stad.yalla-shoot.io Open in urlscan Pro
2606:4700:20::681a:b15 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Submission: On June 24 via api (June 24th 2023, 9:42:22 pm UTC) from CZ — Scanned from DE

Summary HTTP 305 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 75 IPs in 10 countries across 52 domains to perform 305 HTTP transactions. The main IP is 2606:4700:20::681a:b15, located in United States and belongs to CLOUDFLARENET, US. The main domain is stad.yalla-shoot.io. The Cisco Umbrella rank of the primary domain is 582556.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 29th 2023. Valid for: a year.

This is the only time stad.yalla-shoot.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:20:... 2606:4700:20::681a:b15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
13	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:310... 2a02:26f0:3100::1735:2b93	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
2	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	3.214.255.62 3.214.255.62	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.156.2.55 108.156.2.55	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:225b:c800:a:e047:753:be1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:7b5::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1	54.220.16.63 54.220.16.63	16509 (AMAZON-02) (AMAZON-02)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.200.86.209 34.200.86.209	14618 (AMAZON-AES) (AMAZON-AES)
14	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
52	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 2	54.246.204.72 54.246.204.72	16509 (AMAZON-02) (AMAZON-02)
1 37	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
8 10	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3 7	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 5	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
2	74.125.71.155 74.125.71.155	15169 (GOOGLE) (GOOGLE)
1	2600:9000:26d... 2600:9000:26da:f400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f13:800... 2600:1f13:800:7781:2c5e:9481:735c:93a8	16509 (AMAZON-02) (AMAZON-02)
7	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
2	23.32.184.192 23.32.184.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	23.2.229.193 23.2.229.193	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.201.255.110 23.201.255.110	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.214.248.82 35.214.248.82	15169 (GOOGLE) (GOOGLE)
5	3.232.175.212 3.232.175.212	14618 (AMAZON-AES) (AMAZON-AES)
1 1	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1 1	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1 2	23.55.161.173 23.55.161.173	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.174.100.165 35.174.100.165	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 ^_^) (CDN77 ^_^)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2 2	54.76.77.34 54.76.77.34	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.30 216.52.2.30	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	147.75.84.158 147.75.84.158	54825 (PACKET) (PACKET)
3	52.57.76.205 52.57.76.205	16509 (AMAZON-02) (AMAZON-02)
23	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	85.14.248.71 85.14.248.71	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 8	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 3	52.95.125.22 52.95.125.22	16509 (AMAZON-02) (AMAZON-02)
2 3	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1 1	34.111.151.213 34.111.151.213	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	172.105.235.90 172.105.235.90	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
11	37.157.6.236 37.157.6.236	198622 (ADFORM) (ADFORM)
1	184.30.20.47 184.30.20.47	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4	216.239.32.3 216.239.32.3	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:62::9	15169 (GOOGLE) (GOOGLE)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	3.91.165.1 3.91.165.1	14618 (AMAZON-AES) (AMAZON-AES)
305	75

6 2606:4700:20::681a:b15 (United States)

ASN13335 (CLOUDFLARENET, US)

stad.yalla-shoot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

jscdn.greeter.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

live.yalla-shoott.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.livehd7xc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100::1735:2b93 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tg1.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

feed.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content1.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.214.255.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-255-62.compute-1.amazonaws.com

servt.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.2.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-2-55.mxp63.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225b:c800:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:7b5::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.220.16.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-16-63.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.200.86.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-86-209.compute-1.amazonaws.com

serv.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

live-v13wgnv6.rmbl.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.246.204.72 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-204-72.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.130 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.122 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.71.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26da:f400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f13:800:7781:2c5e:9481:735c:93a8 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.2.229.193 (Schiphol, Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-2-229-193.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.248.82 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 82.248.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.232.175.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-175-212.compute-1.amazonaws.com

servs.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.93.169.131 (United States) 1 redirects

