab33bd58bc0b1"
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: HkQruC75pC9u_E-HuNJtzrvDmUeN9aH_QA2uDmx2nHzhDGxj7h3BxQ==
x-cache-hits: 0

GET
H2 200 walla-sprite.svg
celebs.walla.co.il/public/assets/icons/ 19 KB
6 KB 762ms
762ms Image
image/svg+xml 54.230.167.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://celebs.walla.co.il/public/assets/icons/walla-sprite.svg
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.167.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-167-13.icn51.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 3241bf3866d5c2c02fd32bc792aa155f587efc0780ad197d0040d3377ff5af3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/category/3602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:44 GMT
content-encoding: gzip
last-modified: Mon, 22 Aug 2022 06:33:57 GMT
server: openresty/1.15.8.1
x-amz-cf-pop: ICN51-C2
etag: W/"4a05-182c4420408"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
via: 1.1 70fa2d688a6a04566eba85681d44174a.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-id: qmFFxPY556eZYDJXQmuFCbhiwxeF7HTQHC00VjISnvAESQcJfYC-Rg==
x-cached: MISS

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 262 KB
81 KB 85ms
21ms Script
text/javascript 2.21.184.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-184-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
content-encoding: gzip
last-modified: Wed, 14 Jul 2021 08:22:46 GMT
server: Apache
etag: "1481c32-41771-5c7110f340cdf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=159955
accept-ranges: bytes
content-type: text/javascript
content-length: 82748
expires: Wed, 24 Aug 2022 06:57:38 GMT

GET
H2 200 / Show response
csync.smilewanted.com/ 6 KB
2 KB 50ms
26ms Script
application/javascript 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e000cd23f80b9d053efb8bad2dc4a959b0a54e1cce90211acd5ed3f35e4dda7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
cf-ray: 73eaf0c2b9e26934-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 27ms
15ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220822

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ea2697dd2d0350ed84ce89be6bc75e8462ad5d56e0d70d53c869df80ab8236a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 27040
x-jsd-version: 1.0.1439
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19129-FRA, cache-cdg20752-CDG
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"669-U3xo+2ctiPtvj8ftIPnQBFf1f4E"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iajnm8b2alCL3ohUpcZRTOz%2FN%2Fg9aqSTu%2B1W0XTHiMAh5PPRdIRd4JQowD5qckNky8z0AsVAYSuSKeRXPzH9I7umTlKyKvewk7pPZ3NL5W9Cro1H7aXaTpWOHKwaC89B2ZVYJKW%2FaHKhrEYCHmY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 73eaf0c2b93b90dc-FRA
access-control-expose-headers: *

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
941 B 43ms
18ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1200710
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUD9wJj%2FE6tnt1aG8hDspmO54%2B%2BVQqMfrgxM55Nz5SrxKO2g6YoRaDN7NTU8lUovvNKClbVxinL6KumfUtMRnCAagKjpehkK1RU5F0c7KQcEZDRZY%2FBnuuX2mwA14uVdy7ZLiRf4Uv78gIGN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 73eaf0c2de19bb47-FRA

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
340 B 134ms
13ms XHR
application/json 81.17.55.160
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:43 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://celebs.walla.co.il
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
340 B 134ms
14ms XHR
application/json 81.17.55.160
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:43 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://celebs.walla.co.il
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
340 B 134ms
13ms XHR
application/json 81.17.55.160
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:43 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://celebs.walla.co.il
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
560 B 197ms
77ms XHR
application/json 81.17.55.160
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:43 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://celebs.walla.co.il
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
316 B 72ms
38ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.14.0&cb=47292186543

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://celebs.walla.co.il
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
509 B 164ms
114ms XHR
application/json 18.193.179.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.14.0&referrer=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&tmax=3000

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.193.179.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-193-179-62.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:43 GMT
accept-ch: sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model
content-type: application/json; charset=utf-8
access-control-allow-origin: https://celebs.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
118 B 133ms
62ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://celebs.walla.co.il
date: Mon, 22 Aug 2022 10:31:42 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 95 B
751 B 176ms
126ms XHR
application/json 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.14.0
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: ba3addf6288e60afb823aaba18a1293b1cd9e30cc7e6e50597f2370785273b0b

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://celebs.walla.co.il
access-control-allow-credentials: true
x-sovrn-pod: ad_ap5ams1
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 100

POST
H/1.1 204
No Content / Show response
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ 0
148 B 93ms
14ms XHR
text/plain 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Connection: keep-alive
Access-Control-Allow-Origin: https://celebs.walla.co.il
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 36 KB
12 KB 175ms
175ms XHR
application/json 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

eed88876ccaefe77656232c2c95348cd1b0e4f6c266cfcdb7be9d57a7c67e61d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 22 Aug 2022 10:31:43 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a12a2423-3361-42b3-b81d-85c5405c8591
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://celebs.walla.co.il
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 323 B
1 KB 140ms
51ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Ftop_desktop&tk_flint=pbjs_lite_v6.14.0&x_source.tid=ae29dc6a-3e29-4518-8aa6-3b5cd96b145f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Ftop_desktop&slots=1&rand=0.21949567443843954
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: be19f007a52a734cc1a3afb680e0a5655c89a49696bb4961c6c4843aac88e90a

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:43 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://celebs.walla.co.il
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 323
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 326 B
1 KB 124ms
36ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Fskyscraper_desktop&tk_flint=pbjs_lite_v6.14.0&x_source.tid=e43f787e-9e3f-4e0a-9499-24a4a1fe3862&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Fskyscraper_desktop&slots=1&rand=0.5942917813572819
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 11a8f445cc74e5bf480601b0086a7f9cf062d1fe137cc370611c53111b415173

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:43 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://celebs.walla.co.il
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 326
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 331 B
1 KB 165ms
78ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&alt_size_ids=10%2C54&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Frectangle1_desktop&tk_flint=pbjs_lite_v6.14.0&x_source.tid=b96c532e-e751-4b47-8ec2-9866b7eb7217&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Frectangle1_desktop&slots=1&rand=0.36917579107331777
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 74ea281d15e67a5f0b5dce21e8fd45c9ce60495d95848de66f7cdc6d86f3b85a

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:43 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://celebs.walla.co.il
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 331
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 328 B
1 KB 133ms
44ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431740&zone_id=2465510&size_id=15&alt_size_ids=10&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&tg_i.pbadslot=43010785%2Fwallanews%2Finnerpages%2Frectangle3_desktop&tk_flint=pbjs_lite_v6.14.0&x_source.tid=533b7967-a618-4275-935c-1b28f3efdd1b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fwallanews%2Finnerpages%2Frectangle3_desktop&slots=1&rand=0.6481844649220385
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 12771534a5443ec5f802aeec3f4f97fc8e2250f3a5662052cf5c9f248d2ac27e

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:43 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://celebs.walla.co.il
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 328
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
172 B 57ms
15ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Mon, 22 Aug 2022 10:31:42 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://celebs.walla.co.il
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
641 B 232ms
201ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=715831&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22646903165d0ccd2%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.14.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2265b11657c7a2b8a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A180%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22970x180%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A350%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22970x350%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Finnerpages%2Ftop_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Finnerpages%2Ftop_desktop%22%7D%7D%2C%7B%22id%22%3A%2268bcd8a43533b75%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22160x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Finnerpages%2Fskyscraper_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Finnerpages%2Fskyscraper_desktop%22%7D%7D%2C%7B%22id%22%3A%22706faee38f635d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x1050%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Finnerpages%2Frectangle1_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Finnerpages%2Frectangle1_desktop%22%7D%7D%2C%7B%22id%22%3A%227212f8e68774f25%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715831%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fwallanews%2Finnerpages%2Frectangle3_desktop%22%2C%22gpid%22%3A%2243010785%2Fwallanews%2Finnerpages%2Frectangle3_desktop%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valuad.io%22%2C%22sid%22%3A%2215113%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2624db53afb428d323d16eb338bbc38b83e402d0646dbe8d74faf9be5d97d807

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Aug 2022 10:31:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJFj6f7iXrr%2F9rbi4Xjj7S4YiXXDCyKtqOm65se4eHeNAY%2FjP9NJqyzG89BQid45WNxLHUfZG%2FqObF28fTgi5g3J8dII1uOHzPLOWwebsFaOe2%2BVOGF0ujmhP9FT6zrJR025cWmb"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://celebs.walla.co.il
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 73eaf0c32dd29142-FRA
expires: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
340 B 108ms
15ms XHR
application/json 81.17.55.160
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:43 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://celebs.walla.co.il
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
340 B 109ms
16ms XHR
application/json 81.17.55.160
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:43 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://celebs.walla.co.il
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
37 B 50ms
37ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://celebs.walla.co.il
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 73eaf0c30a526934-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
37 B 47ms
35ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://celebs.walla.co.il
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 73eaf0c30a4c6934-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
70 B 46ms
34ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://celebs.walla.co.il
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 73eaf0c30a576934-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
37 B 52ms
40ms XHR
text/plain 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://celebs.walla.co.il
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 73eaf0c30a556934-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
365 B 79ms
17ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://celebs.walla.co.il
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 arj Show response
u.openx.net/w/1.0/ 73 B
380 B 69ms
20ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ae29dc6a-3e29-4518-8aa6-3b5cd96b145f%2Ce43f787e-9e3f-4e0a-9499-24a4a1fe3862%2Cb96c532e-e751-4b47-8ec2-9866b7eb7217%2C533b7967-a618-4275-935c-1b28f3efdd1b&nocache=1661164303835&ph=699eab9c-3b10-4094-afdb-80584fcca830&schain=1.0%2C1!valuad.io%2C15113%2C1%2C%2C%2C&aus=728x90%2C970x90%2C970x180%2C970x250%2C970x350%7C120x600%2C160x600%7C300x250%2C300x600%2C300x1050%7C300x600%2C300x250&divids=adSlot-0%2CadSlot-1%2CadSlot-5%2CadSlot-6&aucs=43010785%252Fwallanews%252Finnerpages%252Ftop_desktop%2C43010785%252Fwallanews%252Finnerpages%252Fskyscraper_desktop%2C43010785%252Fwallanews%252Finnerpages%252Frectangle1_desktop%2C43010785%252Fwallanews%252Finnerpages%252Frectangle3_desktop&auid=544104782%2C544104782%2C544104782%2C544104782
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 0fb73048a6515d031394c95de788233f0b6c423920da5aba88bd607c511b0e8b

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:43 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://celebs.walla.co.il
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 114 B
1023 B 77ms
33ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d9ffe7979d7206b416ed762e72ec527ba5478bb63f750d9feae183c84375017

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
x-warn: Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: adSlot-0, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: adSlot-5, Process Shapings. Seat shared_pubmatic: No adunits with mapping rule and shaping, Process Shapings. Seat shared_onetag: No adunits with mapping rule and shaping, Process Shapings. Seat shared_drbanner: No adunits with mapping rule and shaping, Process Shapings. Seat shared_rubicon: No adunits with mapping rule and shaping, Process Shapings. Seat shared_improvedigital: No adunits with mapping rule and shaping
content-encoding: gzip
x-err: Shapings: no adunits with size and seat and mapping
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://celebs.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 73eaf0c34fa7911e-FRA
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 23 KB
8 KB 178ms
152ms XHR
application/json 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

d76ace00d34efcb2210ab021ca75c37e2401b69996584bd82137e1dbc56cae4b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 22 Aug 2022 10:31:44 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7ebf6bb3-9509-4768-81b2-3371cac9f41a
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://celebs.walla.co.il
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 93ms
23ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=celebs.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Aug 2022 10:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 98ms
25ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=celebs.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Aug 2022 10:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 6 KB
480 B 408ms
407ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2661208275155038&correlator=2051386204149879&eid=31068927%2C31069001%2C44768682%2C44764001&output=ldjh&gdfp_req=1&vrg=2022081501&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cinnerpages%2Cnickbar_desktop%2Cprestitial_desktop%2Cvideo_slider_desktop%2Crm1_desktop%2Crm2_desktop%2Crm3_desktop%2Crm4_desktop%2Crm5_desktop%2Crm6_desktop%2Crm7_desktop%2Crm8_desktop%2Crm9_desktop%2Crm10_desktop%2Crm11_desktop%2Crm12_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10%2C0%2F1%2F2%2F11%2C0%2F1%2F2%2F12%2C0%2F1%2F2%2F13%2C0%2F1%2F2%2F14%2C0%2F1%2F2%2F15%2C0%2F1%2F2%2F16%2C0%2F1%2F2%2F17&prev_iu_szs=970x40%7C970x50%7C970x80%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ifi=1&adks=578455068%2C3148174723%2C2933179666%2C955607526%2C1550663177%2C1136517158%2C2820594070%2C2093082829%2C1128514503%2C238374448%2C3567052723%2C199825891%2C3619221830%2C3200492286%2C2429947439&sfv=1-0-38&ists=12287&fsapi=false&prev_scp=slot_name%3Dnickbar_desktop%26exclusive%3Dnot%26page_type%3Dcategory%26vertical_id%3D22%26vertical_name%3Dcelebs%26category_id%3D3602%26mobile%3D0%26vertical_eng_name%3Dcelebs%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fcelebs.walla.co.il%26strip_step%3D1%7Cslot_name%3Dprestitial_desktop%26exclusive%3Dnot%26page_type%3Dcategory%26vertical_id%3D22%26vertical_name%3Dcelebs%26category_id%3D3602%26mobile%3D0%26vertical_eng_name%3Dcelebs%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fcelebs.walla.co.il%26strip_step%3D1%7Cslot_name%3Dvideo_slider_desktop%26exclusive%3Dnot%26page_type%3Dcategory%26vertical_id%3D22%26vertical_name%3Dcelebs%26category_id%3D3602%26mobile%3D0%26vertical_eng_name%3Dcelebs%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fcelebs.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm1_desktop%26exclusive%3Dnot%26page_type%3Dcategory%26vertical_id%3D22%26vertical_name%3Dcelebs%26category_id%3D3602%26mobile%3D0%26vertical_eng_name%3Dcelebs%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fcelebs.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm2_desktop%26exclusive%3Dnot%26page_type%3Dcategory%26vertical_id%3D22%26vertical_name%3Dcelebs%26category_id%3D3602%26mobile%3D0%26vertical_eng_name%3Dcelebs%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fcelebs.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm3_desktop%26exclusive%3Dnot%26page_type%3Dcategory%26vertical_id%3D22%26vertical_name%3Dcelebs%26category_id%3D3602%26mobile%3D0%26vertical_eng_name%3Dcelebs%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fcelebs.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm4_desktop%26exclusive%3Dnot%26page_type%3Dcategory%26vertical_id%3D22%26vertical_name%3Dcelebs%26category_id%3D3602%26mobile%3D0%26vertical_eng_name%3Dcelebs%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fcelebs.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm5_desktop%26exclusive%3Dnot%26page_type%3Dcategory%26vertical_id%3D22%26vertical_name%3Dcelebs%26category_id%3D3602%26mobile%3D0%26vertical_eng_name%3Dcelebs%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fcelebs.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm6_desktop%26exclusive%3Dnot%26page_type%3Dcategory%26vertical_id%3D22%26vertical_name%3Dcelebs%26category_id%3D3602%26mobile%3D0%26vertical_eng_name%3Dcelebs%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fcelebs.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm7_desktop%26exclusive%3Dnot%26page_type%3Dcategory%26vertical_id%3D22%26vertical_name%3Dcelebs%26category_id%3D3602%26mobile%3D0%26vertical_eng_name%3Dcelebs%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fcelebs.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm8_desktop%26exclusive%3Dnot%26page_type%3Dcategory%26vertical_id%3D22%26vertical_name%3Dcelebs%26category_id%3D3602%26mobile%3D0%26vertical_eng_name%3Dcelebs%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fcelebs.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm9_desktop%26exclusive%3Dnot%26page_type%3Dcategory%26vertical_id%3D22%26vertical_name%3Dcelebs%26category_id%3D3602%26mobile%3D0%26vertical_eng_name%3Dcelebs%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fcelebs.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm10_desktop%26exclusive%3Dnot%26page_type%3Dcategory%26vertical_id%3D22%26vertical_name%3Dcelebs%26category_id%3D3602%26mobile%3D0%26vertical_eng_name%3Dcelebs%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fcelebs.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm11_desktop%26exclusive%3Dnot%26page_type%3Dcategory%26vertical_id%3D22%26vertical_name%3Dcelebs%26category_id%3D3602%26mobile%3D0%26vertical_eng_name%3Dcelebs%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fcelebs.walla.co.il%26strip_step%3D1%7Cslot_name%3Drm12_desktop%26exclusive%3Dnot%26page_type%3Dcategory%26vertical_id%3D22%26vertical_name%3Dcelebs%26category_id%3D3602%26mobile%3D0%26vertical_eng_name%3Dcelebs%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fcelebs.walla.co.il%26strip_step%3D1&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1661164303866&lmt=1661164303&dlt=1661164301380&idt=946&adxs=315%2C-12245933%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800%2C800&adys=1200%2C-12245933%2C114%2C6378%2C6378%2C6378%2C6378%2C6378%2C6378%2C6378%2C6378%2C6378%2C6378%2C6378%2C6378&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C-1%7C0%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C11%7C12%7C13&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&frm=20&vis=1&psz=0x-1%7C0x-1%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0&msz=970x-1%7C0x-1%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0&fws=644%2C640%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132%2C132&ohw=0%2C0%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=361264882.1661164303&ga_sid=1661164304&ga_hid=2017877472&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0a03581ba407944b19e304f3f999cbd54c39c5c7afbb3971737663c429dc735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 449
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://celebs.walla.co.il
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 038E 6 KB
4 KB 125ms
22ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 10:31:44 GMT
expires: Tue, 22 Aug 2023 10:31:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 get Show response
odb.outbrain.com/utils/ 2 KB
1 KB 175ms
114ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&idx=0&rand=11992&key=NANOWDGT01&widgetJSId=AR_57&va=true&et=true&format=html&adblck=false&abwl=false&px=0&py=38&vpd=0&cw=1600&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000869&sig=rJJUW95x&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8f8b63e32c963c77f500c5e515e4aa7eda8bb41cceba52f65068ca24b1c0bb14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:44 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1661164304.979598,VS0,VE108
accept-ranges: bytes
x-served-by: cache-lga21950-LGA, cache-fra19141-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 3b9142bcdb017e93ec842ceaddd202ad
content-encoding: gzip
content-length: 1116
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 73F9 0
15 B 12ms
11ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://celebs.walla.co.il
Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://celebs.walla.co.il
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 10:31:43 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 isxGFUr7LDk.css
static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/ Frame BC9E 20 KB
5 KB 30ms
9ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/isxGFUr7LDk.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallacelebs&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7321bc0baa82c97768575c7ddf4d388e2ebf4be92cedd44b6204378bf1bfc3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: AXWRtxeMR8LIVCbLxLPM4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 5105
x-fb-rlafr: 0
x-fb-debug: ZGeuUk+2fLMmcliN1YU9nMn4RjL9jkCvhKt5yo294WM909/ih0FmpeOpPm/HO9HDsrzvHcHFY/hu8Uca5bLwvw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 21 Aug 2023 15:26:04 GMT

GET
H2 200 5d4eZbVHxAY.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ Frame BC9E 2 KB
1019 B 30ms
9ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/5d4eZbVHxAY.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

239a83f36e0eb1c181c4ec174b9a05ce02b44afc5685aa3dc828aa581ea3d7a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qp62alFG777So/ro/wbkaA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 829
x-fb-rlafr: 0
x-fb-debug: hmsuTZzsm6TQje8QQ2S2BMcgp2SD5ujzoFZaTPNA2fS2/xljcHpTbpmlfsOYnnXlo78GW71XkjtpzyV5qHRecg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 17 Aug 2023 17:28:18 GMT

GET
H2 200 xUCu69_VoIG.css
static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/ Frame BC9E 6 KB
1 KB 31ms
9ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d1208447b59f23a0e430d7bcff5fea06650e950e2f5aa6ecf721704ebfae444

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: G4bSvzLG2IH4kVzNTn3U6A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 871
x-fb-rlafr: 0
x-fb-debug: PtQMwQBJcOmVtWYVFt+6BLE3usvR/+bY/RLUCJlxNBya/34+7u4wijlpP4gwjcAjqpeavhQPjNOKi78WRlVcBw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 17 Aug 2023 00:57:52 GMT

GET
H2 200 FnoZ257VkPw.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ Frame BC9E 321 KB
87 KB 30ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/FnoZ257VkPw.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a925c3f46ea6a4e7715119606240370f39fee237482defed72f06265f9040bd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: iqSCPhtvxA/MTvdCPkDBuA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88447
x-fb-rlafr: 0
x-fb-debug: YBOY4qqxr40ur8YL4Jap1YLY4bQx7FxZuYdyfXvdg2jHVVkVIh0QSZmRf4bDsbfY6H3cjAIehKZ2TtT2FB7Naw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 19 Aug 2023 20:31:36 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame BC9E 5 KB
2 KB 30ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1657
x-fb-rlafr: 0
x-fb-debug: KBU301OpwRQQ8CNQfjiLsZDKBPzTYU++gscS//iPUuyIzMR1gJndi4oPro0aQGGiIVCPm9CmN1KhVmRJTKfuXA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 16 Aug 2023 06:39:53 GMT

GET
H2 200 mXu1RunczE9.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yN/r/ Frame BC9E 38 KB
12 KB 30ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/mXu1RunczE9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe4ab65ab82cc6ddedba1303167ee5ff1907b453b65efe73c4bd55e8ea896aea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: YFnykI/HivNtifNyMREW7w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12179
x-fb-rlafr: 0
x-fb-debug: vhrEfLEI/0nsftXo3KcRsaXxkCUCotq49RBeYgBek1C6ZJpIpu5p585ZzA976fETG6KdaEOgxJou7LH3voK7Lw==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 16 Aug 2023 22:11:33 GMT

GET
H2 200 HTPCWBdXyzD.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yn/r/ Frame BC9E 50 KB
16 KB 43ms
24ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/HTPCWBdXyzD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9188cd7d4776caa997d40ef5a74abf4908e84d55de744605a3b57e248b3d0117

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sROikPL8JRhmbC/1+yrH7w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 15826
x-fb-rlafr: 0
x-fb-debug: WIjKFz3Z4+5fjDJzrHJO20VrkLBUYuCnKIThmNxew8Ctw+ayc4szxAKpiLpMQ1RM8NNCYhfN5RnntiHybs7fFQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 16 Aug 2023 23:29:03 GMT

GET
H2 200 vKKco4HGybL.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yN/l/de_DE/ Frame BC9E 83 KB
23 KB 42ms
23ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yN/l/de_DE/vKKco4HGybL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2684a84ee827f2018deb429a2085ad8a68bd9a6b7579af669173cee78a35c048

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: IcW085YmezpnXNjFcumCUQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 23227
x-fb-rlafr: 0
x-fb-debug: hg2proz/bMrmxiOEROyLmkBy2R51thsnQjFzzAlZGatW0NdyQl8wIgJXNr8MeFegA7FsQAgFqo+xnGKNKq/2Eg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 17 Aug 2023 00:13:08 GMT

GET
H2 200 252842086_4694608597227748_7228396815097577091_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-6/ Frame BC9E 10 KB
10 KB 9ms
8ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-6/252842086_4694608597227748_7228396815097577091_n.jpg?stp=dst-jpg_p130x130&_nc_cat=101&ccb=1-7&_nc_sid=dd9801&_nc_ohc=-qa4XiI2TEMAX_EgWYn&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AT-niVOOWQex5kRn5FRHCoPnl913uzvQVwqR-lIg4J7wHw&oe=63083D8D
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallacelebs&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 696bbdfca057d35eb7ffd8de3bce057838aa1cb9fc572fb7dec6d78439bbdd53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-haystack-needlechecksum: 1976768903
date: Mon, 22 Aug 2022 10:31:44 GMT
x-fb-trip-id: 686109401
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2946229804
cache-control: max-age=1209600, no-transform
last-modified: Sun, 07 Nov 2021 14:56:41 GMT
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2273704312
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 9935

GET
H2 200 35087345_1882614728427163_8003210074744946688_n.png
scontent.xx.fbcdn.net/v/t1.6435-1/ Frame BC9E 2 KB
2 KB 7ms
7ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t1.6435-1/35087345_1882614728427163_8003210074744946688_n.png?stp=cp0_dst-png_p50x50&_nc_cat=1&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=oR1gKChzLZIAX-KVu6n&_nc_ht=scontent.xx&edm=ADwHzz8EAAAA&oh=00_AT8vhB8d-1zEO2TW6DxxuLBn7rsgbaiYsxqtQ9QLgkRhVA&oe=6328678F
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fwallacelebs&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6b6ca74e68379abb74a631dae57ae1c5218154bde264fc52d58a9ae8e217079b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-haystack-needlechecksum: 2316605553
date: Mon, 22 Aug 2022 10:31:44 GMT
x-fb-trip-id: 686109401
last-modified: Mon, 11 Jun 2018 05:35:38 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=862738159
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 959684099
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 2312

GET
H2 200 logo.png
celebs.walla.co.il/public/assets/pikud/ 21 KB
22 KB 264ms
264ms Image
image/png 54.230.167.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://celebs.walla.co.il/public/assets/pikud/logo.png
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.167.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-167-13.icn51.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 76d0d144cab37ceb245da2686fc8b5188508a91aee42773c8caba340dd7e4309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/category/3602
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:14:55 GMT
via: 1.1 70fa2d688a6a04566eba85681d44174a.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 06:33:57 GMT
server: openresty/1.15.8.1
age: 1009
etag: W/"558e-182c4420408"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: ICN51-C2
accept-ranges: bytes
content-length: 21902
x-cached: MISS
x-amz-cf-id: UypAD8gtK__l4wxcRzOgWNfnCw1BEPodKLdtSd4XociG6HgVF7hbOQ==

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 32ms
17ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1200684
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx2a52647dbc524f558c6a5-00629f4bca
x-amz-id-2: tx2a52647dbc524f558c6a5-00629f4bca
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6i5F%2FLL%2FTk9YCRu4BJtDZUm3YhFTvSFIQYMUVm%2BE2PIFH2O6%2FAiWRvD9Aj81ZwVLYTEXmWNxHXHoV79sfw%2Fh6RDG%2FxyTWG3TQwtGOopQ21eIqbZtG4aMVWjG5%2F%2BmKdLoGdwd2iIplLgxAPV6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 73eaf0c3eceb5c38-FRA
access-control-allow-headers: Authorization