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.174.117 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.55.161.173 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-161-173.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.174.100.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-100-165.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.77.34 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-77-34.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.76.205 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-76-205.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.71 (Mülheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.173.144.138 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vpaid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.125.22 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.151.131 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.151.213 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

rubicon-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.235.90 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1889-90.members.linode.com

rcp.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-47.deploy.static.akamaitechnologies.com

cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.239.32.3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:62::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5e6nsk.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.91.165.1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-91-165-1.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
97	googlesyndication.com 1 redirects 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	630 KB
39	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 244 bid.g.doubleclick.net — Cisco Umbrella Rank: 807 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 359	472 KB
25	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 338 gcdn.2mdn.net — Cisco Umbrella Rank: 1161 r4---sn-4g5e6nsk.c.2mdn.net — Cisco Umbrella Rank: 703304	3 MB
18	adform.net cm.adform.net — Cisco Umbrella Rank: 1254 track.adform.net — Cisco Umbrella Rank: 3621 s1.adform.net — Cisco Umbrella Rank: 7783	210 KB
17	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	192 KB
14	rmbl.ws live-v13wgnv6.rmbl.ws — Cisco Umbrella Rank: 277030	5 MB
12	rubiconproject.com 4 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1134 eus.rubiconproject.com — Cisco Umbrella Rank: 639 token.rubiconproject.com — Cisco Umbrella Rank: 656 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1178 pixel.rubiconproject.com — Cisco Umbrella Rank: 381	14 KB
9	modoro360.com tg1.modoro360.com — Cisco Umbrella Rank: 86174 servt.modoro360.com — Cisco Umbrella Rank: 96467 serv.modoro360.com — Cisco Umbrella Rank: 112104 servs.modoro360.com — Cisco Umbrella Rank: 190286	14 KB
8	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 957 static.adsafeprotected.com — Cisco Umbrella Rank: 628 dt.adsafeprotected.com — Cisco Umbrella Rank: 557	104 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 621	5 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	362 KB
6	amazon-adsystem.com 4 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1032 s.amazon-adsystem.com — Cisco Umbrella Rank: 337	4 KB
6	yalla-shoot.io stad.yalla-shoot.io — Cisco Umbrella Rank: 582556	109 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 249	5 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	4 KB
4	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 107 www.google.com — Cisco Umbrella Rank: 3	1 KB
3	openx.net rtb.openx.net — Cisco Umbrella Rank: 1042 us-u.openx.net — Cisco Umbrella Rank: 492	663 B
3	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 361	436 B
3	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 547 image6.pubmatic.com — Cisco Umbrella Rank: 822	12 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 407 mug.criteo.com — Cisco Umbrella Rank: 2114	7 KB
3	aniview.com player.aniview.com — Cisco Umbrella Rank: 1827 sync.aniview.com — Cisco Umbrella Rank: 2032 track1.aniview.com — Cisco Umbrella Rank: 1946	126 KB
3	avplayer.com feed.avplayer.com — Cisco Umbrella Rank: 23628 player.avplayer.com — Cisco Umbrella Rank: 15589 content1.avplayer.com — Cisco Umbrella Rank: 26866	78 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60 region1.google-analytics.com — Cisco Umbrella Rank: 1832	21 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1404	326 B
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 662	795 B
2	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 2590 vpaid.vidoomy.com — Cisco Umbrella Rank: 3256	19 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 617	1 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1538	335 B
2	livehd7xc.com m.livehd7xc.com	138 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 839 id5-sync.com — Cisco Umbrella Rank: 434	25 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1019 bcp.crwdcntrl.net — Cisco Umbrella Rank: 952	12 KB
2	adipolo.com player.aplhb.adipolo.com — Cisco Umbrella Rank: 131411	580 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	130 KB
2	greeter.me jscdn.greeter.me — Cisco Umbrella Rank: 120649	9 KB
1	flashtalking.com cdn.flashtalking.com — Cisco Umbrella Rank: 1177	23 KB
1	appier.net 1 redirects rcp.c.appier.net — Cisco Umbrella Rank: 4673	410 B
1	dotomi.com rubicon-match.dotomi.com — Cisco Umbrella Rank: 3854	104 B
1	brand-display.com 1 redirects dmp.brand-display.com — Cisco Umbrella Rank: 1867	350 B
1	bttrack.com bttrack.com — Cisco Umbrella Rank: 963	163 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11611	1 KB
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1026
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 772
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 340
1	1rx.io 1 redirects sync.1rx.io — Cisco Umbrella Rank: 618	276 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 874
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 648	657 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1024	316 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 583	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1509	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1408	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	878 B
1	yalla-shoott.xyz live.yalla-shoott.xyz	11 KB
305	52

	Domain	Requested by
52	pagead2.googlesyndication.com	41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com fw.adsafeprotected.com googleads.g.doubleclick.net s0.2mdn.net stad.yalla-shoot.io www.googletagservices.com www.gstatic.com securepubads.g.doubleclick.net
37	tpc.googlesyndication.com	1 redirects 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com stad.yalla-shoot.io s0.2mdn.net securepubads.g.doubleclick.net
23	s0.2mdn.net	stad.yalla-shoot.io s0.2mdn.net 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
14	live-v13wgnv6.rmbl.ws	m.livehd7xc.com
13	securepubads.g.doubleclick.net	jscdn.greeter.me www.googletagservices.com securepubads.g.doubleclick.net stad.yalla-shoot.io 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
12	www.gstatic.com	stad.yalla-shoot.io 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
11	s1.adform.net	stad.yalla-shoot.io track.adform.net s1.adform.net
10	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
10	googleads.g.doubleclick.net	41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com pagead2.googlesyndication.com stad.yalla-shoot.io
8	41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	www.googletagservices.com	jscdn.greeter.me 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com stad.yalla-shoot.io
6	stad.yalla-shoot.io	stad.yalla-shoot.io
5	track.adform.net	41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com stad.yalla-shoot.io s1.adform.net
5	servs.modoro360.com	player.aniview.com vid.vidoomy.com
5	dt.adsafeprotected.com	41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com stad.yalla-shoot.io
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	csi.gstatic.com	www.gstatic.com
4	fonts.googleapis.com	41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com stad.yalla-shoot.io
4	pixel.rubiconproject.com	2 redirects eus.rubiconproject.com
4	token.rubiconproject.com	1 redirects eus.rubiconproject.com
4	googleads4.g.doubleclick.net	stad.yalla-shoot.io
3	www.google.com	2 redirects tpc.googlesyndication.com
3	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	x.bidswitch.net	stad.yalla-shoot.io
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	ad.360yield.com	2 redirects
2	ads.stickyadstv.com	1 redirects player.aniview.com
2	eus.rubiconproject.com	player.aniview.com eus.rubiconproject.com
2	ads.pubmatic.com	player.aniview.com
2	cm.adform.net	player.aniview.com stad.yalla-shoot.io
2	bid.g.doubleclick.net	41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com www.gstatic.com
2	fw.adsafeprotected.com	1 redirects 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	m.livehd7xc.com	live.yalla-shoott.xyz
2	servt.modoro360.com	stad.yalla-shoot.io
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	player.aplhb.adipolo.com	jscdn.greeter.me
2	www.googletagmanager.com	stad.yalla-shoot.io www.googletagmanager.com
2	jscdn.greeter.me	stad.yalla-shoot.io
1	track1.aniview.com	player.aniview.com
1	fonts.gstatic.com	fonts.googleapis.com
1	r4---sn-4g5e6nsk.c.2mdn.net	stad.yalla-shoot.io
1	gcdn.2mdn.net	1 redirects
1	cdn.flashtalking.com	track.adform.net
1	rcp.c.appier.net	1 redirects
1	rubicon-match.dotomi.com	eus.rubiconproject.com
1	dmp.brand-display.com	1 redirects
1	bttrack.com	eus.rubiconproject.com
1	rtb.openx.net	stad.yalla-shoot.io
1	vpaid.vidoomy.com	vid.vidoomy.com
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	m.exactag.com	41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
1	image6.pubmatic.com	ads.pubmatic.com
1	prebid.a-mo.net	player.aniview.com
1	ap.lijit.com	player.aniview.com
1	ups.analytics.yahoo.com	player.aniview.com
1	vid.vidoomy.com	player.aniview.com
1	sync.aniview.com	player.aniview.com
1	sync.1rx.io	1 redirects
1	onetag-sys.com	player.aniview.com
1	bh.contextweb.com	1 redirects
1	csync.loopme.me	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	static.adsafeprotected.com	41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
1	mug.criteo.com	stad.yalla-shoot.io
1	serv.modoro360.com	player.aniview.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	player.aniview.com	player.avplayer.com
1	content1.avplayer.com	stad.yalla-shoot.io
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	player.avplayer.com	tg1.modoro360.com
1	feed.avplayer.com	tg1.modoro360.com
1	tg1.modoro360.com	jscdn.greeter.me
1	live.yalla-shoott.xyz	stad.yalla-shoot.io
305	86