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ 48 KB
12 KB 34ms
20ms Script
application/javascript 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 955830
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"607873db-c1ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 73eaf0c43c1f6934-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 qGoWo6gBwwP.png
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame BC9E 3 KB
3 KB 7ms
7ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/qGoWo6gBwwP.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/xUCu69_VoIG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:44 GMT
x-content-type-options: nosniff
content-md5: iN31dShDArRt9ZikrDb13w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 2616
x-fb-rlafr: 0
x-fb-debug: Ju9XKoMRyoIjYPoAxKDXJTibNVQWXy0zIhxB14zvMqkysQf0FkLT5+z+8vLrVqHGH0lvq1USyIwvzMSEHSKsGQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 16 Aug 2023 06:41:40 GMT

GET
H3 200 WnsUAamC6XE.png
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame BC9E 852 B
904 B 8ms
8ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/WnsUAamC6XE.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/isxGFUr7LDk.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

148079100b38c2369e98044daaec0521c32c60bbd416d9c20197ab8fbf9256d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/isxGFUr7LDk.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:44 GMT
x-content-type-options: nosniff
content-md5: Fv3lpXGPYUZV4HVo7Oni1A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 852
x-fb-rlafr: 0
x-fb-debug: 34YYtvOaWY2dB/hIK/5rKkbht3/0wtFbMWvfe2b67qD0TE9UV0tIdEfR589Z7kBv20VbS39DeCf4LYdLdwO4dg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 16 Aug 2023 20:15:48 GMT

OPTIONS
H3 200 analytics
hb-dot-valuad.appspot.com/ Frame 0
0 143ms
105ms Preflight
text/html 2a00:1450:400c:c1b::99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c1b::99 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-request-id,x-vad-version
Access-Control-Request-Method: POST
Origin: https://celebs.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-request-id,x-vad-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://celebs.walla.co.il
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 22 Aug 2022 10:31:44 GMT
server: Google Frontend
x-cloud-trace-context: 59e84fe695c1783651bfa249e234b575
x-request-id: undefined

POST
H3 200 analytics Show response
hb-dot-valuad.appspot.com/ 16 B
35 B 188ms
185ms Fetch
application/json 2a00:1450:400c:c1b::99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c1b::99 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Accept: application/json
Referer: https://celebs.walla.co.il/
x-request-id: bf9c0406-5102-475d-9335-60281b91134b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
x-vad-version: 0.8.3
Content-Type: application/json

Response headers

date: Mon, 22 Aug 2022 10:31:44 GMT
server: Google Frontend
etag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://celebs.walla.co.il
x-cloud-trace-context: 0e76c25e205cfde0679bc8ec9a31aa7c
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16
x-request-id: undefined

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 59ms
28ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=celebs.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Aug 2022 10:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 57ms
27ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=celebs.walla.co.il

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Aug 2022 10:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 107 KB
34 KB 476ms
475ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2661208275155038&correlator=1641560572690620&eid=31068927%2C31069001%2C44768682%2C44764001&output=ldjh&gdfp_req=1&vrg=2022081501&ptt=17&impl=fifs&iu_parts=43010785%2Cwallanews%2Cinnerpages%2Ctop_desktop%2Cskyscraper_desktop%2Crectangle1_desktop%2Crectangle3_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6&prev_iu_szs=1x1%7C480x1%7C480x270%7C640x753%7C640x1%7C770x430%7C728x90%7C720x300%7C970x2%7C970x1%7C970x90%7C970x130%7C970x180%7C970x250%7C970x330%7C970x350%7C970x550%7C990x160%2C120x600%7C160x600%2C320x50%7C300x250%7C300x600%7C300x1050%2C320x50%7C300x600%7C300x250&fluid=0%2C0%2Cheight%2Cheight&ifi=16&adks=2574293897%2C2790448677%2C2040804355%2C2335223291&sfv=1-0-38&fsapi=false&prev_scp=slot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dcategory%26vertical_id%3D22%26vertical_name%3Dcelebs%26category_id%3D3602%26mobile%3D0%26vertical_eng_name%3Dcelebs%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fcelebs.walla.co.il%26strip_step%3D1%7Cslot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dcategory%26vertical_id%3D22%26vertical_name%3Dcelebs%26category_id%3D3602%26mobile%3D0%26vertical_eng_name%3Dcelebs%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fcelebs.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D106c563cb0548f8e%7Cslot_name%3Drectangle1_desktop%26exclusive%3Dnot%26page_type%3Dcategory%26vertical_id%3D22%26vertical_name%3Dcelebs%26category_id%3D3602%26mobile%3D0%26vertical_eng_name%3Dcelebs%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fcelebs.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D1074eac52bc1c41%7Cslot_name%3Drectangle3_desktop%26exclusive%3Dnot%26page_type%3Dcategory%26vertical_id%3D22%26vertical_name%3Dcelebs%26category_id%3D3602%26mobile%3D0%26vertical_eng_name%3Dcelebs%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26FatherSessionInSession%3Dhttps%253A%252F%252Fcelebs.walla.co.il%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D105d5c1b15a78548&eri=1&cust_params=permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1661164304110&lmt=1661164304&dlt=1661164301380&idt=946&adxs=805%2C1480%2C315%2C315&adys=99%2C185%2C332%2C1049&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=g%7Ch%7Ci%7Cj&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&frm=20&vis=1&psz=970x0%7C0x-1%7C300x0%7C300x0&msz=480x0%7C120x-1%7C300x0%7C300x0&fws=132%2C644%2C132%2C132&ohw=970%2C0%2C300%2C300&ga_vid=361264882.1661164303&ga_sid=1661164304&ga_hid=2017877472&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ed886e4f55a5a66df89babc31b3eac9bfb087c48fcbfacb88044a5f48005124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34422
x-xss-protection: 0
google-lineitem-id: -1,-1,5747390389,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,138357297746,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://celebs.walla.co.il
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 udGrGZmnkeP.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yT/r/ Frame BC9E 22 KB
7 KB 20ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/udGrGZmnkeP.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/FnoZ257VkPw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

72c0a71edbb9542e13bd1b95045d742d7acee3ce8f78aa51399f61cee7e492fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 9/1BV1sP73df0/E1dlv9rg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 7224
x-fb-rlafr: 0
x-fb-debug: 7tXk26AMyV9xirjgABj9u3+IJwasllXpEivHEZGeJsPDxVLwgdx5hadqrhMZ7e6t1sNrz6o/N7dvVAHVeCizOg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 17 Aug 2023 02:08:35 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 688ms
411ms Fetch
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=6288119a5c255bbe9776447269ba3913_1769_1661164304037&tm=1436&eT=6&wRV=2000869&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 22 Aug 2022 10:31:44 GMT
content-encoding: gzip
X-TraceId: f964e10d2daf139f7885eab20a8bc5be
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 get Show response
odb.outbrain.com/utils/ 21 KB
7 KB 278ms
278ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&idx=1&rand=60503&key=NANOWDGT01&widgetJSId=SF_7&va=true&et=true&format=html&t=NjI4ODExOWE1YzI1NWJiZTk3NzY0NDcyNjliYTM5MTM=&adblck=false&abwl=false&px=650&py=911&vpd=0&cw=635&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000869&sig=rJJUW95x&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 90a981bee894a546786cb29d205b6f76ff5ded17f782db874fdc30280d92daa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:44 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1661164304.158280,VS0,VE272
accept-ranges: bytes
x-served-by: cache-lga13629-LGA, cache-fra19141-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 1c5109c19de7ada6769b43908bd65534
content-encoding: gzip
content-length: 6760
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame 6448 0
339 B 38ms
38ms Document
text/html 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 73eaf0c4fd866934-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 10:31:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

GET
H2

200

197989fb3a444bc4dd42b9bb5ec946d1 Show response
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame B915
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/freewheel/197989fb3a444bc4dd42b9bb5ec946d1

0
403 B

31ms
30ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/freewheel/197989fb3a444bc4dd42b9bb5ec946d1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 73eaf0c5bf026934-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 10:31:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Mon, 22 Aug 2022 10:31:44 GMT
Expires: Mon, 22 Aug 2022 10:31:44 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/197989fb3a444bc4dd42b9bb5ec946d1
Pragma: no-cache
Server: nginx
x-sticky-vk: 1661164304127095-604

GET
H2

200

owzFE6pO0i0pW5G8B1jp Show response
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 76B7
Redirect Chain

https://creativecdn.com/cm-notify?pi=smilewanted
https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/owzFE6pO0i0pW5G8B1jp?pi=smilewanted&tc=1

0
396 B

27ms
27ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/owzFE6pO0i0pW5G8B1jp?pi=smilewanted&tc=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 73eaf0c5bee26934-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 10:31:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Mon, 22 Aug 2022 10:31:44 GMT Mon, 22 Aug 2022 10:31:44 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/owzFE6pO0i0pW5G8B1jp?pi=smilewanted&tc=1
pragma: no-cache

GET
H/1.1

200
OK

setuid Show response
ib.adnxs.com/prebid/ Frame C5A5
Redirect Chain

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=3353d6c1212b798680435778d5550051

43 B
1 KB

23ms
23ms

Document
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=3353d6c1212b798680435778d5550051

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid: 212bf4aa-8e32-4f25-84f3-31bc28e00380
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 22 Aug 2022 10:31:44 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 73eaf0c5aec96934-FRA
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 10:31:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=3353d6c1212b798680435778d5550051
server: cloudflare

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame E1F0 1 KB
897 B 56ms
26ms Document
text/html 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73eaf0c62f2c9217-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 10:31:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare

GET
H/1.1

200
OK

getuid Show response
sync.smartadserver.com/ Frame 3BDC
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

0
75 B

17ms
17ms

Document
text/plain

185.86.139.106
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Mon, 22 Aug 2022 10:31:43 GMT

Redirect headers

cache-control: no-cache,no-store
content-length: 0
date: Mon, 22 Aug 2022 10:31:43 GMT
location: https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma: no-cache

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame 02D6 0
0 32ms
19ms Document
text/plain 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://cdn.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 73eaf0c67f869217-FRA
date: Mon, 22 Aug 2022 10:31:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
via: 1.1 google

GET
H2

200

b0e662ec-7e27-4e5c-b257-ba251a9e7ae3&partner_id=1010 Show response
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 97B6
Redirect Chain

https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
https://csync.smilewanted.com/set_partner_userid_get/improve/b0e662ec-7e27-4e5c-b257-ba251a9e7ae3&partner_id=1010

0
719 B

26ms
26ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/improve/b0e662ec-7e27-4e5c-b257-ba251a9e7ae3&partner_id=1010
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 73eaf0c7ca216934-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 10:31:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Mon, 22 Aug 2022 10:31:44 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/improve/b0e662ec-7e27-4e5c-b257-ba251a9e7ae3&partner_id=1010
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ 13 KB
14 KB 18ms
18ms Image
image/svg+xml 2.21.185.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.185.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:44 GMT
last-modified: Sun, 03 Jul 2022 06:49:40 GMT
server: AkamaiNetStorage
etag: "af7be0711fb1cf2f41bb793256c8f148:1656855972.876614"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13687
expires: Wed, 21 Sep 2022 10:31:44 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 510ms
91ms Fetch
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=71ad5a36bb20b52dd33fe7085c634413_1769_1661164304377&tm=1725&eT=0&widgetWidth=635&widgetHeight=169&widgetX=650&widgetY=882&wRV=2000869&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=284&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 22 Aug 2022 10:31:44 GMT
content-encoding: gzip
X-TraceId: 85c4ce592848bf5d3f5d68b9abc8c5ba
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 get Show response
odb.outbrain.com/utils/ 21 KB
7 KB 264ms
264ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&idx=2&rand=60758&key=NANOWDGT01&widgetJSId=SF_7&va=true&et=true&format=html&t=NjI4ODExOWE1YzI1NWJiZTk3NzY0NDcyNjliYTM5MTM=&adblck=false&abwl=false&px=650&py=1650&vpd=450&cw=635&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000869&sig=rJJUW95x&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 66376b06f76d28da5601103127647816d9f4cc3c4bd0941b7d2904923d46d5a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:44 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1661164304.446485,VS0,VE256
accept-ranges: bytes
x-served-by: cache-lga21935-LGA, cache-fra19141-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 88502fc173e7d52763ddb5a4cbc00112
content-encoding: gzip
content-length: 6783
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 eyJpdSI6IjQwNzdlOTIxNDY1MmNjODM5NDgwZGI0NDMwYzJmZDJkYmE5NzZhM2ExMWM2NTZlMjg1OTU2ZmZlMjM0YThlNjMiLCJ3Ijo1MDAsImgiOjI4MiwiZCI6MS41LCJjaCI6Njk1MTU2Mjk1LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 14 KB
14 KB 199ms
98ms Image
image/webp 2.21.185.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQwNzdlOTIxNDY1MmNjODM5NDgwZGI0NDMwYzJmZDJkYmE5NzZhM2ExMWM2NTZlMjg1OTU2ZmZlMjM0YThlNjMiLCJ3Ijo1MDAsImgiOjI4MiwiZCI6MS41LCJjaCI6Njk1MTU2Mjk1LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.185.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-176.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 889f2ef70c34ca0560521c16175d89a7d3996a1a659c5fa25cf3e6ce71901b1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:44 GMT
last-modified: Tue, 01 Feb 2022 10:03:54 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=892399
access-control-allow-credentials: false
x-traceid: a65799b27a7d7cbff93a3c8e6edda7c3
timing-allow-origin: *, *
content-length: 14506

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 88ms
87ms Fetch
application/json 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=71ad5a36bb20b52dd33fe7085c634413&pvId=6288119a5c255bbe9776447269ba3913&sid=954738&pid=1769&idx=1&wId=288&pad=1&org=0&tm=1737&eT=3&cnsnt=no_consent&wRV=2000869&pVis=1&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:44 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 75ee4084a68d5fc8dc971f2e57880cb5
Content-Length: 4
Expires: 0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 29E9 0
0 59ms
9ms Document
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
Expires: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 67E1 15 KB
6 KB 18ms
17ms Document
text/html 2.21.184.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-184-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=141127
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 10:31:44 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Wed, 24 Aug 2022 01:43:51 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 67E1 0
42 B 62ms
19ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=60043286&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:43 GMT
content-length: 0

GET
H2

200

YwNbELtI0s1x7uwB15qodAAA%261204 Show response
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame 4FF8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YwNbELtI0s1x7uwB15qodAAA%261204

0
502 B

33ms
32ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YwNbELtI0s1x7uwB15qodAAA%261204
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 73eaf0c82abb6934-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 10:31:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 73eaf0c7faca9b45-FRA
content-length: 0
date: Mon, 22 Aug 2022 10:31:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
location: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YwNbELtI0s1x7uwB15qodAAA%261204
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eqjv8NOTwJQGQIpwtt25BXXfOdJoyvrUeT2NNNTy6wTMnobjKbRVE9dMsOLV28vslIBezhLCyZHletZa37YOoiLkZzc3%2B52schS5b4rNhxBVeopW1CPV5tsqZwRk%2BE6GqWo6UaX9eNswTA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 container.html Show response
cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DABF 6 KB
3 KB 52ms
24ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 10:31:44 GMT
expires: Tue, 22 Aug 2023 10:31:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012208081650000/ Frame 13FE 220 KB
61 KB 85ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208081650000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2e5722cf0b8d8df31200550801d755733c56d9ca2758b7041fbed009e0c9d08

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 581047
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61502
x-xss-protection: 0
server: sffe
date: Mon, 15 Aug 2022 17:07:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "df13b0b17adb5918"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Aug 2023 17:07:37 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 13FE 14 KB
5 KB 107ms
35ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208081650000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e14ddde632bad66a3f79d6dc2c6a212d3b1b5cd8100cb6b73984b8797c5ed86

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 581047
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5197
x-xss-protection: 0
server: sffe
date: Mon, 15 Aug 2022 17:07:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aca8368210f82021"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Aug 2023 17:07:37 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 13FE 94 KB
28 KB 108ms
36ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208081650000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70fa25d0cd4744b6b91054ad55e3e931dad31cc85915b13e33e4e674426c7cc1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 581047
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28794
x-xss-protection: 0
server: sffe
date: Mon, 15 Aug 2022 17:07:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cc093c4134ec5f1e"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Aug 2023 17:07:37 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 13FE 72 KB
16 KB 116ms
44ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208081650000/v0/amp-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

902565ce7f27f6e504ee3790458fa3e9137a1c2b3d63d58ce6cd2fbcbf9db7ca

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 581043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16649
x-xss-protection: 0
server: sffe
date: Mon, 15 Aug 2022 17:07:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0cc7ecc69c61be2b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Aug 2023 17:07:41 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 13FE 5 KB
2 KB 113ms
42ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208081650000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec61d9fd1b3609a3a53f377ed07059c3dc7d2cb1502022e0623b4ebc1ea0f35e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 581047
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
date: Mon, 15 Aug 2022 17:07:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ef17e6cba96d5668"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Aug 2023 17:07:37 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012208081650000/v0/ Frame 13FE 40 KB
13 KB 114ms
43ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208081650000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d200dc372fb333c0ca488fba2a569a686cbf5f1ba0cc0544a4a8c96a4f91de3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 581047
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12948
x-xss-protection: 0
server: sffe
date: Mon, 15 Aug 2022 17:07:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "08e07a681963ea9f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 15 Aug 2023 17:07:37 GMT

GET
DATA 200
OK truncated
/ Frame 13FE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d284f2e817a080407109174678d959b423e791600f8b0f1744e3daa43cc6432

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H3 200 winner
hb-dot-valuad.appspot.com/analytics/ Frame 0
0 123ms
122ms Preflight
text/html 2a00:1450:400c:c1b::99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/analytics/winner?d=pubsub
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c1b::99 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-request-id,x-vad-version
Access-Control-Request-Method: POST
Origin: https://celebs.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-request-id,x-vad-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://celebs.walla.co.il
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 22 Aug 2022 10:31:44 GMT
server: Google Frontend
x-cloud-trace-context: e51e78ae42ca1c6b306a952553b6926c
x-request-id: undefined

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 806D 0
0 57ms
57ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMV2o0PyWKHCapsyar-JObsxCsxjUvMJaZ17PjKwzgXMvlG1dZ0i_pOOE1PS9Iyd_fFTqv-rVVFJcz86YlBwborwQcf8vZ2BlI9Q7FBniTpHlPD8-ZvL7tLOT79yTJoT1POVB1mZqge4Jks5nOLVEuhRANz61_fVKy_lvSfE9KyPChgZxQhuNvsEp1dwPO-2ny1SQuSiCo3pnBZ5dv9BnrM5vOCfj4QBpA1D3UroZBvFUulZXSKOOrRdln3yJGh-gW8TSLpKKD7tmVJU1PzfVjQajnTkHcq2YTgcMLPR1lpNbBQyHJTxA0ejtqWzU0Baa0E27iwKt9eOCARjma5eYUdLfqU3cgOVy_y-uatg&sai=AMfl-YTGbCDSU0vHC4r-zrmfwykKbjz5ZsvI0KHgopjJp2AP55mJwZ0oY1tcAjNBvMWvY3x0G1KCIUWQsNqvOl_9x1tX3KwqJJ9dhqUQ0vMgDoSJVOmL8R4eGEGbEdraSg&sig=Cg0ArKJSzJYPuoAogw9ZEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Aug 2022 10:31:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 winner Show response
hb-dot-valuad.appspot.com/analytics/ 16 B
35 B 110ms
108ms Fetch
application/json 2a00:1450:400c:c1b::99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/analytics/winner?d=pubsub
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c1b::99 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Accept: application/json
Referer: https://celebs.walla.co.il/
x-request-id: 0a700008-adc1-4c2d-8af0-82cd7882b001
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
x-vad-version: 0.8.3
Content-Type: application/json

Response headers

date: Mon, 22 Aug 2022 10:31:44 GMT
server: Google Frontend
etag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://celebs.walla.co.il
x-cloud-trace-context: 6ed1e13b4cc9d4a305eabe0a59764485
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16
x-request-id: undefined

GET
H/1.1 200
OK 75d02d930b.html Show response
tm.ad-srv.net/tm/a/container/html/ Frame 806D 4 KB
2 KB 130ms
60ms Script
text/html 116.202.37.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=23248d3349&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FUDb-j7CVkz8j2lGmsy2HPwAAAIA9Cuc_xICZrcRViD_k9zb92Y-UP1mOhrjeLrkTL_3dOfbQ9VsPWwNjAAAAANK3FAH_KwAASicAAAIAAAAgft4M-aQfAAAAAABVU0QAVVNEACwBWAKQkQAAAAABAQUCAAAAANgAaihVDAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521XRiL1gjFiI0TEKD8-WYY-cl-IAAoADF7FK5H4XqUPzoJQU1TMzo2MTE2QIwvSa1M-KV-3u8_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMzo2MTE2%2Fbn%3D96976%2Fclickenc%3D&eVS=11263&eVR=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&rnd=862699390
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.202.37.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.36.37.202.116.clients.your-server.de
Software: nginx /
Resource Hash: d0f6ba397a0fb4384676990f99db37d9a83ccefb2bdd1620f410097cd8511023

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:44 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=utf-8
Expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/224/ Frame 806D 85 KB
29 KB 64ms
9ms Script
application/x-javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/224/trk.js
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 22 Aug 2022 10:31:44 GMT
Content-Encoding: gzip
Age: 15471194
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29216
X-Served-By: cache-lga21977-LGA, cache-fra19157-FRA
Access-Control-Allow-Origin: *, *
Last-Modified: Thu, 24 Feb 2022 08:58:20 GMT
Server: AkamaiNetStorage
X-Timer: S1661164305.704626,VS0,VE0
ETag: "80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 962269

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame 806D 0
819 B 73ms
17ms Image
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fcelebs.walla.co.il%252Fcategory%252F3602&e=wqT_3QLNCvD9TQUAAAMA1gAFAQiPto2YBhDZnJrE69vL3BMYr_r3zuOe9PpbKjYJUDb-j7CVkz8RI9pRprMthz8ZAAAAgD0K5z8hxICZrcRViD8p5Pc2_dmPlD8xAAAAQOF6lD8w0u_SCDj_V0DKTkgCUKD8-WZY-cl-YABokKOyAXjQ9QWAAQGKAQNVU0SSAQNVU0SYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNDUyNTM2MiwgMTY2MTE2NDMwMyk7dWYoJ2knLCA0MTI2MTY5LCAxNjYxMTY0MzAzKTt1ZignZycsIDExNDkzODg3LCA-OwA0cicsIDIxNTkwNzg3MiwyPQD0DgGSAv0DIVdtUUlYQWpGaUkwVEVLRDgtV1lZQUNENXlYNHdBRGdBUUFCSXlrNVEwdV9TQ0ZnQVlMOEZhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVCcUFFQnNBRUF1UUdSN3dydzRYcVVQOEVCZEp0ZV9XbVFsRF9KQVFBQUFBQUFBUEFfMlFHdFRQaWxmdDd2UC1BQjJldjdBZlVCQ3RlalBKZ0NBS0FDQWJVQ0FBQUFBTDBDQUFBQUFNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBWUFEQVpnREFib0RDVUZOVXpNNk5qRXhOdUFEakMtQUJKdTkyUU9JQkp5OTJRT1FCQUNZQkFIQkJBAZEJAQR5URGhJEFBQU5nRUFQRUUBCwkBIENJQmVRdnFRVQkPGEFEd1A3RUYNDURBQUFEQkJYc1Vya2ZoZXBRX3kuKAAAOTIoAARaQhFn8ENQQV80QVhZRF9BRl84TzlCZmdGc3BxVUFvSUdBMFZWVW9nR0FKQUdBWmdHQUtFR2V4U3VSLUY2bEQtb0JnU3lCaVFKQQF7CQEAUgkHBQEAWgUGCQEAaAkHAQFAQzRCZ28umgKVASFYUmlMMWc2AQJALWNsLUlBQW9BREY3Rks1SDQhxXx6b0pRVTFUTXpvMk1URTJRSXd2U2ExTS1LVi0zdThfVRHNDEFBQVcdDABZHQwAYR0MAGMdDBBlQUNKQREQ9F4BUEFf2AIA4ALv5lXqAihodHRwczovL2NlbGVicy53YWxsYS5jby5pbC9jYXRlZ29yeS8zNjAygAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDoq9T4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3OC4xNjIuMjA5LjEzM6gEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA8xMDA1OCNBTVMzOjYxMTbaBAIIAeAEAfAEoPz5ZogFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbCiAvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Aa7M9oGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4ugZAAMgH0PUF0gcNCQAACT4cEAAYANoHBggFCWjgBwDqBwIIAPAHwvwDiggCEACVCAAAgD-YCAE.&s=154ecaad845cfe0fd971b1b74f76a1c2efa0e976

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:44 GMT
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6fa48575-5824-4466-9f72-1cfab61874d4
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 806D 140 KB
43 KB 75ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Aug 2022 10:31:44 GMT

GET
H3 200 container.html Show response
cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C6F4 6 KB
3 KB 28ms
23ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 10:31:44 GMT
expires: Tue, 22 Aug 2023 10:31:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 13FE 3 KB
3 KB 78ms
15ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/iw.png

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19b49a74b4e17a37abe04b94bd3a67665f92b8368004c73a1112cf142fb9da1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 07:31:05 GMT
x-content-type-options: nosniff
server: cafe
age: 10839
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 415739381108731362
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2712
x-xss-protection: 0
expires: Tue, 23 Aug 2022 07:31:05 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 13FE 344 B
449 B 78ms
15ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 17:34:18 GMT
x-content-type-options: nosniff
server: cafe
age: 61046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 22 Aug 2022 17:34:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 13FE 0
0 58ms
27ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSWK34yK95EKGxyiomc1hXEL97GvAUrXA3eSDFKceJDnTr2tQj9j_NAwVULWbHAnnYTnaWYJ87BgpMdkwMEWv7fPUl0DA
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 13FE 0
0 63ms
60ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C8fBrEFsDY_fjDNLDx_APk9688A31gMnoa8v4692fELChsu-DAhABINGTwypglcr5gZQHoAHtosPSAcgBCakCjBWb0bNWeT7gAgCoAwHIAwiqBKQCT9D1idWjY3gZO_iant_pOgVDeeNuvyJFcWByyITyC82S8RHcTWJjNY7na1HolT5pRw6B13Pz_CZCAC1qd2X-B44SpkbdBGpo_iFS7El-0CPzf_az8PWekwuG0IjxsaL9Oo4FpWZ0eFjnpB3GZvmvbOwiUU-GSBLcx-x_RDJMRc6JgyzFDJP0uFbCRXrBvVo69yFZTPCFUC65DyEJG5cuO0AJr3PUuKw6x8LyiqZ7lbrCxOky7QzueNEkslQq8bhX_O7OFOzJadoOT1g7r87pd-ngNt43KhZ9sKUGJpzTl7Bx5V1sqW5fjmYipQYUhZaImG79A-02YMV4iN6XEYFscQ9HNQdlu3JB8W5j0RgjgQEU31TIXz-5CZwZV4Jy9E85WmpOxsAElsLNwYQE4AQBkgUECAQYAZIFBAgFGASgBi6AB_azitQCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQoIMZ0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItNDQ5MTY1OTQ5NjM3MjE3Mhjx5hM&sigh=z7jlGhqtIoE&uach_m=[UACH]&template_id=419
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 DE-html-160x600px.webp
tpc.googlesyndication.com/sadbundle/9187137335804175638/ Frame 13FE 13 KB
13 KB 93ms
31ms Image
image/webp 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9187137335804175638/DE-html-160x600px.webp

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6990dcacb4fed0f70b9b781b2dfd88a89493dae43c387f4a5716e10384bfbd1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 13:36:12 GMT
x-content-type-options: nosniff
age: 420932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13542
x-xss-protection: 0
last-modified: Wed, 10 Aug 2022 08:25:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Aug 2023 13:36:12 GMT

GET
H2 200 iconic.png
tpc.googlesyndication.com/sadbundle/9187137335804175638/ Frame 13FE 5 KB
5 KB 78ms
22ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9187137335804175638/iconic.png

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1161638b8b91c79728d5c29b33f8edc0742946eebea3f1d6cee642d08b7950f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 13:36:12 GMT
x-content-type-options: nosniff
age: 420932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4901
x-xss-protection: 0
last-modified: Wed, 10 Aug 2022 08:25:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Aug 2023 13:36:12 GMT

GET
H2 200 bold.png
tpc.googlesyndication.com/sadbundle/9187137335804175638/ Frame 13FE 5 KB
5 KB 74ms
19ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9187137335804175638/bold.png

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd61873b96e6d5e3ebd7f1287e854c62c8424a7c3693c696325dd18c5bb62c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 13:36:12 GMT
x-content-type-options: nosniff
age: 420932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5037
x-xss-protection: 0
last-modified: Wed, 10 Aug 2022 08:25:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Aug 2023 13:36:12 GMT

GET
H2 200 vibrant.png
tpc.googlesyndication.com/sadbundle/9187137335804175638/ Frame 13FE 6 KB
6 KB 88ms
32ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/9187137335804175638/vibrant.png

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0468f687df69a31b38b5375f69a04601e7ada7ee6fa3b6331d4b42a3dc273ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 13:36:12 GMT
x-content-type-options: nosniff
age: 420932
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6168
x-xss-protection: 0
last-modified: Wed, 10 Aug 2022 08:25:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Aug 2023 13:36:12 GMT

GET
H2

200

9e81d0d9-2205-11ed-b611-143d56a10306 Show response
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 921D
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=9e81d121-2205-11ed-b611-143d56a10306
https://csync.smilewanted.com/set_partner_userid_get/spotx/9e81d0d9-2205-11ed-b611-143d56a10306

0
600 B

50ms
27ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/spotx/9e81d0d9-2205-11ed-b611-143d56a10306
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 73eaf0c96c6b6934-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 10:31:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain
Date: Mon, 22 Aug 2022 10:31:44 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/spotx/9e81d0d9-2205-11ed-b611-143d56a10306
Server: nginx
X-fe: 24

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7E0B 624 B
297 B 140ms
82ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY3df7zQEwAQ&v=APEucNXmeqy0Gzx_2Ide-fqLeTJLNH1yNZS_RDT7ZQ8qiDXIjlUoWyCfUUoaZPRA6FFZ9FrUGE6Um2XRy4ZVuQUXN4_3b6i24gpNHa1GwRc0AYXSWqkFpKDGHVyz9ellf22b5sNbbo6jn5Cbkibwesdv1FNHIpKhOBAqO1xyFYYgrnEKJwOU6qE

Requested by

Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 10:31:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DABF 81 KB
34 KB 152ms
87ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D--Zp17MmCjgtcTi5_8m41Zv4RhfesfS8UjBPT7Ws25wsNN2rywC8l-OJeyhpzwxte0ShB-zKE8-UW-KfGtXJn0GRIKZdnHuqTvx1aDpHvvBl1MtgRaLOT8AE3wowUyDgWls9mo_i-3Yfsm8WBH_2gy0H6jA&dbm_d=AKAmf-C2WG-e1gEyneChVgAJJsyzdyzgsYnTQ5WSR6IEFFUr0bK2WA9dWbVjkzBp347lLzO0_r8phglVVyM7sphv4aToxHSwcas_lft4fHkGk9DGk9B8-T8JicwGD_j1EiScDLSAwZh7adZK4TR1Tq5-RF4ooBugHXWuv_vT8GXd9C-1TcU33RZgiy8WpIKFGM5jKWaw8K1lien69P_17VliCM6NzMRiGGBKdCFZcmdTuIg16C1GAE2EO83F-wzaCifvmRHtoofx3ktjHhihNUgP97u9nu7MErbX8AAiTwXxWO57dgPiqzIDzgcUXrMsSCCpJPsSTOv1aa_IVHHub9aZv9miSOTzB1cXwyGxJTSppxIw4fyPsd-AVZktbdvp0jpkhixl-CivtM7Smm41co0iskQ9Pywm31eJlfKqiUv6zXN7ZpObEOyX4_wbE35zgL7eqiN40sZM7q1X3z6ktaTQznP3IFvY8EDpY1CxjlXg8xyBnQU2WPSzEgj77U_V_i0mrxezNoYtxZVoNgBtzqXRU-qB4sUQD72bEANPabjpQDsilhZsjswzXyy3zAscqfe72Yr3ZL7stHMAC795hezBi4xg_rMS-lhhFVQuKpbtyC0MVsvwg4_2-5jzRAiIo4WVqdh9nQHz6N-fSM1ZbesZcH93RjFAaRViySb2cuF8-HM05i69VMYpW6mLbgzmfZqPXQeczxaf5SSPJCEhr_TeciIKpmIRO373-XBYamcasbNQzt9K43DsJRaVeQnq4xR_96wA4NFpKUJ2KjnPlp2UVt0XzrDZ3LSaEYERREq3AZjxzOZ7ygsi4RfG9hP1UHVnOnq4awum24v6D7yQL9yNijgSfa_doz6_aESFo1WPlKySdt_D3fX1ghVd6keeGK_XJas_6mZHshQiWLz1pCVXN4dk77Zyza0JB24g0dFIeJun3sBDje0I5aNvW6ExeI05iZgKTVmfHRPtcRWoX7V1buNz7Fsa5eaf26h574nLQoWS3ZQRzuaNfb7ez9uFiwAKJt9ysIyFOQSjVuY3qtn9h_MzQnlVCPUiLbFuN6qm_O9IQpIxjB69OJyiH2SoJZySxc1SiNmOqFq0M4C8GRS99qMq4cSgMD0X7M3hvojaGsnDNtcDd096PIQPPqOXdJ8_L3Vwqh932eobrw15bWPzHAk7KADCyvMgQJkq3Xl_dagFqW-LTj3M2VRcVP9Z_gZJf7x-oncC4TSkL7VlTuBtP-Rhze73BH7cUoT6vs75uDquZRSF-q4zQB4yNboq0vKsxD2dsWUNy3dJ6JsGOKYCpqnvZNbOndA0xBrzuqo6UmCJKD4DQ5Y9-vFoHYfkdF0_PMn_ilBymHuFbhyJieWuxr5dtU3B5rgRNiBJs88Asa5s0Yb--1e6dJZXa4xmJ2lx0aCztK69QVRFvstbTuhbLqOYMJmW8o41pubu2g6NjxlcGxu-48VOnkurgz0tO7xbWgEuho6ULNJAWDEqvJpXhG70kTIsa9JhVMj8W6WUrOugPZ5BcTU78EamM5eff8fwjgQMvcMETcq10DgsdDx8npihBT-KobaohCJOoS6Mmw3_gF395SKsEqBwrMvY2rFpQg1FA8HLVZlyEC8FrP5IOVmyKZTmtNQwpEkY8Mp6qH-vZehutt9H5a22iqxkNLbEV1icqnVhl_JPabQPo0LwvcbuezyDTN-WJcvDEAb399hq_vf-JW_r3eHdKgCROC418nZ3qTzVdUXH8K-ipinRddUHd8UZYbRgESAh1U1_bSh5jvftHqhdlXn46W9VljsnJjNxe0eNu2jjCZzg6W-MgTLoFgY9WfrLfPYeWa-uLbHDiiDSw1O28_2fLvn-pxSWrUMd8_erEdpHRLuLoOTD59ViLojMBiX5KFivG6p5a0ZKkdQOp3XPTiHpoM-0WCSis90D7RAb4BQfaVHVX70Js7adLQJF10wTqwT9wtjEVtXQSuIIjw45TrQQaLSJ7R6hbr1omUUQtOZ_O1IQuETncOKVi68Ibdv4L5uttqF_KHPGuZWa42XZ7nW-doxAsy4AWtgPKfsdqdsRd6N5wyhgKYLPHB1of6MxsiDE1xQ6sXMLeD1a4JA0sEex3wk56a-2AU2RRZ544juhGhHDN1m5lydka0QhwcK1TtIR94YAYcIKp-Msyz3Q1bLrCC5QGITbVaEwFbCHQZsfCtC8CG5-g4dZCzsyDtdjEEhEFlZ7pro2zJIoI4KF4ySk0080yd8wIalLeGvt4yKsA0CeBxLaMGMnIgvQJUMIwalGrwy6iOmXNIh1-sU6DC_KZoluhVURX3uQHMhHM_-ehPHVJ6Bc01ZW4xzZFLCRKiuGe8cvVV2lyKhFh3SkNWpJkMF3bewghSQJlLjODO-_823CKnFkBAPG2LsFodtGqATksT2Squk40KOmOEmNk6QR9sxx3VHakO62icsF58Bu36YEUaiYRJuuFFliXOSm0cSDRvL74irodeaSCD-CpYohCODhZutPdlKOPjQGj0YgIdY8HEyPiDW8m9FWgecX1JBggqEbGPkrCp8bIA3e2X90Ra5Afy0HZOyAN4sqFxM1_r3wfq1TuowZUCKfEtsDEbBvKcMDA4jefJGhXAsAn2K5WwpUFZ7WhIp6EG5OSg5yp1Ef5Lz5nBMMZH-4ztKFj0A7aBYmnhMpMDW0QdwMl4BAZocIzrxC9n2TEyu1q7_pkZ4nWWx9IPC5phuAaabtSQP_lEOYrz7YLF-91YBagclvGqkxA4NRGY_AAcfMm5P-o_XL5tV2E7z0SQuNd88zihWq78ObV-9pWgECQFcxDJNlpSTXkrLzDfmMk_VzfTz0rybEHuMghVNiIewRhLGb72iyCywTZvPYBqWfZBg5JbMyDkQj5jMOkzLOOTPAKTvB1mRHYbBo_PXyAhggZ1VKJZmk4wGr6NuvYpfscy9gPgcRAncbrtFL6HjxGerwafu3mnj5IV-XWwQ7GZUsSDIYRA0m6p1NsWUUsFtMd2O9f0vSm40A_VTt5JrhMg_5dC8x9VVEUAqctsI3BV_9APSAdoOngaoUkumYFkAjECurmfqy_DdinjrlR_Uy50Seq0z85SSTaxV1pBjCPrBpzEkq8tbhxS8Iaye5Dtb4J2tbReIMl3xwOLApBZQTsqUlrbwVFzecBfSs7gkvkki6I8ZP-cvnpwakNONH1D2wW38v4PYtxgy2yX_9fuEDtX2VSNC0SnoWv-EBkd5xWCEbgP5m2fRjC9c4lBn3grafU3_nSnSbPexCytNca3NuD1ybOe_RDI9cqlp27b5QDdnpngGj4Zk4NO6w24Eo0i1fzuwk4xaxHB7L_R_ZraRYGGnrwTf0ORraRMMGwzdSIP50Rs3xcGlrxHRsUwD6bhUUMI3ai5p-t1OIlnD59bWdrTCg7SGVtpygTysEojfKzNIZU7e9vsxmwhZx0Lth1OkPZUzMH6P1SXLgCzjK_TZrEGgQ-VN1Mlu9vG5yeMyDHsLx9NWK0MVgJND0XUrNoXBXUAczQ6vqWa9mLKu88EFFtCNMGAHxkYf2Dge4djZzig8l8h2QletiGy36cC_8jD93oohx97waN4OExn9UDJsbiHtFAEtnxpSobV4RXWCZYVrpSCFjvxvCevTJakjw6hBePvWClW6SVQ7Nw_R4qIkaZou1u6FvuK-M5UMc-m4Ii3HBQ2isnL8l2r_Jfi8ZEjEalkmB5OHm0VaHeGohp7wiLNJzmiy8bs_I7fXUvxOIlCZfgA&cid=CAASJORohNZV6CTyG8ZsTWPiqb1KN2ftxdAfnmeFewyIRZLqpBxxDQ&rfl=1%2Chttps%253A%252F%252Fcelebs.walla.co.il%252F%240

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d20a373a1c1b12adc2a43b8df5786e468e565816c3860766dd16f294c6c61a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34934
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DABF 42 B
494 B 116ms
47ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DhmB04BYcmaMZ9not-A8N5hMrE3OWW2YA0-C1CZvxET2BKm1kVCyOAPeP3Uonbvf0nOPUNtCRifloJfZCuEb7-58qzWxznqSpz87oczWi1olQNybo

Requested by

Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame DABF 3 KB
1 KB 28ms
18ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js

Requested by

Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Sep 2022 10:22:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DABF 140 KB
43 KB 49ms
42ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Aug 2022 10:31:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame DABF 17 KB
8 KB 24ms
16ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Sep 2022 10:23:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DABF 0
0 45ms
39ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS1ChJYP5f1YHIdbvg0GYjAQ5reWmdaLXYo7PHayqU_euCIfXaRk6Xy1z-uPXnT24Mh3YornzWehsJ_q_n7_T_mpLzIYQ
Requested by: Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

POST
H2 200 events Show response
khn.crowdad.io/ 0
106 B 42ms
31ms XHR
text/plain 54.171.173.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://khn.crowdad.io/events
Requested by: Host: d2r08ja41ypc0t.cloudfront.net
URL: https://d2r08ja41ypc0t.cloudfront.net/WALLA/kahoona-idx-live.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.173.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-173-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://celebs.walla.co.il
date: Mon, 22 Aug 2022 10:31:44 GMT
access-control-allow-credentials: true
content-length: 0

OPTIONS
H2 200 events
khn.crowdad.io/ Frame 0
0 34ms
33ms Preflight 54.171.173.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://khn.crowdad.io/events
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.173.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-173-106.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://celebs.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://celebs.walla.co.il
content-length: 0
date: Mon, 22 Aug 2022 10:31:44 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4798 624 B
297 B 101ms
50ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYk9T7zQEwAQ&v=APEucNUeUWwYN8PGUsJTn9Mhg2vV9ZnlJturOsCS3oJ3-RJt2X50MFSfMYsLnugL5eJiE1XGczj6rLF4fnmEJ6OQxJ2a_BcGLipaIk8v77A0aZs5WIe_eZRXaPbGWW1qFfIQllIg0Yz_wKwIN21Dxi6IhbCIjiF04fcSMHbcd3d-5-wnrJ_zHjg

Requested by

Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 10:31:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C6F4 82 KB
34 KB 136ms
85ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AJ4dO45xypcvDt8jv_b7yWkh9A8WpgOBGKt8Bvg-kd6FFC3UDCkEYg9NjgYUWiMdurQls-D5GHz-wslAxF2LbaVtXrwCMZmHpjNMLhDVzcAxFWogxsbKtet9zeM5tlhyBO5JRisuEh1BkRsjDTOT8ma6yX5g&dbm_d=AKAmf-CZ4ojS_8wvp1slXXt4HnmWkE_CGhadLR4wWkvSGW7nbgVPC5hJShinUwyJ52f_PajAWjjxjivKmKudzkKQTChFQ5n0r2eAp7vttq_nA_yf9dFu445qnU99gLgLoSsQyZrMfqIzPDW6j7nIpWY-w8UxFlaGuoMQoV2da3xY3NUM-fLqjpWlAUMWK-sKoeeOtgiyoFYrD-mECzPNOzDXzj_W_qi_dOg623fB77NXDipTtE3yO3d6ewFgVJtH7cBwgcG_sPysEOf8c0OlCHSMSHfQnUjw8soBp3J5MaUDsYaRq7KJpXxPLPF_bsGOcVRLyEWinai-1CD8GGev3W9T3aA77etMHkzf6zWRtdD15_yb2lnRL6T0QDozsSejt39TK-VrsUhm_cwh5pfJSKqZnKfv1xL9H6Ozl3m_btm8ICeVmQfKLEeTIVKD5NaEI9t8VNQ_4YLjlv3JBSaFDjihaVAFRrGO-x3swHTwO9Gbu4TFgCumOYQ4vcGFXBKtkA15aFBnv1oaIQuiUFEOw7xOKo_fK2DxBxEePU0ly9aArhf-zlbWsuE2UYidFBBfSQl7zALFe4Y22BLgsvZqpt-V_zmdxonUJoRLlirhNXKwcXWKmoJgGLYHGAw7D72fsi5jRL2OxaZKjkWtSC0zenx-008j0QMkCwLxbiZYpI0enAX4plzSZs6abvN9c8cYt8LCu5lgLuww9V_cxDwc3EzX3Zwd5aouzsKqsjCvR0F7WoNo2djCN68XeTZlXlMqGvRmydapAy2HDCUh4n8KJwC_lhIE5yvjmOD8KUSikn82H_ZjMK-m5OpVBxS_O-Ebh7DAok2y2EkoSYY9BaANa3xSW0v2vbnjgChgIF1t_H0MP5oInNap1Rbp2qRXq07onf-uOz5ZIdKKOZzmbHQq0iz_ocdDoS_ZzNNihKhZfwx2oRdqk3Rspv-8dogboliURXFynf5o8CtaZ3ljQuBEHDCEHmGzh0D2vwf06lBd55d1lzVgGtknNZaroJk4TfYygucc6GXtqELoQXFM-nBz76qM_LnV0IDJlw1W9DcR6yv5-qiq4Jo9z03IU2n9JDpDueNQqBd4Mx_pbZd4dpwsvgRsF62uOP6WiBdjhkSXPj7XuloI4Klqv6-r8Tv8baaU8Quh6-3mAEiNhG2maTpXVsKYy1HJCsFzUFhk4nnYSRupQ8sWr6dognkfTFmxLQQ24MTEwQYVfVTafK9ZQujVCVTO5tIZlFliHvYHgP1s-PomH73sAjA_ZqoKCAbDaBI_YAeY8vI8hvdR5kohroR4oKsJyJS2jaf3XfawKIlcFiIc6aTGzDN1E8ItcuEeUs1aQJRrnfXP2HUOW_3zc8patYeFvVLQfJwkZ6EPx8yeGI1gsDMmhf066chQUFhVXpEWQeYxV6_7Pk7jVfKZC347LXrJNEvFXo0725ea2AKPivv_8so627JaoIs035QKqZlGNVRye___5QD9ttwBX_yqYcwzkmyL-Cx6UIiUbnQTHVTxcnFl-_gO6RQAgzKuAO5RmRiWUZgZ5OOg01tdqgv3_lUp1Xbvf4R0Yh1VAsEbt0Ibt2KW7CRPXDPK6IUP2BR9WtpT-fxx21ibZBsrh358f_AHspYAwqsO4qCJePstaVUUwPDQxb3ai4D0AX4HPZvndVDYVJ_GY90uNEcMp92l_4-_NSuXP8L88XLjYGc91IzwlCa-ztKN50pZm9EXzk2kjlOluAzlCDTNTNjKPA2m5nMA_cGxQ0NIlEdbI8u2ROET4HV_K4EDv-fO7bqBcJ-gRmOyVun-2wkhd-eN-BmByj9on-uxJBjbZGrBLa9vMMVdi8vB_53bp3FWwilN-mH_nQ5LCAnre3S0xNeREmxAOtKv9lKK2QAQZnpg2j9qpOLKmYhy0qvksnVHjln8HFvJ7vbYJPQd158y6x-9-TJu5d-D4B2DukqcN_P1zdzYov3c1y0slWkD0iMjDwf993hlEqULfbz-Ssah1PJZToiXHin7U7U73051xHL_6iIKhdXm8-d6UfdzQEclDjBsQbM4E1u0Kzx7MSvKGY7foeahjG736l0VRsvyuGHm7Qb1tQJS_ZhnoPmNog0H9NT3Rx-AucQ3q7dteGikjrWCxIJZ4GlCpUc-geK3fQ_T4gwFGHxauHs4pkaa0-g8xlZIrsVJ3TE1B7zCmFgB4X2mEXhkNwz6_L_HVgyjz2lQ8tOgcEfvUPiHnl3nRRB5AvTW8Jq-zBeJ84ryQM8-d-JF-SAdwSACN9ktlm4JYWNGlLRUAyRGoTG9xD5GdfrT_B_IKt61h-LvFLBBuFhf4eDSfyMQvZ2mBPuw4y8psP8piRawIfE7DZXZb--8DXrjW-aHt-0Tp-Vp7Y9K2W6BY_jR-_YkPe9EqFZJ5mxtmoUJ2mLiuSXjTRvlcHgHECF7q2d7SvZqT04tYyZ3Hwb_j4O9a1qZ2A4djHMFV_CykmRreHdiRjICY5KyQarsabrLZPH6Xb2wISSOjW4TiLvAMpMCBca0fH1shDBTXHeadhufZDz5W2iCmB9nH0IyJGQO869hS-zrt5n7dOE6bkaA4T8d_P4H3EzDbLNVkJWesJdz8abtfQ_XHy8XGcaSSm7jyYcPteTOmqLpsIeoi863UHCtJZlpcfqOJqGFkxDpzO295RHAkx_Z8JAaTjIfgjpUAu2EHdpJBsx0PhikEyhvJQXMpgWd-zi_9EynJz3kZnX_gvlqpilg7sqAf-hCtI7D_PHN0bEmfwel9Eebg1L3PW1JTTvHNySefYpR7-VBqMrLDy68PsH6uUb-8vrXtEK2G0aODpWU0mkeG8-TbErnmdwQxU6pmIL5XNGgufhqBa-CKyo31rbzA48tFsuEWc-wOixtf_nTyd-NOAVngRA3-BGD01GHzpM7OObq-ZBG5JB6_qCZ5H5gasCop1wJJVlx4fvmsMqYXTinzi9ewULSEXnL3MSII4lnaYvcKqQrgfgcV56Mqz77675gzOg_BwCl_COr4QmYxX1t0-b8QZvr4xzDei9M3k2HduZYI-WBaEj9sCUBZJGn8gWlmkSZZjDa4TCuTmD8QwFpGvsezomjpdq07uGlD8cpuXrgAxRhelaS3sw5riZdGJYRdeMb63FAbiiOftWBlsMU46vdHaF2pk2eFPkc6nDDVWW6vtIgpHLpnc6FtB8Nhcq3W5jsnEaUBg5c2qKYRHSHsEjqm-LzdDwbgVX89ruJgFM8TAPjdiah4R819ovkPTypYc7run0OarA05gNyxuBAfKmUYPaaZpwdpnxij5ogFkGhZabrgMiU5uQh4v-bF9mR16ffYBmOaG_qMi1AY4WpDQlJ6cm1-4HWWRIRHuBHdqlP7y8dBqvLUBYko684t7NMVhv57qUSVqcPc7-R9ca-0tXa-Q29fPb_kfuXNFLnBnGBCX6LpfoyQ1vwnqQRod1WXnPkI6xWnibzsuu7E_0d0KILE_wSJXf2I6k42bmTOsIgzZxcyW2IEE31wos5MWhetcELQ9PHtFA_XeblL1Fa0mgjopfAofuJtMxDgHgiTPZGRDyPr1hIutnx8Vd4f25Q7e5FtxRasWvNeX9OpT8eQ7JS0dG__BfevSvwP_wQQWFr_9l6lPfzDqxMsTbD2HZ9NtUwWHVaZcw8dPloZjGIn95tdFXSKyuziTZK7LDyknWUDTCKNBEyg72HkdDD8mr9QF6V7a18n5g3hLIJb5cDbjoz61AubfzAzm9-YoxwrCPuT0Aws6Mqn0ueLvOTSZJDGyrIJ_U&cid=CAASJORoycuhQTMCNhx_aoA099hbrZglLs1_U1tgvgtKXO2IIwn0lw&rfl=1%2Chttps%253A%252F%252Fcelebs.walla.co.il%252F%240

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f221ee70f0bdfffd448291d046d23e6d4df23f28d770b0e3075ac37f536ec877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35100
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6F4 42 B
107 B 102ms
48ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DBEqBb6sKbR3mrxlDh4o2mS6ipXijp6w8RRQClT_C2vCDYEp8-tL3gWaluX0ePYppXjXp0zSBWMI3CnWtrVvqbrQsWP3Wek5GxMPaUshyF5PQbAwg

Requested by

Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame C6F4 3 KB
1 KB 31ms
27ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js

Requested by

Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Sep 2022 10:22:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6F4 140 KB
43 KB 41ms
37ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Aug 2022 10:31:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame C6F4 17 KB
7 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Sep 2022 10:23:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C6F4 0
0 38ms
35ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTo29DxqsEGIFo9IA2-GpObi59QV0V99lz__seBFpf6cgXbc7118FCLynbE8UUq38qLkVKrimHjSNUESKJirRKbCsV6Kg
Requested by: Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 309ms
90ms Fetch
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=01243ef24dfb84c3a8764b2b9444f34a_1769_1661164304651&tm=2015&eT=0&widgetWidth=635&widgetHeight=169&widgetX=650&widgetY=1712&wRV=2000869&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=286&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 22 Aug 2022 10:31:44 GMT
content-encoding: gzip
X-TraceId: 0370d05502a0c1b3ce54252839b141e1
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 get Show response
odb.outbrain.com/utils/ 21 KB
7 KB 346ms
305ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&idx=3&rand=63828&key=NANOWDGT01&widgetJSId=SF_7&va=true&et=true&format=html&t=NjI4ODExOWE1YzI1NWJiZTk3NzY0NDcyNjliYTM5MTM=&adblck=false&abwl=false&px=650&py=2496&vpd=1296&cw=635&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000869&sig=rJJUW95x&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3ecb09399489d926c5005ba28747c0b61d3487fee81af2e6005f5e7630b7f02a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:45 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1661164305.778663,VS0,VE275
accept-ranges: bytes
x-served-by: cache-lga21956-LGA, cache-fra19141-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 323ab18ed93a46622a2c401ead14d21a
content-encoding: gzip
content-length: 6761
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 eyJpdSI6IjJiYzVkOWE1MzMzNzYwZGY3NmRjMmY3NjI1YzBkYmJhYjA0NWM1NjIxOGRmZjBmZTdlYzRkODkyODE0NzU4ZjAiLCJ3Ijo1MDAsImgiOjI4MiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 18 KB
18 KB 55ms
21ms Image
image/webp 2.21.185.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjJiYzVkOWE1MzMzNzYwZGY3NmRjMmY3NjI1YzBkYmJhYjA0NWM1NjIxOGRmZjBmZTdlYzRkODkyODE0NzU4ZjAiLCJ3Ijo1MDAsImgiOjI4MiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.185.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-176.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39a0c2c59f47196fdc00bbf350c5dac9d75d530a421932d6576470c23d7af0a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:44 GMT
last-modified: Thu, 18 Aug 2022 10:15:53 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2285232
access-control-allow-credentials: false
x-traceid: 3e768dc8fbd338e7d19847ada1e9c1e3
timing-allow-origin: *, *
content-length: 18474

GET
H/1.1

200
OK

request.php Show response
ad.ad-srv.net/ Frame A060
Redirect Chain

https://ad.ad-srv.net/request.php?zone=ekhj812lu0jl&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&documentReferer=https%3A%2F%2Fcelebs.walla.co....
https://ad.ad-srv.net/request.php?zone=ekhj812lu0jl&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&documentReferer=https%3A%2F%2Fcelebs.walla.co....