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
web.whatsapp.com
api.whatsapp.com
t.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-29` - `2024-04-28`	a year	crt.sh
greeter.me E1	`2023-06-14` - `2023-09-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
yalla-shoott.xyz E1	`2023-05-31` - `2023-08-29`	3 months	crt.sh
player.aplhb.adipolo.com R3	`2023-05-20` - `2023-08-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
wl1.aniview.com R3	`2023-06-19` - `2023-09-17`	3 months	crt.sh
*.avplayer.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-08-08` - `2023-09-08`	a year	crt.sh
*.adservrs.com Amazon RSA 2048 M01	`2023-05-26` - `2024-06-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
livehd7xc.com GTS CA 1P5	`2023-05-14` - `2023-08-12`	3 months	crt.sh
*.aniview.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-11-09`	a year	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
live-v13wgnv6.rmbl.ws R3	`2023-05-06` - `2023-08-04`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.a-mo.net R3	`2023-06-12` - `2023-09-10`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-19` - `2023-09-15`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-04` - `2024-04-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
cdn.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-04` - `2024-05-03`	a year	crt.sh
teads.tv R3	`2023-05-11` - `2023-08-09`	3 months	crt.sh

This page contains 47 frames:

Primary Page: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Frame ID: 19339E134C297CF1C2D463D19CEE243A
Requests: 58 HTTP requests in this frame

Frame: https://live.yalla-shoott.xyz/albaplayer/sport-4/
Frame ID: 172C4D49A99E5787E1DA3207CB21877F
Requests: 19 HTTP requests in this frame

Frame: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A945D34B7B1B86B4448215B161EF0E0F
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Frame ID: CF6B352CD859EBFE7F69EEF54FD13A52
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=stad.yalla-shoot.io
Frame ID: D5734E52E0FC1660DE11D1F80921B21F
Requests: 2 HTTP requests in this frame