5 KB
2 KB

85ms
37ms

Document
text/html

78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=ekhj812lu0jl&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&documentReferer=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&ancestorOrigins=https%3A%2F%2Fcelebs.walla.co.il&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:11263&extVar[]=XR_DOM_RTB:celebs.walla.co.il&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FUDb-j7CVkz8j2lGmsy2HPwAAAIA9Cuc_xICZrcRViD_k9zb92Y-UP1mOhrjeLrkTL_3dOfbQ9VsPWwNjAAAAANK3FAH_KwAASicAAAIAAAAgft4M-aQfAAAAAABVU0QAVVNEACwBWAKQkQAAAAABAQUCAAAAANgAaihVDAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521XRiL1gjFiI0TEKD8-WYY-cl-IAAoADF7FK5H4XqUPzoJQU1TMzo2MTE2QIwvSa1M-KV-3u8_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMzo2MTE2%2Fbn%3D96976%2Fclickenc%3D&uidRedirect=1
Requested by: Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=23248d3349&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FUDb-j7CVkz8j2lGmsy2HPwAAAIA9Cuc_xICZrcRViD_k9zb92Y-UP1mOhrjeLrkTL_3dOfbQ9VsPWwNjAAAAANK3FAH_KwAASicAAAIAAAAgft4M-aQfAAAAAABVU0QAVVNEACwBWAKQkQAAAAABAQUCAAAAANgAaihVDAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521XRiL1gjFiI0TEKD8-WYY-cl-IAAoADF7FK5H4XqUPzoJQU1TMzo2MTE2QIwvSa1M-KV-3u8_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMzo2MTE2%2Fbn%3D96976%2Fclickenc%3D&eVS=11263&eVR=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&rnd=862699390
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 31294cdc95d7e7067d4a110d44119e41ba325579445bd7b57ede612656636635

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1752
Content-Type: text/html; charset=utf-8
Date: Mon, 22 Aug 2022 10:31:44 GMT
Expires: Mon, 22 Aug 2022 11:31:44 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-NEORY-SubId: 30056900051683901467949012059027

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 22 Aug 2022 10:31:44 GMT
Expires: Mon, 22 Aug 2022 11:31:44 +0200
Location: request.php?zone=ekhj812lu0jl&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&documentReferer=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&ancestorOrigins=https%3A%2F%2Fcelebs.walla.co.il&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:11263&extVar[]=XR_DOM_RTB:celebs.walla.co.il&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FUDb-j7CVkz8j2lGmsy2HPwAAAIA9Cuc_xICZrcRViD_k9zb92Y-UP1mOhrjeLrkTL_3dOfbQ9VsPWwNjAAAAANK3FAH_KwAASicAAAIAAAAgft4M-aQfAAAAAABVU0QAVVNEACwBWAKQkQAAAAABAQUCAAAAANgAaihVDAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521XRiL1gjFiI0TEKD8-WYY-cl-IAAoADF7FK5H4XqUPzoJQU1TMzo2MTE2QIwvSa1M-KV-3u8_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMzo2MTE2%2Fbn%3D96976%2Fclickenc%3D&uidRedirect=1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame D128 52 KB
17 KB 62ms
7ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11263&pub_id=1642880
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 20613
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 22 Aug 2022 10:31:44 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 224845
X-Served-By: cache-lga13620-LGA, cache-fra19129-FRA
X-Timer: S1661164305.885516,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame 806D 0
819 B 47ms
13ms Script
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&e=wqT_3QKNBKANAgAAAwDWAAUBCI-2jZgGEL_AloSksfC3URiv-vfO4570-lsqNgkAAAkCABEJBywAABkAAACAPQrnPyEREgApEQn0DgExAAAAQOF6lD8w0u_SCDj_V0D_V0gAUABY-cl-YABokKOyAXjQ9QWAAQGKAQCSAQNVU0SYAdgFoAFaqAEBsAEAuAEAwAEAyAEA0AEA2AEA4AEA8AEA2AIA4ALv5lXqAihodHRwczovL2NlbGVicy53YWxsYS5jby5pbC9jYXRlZ29yeS8zNjAygAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDoq9T4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3OC4xNjIuMjA5LjEzM6gEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggA4AQA8AQAiAUBmAUAoAUAwAUAyQUAJRcU8D_SBQkJBQt0AAAA2AUB4AUA8AUA-gUECAAQAJAGAJgGALgGAMEGAR8BARDaBhYKEAEJLgEAXBAAGADgBgDyBgIIAIAHAYgHAKAHALoHDwFESBgAIAAwADi6BkAAyAfQ9QXSBw0VcAE4CNoHBgknaOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=39dcedf0bb3d2f694fc1f5c65a6007c2ae5ac876&bdref=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602,https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:44 GMT
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 92f96e96-fa6a-442b-a6d5-8642eaced893
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4798
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnZb9DSYdzDyXjTeA3dnhg&google_cver=1

43 B
914 B

28ms
27ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnZb9DSYdzDyXjTeA3dnhg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYk9T7zQEwAQ&v=APEucNUeUWwYN8PGUsJTn9Mhg2vV9ZnlJturOsCS3oJ3-RJt2X50MFSfMYsLnugL5eJiE1XGczj6rLF4fnmEJ6OQxJ2a_BcGLipaIk8v77A0aZs5WIe_eZRXaPbGWW1qFfIQllIg0Yz_wKwIN21Dxi6IhbCIjiF04fcSMHbcd3d-5-wnrJ_zHjg
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73eaf0ca8e089ba6-FRA
pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCFT4Kxz8YzqH%2FDirnU2ess0%2F6ExVs%2B5Pg5Y8ghawcMRO406nU%2FgDEjCUCjXNgPDDSKnaEs9tBESGzoktInwBOsr0HH0HS76c%2FywTmXgabRhYwijq3%2BpZTv89%2Bcp2%2FK79cijiAgIivGwOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnZb9DSYdzDyXjTeA3dnhg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4798
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwNbELtI0s1x7uwB15qodAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnZb9DSYdzDyXjTeA3dnhg&google_cver=1

43 B
904 B

25ms
25ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnZb9DSYdzDyXjTeA3dnhg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYk9T7zQEwAQ&v=APEucNUeUWwYN8PGUsJTn9Mhg2vV9ZnlJturOsCS3oJ3-RJt2X50MFSfMYsLnugL5eJiE1XGczj6rLF4fnmEJ6OQxJ2a_BcGLipaIk8v77A0aZs5WIe_eZRXaPbGWW1qFfIQllIg0Yz_wKwIN21Dxi6IhbCIjiF04fcSMHbcd3d-5-wnrJ_zHjg
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73eaf0cbafc69ba6-FRA
pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2Fmro2hJvuB6DrHgY8ysiVFVLd5OrEQgwAlAN3NMf0hQAkUCee%2FOGtwtLhCTsg76hLiikf%2BViQgGaWSJkBbdokx7Vt1BOtQv0zIZyfsPti08kbKmGWucnvjTvFFHD97mtikIfhhUWIA6A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnZb9DSYdzDyXjTeA3dnhg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4798
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMiuwVz-wcUwm2xpjym8DU4&google_cver=1

43 B
1 KB

17ms
16ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMiuwVz-wcUwm2xpjym8DU4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYk9T7zQEwAQ&v=APEucNUeUWwYN8PGUsJTn9Mhg2vV9ZnlJturOsCS3oJ3-RJt2X50MFSfMYsLnugL5eJiE1XGczj6rLF4fnmEJ6OQxJ2a_BcGLipaIk8v77A0aZs5WIe_eZRXaPbGWW1qFfIQllIg0Yz_wKwIN21Dxi6IhbCIjiF04fcSMHbcd3d-5-wnrJ_zHjg

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:45 GMT
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: cff62b2a-e651-4c65-8a03-cb12b45be728
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMiuwVz-wcUwm2xpjym8DU4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4798
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjYyNjQzMjE4MjY5NjkzNDcwMw%3D%3D

170 B
188 B

73ms
23ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjYyNjQzMjE4MjY5NjkzNDcwMw%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:45 GMT
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7af8b8bd-467b-46d1-9409-4540557486f3
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjYyNjQzMjE4MjY5NjkzNDcwMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 806D 0
0 121ms
61ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKFW7vp6uvT-kxO6d7IEPIRay58WhF2x2r6DiDMVnAkwrXhJv4YIVrrb81tMBmFXcPH7YKZuknJyF_BbIDV_kU5rs4Y5Vd_m58rqKzOmmIQqwVVPSYGC1jGN9eKv4qHqzjMd4Dv5oTdxh9FchpG6YH7SxMeW55bk-8_1K-RifxABECgFdVz9lIh_YfE3j6aBx-3U8fIDPjVsXrG-wXDNOZNeHwSHV03tc32_gA2izMIxl3dC6yuHxVuihh9hzjjnz_aTqXMDeXFBVSMrQXxmzjXJLQDUF-U3Hzm4BZ94SlAeMtKhWPVRH_-qcpQBU-F230kkMc8mAN55tQ_DPLSFXG-ROuuPbFPVvamZKDhujo&sai=AMfl-YRHt4XwJW8SJRfAkz9Vm_sZWKCUCPlmrEfM0tkmCz-_x7qwydjlRC22KXZpjs4GmtNWOi3xWPkE4_4cluwvO_e6cQcyOXcnx81orD0XJjuIqeGpWuOL7ciYIiCIEw&sig=Cg0ArKJSzIz8Kx6fb-vJEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Aug 2022 10:31:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 22 Aug 2022 10:31:45 GMT

GET
DATA 200
OK truncated
/ Frame 806D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82de517d962586af959d12c96bbee7976c3e5501eb8b50141c11b21c4d429666

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7E0B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnZb9DSYdzDyXjTeA3dnhg&google_cver=1

43 B
906 B

23ms
22ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnZb9DSYdzDyXjTeA3dnhg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY3df7zQEwAQ&v=APEucNXmeqy0Gzx_2Ide-fqLeTJLNH1yNZS_RDT7ZQ8qiDXIjlUoWyCfUUoaZPRA6FFZ9FrUGE6Um2XRy4ZVuQUXN4_3b6i24gpNHa1GwRc0AYXSWqkFpKDGHVyz9ellf22b5sNbbo6jn5Cbkibwesdv1FNHIpKhOBAqO1xyFYYgrnEKJwOU6qE
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73eaf0ca8e099ba6-FRA
pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JFYMSbnXeUhit16%2FzWGuhtYZcDXtfGZVHbw8ejRW1Ej4pJwfSLxIAORu2Q3O3s4Gz3rIqy%2Fxdo07sKQSiIQUaSz4qtxE7ycJ2r7iCY5F7wSZmsUAq93eUKrDpDSoLpe274czDD8MDyEL1A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnZb9DSYdzDyXjTeA3dnhg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7E0B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwNbELtI0s1x7uwB15qodAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnZb9DSYdzDyXjTeA3dnhg&google_cver=1

43 B
906 B

27ms
27ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnZb9DSYdzDyXjTeA3dnhg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY3df7zQEwAQ&v=APEucNXmeqy0Gzx_2Ide-fqLeTJLNH1yNZS_RDT7ZQ8qiDXIjlUoWyCfUUoaZPRA6FFZ9FrUGE6Um2XRy4ZVuQUXN4_3b6i24gpNHa1GwRc0AYXSWqkFpKDGHVyz9ellf22b5sNbbo6jn5Cbkibwesdv1FNHIpKhOBAqO1xyFYYgrnEKJwOU6qE
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73eaf0cbafc99ba6-FRA
pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sffZS29dRzQd6qou2uS8%2BIOOSS7qjbuWhA5KAcdhhYTVYwrc4l8bhClAe4TY4bO0Dt2ffXUF9GIqz4ir9NBsbmISQQGCiDxisKguyA74l6o7Ka%2FH3LyYOIiWqQClNajwio%2B4U3PH01ym2A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnZb9DSYdzDyXjTeA3dnhg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7E0B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMiuwVz-wcUwm2xpjym8DU4&google_cver=1

43 B
1 KB

13ms
13ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMiuwVz-wcUwm2xpjym8DU4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEY3df7zQEwAQ&v=APEucNXmeqy0Gzx_2Ide-fqLeTJLNH1yNZS_RDT7ZQ8qiDXIjlUoWyCfUUoaZPRA6FFZ9FrUGE6Um2XRy4ZVuQUXN4_3b6i24gpNHa1GwRc0AYXSWqkFpKDGHVyz9ellf22b5sNbbo6jn5Cbkibwesdv1FNHIpKhOBAqO1xyFYYgrnEKJwOU6qE

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:45 GMT
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7c5deec8-9295-4f7b-adeb-5fd1630492cb
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMiuwVz-wcUwm2xpjym8DU4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7E0B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjYyNjQzMjE4MjY5NjkzNDcwMw%3D%3D

170 B
188 B

25ms
25ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjYyNjQzMjE4MjY5NjkzNDcwMw%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:45 GMT
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0ce898a7-e8b0-4c26-827c-27e0bc0b9170
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjYyNjQzMjE4MjY5NjkzNDcwMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame C6F4 170 KB
59 KB 89ms
13ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
Origin: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Aug 2022 17:52:35 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/ Frame C6F4 8 KB
3 KB 66ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AJ4dO45xypcvDt8jv_b7yWkh9A8WpgOBGKt8Bvg-kd6FFC3UDCkEYg9NjgYUWiMdurQls-D5GHz-wslAxF2LbaVtXrwCMZmHpjNMLhDVzcAxFWogxsbKtet9zeM5tlhyBO5JRisuEh1BkRsjDTOT8ma6yX5g&dbm_d=AKAmf-CZ4ojS_8wvp1slXXt4HnmWkE_CGhadLR4wWkvSGW7nbgVPC5hJShinUwyJ52f_PajAWjjxjivKmKudzkKQTChFQ5n0r2eAp7vttq_nA_yf9dFu445qnU99gLgLoSsQyZrMfqIzPDW6j7nIpWY-w8UxFlaGuoMQoV2da3xY3NUM-fLqjpWlAUMWK-sKoeeOtgiyoFYrD-mECzPNOzDXzj_W_qi_dOg623fB77NXDipTtE3yO3d6ewFgVJtH7cBwgcG_sPysEOf8c0OlCHSMSHfQnUjw8soBp3J5MaUDsYaRq7KJpXxPLPF_bsGOcVRLyEWinai-1CD8GGev3W9T3aA77etMHkzf6zWRtdD15_yb2lnRL6T0QDozsSejt39TK-VrsUhm_cwh5pfJSKqZnKfv1xL9H6Ozl3m_btm8ICeVmQfKLEeTIVKD5NaEI9t8VNQ_4YLjlv3JBSaFDjihaVAFRrGO-x3swHTwO9Gbu4TFgCumOYQ4vcGFXBKtkA15aFBnv1oaIQuiUFEOw7xOKo_fK2DxBxEePU0ly9aArhf-zlbWsuE2UYidFBBfSQl7zALFe4Y22BLgsvZqpt-V_zmdxonUJoRLlirhNXKwcXWKmoJgGLYHGAw7D72fsi5jRL2OxaZKjkWtSC0zenx-008j0QMkCwLxbiZYpI0enAX4plzSZs6abvN9c8cYt8LCu5lgLuww9V_cxDwc3EzX3Zwd5aouzsKqsjCvR0F7WoNo2djCN68XeTZlXlMqGvRmydapAy2HDCUh4n8KJwC_lhIE5yvjmOD8KUSikn82H_ZjMK-m5OpVBxS_O-Ebh7DAok2y2EkoSYY9BaANa3xSW0v2vbnjgChgIF1t_H0MP5oInNap1Rbp2qRXq07onf-uOz5ZIdKKOZzmbHQq0iz_ocdDoS_ZzNNihKhZfwx2oRdqk3Rspv-8dogboliURXFynf5o8CtaZ3ljQuBEHDCEHmGzh0D2vwf06lBd55d1lzVgGtknNZaroJk4TfYygucc6GXtqELoQXFM-nBz76qM_LnV0IDJlw1W9DcR6yv5-qiq4Jo9z03IU2n9JDpDueNQqBd4Mx_pbZd4dpwsvgRsF62uOP6WiBdjhkSXPj7XuloI4Klqv6-r8Tv8baaU8Quh6-3mAEiNhG2maTpXVsKYy1HJCsFzUFhk4nnYSRupQ8sWr6dognkfTFmxLQQ24MTEwQYVfVTafK9ZQujVCVTO5tIZlFliHvYHgP1s-PomH73sAjA_ZqoKCAbDaBI_YAeY8vI8hvdR5kohroR4oKsJyJS2jaf3XfawKIlcFiIc6aTGzDN1E8ItcuEeUs1aQJRrnfXP2HUOW_3zc8patYeFvVLQfJwkZ6EPx8yeGI1gsDMmhf066chQUFhVXpEWQeYxV6_7Pk7jVfKZC347LXrJNEvFXo0725ea2AKPivv_8so627JaoIs035QKqZlGNVRye___5QD9ttwBX_yqYcwzkmyL-Cx6UIiUbnQTHVTxcnFl-_gO6RQAgzKuAO5RmRiWUZgZ5OOg01tdqgv3_lUp1Xbvf4R0Yh1VAsEbt0Ibt2KW7CRPXDPK6IUP2BR9WtpT-fxx21ibZBsrh358f_AHspYAwqsO4qCJePstaVUUwPDQxb3ai4D0AX4HPZvndVDYVJ_GY90uNEcMp92l_4-_NSuXP8L88XLjYGc91IzwlCa-ztKN50pZm9EXzk2kjlOluAzlCDTNTNjKPA2m5nMA_cGxQ0NIlEdbI8u2ROET4HV_K4EDv-fO7bqBcJ-gRmOyVun-2wkhd-eN-BmByj9on-uxJBjbZGrBLa9vMMVdi8vB_53bp3FWwilN-mH_nQ5LCAnre3S0xNeREmxAOtKv9lKK2QAQZnpg2j9qpOLKmYhy0qvksnVHjln8HFvJ7vbYJPQd158y6x-9-TJu5d-D4B2DukqcN_P1zdzYov3c1y0slWkD0iMjDwf993hlEqULfbz-Ssah1PJZToiXHin7U7U73051xHL_6iIKhdXm8-d6UfdzQEclDjBsQbM4E1u0Kzx7MSvKGY7foeahjG736l0VRsvyuGHm7Qb1tQJS_ZhnoPmNog0H9NT3Rx-AucQ3q7dteGikjrWCxIJZ4GlCpUc-geK3fQ_T4gwFGHxauHs4pkaa0-g8xlZIrsVJ3TE1B7zCmFgB4X2mEXhkNwz6_L_HVgyjz2lQ8tOgcEfvUPiHnl3nRRB5AvTW8Jq-zBeJ84ryQM8-d-JF-SAdwSACN9ktlm4JYWNGlLRUAyRGoTG9xD5GdfrT_B_IKt61h-LvFLBBuFhf4eDSfyMQvZ2mBPuw4y8psP8piRawIfE7DZXZb--8DXrjW-aHt-0Tp-Vp7Y9K2W6BY_jR-_YkPe9EqFZJ5mxtmoUJ2mLiuSXjTRvlcHgHECF7q2d7SvZqT04tYyZ3Hwb_j4O9a1qZ2A4djHMFV_CykmRreHdiRjICY5KyQarsabrLZPH6Xb2wISSOjW4TiLvAMpMCBca0fH1shDBTXHeadhufZDz5W2iCmB9nH0IyJGQO869hS-zrt5n7dOE6bkaA4T8d_P4H3EzDbLNVkJWesJdz8abtfQ_XHy8XGcaSSm7jyYcPteTOmqLpsIeoi863UHCtJZlpcfqOJqGFkxDpzO295RHAkx_Z8JAaTjIfgjpUAu2EHdpJBsx0PhikEyhvJQXMpgWd-zi_9EynJz3kZnX_gvlqpilg7sqAf-hCtI7D_PHN0bEmfwel9Eebg1L3PW1JTTvHNySefYpR7-VBqMrLDy68PsH6uUb-8vrXtEK2G0aODpWU0mkeG8-TbErnmdwQxU6pmIL5XNGgufhqBa-CKyo31rbzA48tFsuEWc-wOixtf_nTyd-NOAVngRA3-BGD01GHzpM7OObq-ZBG5JB6_qCZ5H5gasCop1wJJVlx4fvmsMqYXTinzi9ewULSEXnL3MSII4lnaYvcKqQrgfgcV56Mqz77675gzOg_BwCl_COr4QmYxX1t0-b8QZvr4xzDei9M3k2HduZYI-WBaEj9sCUBZJGn8gWlmkSZZjDa4TCuTmD8QwFpGvsezomjpdq07uGlD8cpuXrgAxRhelaS3sw5riZdGJYRdeMb63FAbiiOftWBlsMU46vdHaF2pk2eFPkc6nDDVWW6vtIgpHLpnc6FtB8Nhcq3W5jsnEaUBg5c2qKYRHSHsEjqm-LzdDwbgVX89ruJgFM8TAPjdiah4R819ovkPTypYc7run0OarA05gNyxuBAfKmUYPaaZpwdpnxij5ogFkGhZabrgMiU5uQh4v-bF9mR16ffYBmOaG_qMi1AY4WpDQlJ6cm1-4HWWRIRHuBHdqlP7y8dBqvLUBYko684t7NMVhv57qUSVqcPc7-R9ca-0tXa-Q29fPb_kfuXNFLnBnGBCX6LpfoyQ1vwnqQRod1WXnPkI6xWnibzsuu7E_0d0KILE_wSJXf2I6k42bmTOsIgzZxcyW2IEE31wos5MWhetcELQ9PHtFA_XeblL1Fa0mgjopfAofuJtMxDgHgiTPZGRDyPr1hIutnx8Vd4f25Q7e5FtxRasWvNeX9OpT8eQ7JS0dG__BfevSvwP_wQQWFr_9l6lPfzDqxMsTbD2HZ9NtUwWHVaZcw8dPloZjGIn95tdFXSKyuziTZK7LDyknWUDTCKNBEyg72HkdDD8mr9QF6V7a18n5g3hLIJb5cDbjoz61AubfzAzm9-YoxwrCPuT0Aws6Mqn0ueLvOTSZJDGyrIJ_U&cid=CAASJORoycuhQTMCNhx_aoA099hbrZglLs1_U1tgvgtKXO2IIwn0lw&rfl=1%2Chttps%253A%252F%252Fcelebs.walla.co.il%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Sep 2022 10:31:03 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame C6F4 30 KB
12 KB 56ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Sep 2022 10:30:08 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame DABF 170 KB
59 KB 84ms
27ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
Origin: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Aug 2022 17:52:35 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/ Frame DABF 8 KB
3 KB 50ms
26ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D--Zp17MmCjgtcTi5_8m41Zv4RhfesfS8UjBPT7Ws25wsNN2rywC8l-OJeyhpzwxte0ShB-zKE8-UW-KfGtXJn0GRIKZdnHuqTvx1aDpHvvBl1MtgRaLOT8AE3wowUyDgWls9mo_i-3Yfsm8WBH_2gy0H6jA&dbm_d=AKAmf-C2WG-e1gEyneChVgAJJsyzdyzgsYnTQ5WSR6IEFFUr0bK2WA9dWbVjkzBp347lLzO0_r8phglVVyM7sphv4aToxHSwcas_lft4fHkGk9DGk9B8-T8JicwGD_j1EiScDLSAwZh7adZK4TR1Tq5-RF4ooBugHXWuv_vT8GXd9C-1TcU33RZgiy8WpIKFGM5jKWaw8K1lien69P_17VliCM6NzMRiGGBKdCFZcmdTuIg16C1GAE2EO83F-wzaCifvmRHtoofx3ktjHhihNUgP97u9nu7MErbX8AAiTwXxWO57dgPiqzIDzgcUXrMsSCCpJPsSTOv1aa_IVHHub9aZv9miSOTzB1cXwyGxJTSppxIw4fyPsd-AVZktbdvp0jpkhixl-CivtM7Smm41co0iskQ9Pywm31eJlfKqiUv6zXN7ZpObEOyX4_wbE35zgL7eqiN40sZM7q1X3z6ktaTQznP3IFvY8EDpY1CxjlXg8xyBnQU2WPSzEgj77U_V_i0mrxezNoYtxZVoNgBtzqXRU-qB4sUQD72bEANPabjpQDsilhZsjswzXyy3zAscqfe72Yr3ZL7stHMAC795hezBi4xg_rMS-lhhFVQuKpbtyC0MVsvwg4_2-5jzRAiIo4WVqdh9nQHz6N-fSM1ZbesZcH93RjFAaRViySb2cuF8-HM05i69VMYpW6mLbgzmfZqPXQeczxaf5SSPJCEhr_TeciIKpmIRO373-XBYamcasbNQzt9K43DsJRaVeQnq4xR_96wA4NFpKUJ2KjnPlp2UVt0XzrDZ3LSaEYERREq3AZjxzOZ7ygsi4RfG9hP1UHVnOnq4awum24v6D7yQL9yNijgSfa_doz6_aESFo1WPlKySdt_D3fX1ghVd6keeGK_XJas_6mZHshQiWLz1pCVXN4dk77Zyza0JB24g0dFIeJun3sBDje0I5aNvW6ExeI05iZgKTVmfHRPtcRWoX7V1buNz7Fsa5eaf26h574nLQoWS3ZQRzuaNfb7ez9uFiwAKJt9ysIyFOQSjVuY3qtn9h_MzQnlVCPUiLbFuN6qm_O9IQpIxjB69OJyiH2SoJZySxc1SiNmOqFq0M4C8GRS99qMq4cSgMD0X7M3hvojaGsnDNtcDd096PIQPPqOXdJ8_L3Vwqh932eobrw15bWPzHAk7KADCyvMgQJkq3Xl_dagFqW-LTj3M2VRcVP9Z_gZJf7x-oncC4TSkL7VlTuBtP-Rhze73BH7cUoT6vs75uDquZRSF-q4zQB4yNboq0vKsxD2dsWUNy3dJ6JsGOKYCpqnvZNbOndA0xBrzuqo6UmCJKD4DQ5Y9-vFoHYfkdF0_PMn_ilBymHuFbhyJieWuxr5dtU3B5rgRNiBJs88Asa5s0Yb--1e6dJZXa4xmJ2lx0aCztK69QVRFvstbTuhbLqOYMJmW8o41pubu2g6NjxlcGxu-48VOnkurgz0tO7xbWgEuho6ULNJAWDEqvJpXhG70kTIsa9JhVMj8W6WUrOugPZ5BcTU78EamM5eff8fwjgQMvcMETcq10DgsdDx8npihBT-KobaohCJOoS6Mmw3_gF395SKsEqBwrMvY2rFpQg1FA8HLVZlyEC8FrP5IOVmyKZTmtNQwpEkY8Mp6qH-vZehutt9H5a22iqxkNLbEV1icqnVhl_JPabQPo0LwvcbuezyDTN-WJcvDEAb399hq_vf-JW_r3eHdKgCROC418nZ3qTzVdUXH8K-ipinRddUHd8UZYbRgESAh1U1_bSh5jvftHqhdlXn46W9VljsnJjNxe0eNu2jjCZzg6W-MgTLoFgY9WfrLfPYeWa-uLbHDiiDSw1O28_2fLvn-pxSWrUMd8_erEdpHRLuLoOTD59ViLojMBiX5KFivG6p5a0ZKkdQOp3XPTiHpoM-0WCSis90D7RAb4BQfaVHVX70Js7adLQJF10wTqwT9wtjEVtXQSuIIjw45TrQQaLSJ7R6hbr1omUUQtOZ_O1IQuETncOKVi68Ibdv4L5uttqF_KHPGuZWa42XZ7nW-doxAsy4AWtgPKfsdqdsRd6N5wyhgKYLPHB1of6MxsiDE1xQ6sXMLeD1a4JA0sEex3wk56a-2AU2RRZ544juhGhHDN1m5lydka0QhwcK1TtIR94YAYcIKp-Msyz3Q1bLrCC5QGITbVaEwFbCHQZsfCtC8CG5-g4dZCzsyDtdjEEhEFlZ7pro2zJIoI4KF4ySk0080yd8wIalLeGvt4yKsA0CeBxLaMGMnIgvQJUMIwalGrwy6iOmXNIh1-sU6DC_KZoluhVURX3uQHMhHM_-ehPHVJ6Bc01ZW4xzZFLCRKiuGe8cvVV2lyKhFh3SkNWpJkMF3bewghSQJlLjODO-_823CKnFkBAPG2LsFodtGqATksT2Squk40KOmOEmNk6QR9sxx3VHakO62icsF58Bu36YEUaiYRJuuFFliXOSm0cSDRvL74irodeaSCD-CpYohCODhZutPdlKOPjQGj0YgIdY8HEyPiDW8m9FWgecX1JBggqEbGPkrCp8bIA3e2X90Ra5Afy0HZOyAN4sqFxM1_r3wfq1TuowZUCKfEtsDEbBvKcMDA4jefJGhXAsAn2K5WwpUFZ7WhIp6EG5OSg5yp1Ef5Lz5nBMMZH-4ztKFj0A7aBYmnhMpMDW0QdwMl4BAZocIzrxC9n2TEyu1q7_pkZ4nWWx9IPC5phuAaabtSQP_lEOYrz7YLF-91YBagclvGqkxA4NRGY_AAcfMm5P-o_XL5tV2E7z0SQuNd88zihWq78ObV-9pWgECQFcxDJNlpSTXkrLzDfmMk_VzfTz0rybEHuMghVNiIewRhLGb72iyCywTZvPYBqWfZBg5JbMyDkQj5jMOkzLOOTPAKTvB1mRHYbBo_PXyAhggZ1VKJZmk4wGr6NuvYpfscy9gPgcRAncbrtFL6HjxGerwafu3mnj5IV-XWwQ7GZUsSDIYRA0m6p1NsWUUsFtMd2O9f0vSm40A_VTt5JrhMg_5dC8x9VVEUAqctsI3BV_9APSAdoOngaoUkumYFkAjECurmfqy_DdinjrlR_Uy50Seq0z85SSTaxV1pBjCPrBpzEkq8tbhxS8Iaye5Dtb4J2tbReIMl3xwOLApBZQTsqUlrbwVFzecBfSs7gkvkki6I8ZP-cvnpwakNONH1D2wW38v4PYtxgy2yX_9fuEDtX2VSNC0SnoWv-EBkd5xWCEbgP5m2fRjC9c4lBn3grafU3_nSnSbPexCytNca3NuD1ybOe_RDI9cqlp27b5QDdnpngGj4Zk4NO6w24Eo0i1fzuwk4xaxHB7L_R_ZraRYGGnrwTf0ORraRMMGwzdSIP50Rs3xcGlrxHRsUwD6bhUUMI3ai5p-t1OIlnD59bWdrTCg7SGVtpygTysEojfKzNIZU7e9vsxmwhZx0Lth1OkPZUzMH6P1SXLgCzjK_TZrEGgQ-VN1Mlu9vG5yeMyDHsLx9NWK0MVgJND0XUrNoXBXUAczQ6vqWa9mLKu88EFFtCNMGAHxkYf2Dge4djZzig8l8h2QletiGy36cC_8jD93oohx97waN4OExn9UDJsbiHtFAEtnxpSobV4RXWCZYVrpSCFjvxvCevTJakjw6hBePvWClW6SVQ7Nw_R4qIkaZou1u6FvuK-M5UMc-m4Ii3HBQ2isnL8l2r_Jfi8ZEjEalkmB5OHm0VaHeGohp7wiLNJzmiy8bs_I7fXUvxOIlCZfgA&cid=CAASJORohNZV6CTyG8ZsTWPiqb1KN2ftxdAfnmeFewyIRZLqpBxxDQ&rfl=1%2Chttps%253A%252F%252Fcelebs.walla.co.il%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Sep 2022 10:31:03 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame DABF 30 KB
12 KB 31ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Sep 2022 10:30:08 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 806D 0
844 B 17ms
16ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&e=wqT_3QLNCvD9TQUAAAMA1gAFAQiPto2YBhDZnJrE69vL3BMYr_r3zuOe9PpbKjYJUDb-j7CVkz8RI9pRprMthz8ZAAAAgD0K5z8hxICZrcRViD8p5Pc2_dmPlD8xAAAAQOF6lD8w0u_SCDj_V0DKTkgCUKD8-WZY-cl-YABokKOyAXjQ9QWAAQGKAQNVU0SSAQNVU0SYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNDUyNTM2MiwgMTY2MTE2NDMwMyk7dWYoJ2knLCA0MTI2MTY5LCAxNjYxMTY0MzAzKTt1ZignZycsIDExNDkzODg3LCA-OwA0cicsIDIxNTkwNzg3MiwyPQD0DgGSAv0DIVdtUUlYQWpGaUkwVEVLRDgtV1lZQUNENXlYNHdBRGdBUUFCSXlrNVEwdV9TQ0ZnQVlMOEZhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVCcUFFQnNBRUF1UUdSN3dydzRYcVVQOEVCZEp0ZV9XbVFsRF9KQVFBQUFBQUFBUEFfMlFHdFRQaWxmdDd2UC1BQjJldjdBZlVCQ3RlalBKZ0NBS0FDQWJVQ0FBQUFBTDBDQUFBQUFNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBWUFEQVpnREFib0RDVUZOVXpNNk5qRXhOdUFEakMtQUJKdTkyUU9JQkp5OTJRT1FCQUNZQkFIQkJBAZEJAQR5URGhJEFBQU5nRUFQRUUBCwkBIENJQmVRdnFRVQkPGEFEd1A3RUYNDURBQUFEQkJYc1Vya2ZoZXBRX3kuKAAAOTIoAARaQhFn8ENQQV80QVhZRF9BRl84TzlCZmdGc3BxVUFvSUdBMFZWVW9nR0FKQUdBWmdHQUtFR2V4U3VSLUY2bEQtb0JnU3lCaVFKQQF7CQEAUgkHBQEAWgUGCQEAaAkHAQFAQzRCZ28umgKVASFYUmlMMWc2AQJALWNsLUlBQW9BREY3Rks1SDQhxXx6b0pRVTFUTXpvMk1URTJRSXd2U2ExTS1LVi0zdThfVRHNDEFBQVcdDABZHQwAYR0MAGMdDBBlQUNKQREQ9F4BUEFf2AIA4ALv5lXqAihodHRwczovL2NlbGVicy53YWxsYS5jby5pbC9jYXRlZ29yeS8zNjAygAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDoq9T4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3OC4xNjIuMjA5LjEzM6gEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA8xMDA1OCNBTVMzOjYxMTbaBAIIAeAEAfAEoPz5ZogFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbCiAvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Aa7M9oGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4ugZAAMgH0PUF0gcNCQAACT4cEAAYANoHBggFCWjgBwDqBwIIAPAHwvwDiggCEACVCAAAgD-YCAE.&s=154ecaad845cfe0fd971b1b74f76a1c2efa0e976&type=nv&nvt=5&jm=1003&px=314&py=425&bw=300&bh=600&sid=2061415751671434897&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=18134994&sw=1600&sh=1200&pw=1600&ph=6825&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:45 GMT
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 17cfb7c1-ed1a-4ea8-840f-dccf9140f53a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://celebs.walla.co.il
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D128 0
747 B 32ms
23ms Script
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11263&pub_id=1642880&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11263&pub_id=1642880

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:45 GMT
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: c5d16749-fd32-4e2c-bc0c-a4fe7917e471
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK viewability Show response
ad27.ad-srv.net/ Frame A060 0
150 B 74ms
15ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad27.ad-srv.net/viewability?s=30056900051683901467949012059027&a=edd9bd21&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=ekhj812lu0jl&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&documentReferer=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&ancestorOrigins=https%3A%2F%2Fcelebs.walla.co.il&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:11263&extVar[]=XR_DOM_RTB:celebs.walla.co.il&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FUDb-j7CVkz8j2lGmsy2HPwAAAIA9Cuc_xICZrcRViD_k9zb92Y-UP1mOhrjeLrkTL_3dOfbQ9VsPWwNjAAAAANK3FAH_KwAASicAAAIAAAAgft4M-aQfAAAAAABVU0QAVVNEACwBWAKQkQAAAAABAQUCAAAAANgAaihVDAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521XRiL1gjFiI0TEKD8-WYY-cl-IAAoADF7FK5H4XqUPzoJQU1TMzo2MTE2QIwvSa1M-KV-3u8_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMzo2MTE2%2Fbn%3D96976%2Fclickenc%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 22 Aug 2022 10:31:45 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

request.php Show response
ad.ad-srv.net/ Frame 0A99
Redirect Chain

https://ad.ad-srv.net/request.php?zone=is3zmzpwh1j5&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=673a1697e3100LADCSNnI6VQZmL9uulvlC9HYWkxmikufFmA1fYCyZFdSNnWb48mZgZY...
https://ad.ad-srv.net/request.php?zone=is3zmzpwh1j5&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=673a1697e3100LADCSNnI6VQZmL9uulvlC9HYWkxmikufFmA1fYCyZFdSNnWb48mZgZY...

5 KB
2 KB

53ms
30ms

Document
text/html

78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=is3zmzpwh1j5&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=673a1697e3100LADCSNnI6VQZmL9uulvlC9HYWkxmikufFmA1fYCyZFdSNnWb48mZgZYl_vli0vGW58FDWqIFiLmWG9mYM9FV3pGbp9XBcHmA1x0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=30056900051683901467949012059027&redirectClick=https%3A%2F%2Fad27.ad-srv.net%2Fc%2Fp233q5xpgofs5rk%3Ftprde%3D&uidRedirect=1
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=ekhj812lu0jl&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&documentReferer=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&ancestorOrigins=https%3A%2F%2Fcelebs.walla.co.il&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:11263&extVar[]=XR_DOM_RTB:celebs.walla.co.il&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FUDb-j7CVkz8j2lGmsy2HPwAAAIA9Cuc_xICZrcRViD_k9zb92Y-UP1mOhrjeLrkTL_3dOfbQ9VsPWwNjAAAAANK3FAH_KwAASicAAAIAAAAgft4M-aQfAAAAAABVU0QAVVNEACwBWAKQkQAAAAABAQUCAAAAANgAaihVDAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521XRiL1gjFiI0TEKD8-WYY-cl-IAAoADF7FK5H4XqUPzoJQU1TMzo2MTE2QIwvSa1M-KV-3u8_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMzo2MTE2%2Fbn%3D96976%2Fclickenc%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 407174d74674056cd4c6021ed53d525643437db71655d8744aec3d8f57f443f4

Request headers

Referer: https://ad.ad-srv.net/request.php?zone=ekhj812lu0jl&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&documentReferer=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&ancestorOrigins=https%3A%2F%2Fcelebs.walla.co.il&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:11263&extVar[]=XR_DOM_RTB:celebs.walla.co.il&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FUDb-j7CVkz8j2lGmsy2HPwAAAIA9Cuc_xICZrcRViD_k9zb92Y-UP1mOhrjeLrkTL_3dOfbQ9VsPWwNjAAAAANK3FAH_KwAASicAAAIAAAAgft4M-aQfAAAAAABVU0QAVVNEACwBWAKQkQAAAAABAQUCAAAAANgAaihVDAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521XRiL1gjFiI0TEKD8-WYY-cl-IAAoADF7FK5H4XqUPzoJQU1TMzo2MTE2QIwvSa1M-KV-3u8_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMzo2MTE2%2Fbn%3D96976%2Fclickenc%3D&uidRedirect=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1570
Content-Type: text/html; charset=utf-8
Date: Mon, 22 Aug 2022 10:31:45 GMT
Expires: Mon, 22 Aug 2022 11:31:45 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-NEORY-SubId: 73733200051684201649443012059027

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 22 Aug 2022 10:31:45 GMT
Expires: Mon, 22 Aug 2022 11:31:45 +0200
Location: request.php?zone=is3zmzpwh1j5&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=673a1697e3100LADCSNnI6VQZmL9uulvlC9HYWkxmikufFmA1fYCyZFdSNnWb48mZgZYl_vli0vGW58FDWqIFiLmWG9mYM9FV3pGbp9XBcHmA1x0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=30056900051683901467949012059027&redirectClick=https%3A%2F%2Fad27.ad-srv.net%2Fc%2Fp233q5xpgofs5rk%3Ftprde%3D&uidRedirect=1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache

GET
DATA 200
OK truncated
/ Frame A060 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/cynamics/tools/js/ Frame A060 851 B
1 KB 101ms
14ms Script
application/javascript 145.239.2.103
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=ekhj812lu0jl&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&documentReferer=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&ancestorOrigins=https%3A%2F%2Fcelebs.walla.co.il&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:11263&extVar[]=XR_DOM_RTB:celebs.walla.co.il&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FUDb-j7CVkz8j2lGmsy2HPwAAAIA9Cuc_xICZrcRViD_k9zb92Y-UP1mOhrjeLrkTL_3dOfbQ9VsPWwNjAAAAANK3FAH_KwAASicAAAIAAAAgft4M-aQfAAAAAABVU0QAVVNEACwBWAKQkQAAAAABAQUCAAAAANgAaihVDAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521XRiL1gjFiI0TEKD8-WYY-cl-IAAoADF7FK5H4XqUPzoJQU1TMzo2MTE2QIwvSa1M-KV-3u8_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMzo2MTE2%2Fbn%3D96976%2Fclickenc%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.2.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3082036.ip-145-239-2.eu
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 22 Aug 2022 10:31:45 GMT
Last-Modified: Tue, 03 May 2016 20:55:13 GMT
Server: nginx
ETag: "57291031-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17919134457033663198/ Frame 2493 128 KB
35 KB 53ms
24ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17919134457033663198/index.html?e=69&leftOffset=0&topOffset=0&c=ldNtDUFJSp&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b978259ddd49cf774a6a3d7d0ba222e59d9bf535d5e5b4af66a55e1032155158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 10:31:45 GMT
expires: Tue, 22 Aug 2023 10:31:45 GMT
last-modified: Tue, 21 Jun 2022 11:22:47 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C6F4 0
622 B 118ms
59ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuo86pNSPFZbA8Gzpmht7Zzw2zONn-hudC47LLrXxcYBMN6g8EA12hvlRaLo-ZhJ_C425GTCMhRXZApfMbl8U-5WIqevRXik8BlvxvpZ5TIAh2RqL064ddXMSq5Mp0msYBDK40H6bSmAdwDpbWuKMmXbwYX00kF3dlIAsEHir4kGOIB4bXydUh3WEDXfr2_H3eycNCRwmWv2HRmZ7jxiVGJsC3ezUBUfhtOP2Rjm7OFql9epxRMeDb2N8jfxfleQnVWTCq9gm8pfOXGM3cAcoPrYW71lp_gI335dlSxm2GQ2W89ksfrgsIP6mPXcmPXDFb9z9MU5cDk1L2UK2y1lCA8QQCbKEmWZmpUqt-96ZjYrA2OOvNcxx8qJseUOzvJJeqNiYsnQaBPtEU1hFDt7778p4C_zXNoai6cGXJttfWTSmtEE-R2UyjQokZgcehO_cDvYwA46DAoOv6Y2ZzhXu70xbIWV77EmcbRW-_T7LsuZF1YkK1xgjK1YT3kLQBAl6IuhhlP579Wyn-WXplMVCqSsyK0io1coSjp4aMRKKxP_vzTgsKVO6V-i_qJTXNTkkyS-8lgQ8E-EheOWh-Q478zCTnLzwUHZJXShV7q537qOtsDXCelU97ijLFKivckr3tifxLvHFHsw6-DCrpsiLsVYkMVvas4irBW8nz5TnAw-9G5IKGutBkuSPASY3eCjuvE92LjHmDemVb26Lr5-XqFmiTg5RVnUOLuClpnk8KDFyQk_jNHt6FMHQkW5_26RFWNpUOecB4IAeYD4HhFHsQ56uzLgFAWcWhxvqA2fk89WLf0nKUcB4PJ1ZNdbbliIBlzL1f2yEzWtNXPMfNnEWAXlvf0adGnGIRG9hbKW5X3o96-dutzh-4WZXkoLF5UYazLj5hFi3io-UzYHk6qVhkQiu9OkjLlsMbPH1mf0OeOGnCna2GA8yWY-jFPqqmMYlKRRhlydmRuau7NK0YNWdYbZmtrdNp4yIqJSuloe5a3ah6dnXgJ-MBvYRTGwnxFAn0IMRwlr9GmSt9NXhR2O_iDeetuYc9nLlWZC4D9yJEVyMSB117c1zH4vkG-AGUNI3kdEZv_4gEDjC9H9Dbz80Sny599tma2IlV9T-Dg_GGe4oGJ-UNboAxSG5EoqLtW14wS0qHRoySzBQIuVZfDsQXR3jJT_tuKUlrB0pq9dWnkXtfOE798OIp3ysMpqmCJWpOcfvxa7n_FLUy3wORVEsWi4Xo-5SaRqkjmRiKKwJAJWKWbp1o9Xme9InWeMzrTBM6Jm5z-ny5dbHQLc1baTNDqoOmG2WbhDgVN6lJUc17PbZTia3OTvCweQTHLEnOTPw&sai=AMfl-YSYQRzrkHnDwUZLqM8F7tCLlQ9WS73ajnDaVQ5g-2MwwG8tsjL0Yw8KlSc53gzD_kTPgE9Ot9TLErabbeBnj5BB5f9f5qz1w2sJzx6mA1689e3O-a_XRfM99of5GSggjY3QolRXOQ2UYgk9oVSFFLWEE0XOkJMTLJ5K3oaeJH_tBz6L6TVEigUNFV_vcDdniUTozqwpgn3orUl0pyGTlQ&sig=Cg0ArKJSzPpU9OLNEqRUEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=157&cbvp=1&cstd=150&cisv=r20220817.76173&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 22 Aug 2022 10:31:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame C6F4
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202206_es_hunger_dv_pros_339769042&atb_dpuid=di_dv&gdpr=&gdpr_consent=
https://d.adtriba.com/px.gif

42 B
227 B

96ms
95ms

Image
image/gif

44.198.207.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 44.198.207.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-198-207-4.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 22 Aug 2022 10:31:45 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Mon, 22 Aug 2022 10:31:45 GMT
Last-Modified: Mon, 22 Aug 2022 10:31:45 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C6F4 41 KB
15 KB 52ms
14ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268848
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Aug 2023 07:50:57 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A6D8 1 KB
749 B 14ms
14ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17979
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 05:32:06 GMT
etag: 48472445140208031
expires: Tue, 23 Aug 2022 05:32:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DABF 41 KB
15 KB 20ms
16ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268848
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Aug 2023 07:50:57 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B1C2 1 KB
749 B 13ms
13ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17979
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 05:32:06 GMT
etag: 48472445140208031
expires: Tue, 23 Aug 2022 05:32:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13151972954896785613/ Frame 508D 126 KB
34 KB 22ms
21ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13151972954896785613/index.html?e=69&leftOffset=0&topOffset=0&c=9dsbTFx3To&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35e04b4855605c908b85662df66fa3f5fce2fe1fa2d284873c1349b101bd7bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 10:31:45 GMT
expires: Tue, 22 Aug 2023 10:31:45 GMT
last-modified: Wed, 22 Jun 2022 11:30:07 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DABF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9e48a85c5425fcb0389ff81ae0bcfc16896f37ae51339330e1a5abf177bb9ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DABF 0
64 B 62ms
61ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss8SBYGyaJHVuaSrFyeO0rHGiiv04PjhXuZk1PElwDuF7jIH_co6Lub2GoDE8kRmEuLIqSd7RodDUsQU17dOgtkPcQDdSv6-QmmriTyQrseectanOwrgMbhPzL1HeSK7QCcqMg3stnYrZeeHR19dVyNCLgqP7AWvLdND4fzDwInjjUGXaeFx3WD_XcgXUbvQSeh1tBahR_gDLbgskcdi0D62d-WN6YrNdo9w3nIsObFnQ3cdAViJnBsIo-FPgIF7DnkMeIZhvJREPem37jeKU17_cLb-uEnvk9QVAuKvrOpYnU7SnwDpNaECEEJjmOC_a00JEgNU6Wd2hwxWvMq9-b9-Vtq32jylncNg3j-MVVCy1DdVO1HPpRLrblvvssiitrluSSLNAdnOBpvmyFi0FOlOAwN7kf6u94TmV9GyYLLqcouYtag2rSG82qilz4CqENGedD-giEvxVLd1CHMK9KhAO62rKaNkBraRss6i63yktYJecSRtR6U03cRSREjdzOpd3ASWXKOCT83SEZP8msBNW0K8PdQXT-LPa_W_ZfbjUbc5Uv-IpzuhOCs4AdVWsLozuT7ExG_I6sO1AcKH89dGyiiIKJTr1URWXfygVTYOENZMFhcnnB3669IAHh-OhBfzoCFO9pEXmPQnHMbcAS-xlLOlZj5_DcllCRs-DIL9W8E1qGsgXohqwtV4V6wy7_SzqGGVTCOjayYtOP_JqP-4OExYC8nJIf6nOgAovJY6HUDIa4dh6epd4HdKFNg20xMH9KAljaR76nt_bSATgyjdQj5m9Oh7p4PVIYlMFfOV38y1SVCp2TykmBKOokWNtp1IqIykC5kc9hTfrymzNDhs--eERoiVDvkkNuKmQHVDKX2ppzOqjUl2Umwq6-MqMWqoCl9Vhbs0QwYrUiSCVIeW4zQLEnU35dkrSKSMyn6OGHNcwom2SU4EBWdKh8SMdYb5whVWEZMU3cTQTdL9RIYlkqLam1aRVL5ZmAgyMrGfCmD7Oh8JTFHa_Cgxp9pBKZP-ehCOXBpvdFiERIo8Bh6Ks77_ZWE47Ghnd0O0c9v6VSn2z5qqsHtU9ykxU7R9o7nEHk89hcjeKjGjJnihlji9NpWtd7yj59TMVdQKfH68Mwu1UDk_ZMUhEwBUu1bGhPVBEbJsyotqT6o-kLpzbzgfHjjtyRR4UTj4iE3hNzEG8VWjwGR50gHZG55U6zPftsRpog_VTrwKgQmam3gaq-LeeZwHzZLsooA8HA7kONALs7-k-yyObknBxmpX6xCmcJOTDdCww9nw0fDoX5wVJgC70qw3LpU_-tqh82iIa94NkcyB7HqKmUV2VK2&sai=AMfl-YTU4o5yPFYEaP5nYIPJK7Z3zG8-poI01VKSmxMMltxwVkmWm37ASysrxfDhuVygSAfsQmDO1gIMdgyQHlMwkmzBqq5K56IfqEq24Te1g-AFjlH9klygzY1pkzcNJ_PxfVj1Nc__i2ivgI3ZaMyQosaWYhUkbKwUuT_-RdF-3AgxGHAIyl7mKap101YEtbs3-Ie7WCKrwvSzD7zXnUi3yA&sig=Cg0ArKJSzLVBpEwgllGmEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=223&cbvp=1&cstd=217&cisv=r20220817.03882&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a96-16-147-165.deploy.static.akamaitechnologies.com

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 22 Aug 2022 10:31:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame DABF
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202206_es_hunger_dv_pros_339769045&atb_dpuid=di_dv&gdpr=&gdpr_consent=
https://d.adtriba.com/px.gif

42 B
227 B

106ms
105ms

Image
image/gif

44.198.207.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 44.198.207.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-198-207-4.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 22 Aug 2022 10:31:45 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Mon, 22 Aug 2022 10:31:45 GMT
Last-Modified: Mon, 22 Aug 2022 10:31:45 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C6F4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35c423dde2750259158ff39824b677b9eac6bbb7fd71d9d6263a67b5a55b1051