Frame: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4613326B66BB1A5FA988A25248022220
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY24jo4gEwAQ&v=APEucNUobv8rQqCMuGPTlTheuDO2ErcIsI7cxwgiwZT6eoqR9h1gz3iTEak9332_V1bGSJdKeL5iAW_Hp-BlaYV71OnzvtI2akYVVtO9Mt5NA3bZkGH4-RICVugAcW7FeBPjTfq_TI9v0IisrFiI3ZHsmIRYvFXv_d3skflDwysj6ZJaUQFGGG0
Frame ID: 828B8E6034F669E26473D8A7E139894C
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7B4E3E474FF9E94DB77805E3B129938D
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C67AD7F93C06068D868FE9D6B2303E4F
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D60095c900c0799791c46d8d4%26biddername%3D46%26auid%3D1687642935216-936808372678-001197-007-006844%26key%3D%24UID
Frame ID: E8620962BDA4A8C4B4A8F2C7D9ADCFD8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fpbs.aniview.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Frame ID: 2EF0DB6609A816833E44C6D9EEEBB772
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: CE9EAD183BCCBB8416D5C6030D7034BC
Requests: 12 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1687642935216-936808372678-001197-007-006844&key=40bbb68e-9c68-42f2-98b7-610adf7fc86a&gdpr_consent=null&gdpr=1
Frame ID: E68778C0C3B3A74F193726C4C279F7CC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1687642935216-936808372678-001197-007-006844%26key%3D
Frame ID: 00B7C144A2CC1CFAD25819A66B3CA02F
Requests: 2 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1687642935216-936808372678-001197-007-006844&key=pfxQuziWJuWH&ev=1&us_privacy=1---&pid=562704
Frame ID: 5D48F26CCC28FE91587069A39B58FF2C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: CEEAD10A5A901F5BF8A6070395F4D126
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1687642935216-936808372678-001197-007-006844&key=OPTOUT
Frame ID: 50CDD535C282C12B26F16518ECD6CDD9
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=bd95dc6614485e81e42db31b5a6d539&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: E10340911552438FE6AD6751F7CF6337
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: 9594B3662213168993E89607166267DF
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=133&auid=1687642935216-936808372678-001197-007-006844&key=a6f37f0123013099a595be2217fc435a
Frame ID: ED023B2146D701D173CA907F715AEC50
Requests: 6 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: 70E1764790D7AD2B31D28C12B588C044
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1687642935216-936808372678-001197-007-006844&key=cad6bad1-dab8-4910-b12d-17a0b3c4a8a8
Frame ID: D2D67DD001BFC6BBC04A316C075F038A
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D18%26auid%3D1687642935216-936808372678-001197-007-006844%26key%3D%24UID
Frame ID: B5A37DE405FFEB71726A67FCFD04A74A
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D105%26auid%3D1687642935216-936808372678-001197-007-006844%26key%3D
Frame ID: ABB787B4C87A85E519293871F9677F90
Requests: 1 HTTP requests in this frame

Frame: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 259DC2F49AC8D508A2F4250D486DD44C
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhD7ppe5BBi7x7TuATAB&v=APEucNXJZU5eBgI7WOdJ11Y1bXtoT5jeOp425kQ3WzPRaCA8oi7SsJDPqS5A63wCKTs2w2iy2xzlUxlt3MXDyJ2VmM0HABBYo0Ca1iBCkyffpwpSXP8KMdocMaBmRGOFkz8kbBvrFyj-90Agw1bXiZA4F7AYm_IhrobH0_s89KPRj4MhsDMGMc0
Frame ID: AF72E67FFC247B7BA3326CB85122DE02
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=EmwfWBRKDx&t=1&renderingType=2&ev=01_250
Frame ID: F7F62643372203F12441659E10D98DE2
Requests: 12 HTTP requests in this frame

Frame: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F3D2CA7204D1E4F45A265F3EA635B1B5
Requests: 5 HTTP requests in this frame