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 94ms
94ms Fetch
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=46a75ec14959422e2750fd411fb2e2ce_1769_1661164305001&tm=2513&eT=0&widgetWidth=635&widgetHeight=169&widgetX=650&widgetY=2466&wRV=2000869&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=494&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 22 Aug 2022 10:31:45 GMT
content-encoding: gzip
X-TraceId: 8a17260669c06debfc8a91bf1867aaa7
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 get Show response
odb.outbrain.com/utils/ 22 KB
7 KB 354ms
354ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&idx=4&rand=16008&key=NANOWDGT01&widgetJSId=SF_6&va=true&et=true&format=html&t=NjI4ODExOWE1YzI1NWJiZTk3NzY0NDcyNjliYTM5MTM=&adblck=false&abwl=false&px=650&py=3458&vpd=2258&cw=635&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000869&sig=rJJUW95x&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: da6af1386e7ba8ffdda2c9b28d6af887d91f2e9c8961dbe1ed193080987694a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:45 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1661164305.234281,VS0,VE347
accept-ranges: bytes
x-served-by: cache-lga21945-LGA, cache-fra19141-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: a5dc7164a8786516361496c1ca2bb224
content-encoding: gzip
content-length: 6970
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 2493 118 KB
40 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17919134457033663198/index.html?e=69&leftOffset=0&topOffset=0&c=ldNtDUFJSp&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17919134457033663198/index.html?e=69&leftOffset=0&topOffset=0&c=ldNtDUFJSp&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 07:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11937
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Aug 2022 07:12:48 GMT

GET
H2

200

22_Q1_B2C_DACH-DE_KTS-promo_60-OFF_Affiliates_120x600.png
media.kaspersky.com/de/affiliates/ Frame 0A99
Redirect Chain

https://www.awin1.com/cshow.php?s=2519517&v=14098&q=379074&r=559379&pv=0&pref1=73733200051684201649443012059027
https://media.kaspersky.com/de/affiliates/22_Q1_B2C_DACH-DE_KTS-promo_60-OFF_Affiliates_120x600.png

75 KB
76 KB

186ms
16ms

Image
image/png

185.85.15.23
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.kaspersky.com/de/affiliates/22_Q1_B2C_DACH-DE_KTS-promo_60-OFF_Affiliates_120x600.png

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=is3zmzpwh1j5&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=673a1697e3100LADCSNnI6VQZmL9uulvlC9HYWkxmikufFmA1fYCyZFdSNnWb48mZgZYl_vli0vGW58FDWqIFiLmWG9mYM9FV3pGbp9XBcHmA1x0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=30056900051683901467949012059027&redirectClick=https%3A%2F%2Fad27.ad-srv.net%2Fc%2Fp233q5xpgofs5rk%3Ftprde%3D&uidRedirect=1

Protocol

Server

185.85.15.23 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

/ Kaspersky Labs, Kaspersky Labs

Resource Hash

0a7f8b826739560b5dd0676bc4a0803f4a048b870edb74bfa83c572ff4353868

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 14 Jan 2022 13:27:39 GMT
server
x-powered-by: Kaspersky Labs, Kaspersky Labs
etag: "dc43ba804a9d81:0"
x-frame-options: SAMEORIGIN
content-type: image/png
x-xss-protection: 1; mode=block
x-server: fr1/FRA3
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 77297
date: Mon, 22 Aug 2022 10:31:45 GMT

Redirect headers

Date: Mon, 22 Aug 2022 10:31:45 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://media.kaspersky.com/de/affiliates/22_Q1_B2C_DACH-DE_KTS-promo_60-OFF_Affiliates_120x600.png
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 508D 118 KB
40 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13151972954896785613/index.html?e=69&leftOffset=0&topOffset=0&c=9dsbTFx3To&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13151972954896785613/index.html?e=69&leftOffset=0&topOffset=0&c=9dsbTFx3To&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 07:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11937
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Aug 2022 07:12:48 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2B4F 22 KB
8 KB 29ms
17ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 268848
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:50:57 GMT
expires: Sat, 19 Aug 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8207 22 KB
8 KB 29ms
18ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 268848
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:50:57 GMT
expires: Sat, 19 Aug 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK viewability Show response
ad27.ad-srv.net/ Frame 0A99 0
150 B 47ms
12ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad27.ad-srv.net/viewability?s=73733200051684201649443012059027&a=29f2dfb0&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=is3zmzpwh1j5&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=673a1697e3100LADCSNnI6VQZmL9uulvlC9HYWkxmikufFmA1fYCyZFdSNnWb48mZgZYl_vli0vGW58FDWqIFiLmWG9mYM9FV3pGbp9XBcHmA1x0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=30056900051683901467949012059027&redirectClick=https%3A%2F%2Fad27.ad-srv.net%2Fc%2Fp233q5xpgofs5rk%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 22 Aug 2022 10:31:45 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame F296 43 B
702 B 235ms
66ms Document
image/gif 96.16.147.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2519517&v=14098&q=379074&r=559379&pv=1&pref1=73733200051684201649443012059027

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

96.16.147.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ad.ad-srv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Awin-Akamai-Rule-Set: default
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 22 Aug 2022 10:31:45 GMT
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Strict-Transport-Security: max-age=86400

GET
DATA 200
OK truncated
/ Frame 0A99 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/hofe/tools/js/ Frame 0A99 851 B
1 KB 74ms
15ms Script
application/javascript 145.239.2.103
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/hofe/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=is3zmzpwh1j5&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=673a1697e3100LADCSNnI6VQZmL9uulvlC9HYWkxmikufFmA1fYCyZFdSNnWb48mZgZYl_vli0vGW58FDWqIFiLmWG9mYM9FV3pGbp9XBcHmA1x0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=30056900051683901467949012059027&redirectClick=https%3A%2F%2Fad27.ad-srv.net%2Fc%2Fp233q5xpgofs5rk%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.2.103 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3082036.ip-145-239-2.eu
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 22 Aug 2022 10:31:45 GMT
Last-Modified: Fri, 05 Aug 2016 12:57:29 GMT
Server: nginx
ETag: "57a48d39-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H2 200 dpixel
cms.quantserve.com/ Frame A6D8 35 B
463 B 344ms
102ms Image
image/gif 2620:116:800b:21:a021:b886:81cc:55cf
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEF7Tj178LtrdLI7uYEtZhY8&google_cver=1&google_push=AehlK4DjoPQtapRD3MerAvP7lkuFbUFM7Y53hOr4MK3skeGq-G-3ytjdKTX4uMgqAQtBs_z4iDyw-XwF_Fdso-xk4R89F33WlVphmw

Requested by

Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame A6D8
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGntvDKS3QCB77qhXV2pPCo&google_cver=1&google_push=AehlK4C0noNyqDiviIdhZoa6Sz3wsqyJZfg_Z5RHJoNS6gG_7bJ2tGEEc56vydJgVMzPlgWYxdpbs6TzyQnaeAy7zGWlCKGMZuErz...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGntvDKS3QCB77qhXV2pPCo&google_cver=1&google_push=AehlK4C0noNyqDiviIdhZoa6Sz3wsqyJZfg_Z5RHJoNS6gG_7bJ2tGEEc56vydJgVMzPlgWYxdpbs6TzyQnaeAy7zGWlCKGMZuE...

43 B
417 B

166ms
151ms

Image
image/gif

2606:4700:4400::6812:230b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGntvDKS3QCB77qhXV2pPCo&google_cver=1&google_push=AehlK4C0noNyqDiviIdhZoa6Sz3wsqyJZfg_Z5RHJoNS6gG_7bJ2tGEEc56vydJgVMzPlgWYxdpbs6TzyQnaeAy7zGWlCKGMZuErzg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4C0noNyqDiviIdhZoa6Sz3wsqyJZfg_Z5RHJoNS6gG_7bJ2tGEEc56vydJgVMzPlgWYxdpbs6TzyQnaeAy7zGWlCKGMZuErzg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 73eaf0ce0e39914c-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 318
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 73eaf0ccdc56914c-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGntvDKS3QCB77qhXV2pPCo&google_cver=1&google_push=AehlK4C0noNyqDiviIdhZoa6Sz3wsqyJZfg_Z5RHJoNS6gG_7bJ2tGEEc56vydJgVMzPlgWYxdpbs6TzyQnaeAy7zGWlCKGMZuErzg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4C0noNyqDiviIdhZoa6Sz3wsqyJZfg_Z5RHJoNS6gG_7bJ2tGEEc56vydJgVMzPlgWYxdpbs6TzyQnaeAy7zGWlCKGMZuErzg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A6D8
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEC1JOfDda03bQqk452i0YXw&google_cver=1&google_push=AehlK4ABRKihSdQ8Ikc6r7S_Iv-y8FFK9ZPWI6YR_u7BBtgMHkf3_HShnTUjfiyiFYE_Bh8wXr-EEEuomr3Z89O7_gVW28M0CQau6Q
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A7EBC20217204F729B1DDD59D411A27B&google_push=AehlK4ABRKihSdQ8Ikc6r7S_Iv-y8FFK9ZPWI6YR_u7BBtgMHkf3_HShnTUjfiyiFYE_Bh8wXr-EEEuomr3Z89O...

170 B
188 B

39ms
38ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A7EBC20217204F729B1DDD59D411A27B&google_push=AehlK4ABRKihSdQ8Ikc6r7S_Iv-y8FFK9ZPWI6YR_u7BBtgMHkf3_HShnTUjfiyiFYE_Bh8wXr-EEEuomr3Z89O7_gVW28M0CQau6Q

Requested by

Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Aug 2022 10:31:45 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A7EBC20217204F729B1DDD59D411A27B&google_push=AehlK4ABRKihSdQ8Ikc6r7S_Iv-y8FFK9ZPWI6YR_u7BBtgMHkf3_HShnTUjfiyiFYE_Bh8wXr-EEEuomr3Z89O7_gVW28M0CQau6Q
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sun, 21 Aug 2022 10:31:45 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame A6D8 70 B
265 B 126ms
51ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPs46Q1Z-VWaeIL3-cbEhSk&google_cver=1&google_push=AehlK4AgOIbfYo0O4kNr01iGJvJGyo1XaetKCtSX8L0ypAfVKV34GvEcLzjyvvKgfCPVGVVIV5WobcMbDz5vV6J45qdKHdByBz4CCQ
Requested by: Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A6D8
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGh6I2j92XrimfVhd-Z0aOc&google_cver=1&google_push=AehlK4B-MQAamAVfOyCjw-WbpGbkeHku5fQTipRF-jr7La1pbfT9-31m1Qynna8nDguhSVHcxyvlxIFwZNrT4L...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEzNDY0NjM2MzI3MDI4MTM1OA%3D%3D&google_push=AehlK4B-MQAamAVfOyCjw-WbpGbkeHku5fQTipRF-jr7La1pbfT9-31m1Qynna8nDguhSVHcxyvlxIFwZNrT4LrH7j...

170 B
188 B

45ms
44ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEzNDY0NjM2MzI3MDI4MTM1OA%3D%3D&google_push=AehlK4B-MQAamAVfOyCjw-WbpGbkeHku5fQTipRF-jr7La1pbfT9-31m1Qynna8nDguhSVHcxyvlxIFwZNrT4LrH7jNSOwHUtzNF6Q

Requested by

Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEzNDY0NjM2MzI3MDI4MTM1OA%3D%3D&google_push=AehlK4B-MQAamAVfOyCjw-WbpGbkeHku5fQTipRF-jr7La1pbfT9-31m1Qynna8nDguhSVHcxyvlxIFwZNrT4LrH7jNSOwHUtzNF6Q
Date: Mon, 22 Aug 2022 10:31:45 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A6D8
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHfEm-CiD4N2iEbJpCq4iOk&google_cver=1&google_push=AehlK4CAdmi2M-rcCvJ0RSdrj3-BQ5LsDBra0WktK8P6vzlc9ZWWwek_o2fVWVPzpwgwFCWa0-64zGzBeXPVmTnnKX9a0JW...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4CAdmi2M-rcCvJ0RSdrj3-BQ5LsDBra0WktK8P6vzlc9ZWWwek_o2fVWVPzpwgwFCWa0-64zGzBeXPVmTnnKX9a0JWIJK2w7Q&google_hm=MjQwNjIyMjU4NDM1NTg3...

170 B
188 B

25ms
24ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4CAdmi2M-rcCvJ0RSdrj3-BQ5LsDBra0WktK8P6vzlc9ZWWwek_o2fVWVPzpwgwFCWa0-64zGzBeXPVmTnnKX9a0JWIJK2w7Q&google_hm=MjQwNjIyMjU4NDM1NTg3MTE4Mw%3D%3D

Requested by

Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Aug 2022 10:31:45 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4CAdmi2M-rcCvJ0RSdrj3-BQ5LsDBra0WktK8P6vzlc9ZWWwek_o2fVWVPzpwgwFCWa0-64zGzBeXPVmTnnKX9a0JWIJK2w7Q&google_hm=MjQwNjIyMjU4NDM1NTg3MTE4Mw%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A6D8
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4A-qqog3I87iPdEb8N3QUF4FvlGNqhrcyjmBEcaawMut1eFw4qPZXWskNSA52FvM_PYyXc1ylMbGwHi4lnG1QCla61qvHNaKg&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-b7c844c7-5d82-43d8-9462-242bc8b7e5ee-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4A-qqog3I87iPdEb8N3Q...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4A-qqog3I87iPdEb8N3QUF4FvlGNqhrcyjmBEcaawMut1eFw4qPZXWskNSA52FvM_PYyXc1ylMbGwHi4lnG1QCla61qvHNaKg&google_hm=A7fIRMddgkPYlGIkK8i35e4

170 B
188 B

26ms
25ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4A-qqog3I87iPdEb8N3QUF4FvlGNqhrcyjmBEcaawMut1eFw4qPZXWskNSA52FvM_PYyXc1ylMbGwHi4lnG1QCla61qvHNaKg&google_hm=A7fIRMddgkPYlGIkK8i35e4

Requested by

Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4A-qqog3I87iPdEb8N3QUF4FvlGNqhrcyjmBEcaawMut1eFw4qPZXWskNSA52FvM_PYyXc1ylMbGwHi4lnG1QCla61qvHNaKg&google_hm=A7fIRMddgkPYlGIkK8i35e4
date: Mon, 22 Aug 2022 10:31:45 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXb7c844c75d8243d89462242bc8b7e5ee003
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A6D8 0
12 B 24ms
24ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IL4f16UHSgWnXoyZuQmRcg8DwnkiNnDdsTddSZui4a2y7ucQOUq5EsZSQ8aB3fLDpoaavu

Requested by

Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1C2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGf2d1rtM8vQiIXV5laQ4ps&google_cver=1&google_push=AehlK4C2fP0ty0ZdRJWnJiW0cbjjr1vg88Lsdj15iju_Poxj36L4eSZVYZZTOAXsJImipXXSoGapW2lC-G_m7a4Q...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4C2fP0ty0ZdRJWnJiW0cbjjr1vg88Lsdj15iju_Poxj36L4eSZVYZZTOAXsJImipXXSoGapW2lC-G_m7a4QtUoPW1oAxDQ5

170 B
188 B

25ms
24ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4C2fP0ty0ZdRJWnJiW0cbjjr1vg88Lsdj15iju_Poxj36L4eSZVYZZTOAXsJImipXXSoGapW2lC-G_m7a4QtUoPW1oAxDQ5

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 22 Aug 2022 10:31:46 GMT
Server: MT3 4494 7cf1da7 master nrt-pixel-x16 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4C2fP0ty0ZdRJWnJiW0cbjjr1vg88Lsdj15iju_Poxj36L4eSZVYZZTOAXsJImipXXSoGapW2lC-G_m7a4QtUoPW1oAxDQ5
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 22 Aug 2022 10:31:45 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame B1C2
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGntvDKS3QCB77qhXV2pPCo&google_cver=1&google_push=AehlK4CW9IdUOvsMGQcEmhMhpVZ-spmdJGMTUx9-CWGzJA20uOW308OJgWuy-3G5jvducv_lYiLJTiDZtPZMsWiIen_AxNle4kE&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGntvDKS3QCB77qhXV2pPCo&google_cver=1&google_push=AehlK4CW9IdUOvsMGQcEmhMhpVZ-spmdJGMTUx9-CWGzJA20uOW308OJgWuy-3G5jvducv_lYiLJTiDZtPZMsWiIen_AxNle4kE...

43 B
386 B

183ms
168ms

Image
image/gif

2606:4700:4400::6812:230b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGntvDKS3QCB77qhXV2pPCo&google_cver=1&google_push=AehlK4CW9IdUOvsMGQcEmhMhpVZ-spmdJGMTUx9-CWGzJA20uOW308OJgWuy-3G5jvducv_lYiLJTiDZtPZMsWiIen_AxNle4kE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4CW9IdUOvsMGQcEmhMhpVZ-spmdJGMTUx9-CWGzJA20uOW308OJgWuy-3G5jvducv_lYiLJTiDZtPZMsWiIen_AxNle4kE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 73eaf0ce0e38914c-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 815
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 73eaf0ccdc58914c-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGntvDKS3QCB77qhXV2pPCo&google_cver=1&google_push=AehlK4CW9IdUOvsMGQcEmhMhpVZ-spmdJGMTUx9-CWGzJA20uOW308OJgWuy-3G5jvducv_lYiLJTiDZtPZMsWiIen_AxNle4kE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4CW9IdUOvsMGQcEmhMhpVZ-spmdJGMTUx9-CWGzJA20uOW308OJgWuy-3G5jvducv_lYiLJTiDZtPZMsWiIen_AxNle4kE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1C2
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEO4scKCfsvE8cNUlGxD7iyw&google_cver=1&google_push=AehlK4BVbkROPXDHLayVCyr5LLTamQvAAkC-NAxUhhV5bipUcNIElvl_ddSfRGpTNYQ95qaeMnnh_paN1QGHzURK...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ITp3B1smQ3iUYzsugBi6GQ2&google_push=AehlK4BVbkROPXDHLayVCyr5LLTamQvAAkC-NAxUhhV5bipUcNIElvl_ddSfRGpTNYQ95qaeMnnh_paN1QGHzURK0CcKbkAJySh0

170 B
188 B

50ms
48ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ITp3B1smQ3iUYzsugBi6GQ2&google_push=AehlK4BVbkROPXDHLayVCyr5LLTamQvAAkC-NAxUhhV5bipUcNIElvl_ddSfRGpTNYQ95qaeMnnh_paN1QGHzURK0CcKbkAJySh0

Requested by

Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Aug 2022 10:31:45 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ITp3B1smQ3iUYzsugBi6GQ2&google_push=AehlK4BVbkROPXDHLayVCyr5LLTamQvAAkC-NAxUhhV5bipUcNIElvl_ddSfRGpTNYQ95qaeMnnh_paN1QGHzURK0CcKbkAJySh0
x-host: tde-deliveryengine-production-9ffc95d-cx7pz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1C2
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHfEm-CiD4N2iEbJpCq4iOk&google_cver=1&google_push=AehlK4BCHI-ze17J3vIky_2BANolsvlbOHxI-Zx43EcgkvWVv7cPlB4mHcXN2_xSCdEmKysTIJSkI_eJoJgmhKyNuw3hsgn...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4BCHI-ze17J3vIky_2BANolsvlbOHxI-Zx43EcgkvWVv7cPlB4mHcXN2_xSCdEmKysTIJSkI_eJoJgmhKyNuw3hsgnyAAuu&google_hm=MTcyMTAzOTA3NzA2MDIwOD...

170 B
188 B

23ms
22ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4BCHI-ze17J3vIky_2BANolsvlbOHxI-Zx43EcgkvWVv7cPlB4mHcXN2_xSCdEmKysTIJSkI_eJoJgmhKyNuw3hsgnyAAuu&google_hm=MTcyMTAzOTA3NzA2MDIwODMxOA%3D%3D

Requested by

Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Aug 2022 10:31:45 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4BCHI-ze17J3vIky_2BANolsvlbOHxI-Zx43EcgkvWVv7cPlB4mHcXN2_xSCdEmKysTIJSkI_eJoJgmhKyNuw3hsgnyAAuu&google_hm=MTcyMTAzOTA3NzA2MDIwODMxOA%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1C2
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4C1_saKeSeF1y91yEvrTSRF01J0CTkMzcHDtehPGdM0awdPRNa9aPWHusxmuySjXF2BIoCXDsfC1erj47kG7v7Y2v1J5VQ&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-b7c844c7-5d82-43d8-9462-242bc8b7e5ee-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4C1_saKeSeF1y91yEvrT...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4C1_saKeSeF1y91yEvrTSRF01J0CTkMzcHDtehPGdM0awdPRNa9aPWHusxmuySjXF2BIoCXDsfC1erj47kG7v7Y2v1J5VQ&google_hm=A7fIRMddgkPYlGIkK8i35e4

170 B
188 B

25ms
24ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4C1_saKeSeF1y91yEvrTSRF01J0CTkMzcHDtehPGdM0awdPRNa9aPWHusxmuySjXF2BIoCXDsfC1erj47kG7v7Y2v1J5VQ&google_hm=A7fIRMddgkPYlGIkK8i35e4

Requested by

Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4C1_saKeSeF1y91yEvrTSRF01J0CTkMzcHDtehPGdM0awdPRNa9aPWHusxmuySjXF2BIoCXDsfC1erj47kG7v7Y2v1J5VQ&google_hm=A7fIRMddgkPYlGIkK8i35e4
date: Mon, 22 Aug 2022 10:31:45 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXb7c844c75d8243d89462242bc8b7e5ee003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B1C2
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEN3jXDTeeWRGI75i0gRusjw&google_cver=1&google_push=AehlK4D_U729_2zAxOEPgZEtzCqgXbcCrK0D0cS0J05tarZwA08VwDYJRGCExuX3GE9b-u2Fhm...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEN3jXDTeeWRGI75i0gRusjw&google_cver=1&google_push=AehlK4D_U729_2zAxOEPgZEtzCqgXbcCrK0D0cS0J05tarZwA08VwDYJRGCExuX3GE9b-u2Fhm...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JSkNTZXpwRTJ1RjV2WjBqcVNZSjFaRXZTMU5IUno5WX5B&google_push=AehlK4D_U729_2zAxOEPgZEtzCqgXbcCrK0D0cS0J05tarZwA08VwDYJR...

170 B
188 B

24ms
23ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JSkNTZXpwRTJ1RjV2WjBqcVNZSjFaRXZTMU5IUno5WX5B&google_push=AehlK4D_U729_2zAxOEPgZEtzCqgXbcCrK0D0cS0J05tarZwA08VwDYJRGCExuX3GE9b-u2FhmnEz6L16qvVTzueLvTA1HB_za3KhQ

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JSkNTZXpwRTJ1RjV2WjBqcVNZSjFaRXZTMU5IUno5WX5B&google_push=AehlK4D_U729_2zAxOEPgZEtzCqgXbcCrK0D0cS0J05tarZwA08VwDYJRGCExuX3GE9b-u2FhmnEz6L16qvVTzueLvTA1HB_za3KhQ
date: Mon, 22 Aug 2022 10:31:45 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 um
sync.teads.tv/ Frame B1C2 23 B
172 B 217ms
57ms Image
image/gif 2.21.185.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMZ_zOCUSSdVkVcFul_2aN4&google_cver=1&google_push=AehlK4BJM2ViEqrujbqfw2V6T1S9uZKW2AmhsmKR6OnpHfDrq94osyeuCDxAb4QiH8D097vWVW01YoSOMktDRodu0rQiQUC6qsrO4w
Requested by: Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.185.49 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-49.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 22 Aug 2022 10:31:45 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B1C2 0
12 B 35ms
23ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JvI9bdDCI-bDBS3byrr8b8yFZith1RuduvyikamgFEOIkmoDByRs-PeMqBrpmpw6_hCJItyIM

Requested by

Host: cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com
URL: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 404 null
s0.2mdn.net/sadbundle/17919134457033663198/ Frame 2493 43 B
64 B 134ms
133ms Image
image/gif 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17919134457033663198/null

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17919134457033663198/index.html?e=69&leftOffset=0&topOffset=0&c=ldNtDUFJSp&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17919134457033663198/index.html?e=69&leftOffset=0&topOffset=0&c=ldNtDUFJSp&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:45 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Mon, 22 Aug 2022 10:31:45 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame DABF 0
26 B 109ms
58ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss8SBYGyaJHVuaSrFyeO0rHGiiv04PjhXuZk1PElwDuF7jIH_co6Lub2GoDE8kRmEuLIqSd7RodDUsQU17dOgtkPcQDdSv6-QmmriTyQrseectanOwrgMbhPzL1HeSK7QCcqMg3stnYrZeeHR19dVyNCLgqP7AWvLdND4fzDwInjjUGXaeFx3WD_XcgXUbvQSeh1tBahR_gDLbgskcdi0D62d-WN6YrNdo9w3nIsObFnQ3cdAViJnBsIo-FPgIF7DnkMeIZhvJREPem37jeKU17_cLb-uEnvk9QVAuKvrOpYnU7SnwDpNaECEEJjmOC_a00JEgNU6Wd2hwxWvMq9-b9-Vtq32jylncNg3j-MVVCy1DdVO1HPpRLrblvvssiitrluSSLNAdnOBpvmyFi0FOlOAwN7kf6u94TmV9GyYLLqcouYtag2rSG82qilz4CqENGedD-giEvxVLd1CHMK9KhAO62rKaNkBraRss6i63yktYJecSRtR6U03cRSREjdzOpd3ASWXKOCT83SEZP8msBNW0K8PdQXT-LPa_W_ZfbjUbc5Uv-IpzuhOCs4AdVWsLozuT7ExG_I6sO1AcKH89dGyiiIKJTr1URWXfygVTYOENZMFhcnnB3669IAHh-OhBfzoCFO9pEXmPQnHMbcAS-xlLOlZj5_DcllCRs-DIL9W8E1qGsgXohqwtV4V6wy7_SzqGGVTCOjayYtOP_JqP-4OExYC8nJIf6nOgAovJY6HUDIa4dh6epd4HdKFNg20xMH9KAljaR76nt_bSATgyjdQj5m9Oh7p4PVIYlMFfOV38y1SVCp2TykmBKOokWNtp1IqIykC5kc9hTfrymzNDhs--eERoiVDvkkNuKmQHVDKX2ppzOqjUl2Umwq6-MqMWqoCl9Vhbs0QwYrUiSCVIeW4zQLEnU35dkrSKSMyn6OGHNcwom2SU4EBWdKh8SMdYb5whVWEZMU3cTQTdL9RIYlkqLam1aRVL5ZmAgyMrGfCmD7Oh8JTFHa_Cgxp9pBKZP-ehCOXBpvdFiERIo8Bh6Ks77_ZWE47Ghnd0O0c9v6VSn2z5qqsHtU9ykxU7R9o7nEHk89hcjeKjGjJnihlji9NpWtd7yj59TMVdQKfH68Mwu1UDk_ZMUhEwBUu1bGhPVBEbJsyotqT6o-kLpzbzgfHjjtyRR4UTj4iE3hNzEG8VWjwGR50gHZG55U6zPftsRpog_VTrwKgQmam3gaq-LeeZwHzZLsooA8HA7kONALs7-k-yyObknBxmpX6xCmcJOTDdCww9nw0fDoX5wVJgC70qw3LpU_-tqh82iIa94NkcyB7HqKmUV2VK2&sai=AMfl-YTU4o5yPFYEaP5nYIPJK7Z3zG8-poI01VKSmxMMltxwVkmWm37ASysrxfDhuVygSAfsQmDO1gIMdgyQHlMwkmzBqq5K56IfqEq24Te1g-AFjlH9klygzY1pkzcNJ_PxfVj1Nc__i2ivgI3ZaMyQosaWYhUkbKwUuT_-RdF-3AgxGHAIyl7mKap101YEtbs3-Ie7WCKrwvSzD7zXnUi3yA&sig=Cg0ArKJSzLVBpEwgllGmEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=461&vt=11&dtpt=238&dett=3&cstd=217&cisv=r20220817.03882&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Aug 2022 10:31:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2493 7 KB
5 KB 115ms
55ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea1eff637e9efad5740c9771b64323c2e80d3fd150d6bcc8f8694ecb62405144

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Aug 2022 10:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5584
x-xss-protection: 0

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2B4F 36 KB
14 KB 45ms
42ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 05:27:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 20 Aug 2023 05:27:47 GMT

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8207 36 KB
14 KB 50ms
47ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 05:27:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 20 Aug 2023 05:27:47 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 508D 7 KB
6 KB 112ms
54ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d19d72d656cefae88ac62b9f7b72aec45c36ab2468b15944e554046a06d0e2da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Aug 2022 10:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5673
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C6F4 0
26 B 56ms
56ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuo86pNSPFZbA8Gzpmht7Zzw2zONn-hudC47LLrXxcYBMN6g8EA12hvlRaLo-ZhJ_C425GTCMhRXZApfMbl8U-5WIqevRXik8BlvxvpZ5TIAh2RqL064ddXMSq5Mp0msYBDK40H6bSmAdwDpbWuKMmXbwYX00kF3dlIAsEHir4kGOIB4bXydUh3WEDXfr2_H3eycNCRwmWv2HRmZ7jxiVGJsC3ezUBUfhtOP2Rjm7OFql9epxRMeDb2N8jfxfleQnVWTCq9gm8pfOXGM3cAcoPrYW71lp_gI335dlSxm2GQ2W89ksfrgsIP6mPXcmPXDFb9z9MU5cDk1L2UK2y1lCA8QQCbKEmWZmpUqt-96ZjYrA2OOvNcxx8qJseUOzvJJeqNiYsnQaBPtEU1hFDt7778p4C_zXNoai6cGXJttfWTSmtEE-R2UyjQokZgcehO_cDvYwA46DAoOv6Y2ZzhXu70xbIWV77EmcbRW-_T7LsuZF1YkK1xgjK1YT3kLQBAl6IuhhlP579Wyn-WXplMVCqSsyK0io1coSjp4aMRKKxP_vzTgsKVO6V-i_qJTXNTkkyS-8lgQ8E-EheOWh-Q478zCTnLzwUHZJXShV7q537qOtsDXCelU97ijLFKivckr3tifxLvHFHsw6-DCrpsiLsVYkMVvas4irBW8nz5TnAw-9G5IKGutBkuSPASY3eCjuvE92LjHmDemVb26Lr5-XqFmiTg5RVnUOLuClpnk8KDFyQk_jNHt6FMHQkW5_26RFWNpUOecB4IAeYD4HhFHsQ56uzLgFAWcWhxvqA2fk89WLf0nKUcB4PJ1ZNdbbliIBlzL1f2yEzWtNXPMfNnEWAXlvf0adGnGIRG9hbKW5X3o96-dutzh-4WZXkoLF5UYazLj5hFi3io-UzYHk6qVhkQiu9OkjLlsMbPH1mf0OeOGnCna2GA8yWY-jFPqqmMYlKRRhlydmRuau7NK0YNWdYbZmtrdNp4yIqJSuloe5a3ah6dnXgJ-MBvYRTGwnxFAn0IMRwlr9GmSt9NXhR2O_iDeetuYc9nLlWZC4D9yJEVyMSB117c1zH4vkG-AGUNI3kdEZv_4gEDjC9H9Dbz80Sny599tma2IlV9T-Dg_GGe4oGJ-UNboAxSG5EoqLtW14wS0qHRoySzBQIuVZfDsQXR3jJT_tuKUlrB0pq9dWnkXtfOE798OIp3ysMpqmCJWpOcfvxa7n_FLUy3wORVEsWi4Xo-5SaRqkjmRiKKwJAJWKWbp1o9Xme9InWeMzrTBM6Jm5z-ny5dbHQLc1baTNDqoOmG2WbhDgVN6lJUc17PbZTia3OTvCweQTHLEnOTPw&sai=AMfl-YSYQRzrkHnDwUZLqM8F7tCLlQ9WS73ajnDaVQ5g-2MwwG8tsjL0Yw8KlSc53gzD_kTPgE9Ot9TLErabbeBnj5BB5f9f5qz1w2sJzx6mA1689e3O-a_XRfM99of5GSggjY3QolRXOQ2UYgk9oVSFFLWEE0XOkJMTLJ5K3oaeJH_tBz6L6TVEigUNFV_vcDdniUTozqwpgn3orUl0pyGTlQ&sig=Cg0ArKJSzPpU9OLNEqRUEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=617&vt=11&dtpt=460&dett=3&cstd=150&cisv=r20220817.76173&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Aug 2022 10:31:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 508D 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Aug 2022 10:31:45 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2493 17 KB
6 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Aug 2022 10:31:45 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 93ms
93ms Fetch
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=e6842631bd6a420a5b2b3b4f6b062139_1769_1661164305528&tm=2911&eT=0&widgetWidth=635&widgetHeight=135&widgetX=650&widgetY=3421&wRV=2000869&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=393&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 22 Aug 2022 10:31:45 GMT
content-encoding: gzip
X-TraceId: 491819bb492734673c550b1fbaffec10
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 get Show response
odb.outbrain.com/utils/ 22 KB
7 KB 369ms
368ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&idx=5&rand=32793&key=NANOWDGT01&widgetJSId=SF_6&va=true&et=true&format=html&t=NjI4ODExOWE1YzI1NWJiZTk3NzY0NDcyNjliYTM5MTM=&adblck=false&abwl=false&px=650&py=4185&vpd=2985&cw=635&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000869&sig=rJJUW95x&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5fbece7bd39b0d29499082f589def805bb60568fac1e2ec6fc91031b774dce6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:45 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1661164306.633185,VS0,VE362
accept-ranges: bytes
x-served-by: cache-lga21925-LGA, cache-fra19141-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 9e9e7808306b37d8f024b2e73fa0a7f0
content-encoding: gzip
content-length: 7092
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 eyJpdSI6IjAxY2RhM2U5OTdhZjQ0MTE4NTE3YmFlYzJmZDFlNTNjODJhMDBkYmY5NzAzZGM2Y2I3ZjQ4NmFlZDFlNTU0NDYiLCJ3Ijo1MDAsImgiOjI4MiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 31 KB
32 KB 35ms
34ms Image
image/webp 2.21.185.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjAxY2RhM2U5OTdhZjQ0MTE4NTE3YmFlYzJmZDFlNTNjODJhMDBkYmY5NzAzZGM2Y2I3ZjQ4NmFlZDFlNTU0NDYiLCJ3Ijo1MDAsImgiOjI4MiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.185.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-176.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a2ec463ad73fd43c951da969dd98765c007b2b45b32574e88b14e99c65bdcdd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:45 GMT
last-modified: Thu, 18 Aug 2022 10:08:35 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2285270
access-control-allow-credentials: false
x-traceid: 0893535665425779dfb86c31ba2027cb
timing-allow-origin: *, *
content-length: 31954

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame B7E0 36 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 05:27:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 20 Aug 2023 05:27:47 GMT

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 6BD2 36 KB
14 KB 37ms
33ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 05:27:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 20 Aug 2023 05:27:47 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/17919134457033663198/ Frame 2493 12 KB
12 KB 28ms
27ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17919134457033663198/logo.png

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35f9862b08a4eef3c87c329f0e3daa041afe3021ade70e9c2fe353eba0983a6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17919134457033663198/index.html?e=69&leftOffset=0&topOffset=0&c=ldNtDUFJSp&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 12:21:53 GMT
x-content-type-options: nosniff
age: 598192
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12157
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 11:22:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 12:21:53 GMT

GET
H3 200 60028053_20220623010457024_202206_es_hunger_bg1_300x600.jpg
s0.2mdn.net/ads/richmedia/studio/60028053/ Frame 2493 74 KB
74 KB 30ms
29ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60028053/60028053_20220623010457024_202206_es_hunger_bg1_300x600.jpg

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a46da4a0369b5d4eb95d48bbdc3b811140f3576bcb865e35d5a6764a20fd6d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17919134457033663198/index.html?e=69&leftOffset=0&topOffset=0&c=ldNtDUFJSp&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 23:27:18 GMT
x-content-type-options: nosniff
age: 39867
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75838
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 08:04:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Aug 2022 23:27:18 GMT

GET
DATA 200
OK truncated
/ Frame 2493 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B4F 0
20 B 49ms
49ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B543uEFsDY8KvMNTl7_UPhtGnqAYAAAAAOAHgBAI&bg=!y8ilyIzNAAYUOm8VNDo7ACkAdvg8WsW1lnUZSELdvIwIMouYUZhtpt3hn30a_yZWhVtJMlLvYpk9sAIAAAEQUgAAAANoAQcKAHYjuGc-sMCZI8kgB7PU0qoByoZhEuFae2GVMd6aVAomrSwQjdAsLFY8yEtd5FnBJQMh2aQ5HyqXU5afgtSoY68LurXoL4LDg8J69jDXja1IOklOe9bGPbP5Yzw5pDn2fkg_vyHzkjR144yV6hZXLZE-vxsZBW8KmQMWHenIZi0zYGmH9ldBaLxCOmVUmf__2gc7Pbg2wI_tit8zkxuKrugr0iAvCA6Jc08FSy_kzewdoM3H1ZoCbeIewGFblbbLK1CvaSW3Nnw3W6US3DiufAgudST8QqgW-UizXTk0O3UNgn_BLXGS-2tAX42XePGEaU-9sZ3by4aCuCOkt3-knz6gQKQlBXGNJgGRfxSG2VbiGFadXPQQ9XItfuX-Pl1b32JfOhC5P9-7PLZEBV_RPNyxp3D4awOPFLuSusVVyFJvfOjj7Mbi3VYVa5qmLLC8CfAYY5_b4XlVIe3fHdPZXPvLUB5iomQqoCqAxG7eQ969wzJ5wlCn2vh5mtNGCkiy5kOOjBUrRNd40Xhs6A5fgzzV8saWgVpEijfWYc0D9zBb6djtA2l0TPDGqSzGNu6Lhcd7WqiH9XrZWQB3mkzc1YiIMmxBzGhJfDYO6fjCuE4YhXoFp04cmdNVDcOJonw65ORXgzEPpRGZe-PhcO_nJgnj-6q8SfFOYj-lO-9FfhBLYV7tRnj4rT88Kc4GsjyFdUhM801M2M9QCmHHLYULrUlBjZusJfA9awt5zFL4AR6nlyKjxHmQwvSOwD7gXK6_WKW0mGrVzM3hl6Wu0r3svTe_LDr51grxy-0y3k0Ov8iwLvr8Y0tszHLG1Bv4smo6eOO8k-qKp6n9xMEbTmwdsPGnIXWQjfmywNWEdcCzmjkM4nGMskAkWjot5Uv01Tj2stxU9XoiuP8YLSyuuBkKyDRDYJCg5aH60tdIR48nnKBe4fW15Y8UQQ1s9mCE8UhBh-_xWRxwqVmsTXJab9LwRlm7HOX9FeLWh2SaJA4LWBRbE34hgoZ49SX1vRONGDSCeewMyN7glcdiQBn_vQ1w-jW3F7RWEkvx_vdg3028y-IT7UUWSomMLA5CLLNCMQeRrcDFvd2IOR38BvP1h4Vx0vL6_J8CJWw0YIwXIhuIrkRy-8O0cxTNnvlqxTXvWxFTCWR1LvX_2NATDOwoD80VEx5BUgzqibJUADcpnsnhRO16v9PEWdIjQIPr4DfYd6BTGA

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/13151972954896785613/ Frame 508D 7 KB
7 KB 14ms
14ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13151972954896785613/logo.png

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c6573c2cf885d137cce0a8373a7a6e292972b597b9b08ae74ba0f1382cbd59c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13151972954896785613/index.html?e=69&leftOffset=0&topOffset=0&c=9dsbTFx3To&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 12:21:31 GMT
x-content-type-options: nosniff
age: 598214
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7642
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 11:30:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Aug 2023 12:21:31 GMT

GET
H3 200 60028053_20220621063837806_202206_es_hunger_bg1_728x90.jpg
s0.2mdn.net/ads/richmedia/studio/60028053/ Frame 508D 24 KB
24 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60028053/60028053_20220621063837806_202206_es_hunger_bg1_728x90.jpg

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

900edc57a4c7b8137533d5289918da533c38767b720b65622b0935781cf8f73b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13151972954896785613/index.html?e=69&leftOffset=0&topOffset=0&c=9dsbTFx3To&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 14:57:14 GMT
x-content-type-options: nosniff
age: 70471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24287
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 13:38:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Aug 2022 14:57:14 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8207 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiXB0EFsDY8ivMI2R9u8PpY292AcAAAAAOAHgBAI&bg=!fH-lfzvNAAYUOm8VNDo7ACkAdvg8WhSG6rvPnmL3eGdwQdG8UjGKZSevO-8FZ0N0WLe1KnhqtexDeQIAAAEzUgAAAANoAQeZAyD9LM5KK24YoYM1kSXKQFkmYyoKIWTjBm6Qc6KO3KHNqE5AqDQzV4aWpR2NFUx1KCim7OYClLX3Lm_y3-aGLUOyWCEDxLUOPifTjIy7JFsZRKAfKiLW1fAl_R-hGniPBgjZS68bkfQ3uXGjYjuk4-EBTGZCbYy7gTuINZ7reakFYnXa__BnlupC0NdtmS6p2hLr8hc8_mdJDIpOMUCLx5JB9sMBKvU5sdHYZL2xJ_RRIXpwHXFKt4JqjI8_yO2yaHRgs_1U-ewpdKwDCR0m-mXc7NxvTM612wDeorqVvpgxtzt8DbBm6ht7PfiXEPPSDTaz4jylNzp5cvrGhy7Q0e5FK5GwAT6YEfGEO9ZjvWAZ3263akWTU4Dd8esO8u3XqHAHXy9c1VHytm5ZPYF290V47xxtEATL2CD5AQ8dCKwdjaBs-s6OufhBgn4QKfeKrEAV7DqY__d-_zVPaEVtffQzyF_CItz3e8wHuan89eHWIUGucewv4q6yt7CthIz06asi3l59LfstvzgrVByoSQnlKb43nPG5e2NemOUtqZbNcOMFiuTTGLZrT75J9klSZuCuGJ4VBRy5pswP34Kph_DCMNZcWJMVbC9WlOGiuzzWyMc8TTFYQGZ14kl5WdmpSRMivMSLapC739YgzHw1B60XdJYfXp6wv8PN6DuJHeK00naIGVE8p_OMEl2_WRhIF3bBe1b6yaUfCTTXvwutYkN0uz_ZSE_2vjKI9tx3A62ERu-2FZhJOPbOm-U4ZLeG6O7LulQ8ALZ70rsXsXtiMts_5t5n_3VKKktz175-49AeYqmAGhKZeQi2y2gwcvgLl2LDDY2_cEqfsQPnfQFhP8ifQddqlb8Xeo7uOtlbxlNXn3HTdjl6iQbg33u09Y-2jZaD1Z9KN24Pmkug-5uCLAdnXH2CjaLh936evREZMEkc0CVtt6AsgJEjE8uBv_qdWuSLTjUilCRuwz_VuB-AbBbYZi5iCjcGHaPJKVSFIg8tE4TNRlT4Sy0RoJ-JBDjwisEenr-6OCKsol3bhZ-RBrHXzhCPvq0iMnSieGq_04kJzw

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 90ms
90ms Fetch
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=9ab55c9701433734d9a8b3619ab9ce0e_1769_1661164305915&tm=3297&eT=0&widgetWidth=635&widgetHeight=135&widgetX=650&widgetY=4148&wRV=2000869&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=380&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 22 Aug 2022 10:31:46 GMT
content-encoding: gzip
X-TraceId: 6baf96f33cebc0675b99a99e7b38beda
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 get Show response
odb.outbrain.com/utils/ 22 KB
7 KB 272ms
272ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&idx=6&rand=42644&key=NANOWDGT01&widgetJSId=SF_6&va=true&et=true&format=html&t=NjI4ODExOWE1YzI1NWJiZTk3NzY0NDcyNjliYTM5MTM=&adblck=false&abwl=false&px=650&py=4882&vpd=3682&cw=635&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000869&sig=rJJUW95x&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 53c13b721d5ce9b9620cfd42f7d6b144c2202ffddd79aab6bb027543d8803d0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:46 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1661164306.018800,VS0,VE266
accept-ranges: bytes
x-served-by: cache-lga21928-LGA, cache-fra19141-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: c467b58a00056c33c1a1363ccf5d378b
content-encoding: gzip
content-length: 6964
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 eyJpdSI6IjkyOTRhZjcwN2Y0MWMwZGVjZmE2ZDNiY2MwN2Y3OTUwZTJiNzFlNjc2OTM4NDc4NTdiNDcwNjllOTRlODkxZWQiLCJ3Ijo1MDAsImgiOjI4MiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 104 KB
105 KB 38ms
36ms Image
image/webp 2.21.185.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjkyOTRhZjcwN2Y0MWMwZGVjZmE2ZDNiY2MwN2Y3OTUwZTJiNzFlNjc2OTM4NDc4NTdiNDcwNjllOTRlODkxZWQiLCJ3Ijo1MDAsImgiOjI4MiwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.185.176 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-176.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1f1f470fa8b916a00dedfe3653bd6eb0c116a14289ce22bace6a5c8d0ff6d7a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:46 GMT
last-modified: Fri, 24 Dec 2021 05:47:18 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2412052
access-control-allow-credentials: false
x-traceid: d850aaa8021618b4558a210770aa5f36
timing-allow-origin: *, *
content-length: 106662

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 806D 42 B
64 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvs-HGDl69XwEDC6pCRituRUapv9DUT3yQCQjjaRJ1C04PgM9qXD7ZQ-zW7-MZmQnLyw8Dj5HK_ZWisLw3yPFkIrmgmJr3iFI_mjngHcQ6_f36-AWzo&sig=Cg0ArKJSzLAQ0qmZULKpEAE&id=lidar2&mcvt=1008&p=425,314,1029,614&mtos=0,1008,1008,1008,1008&tos=0,1008,0,0,0&v=20220817&bin=7&avms=nio&bs=1600,1200&mc=0.99&vu=1&app=0&itpl=19&adk=2040804355&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661164304635&rpt=311&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 13FE 42 B
64 B 62ms
61ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstE5uqdCjA4PqNjI9oDUo-wt4JNINRXQcxZObtT2vuDPfztmJ7JtvxWAxTo6LT1M0lIQG8peK2nidUycjX1d9rMDPHdRexfxrqhC1ZH0xZYD-jgss-DYV6G3h6CURNhjfXz41pdio-5JZsp&sai=AMfl-YTeov9MrJyBPvjNRRK2nsA3hsJg102nJrKhBHP6hQh1lkoew2DcKnzhQuNv5w6Lctri8xoQdAHxyep0EbblhRWRuvZklh6-XJk9iqL-99r7SqFKOCN5K1XoEpY&sig=Cg0ArKJSzMDTrlOB1SwqEAE&cid=CAASF-Roe1uqbTCNan3RN7-t2V3UbfsBZ4E3&id=ampim&o=1439,186&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1009&mtos=0,0,1009,1009,1009&tos=0,0,1009,0,0&tfs=398&tls=1407&g=100&h=100&tt=1408&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=2790448677

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 806D 0
844 B 16ms
15ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&e=wqT_3QLNCvD9TQUAAAMA1gAFAQiPto2YBhDZnJrE69vL3BMYr_r3zuOe9PpbKjYJUDb-j7CVkz8RI9pRprMthz8ZAAAAgD0K5z8hxICZrcRViD8p5Pc2_dmPlD8xAAAAQOF6lD8w0u_SCDj_V0DKTkgCUKD8-WZY-cl-YABokKOyAXjQ9QWAAQGKAQNVU0SSAQNVU0SYAawCoAHYBKgBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNDUyNTM2MiwgMTY2MTE2NDMwMyk7dWYoJ2knLCA0MTI2MTY5LCAxNjYxMTY0MzAzKTt1ZignZycsIDExNDkzODg3LCA-OwA0cicsIDIxNTkwNzg3MiwyPQD0DgGSAv0DIVdtUUlYQWpGaUkwVEVLRDgtV1lZQUNENXlYNHdBRGdBUUFCSXlrNVEwdV9TQ0ZnQVlMOEZhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVCcUFFQnNBRUF1UUdSN3dydzRYcVVQOEVCZEp0ZV9XbVFsRF9KQVFBQUFBQUFBUEFfMlFHdFRQaWxmdDd2UC1BQjJldjdBZlVCQ3RlalBKZ0NBS0FDQWJVQ0FBQUFBTDBDQUFBQUFNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBWUFEQVpnREFib0RDVUZOVXpNNk5qRXhOdUFEakMtQUJKdTkyUU9JQkp5OTJRT1FCQUNZQkFIQkJBAZEJAQR5URGhJEFBQU5nRUFQRUUBCwkBIENJQmVRdnFRVQkPGEFEd1A3RUYNDURBQUFEQkJYc1Vya2ZoZXBRX3kuKAAAOTIoAARaQhFn8ENQQV80QVhZRF9BRl84TzlCZmdGc3BxVUFvSUdBMFZWVW9nR0FKQUdBWmdHQUtFR2V4U3VSLUY2bEQtb0JnU3lCaVFKQQF7CQEAUgkHBQEAWgUGCQEAaAkHAQFAQzRCZ28umgKVASFYUmlMMWc2AQJALWNsLUlBQW9BREY3Rks1SDQhxXx6b0pRVTFUTXpvMk1URTJRSXd2U2ExTS1LVi0zdThfVRHNDEFBQVcdDABZHQwAYR0MAGMdDBBlQUNKQREQ9F4BUEFf2AIA4ALv5lXqAihodHRwczovL2NlbGVicy53YWxsYS5jby5pbC9jYXRlZ29yeS8zNjAygAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDoq9T4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3OC4xNjIuMjA5LjEzM6gEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA8xMDA1OCNBTVMzOjYxMTbaBAIIAeAEAfAEoPz5ZogFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbCiAvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Aa7M9oGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgAEAAYACAAMAA4ugZAAMgH0PUF0gcNCQAACT4cEAAYANoHBggFCWjgBwDqBwIIAPAHwvwDiggCEACVCAAAgD-YCAE.&s=154ecaad845cfe0fd971b1b74f76a1c2efa0e976&type=pv&jm=1003|1150&px=314&py=425&bw=300&bh=600&sf=1&sid=2061415751671434897&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=18134994&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:46 GMT
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 544891b7-fcd8-405a-87bd-60ba2def6e21
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://celebs.walla.co.il
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D128 0
747 B 14ms
13ms Script
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11263&pub_id=1642880&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11263&pub_id=1642880

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:46 GMT
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 09c8acad-8a06-4e2e-b7cb-7eb45cf25218
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DABF 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqGECihPpOHcV9r6N86g0Y_snzspOCdNY1wLsAAallUosnleIc9sM-sa9C7Hs65RvS2LQOED_VVOAwFOAs_EOEUm57Yw6GADrdWrRVkaSF2v56MoSsOM87GdKjEbpqo9_k_W2ZkdM3JJ8a&sai=AMfl-YRKYaE6lWP-ZEgLZgFObsG5DNx_W6Mt3JfmEBchef-vKgt5Yxd-kV0q2To8zwB_HHBUNm6dbUwhifw6d-B5xsM-89pMYlSDpq_BaunZhWHAo32B0LTbykUp7RA&sig=Cg0ArKJSzIgwire3eAtTEAE&cid=CAASJORohNZV6CTyG8ZsTWPiqb1KN2ftxdAfnmeFewyIRZLqpBxxDQ&id=lidar2&mcvt=1000&p=100,436,190,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2574293897&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661164304607&rpt=587&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cc2ac29cff37f70a73d67bca1ebeb7e0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 89ms
89ms Fetch
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=94f8b1488a0c1d900f87241076c29ce7_1769_1661164306233&tm=3576&eT=0&widgetWidth=635&widgetHeight=135&widgetX=650&widgetY=4844&wRV=2000869&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=274&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 22 Aug 2022 10:31:46 GMT
content-encoding: gzip
X-TraceId: a249501f7a9cc4d0a37b35ffe62c69d3
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 get Show response
odb.outbrain.com/utils/ 22 KB
7 KB 372ms
371ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&idx=7&rand=91696&key=NANOWDGT01&widgetJSId=SF_6&va=true&et=true&format=html&t=NjI4ODExOWE1YzI1NWJiZTk3NzY0NDcyNjliYTM5MTM=&adblck=false&abwl=false&px=650&py=5578&vpd=4378&cw=635&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000869&sig=rJJUW95x&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d207cfebd396898af8de2ec7f35e54ad9d0a35ef28d0ce93644042b2c141aa52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:46 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1661164306.296704,VS0,VE364
accept-ranges: bytes
x-served-by: cache-lga21922-LGA, cache-fra19141-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: f3091e3c87c32b466457769c15c2cbcb
content-encoding: gzip
content-length: 7070
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
ad27.ad-srv.net/ Frame A060 0
150 B 39ms
12ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad27.ad-srv.net/viewability?s=30056900051683901467949012059027&a=edd9bd21&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=ekhj812lu0jl&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&documentReferer=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&ancestorOrigins=https%3A%2F%2Fcelebs.walla.co.il&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:11263&extVar[]=XR_DOM_RTB:celebs.walla.co.il&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FUDb-j7CVkz8j2lGmsy2HPwAAAIA9Cuc_xICZrcRViD_k9zb92Y-UP1mOhrjeLrkTL_3dOfbQ9VsPWwNjAAAAANK3FAH_KwAASicAAAIAAAAgft4M-aQfAAAAAABVU0QAVVNEACwBWAKQkQAAAAABAQUCAAAAANgAaihVDAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521XRiL1gjFiI0TEKD8-WYY-cl-IAAoADF7FK5H4XqUPzoJQU1TMzo2MTE2QIwvSa1M-KV-3u8_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMzo2MTE2%2Fbn%3D96976%2Fclickenc%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 22 Aug 2022 10:31:46 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
ad27.ad-srv.net/ Frame 0A99 0
150 B 37ms
12ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad27.ad-srv.net/viewability?s=73733200051684201649443012059027&a=29f2dfb0&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=is3zmzpwh1j5&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=673a1697e3100LADCSNnI6VQZmL9uulvlC9HYWkxmikufFmA1fYCyZFdSNnWb48mZgZYl_vli0vGW58FDWqIFiLmWG9mYM9FV3pGbp9XBcHmA1x0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=30056900051683901467949012059027&redirectClick=https%3A%2F%2Fad27.ad-srv.net%2Fc%2Fp233q5xpgofs5rk%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 22 Aug 2022 10:31:46 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK log-viewability
log.outbrainimg.com/api/loggerBatch/ 4 B
325 B 661ms
396ms Ping
application/json 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/api/loggerBatch/log-viewability
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://celebs.walla.co.il/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:47 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: a1d29964f6c4602fdd52147052a2ff96
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 90ms
89ms Fetch
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=37099891c1074a200b87b14d1cc2b42f_1769_1661164306608&tm=3954&eT=0&widgetWidth=635&widgetHeight=135&widgetX=650&widgetY=5541&wRV=2000869&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=373&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 22 Aug 2022 10:31:46 GMT
content-encoding: gzip
X-TraceId: 0a39c8a750c6f72e93a9384f88b0709e
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 get Show response
odb.outbrain.com/utils/ 22 KB
7 KB 282ms
282ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&idx=8&rand=70689&key=NANOWDGT01&widgetJSId=SF_6&va=true&et=true&format=html&t=NjI4ODExOWE1YzI1NWJiZTk3NzY0NDcyNjliYTM5MTM=&adblck=false&abwl=false&px=650&py=6318&vpd=5118&cw=635&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000869&sig=rJJUW95x&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b8d366d27b776c4bdfc6650f131007f3cafe45033cb49ff7f6c0f9dfd71ce167