Frame: https://track.adform.net/mobile/script/?CC=1&bn=65509680;srctype=2;ord=741643595;gpp=;gpp_sid=;gdpr=;gdpr_consent=;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C7NcBNmOXZOriOMjD9u8PtK6d6Avc2taNcZ-wvbHbEbfpor3AARABIKiyhXxglfqXgqwHyAEJqQI2xPCRH0eyPqgDAcgDmwSqBIMCT9CYUtdKBiGfko3-3aJWC3LJv6_oftjyntzIwiRhRT-NYE59C7SBqt6Zb_g3S9gUgXv99n0KC60hb6J_oViieJzHz3BfJHcD-tJKUvKt0yI9ocVjJbk45eQCn4FEm8BADAKLyBoufIltA7H6QxJS91iwIZyPrJ6GYd4smOEvX6ynvlyWt6LdySxB4DF3KC6mngj3MmRZN1twFb9F3LtcvIJw19W6y1WTbvnqHkhtIL8tJ6tykdams80jWF7eiLVb0vjpsxnFK4CHMuxxjQ-66ROEORFF5O4-dahqsM_fGeBkmy3sL9c_rV7-2SCsfHLrl6fILGJGvcTDdWUL4fjd1F5Zc8AEy_DmpKUE4AQDkAYBoAZNgAfjqJ2PBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOWseoT0BMA2BMK2BQB0BUB-BYBgBcB6BcB&ae=1&num=1&cid=CAQSSwBygQiDrd-qQ0kc_LcOBuuyfVe5uzkriO12Oqu9xKJE0kA1lvaaC3PILp61V00_iWsf__-NdpetGtJ-fwKJCbAlzPMByB1O06C5URgB&sig=AOD64_3wc9Pl9CnrNYI_vqa6iPovGpkGyQ&client=ca-pub-2930805104418204&dbm_c=AKAmf-AJQOL0pkgxMPjI-lyb1qyYrTizV4_1Pu44YfqbIhZFdMEnK7j6YWkUWOXAjolyWTN7F7b_E9J95DQBV-8BCzA7uc6qMFNgtRDnqqvslzKpNbUnkQB6WYIQRpAL85MkOK99meG06EXVc6eR4JfPZnmH5slfKnuCmhhdTyb343sEyMkAcnc&cry=1&dbm_d=AKAmf-DYWQuRV_I7Mk_HKjMebMdJd2FNq4RMupVsjwXmwjaIeFnaa58nwSqf2sNW2DeO_a8H5LAhFBrLxJDS7PkW9Zu34lsG5qbIpj-6l4tRYBB-rmUR5DgcooK4xP_y9wYfdHclTVyLs8Tbif3NoMYsn8DrNfTizt8SSlGPLEW_4PSyHVLBX0bNtpKUT2ZMqnfr4JxBPkXbBLq7cGsiz_Z_stvlvRPetRrs6JbsF8wZQUPMnItTLfencKgWrbt3z6fndw75-wYPFk7McZ0KzuuIGh3HM-7Xagz9MUOK-AE4aWC3Qd9HjYXViot_y-GjpC_Y-XBA5T_UaenHM9en1y0vBkFTTnIbBm6KMu9fzWMR0N69kvHlf7wKrBoF87SerWrH-83GKMefrGGZ1YXPb7LdE6rCPfsHRRuK-uICp2R2tXPfCFd9sInPSBGanz3GaazUS7fCL-jsn4Azde67B11PhbhFmVWfu17Rat6ermaE4ZQVDunB5JFk5JqFkf3XxOnBfehi5XwHV6aIp1MqLHo7ppYGpqjjJZf8wxT4JGFKmSvO4I0CySyZovfGUQ6-hoA0pVD5NjlvvS8SR1dMdedIqewtv54ZSg&adurl=
Frame ID: 1DD32A64D3CE13E9D304E63F71F4D888
Requests: 15 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 590969BD1AD875BF661192CAC159D08E
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 23B8DE709AC0EA887287C39B23360497
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 320869AB5CF77716B53675887FBA9C45
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js
Frame ID: DB762A2426A38FDA81C001FC4156E4A6
Requests: 1 HTTP requests in this frame

Frame: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C43B4A36AAD61036B63F19BA78DCB68D
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js
Frame ID: E48F1DBEA22A6E754BD9CE807795BAFF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C773DF2A92563C81897BD6AD95B66409
Requests: 2 HTTP requests in this frame

Frame: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DE8970FFB407E0C05E3C118AA3F8935D
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js
Frame ID: 78761DCB85C4399ECB923EFDB75B7C90
Requests: 1 HTTP requests in this frame

Frame: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5801EFDD932F7D5E66D71E94E43CB938
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjUyrHlATAB&v=APEucNUuG0Xk2PwxKwAmA5lDTtTwfeKm26J-ZmcJFSJ2wZ9JnHFpw_dhsvTGHbKuFtdrT56f9LRuNvk9m4S6R5gAacCV1i9EqXNcfy4RfxkxV8jtzL0cp_Q8TJZN9uQPLNEA3mvoOMZimJ9-__w_62Te9Vn6yIpcDP6TBzwO0j8lQQU3nsMh-Yg
Frame ID: 4037FFA33B10E710184FE78CAAB903FC
Requests: 5 HTTP requests in this frame

Frame: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7ADCD5155EA9520AD2B5E3416CDD802E
Requests: 27 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=zLXFeIigu0&t=1&renderingType=2&ev=01_250
Frame ID: D0ECD070FED3E195EF61A5D5E8