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:46 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1661164307.684297,VS0,VE266
accept-ranges: bytes
x-served-by: cache-lga13621-LGA, cache-fra19141-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 69c41e8323aad39936d6271cdbc4b4fb
content-encoding: gzip
content-length: 6974
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 64ms
19ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:46 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 23 Aug 2022 10:31:46 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
29 KB 44ms
16ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:46 GMT
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 07:20:45 GMT
server: nginx
etag: W/"62fb454d-15cfe"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 23 Aug 2022 10:31:46 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 90ms
90ms Fetch
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=450c2f2e609e672c5cbf0b1424783ce7_1769_1661164306899&tm=4253&eT=0&widgetWidth=635&widgetHeight=135&widgetX=650&widgetY=6281&wRV=2000869&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=293&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 22 Aug 2022 10:31:47 GMT
content-encoding: gzip
X-TraceId: 3b771972eb75420263e2cf754c37bc21
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 get Show response
odb.outbrain.com/utils/ 22 KB
7 KB 250ms
250ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&idx=9&rand=86878&key=NANOWDGT01&widgetJSId=SF_6&va=true&et=true&format=html&t=NjI4ODExOWE1YzI1NWJiZTk3NzY0NDcyNjliYTM5MTM=&adblck=false&abwl=false&px=650&py=7030&vpd=5830&cw=635&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000869&sig=rJJUW95x&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1dab5a9de1e3b188c18e6a7753d5def3b41f99ebffc8162bebe529d9137d933f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:47 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1661164307.979880,VS0,VE242
accept-ranges: bytes
x-served-by: cache-lga21936-LGA, cache-fra19141-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 18596a5e85e03f0972f674b92b537384
content-encoding: gzip
content-length: 7070
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcelebs.walla.co.il%2F&domain=celebs.walla.co.il&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=BASC8Hx3YjhxVE1JQnNDNWd6ZGhic2FweWdhWXN0Qm1Rc1J1cXIzcHY4Rk5XeDBhVmplUlRpb1lNem55OU5sTHdhKzNqVkdoUEhtcnUybkY0TE9Na002THN0VlhrbGc0SHFVZ0w5TWZQQWY2d0hPUXFvanJUS3I5TFpibW...

363 B
625 B

44ms
15ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=BASC8Hx3YjhxVE1JQnNDNWd6ZGhic2FweWdhWXN0Qm1Rc1J1cXIzcHY4Rk5XeDBhVmplUlRpb1lNem55OU5sTHdhKzNqVkdoUEhtcnUybkY0TE9Na002THN0VlhrbGc0SHFVZ0w5TWZQQWY2d0hPUXFvanJUS3I5TFpibWk1dXQ0cDROTFZTK0JtbTMwTitIcGxmZTJQdmdJT3NFY2syblVWMUk4UlpGSndEamcyRnZkYzNZb2Zod0IwcEw3d2U1U3pEZHpzWWkxRVBhZXAyOUFlUmR1N2FTS1ZXYjFjaFMwYmg5SllJTUgvTS82ajBId2ZJbDNxdk56MVhmcnlQTXBRS0VofA&cppv=2

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

cbb0b49e979b95c52e546159fd09cb280f764e7321e41726b6bd139f18ce99bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:46 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2989
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:46 GMT
location: https://mug.criteo.com/sid?cpp=BASC8Hx3YjhxVE1JQnNDNWd6ZGhic2FweWdhWXN0Qm1Rc1J1cXIzcHY4Rk5XeDBhVmplUlRpb1lNem55OU5sTHdhKzNqVkdoUEhtcnUybkY0TE9Na002THN0VlhrbGc0SHFVZ0w5TWZQQWY2d0hPUXFvanJUS3I5TFpibWk1dXQ0cDROTFZTK0JtbTMwTitIcGxmZTJQdmdJT3NFY2syblVWMUk4UlpGSndEamcyRnZkYzNZb2Zod0IwcEw3d2U1U3pEZHpzWWkxRVBhZXAyOUFlUmR1N2FTS1ZXYjFjaFMwYmg5SllJTUgvTS82ajBId2ZJbDNxdk56MVhmcnlQTXBRS0VofA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://celebs.walla.co.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1427
content-length: 509
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 43ms
15ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcelebs.walla.co.il%2F&domain=celebs.walla.co.il&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://celebs.walla.co.il
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://celebs.walla.co.il
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 22 Aug 2022 10:31:46 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1332
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9787 52 KB
17 KB 7ms
7ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 20615
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 22 Aug 2022 10:31:47 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 224866
X-Served-By: cache-lga13620-LGA, cache-fra19129-FRA
X-Timer: S1661164307.110890,VS0,VE0

GET
H2 204 /
onetag-sys.com/usync/ Frame ACB4 0
0 16ms
16ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1661164303948

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 2611 37 B
140 B 62ms
9ms Document
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Mon, 22 Aug 2022 10:31:47 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 8ECB 15 KB
6 KB 18ms
18ms Document
text/html 2.21.184.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160447
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-184-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=141124
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 10:31:47 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Wed, 24 Aug 2022 01:43:51 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 110C 0
0 15ms
15ms Document
text/plain 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13421168
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
date: Mon, 22 Aug 2022 10:31:47 GMT
expires: Fri, 20 Mar 2009 00:00:00 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
x-sovrn-pod: ad_ap5ams1

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 2921 3 KB
2 KB 102ms
19ms Document
text/html 2.21.184.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.184.247 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-184-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Mon, 22 Aug 2022 10:31:47 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 / Show response
csync.smilewanted.com/ Frame 69C6 6 KB
2 KB 29ms
28ms Document
text/html 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ba3f109a2baa632135a4a6fbf0ec73771a090ff0e1c18be9fcfdfffcd6810a1

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 73eaf0d77a516934-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 10:31:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1155 281 B
554 B 88ms
31ms Document
text/html 92.123.9.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-9-160.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 22 Aug 2022 10:31:47 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 9426 0
35 B 37ms
20ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Mon, 22 Aug 2022 10:31:47 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame CD63 52 KB
17 KB 8ms
7ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/walla-v2-prod.js?timestamp=1661126400000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://celebs.walla.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 20615
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 22 Aug 2022 10:31:47 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 224868
X-Served-By: cache-lga13620-LGA, cache-fra19129-FRA
X-Timer: S1661164307.121615,VS0,VE0

GET
H/1.1 200
OK prebid
b1h-euc1.zemanta.com/usersync/ 26 B
151 B 14ms
13ms Image
image/gif 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1h-euc1.zemanta.com/usersync/prebid
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 22 Aug 2022 10:31:47 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9787 0
747 B 15ms
14ms Script
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:47 GMT
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 59d0e778-ea47-41db-a525-74cd72fe42db
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CD63 0
747 B 14ms
14ms Script
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:47 GMT
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 34f4373d-74a2-4c84-bf2e-55f6ca9f144d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 decode_consent.js Show response
static.smilewanted.com/js/decode_consent/ Frame 69C6 48 KB
12 KB 25ms
25ms Script
application/javascript 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.smilewanted.com/js/decode_consent/decode_consent.js

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://csync.smilewanted.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 955833
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"607873db-c1ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 73eaf0d7fb166934-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 215ms
14ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 22 Aug 2022 10:31:47 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 867
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1155 31 KB
10 KB 20ms
20ms Script
text/html 92.123.9.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-9-160.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ebf9218a016a4a06e257c70b58ebef5da0dc3ae22a3e28b9d394e688f54a228a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 22 Aug 2022 10:31:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Aug 2022 13:55:35 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=13147
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9442
Expires: Mon, 22 Aug 2022 14:10:54 GMT

GET
H3 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 22F5 1 KB
2 KB 57ms
57ms Document
text/html 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebs.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3e50e542bab75160059441dd5550372358b38aa3ec1655011df7b2a0a3adcea

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 73eaf0d83d459b45-FRA
content-encoding: br
content-type: text/html
date: Mon, 22 Aug 2022 10:31:47 GMT
dropped-udsids: 241|230|39|73|65|40|130|17
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnNJpnRZiqQT9vaqeiFaCn043Q%2FJByyTeb%2FRcCnD6j7wv4MsEk1jW%2FweLqwJ3fryKriRX0nO4ckUWxWUMX32X8RkNpH9Wk6MkyeIsFYraG4jzt6eWD%2BfXHax98Deg4eCGX9gstnojFXIQA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H2 200 drop_cookie_sw.php Show response
csync.smilewanted.com/ Frame D6F9 0
568 B 42ms
41ms Document
text/html 104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/drop_cookie_sw.php
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 73eaf0d84b9f6934-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 10:31:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

GET
H2

200

owzFE6pO0i0pW5G8B1jp Show response
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 07A2
Redirect Chain

https://creativecdn.com/cm-notify?pi=smilewanted
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/owzFE6pO0i0pW5G8B1jp?pi=smilewanted

0
871 B

29ms
29ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/owzFE6pO0i0pW5G8B1jp?pi=smilewanted
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 73eaf0d85bcd6934-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 10:31:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Mon, 22 Aug 2022 10:31:47 GMT Mon, 22 Aug 2022 10:31:47 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/owzFE6pO0i0pW5G8B1jp?pi=smilewanted
pragma: no-cache

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 95ms
95ms Fetch
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=3ad245f6cde26e7114601f092ca64f9f_1769_1661164307168&tm=4545&eT=0&widgetWidth=635&widgetHeight=135&widgetX=650&widgetY=6992&wRV=2000869&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=282&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 22 Aug 2022 10:31:47 GMT
content-encoding: gzip
X-TraceId: 45d533d955e87e2348f77d7cda238fd7
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 get Show response
odb.outbrain.com/utils/ 13 KB
4 KB 130ms
130ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&idx=10&rand=87537&key=NANOWDGT01&widgetJSId=SF_3&va=true&et=true&format=html&t=NjI4ODExOWE1YzI1NWJiZTk3NzY0NDcyNjliYTM5MTM=&adblck=false&abwl=false&px=650&py=7714&vpd=6514&cw=635&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000869&sig=rJJUW95x&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4427f3f4f4d1803fd54d5754ce9c4518afacb6896cc5b2be089d7a41a2ee7e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:47 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1661164307.266212,VS0,VE123
accept-ranges: bytes
x-served-by: cache-lga21957-LGA, cache-fra19141-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 106aabe511d1ca0cabefb10c733d3073
content-encoding: gzip
content-length: 4098
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

setuid Show response
ib.adnxs.com/prebid/ Frame 6ED7
Redirect Chain

https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=3353d6c1212b798680435778d5550051

43 B
1 KB

14ms
14ms

Document
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=3353d6c1212b798680435778d5550051

Requested by

Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid: 7125e11e-7ccf-4779-9848-421cd7ab45ba
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 22 Aug 2022 10:31:47 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 73eaf0d8ac396934-FRA
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 10:31:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=3353d6c1212b798680435778d5550051
server: cloudflare

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 22F5
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwNbELtI0s1x7uwB15qodAAABLQAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwNbELtI0s1x7uwB15qodAAABLQAAAAB&dcc=t

43 B
645 B

98ms
97ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwNbELtI0s1x7uwB15qodAAABLQAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebs.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: Q11WEGDCM6RPP2A751JC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 9NWTTZH5F9J17K9SS91M
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YwNbELtI0s1x7uwB15qodAAABLQAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 22F5 170 B
188 B 24ms
24ms Image
image/png 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwNbELtI0s1x7uwB15qodAAABLQAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebs.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-52-50-89-178.eu-west-1.compute.amazonaws.com

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 22F5 70 B
264 B 34ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebs.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 YwNbELtI0s1x7uwB15qodAAABLQAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 22F5 43 B
991 B 38ms
36ms Image
image/gif 2a05:d018:d29:3601:de76:c213:1adf:fff5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YwNbELtI0s1x7uwB15qodAAABLQAAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebs.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:de76:c213:1adf:fff5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:47 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

rum
dsum.casalemedia.com/ Frame 22F5
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1661250707&gdpr=1

43 B
939 B

65ms
28ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1661250707&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebs.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73eaf0da583dbbb3-FRA
pragma: no-cache
date: Mon, 22 Aug 2022 10:31:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FuQeELsTZsbeuAbAoM5BKsA7VCizrkxyiDEOJG265aHsNBWyrxSwyS3qPUhnTFPMaji9yoKjGkQ4CZo9VS1eeNgVc1dPVuMkjbngcHnVVgInWa5G8i3Bir4TLHPctEBO78%2FCbl0Z"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1661250707&gdpr=1
pragma: no-cache
date: Mon, 22 Aug 2022 10:31:47 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 22F5 43 B
430 B 143ms
32ms Image
image/gif 52.50.89.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebs.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.89.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:47 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 22F5
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

43 B
911 B

27ms
27ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebs.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73eaf0dc2ae59ba6-FRA
pragma: no-cache
date: Mon, 22 Aug 2022 10:31:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LinFgGhS0OMuZNFFN7hPxa682Uoi9jZz64HEn8ZUXyIa9nJ3m7gJWzVx0x%2BJJ0C1hbpNilQiJN%2Fbi20WfqT4cG%2BfemB%2B8CUQFSYiG7dwF5QZogKMGnmK3sYnbZ6FzLrN9QQgT5TrvN%2Fl6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:47 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 106
Content-Type: text/html; charset=utf-8

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 22F5 43 B
424 B 58ms
14ms Image
image/gif 2606:4700::6812:c4c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?YwNbELtI0s1x7uwB15qodAAA%261204
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebs.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:47 GMT
cf-cache-status: HIT
age: 119
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
content-length: 43
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
etag: "761e21-2b-546dc3a097100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 73eaf0d8fee79a0c-FRA
expires: Mon, 22 Aug 2022 14:31:47 GMT

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame 9415
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

94ms
93ms

Document
text/html

18.233.196.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fcelebs.walla.co.il%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.233.196.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-233-196-70.compute-1.amazonaws.com
Software: /
Resource Hash: 2923a1e0a067cee22076f7403920a7de756ccdfa5deb65f51fa5bd6aaa455e49

Request headers

Referer: https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate
content-length: 186
content-type: text/html; charset=utf-8
date: Mon, 22 Aug 2022 10:31:47 GMT
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Mon, 22 Aug 2022 10:31:47 GMT
pragma: no-cache

Redirect headers

content-length: 41
content-type: text/html; charset=utf-8
date: Mon, 22 Aug 2022 10:31:47 GMT
location: /um/cs&eq_cc=1

GET
H3 200 connectmyusers.php Show response
cdn.connectad.io/ Frame F21D 1 KB
900 B 35ms
24ms Document
text/html 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73eaf0d8fbce9202-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 10:31:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 1155 70 B
264 B 34ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1155
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc0TUM0NlAtMS1FRUs1

170 B
188 B

25ms
25ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc0TUM0NlAtMS1FRUs1

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc0TUM0NlAtMS1FRUs1
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 1155
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L74MC46P-1-EEK5

0
921 B

256ms
198ms

Image
text/plain

2620:1ec:22::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L74MC46P-1-EEK5
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Server: 2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:47 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 9F5399B1F5A44EAFB31149EFF29F477C Ref B: VIEEDGE2908 Ref C: 2022-08-22T10:31:47Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXm0fR2w0CtayuAusTqXg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L74MC46P-1-EEK5
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 1155
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZXznE-cCT_i4q8qb67_kew&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZXznE-cCT_i4q8qb67_kew

43 B
556 B

36ms
36ms

Image
image/gif

52.95.115.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZXznE-cCT_i4q8qb67_kew

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

HTTP/1.1

Server

52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:47 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: QKX915JJQ42552GJM59H
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZXznE-cCT_i4q8qb67_kew
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1155
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKH3m0q8SmAzvcDxL8Itp1c&google_cver=1

0
239 B

10ms
9ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKH3m0q8SmAzvcDxL8Itp1c&google_cver=1
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKH3m0q8SmAzvcDxL8Itp1c&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1155
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDQ0YWZlODJjMWM2MjQ0ZGFhYjM0YmJmMzMzMTg5NzcxZWEyMmM4MA

170 B
188 B

25ms
24ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDQ0YWZlODJjMWM2MjQ0ZGFhYjM0YmJmMzMzMTg5NzcxZWEyMmM4MA

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 10:31:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDQ0YWZlODJjMWM2MjQ0ZGFhYjM0YmJmMzMzMTg5NzcxZWEyMmM4MA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 1155
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L74MC46P-1-EEK5&sigv=1&esig=2~ab32aae0c1584b46f6be170ac6b1c5d07346fcbb

0
194 B

189ms
19ms

Image
text/plain

2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L74MC46P-1-EEK5&sigv=1&esig=2~ab32aae0c1584b46f6be170ac6b1c5d07346fcbb

Requested by

Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602

Protocol

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:47 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L74MC46P-1-EEK5&sigv=1&esig=2~ab32aae0c1584b46f6be170ac6b1c5d07346fcbb
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

esync
token.rubiconproject.com/ Frame 1155
Redirect Chain

https://id.rlcdn.com/709414.gif
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e

0
214 B

10ms
10ms

Image
text/plain

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Mon, 22 Aug 2022 10:31:47 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 1
sync-eu.connectad.io/syncer/ Frame 83D7 0
0 24ms
23ms Document
text/plain 2606:4700:10::6816:37ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://cdn.connectad.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 73eaf0d92c0b9202-FRA
date: Mon, 22 Aug 2022 10:31:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
via: 1.1 google

GET
H/1.1

200
OK

getuid Show response
sync.smartadserver.com/ Frame ACE6
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1

0
75 B

27ms
27ms

Document
text/plain

185.86.139.106
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Mon, 22 Aug 2022 10:31:46 GMT

Redirect headers

cache-control: no-cache,no-store
content-length: 0
date: Mon, 22 Aug 2022 10:31:47 GMT
location: https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma: no-cache

GET
H2 200 ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
7 KB 18ms
18ms Image
image/svg+xml 2.21.185.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by: Host: celebs.walla.co.il
URL: https://celebs.walla.co.il/category/3602
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.185.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:47 GMT
last-modified: Sun, 03 Jul 2022 06:49:40 GMT
server: AkamaiNetStorage
etag: "f370d19306add072a726e7f4ade8dc57:1656855979.262924"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7090
expires: Wed, 21 Sep 2022 10:31:47 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 89ms
89ms Fetch
text/plain 70.42.32.191
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=76380724928a926c60195b144b305858_1769_1661164307339&tm=4683&eT=0&widgetWidth=635&widgetHeight=39&widgetX=650&widgetY=7735&wRV=2000869&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=133&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 22 Aug 2022 10:31:47 GMT
content-encoding: gzip
X-TraceId: a723667e90651c63a9c27a7ebef57d9b
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000869/module/ 38 KB
14 KB 20ms
20ms Script
application/x-javascript 2.21.185.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000869/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.185.80 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-185-80.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bd5647a22f043ddb6a99471caee4c85ebc461382dccb8e7db60b2961905ac95f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:47 GMT
content-encoding: gzip
last-modified: Mon, 22 Aug 2022 08:01:43 GMT
server: AkamaiNetStorage
etag: "5415d998c2fb3066ef06ffdadaef8673:1661157571.298555"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 14111
expires: Mon, 22 Aug 2022 14:31:47 GMT

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 104 KB
22 KB 1178ms
1088ms Script
text/javascript 199.232.18.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602&settings=true&recs=true&widgetJSId=SF_3&key=NANOWDGT01&version=2000869&apv=true&sig=rJJUW95x&format=html&rand=7157&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=NjI4ODExOWE1YzI1NWJiZTk3NzY0NDcyNjliYTM5MTM=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=10&lastIdx=10&lastCardIdx=0&fAB=11741-82187&layeredTestInfo=11741-82187-&dpr=1&cw=635&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fcelebs.walla.co.il%2Fcategory%2F3602
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000869/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 24c7c0a4d8528fb6156c7f1bb185bb0b2ce1253350e026c6b407a60355b36804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://celebs.walla.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 10:31:48 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, VIE, Europe1
x-timer: S1661164308.526946,VS0,VE1070
accept-ranges: bytes
x-served-by: cache-lga21920-LGA, cache-vie6373-VIE
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: a3f68d3149f5c4e5e58f5159eb05ef1b
content-encoding: gzip
content-length: 22234
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 520C 0
0 10ms
9ms Document
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
Expires: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D038 15 KB
6 KB 19ms
19ms Document
text/html 2.21.184.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.184.200 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-184-200.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=141124
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 10:31:47 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Wed, 24 Aug 2022 01:43:51 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

/ Show response
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame C159
Redirect Chain

https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0

0
90 B

28ms
27ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 73eaf0db789b6934-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 10:31:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 92
Content-Type: text/html; charset=utf-8
Date: Mon, 22 Aug 2022 10:31:47 GMT
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma: no-cache

GET
H2

200

45d14802-494b-438b-b0ba-bd52de7d03c5 Show response
csync.smilewanted.com/set_partner_userid_get/loopme/ Frame 7B8F
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Floopme%2F%7Bdevice_id%7D&gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/loopme/45d14802-494b-438b-b0ba-bd52de7d03c5?gdpr_consent=null&gdpr=0

0
629 B

36ms
35ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/loopme/45d14802-494b-438b-b0ba-bd52de7d03c5?gdpr_consent=null&gdpr=0
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 73eaf0daaf786934-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 10:31:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73eaf0da89079188-FRA
content-length: 0
date: Mon, 22 Aug 2022 10:31:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://csync.smilewanted.com/set_partner_userid_get/loopme/45d14802-494b-438b-b0ba-bd52de7d03c5?gdpr_consent=null&gdpr=0
server: cloudflare

GET
H2

200

y-k.pJ_BNE2uHxREBnHRQ8DY0KcFZ1grjYKdWTn9c-~A&gdpr=0&gdpr_consent= Show response
csync.smilewanted.com/set_partner_userid_get/yahoo/ Frame 00A6
Redirect Chain

https://ups.analytics.yahoo.com/ups/58618/occ?gdpr=0&gdpr_consent=
https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-k.pJ_BNE2uHxREBnHRQ8DY0KcFZ1grjYKdWTn9c-~A&gdpr=0&gdpr_consent=

0
725 B

27ms
27ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-k.pJ_BNE2uHxREBnHRQ8DY0KcFZ1grjYKdWTn9c-~A&gdpr=0&gdpr_consent=
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 73eaf0db68866934-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 10:31:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

age: 0
content-length: 0
date: Mon, 22 Aug 2022 10:31:47 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/yahoo/y-k.pJ_BNE2uHxREBnHRQ8DY0KcFZ1grjYKdWTn9c-~A&gdpr=0&gdpr_consent=
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.25
strict-transport-security: max-age=31536000

GET
H2

200

56fa1a4b-12dc-44b8-92c9-94cc180921a8 Show response
csync.smilewanted.com/set_partner_userid_get/openx/ Frame 9688
Redirect Chain

https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
https://u.openx.net/w/1.0/cm?cc=1&id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
https://csync.smilewanted.com/set_partner_userid_get/openx/56fa1a4b-12dc-44b8-92c9-94cc180921a8

0
733 B

24ms
24ms

Document
text/html

104.22.69.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/set_partner_userid_get/openx/56fa1a4b-12dc-44b8-92c9-94cc180921a8
Requested by: Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 73eaf0db58696934-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 22 Aug 2022 10:31:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 0
content-type: text/html
date: Mon, 22 Aug 2022 10:31:47 GMT
location: https://csync.smilewanted.com/set_partner_userid_get/openx/56fa1a4b-12dc-44b8-92c9-94cc180921a8
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 crum
dsum-sec.casalemedia.com/ Frame 9415 43 B
909 B 22ms
22ms Image
image/gif 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=d7129f22-a3ee-4924-8ac3-21b1b7472151&expiration=1669113107
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73eaf0db49829ba6-FRA
pragma: no-cache
date: Mon, 22 Aug 2022 10:31:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8VWMGMXT3EoNA343Eiz1ymfsSrahkvapeBrjyIulxYew0L9AfyRpOkncAF6hxIyM7OhclEKW6GoEcqTSaCHUmfy66sJ%2Fl%2FWIEizJWt28LVKQdSI6DAH5fpUDDWSMXBZXKxagMVkfyUgLw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9787 0
747 B 17ms
16ms Script
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Aug 2022 10:31:48 GMT
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 61335a8d-5390-4b9d-97f8-c1ed43277901
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CD63 0
747 B 16ms
15ms Script
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS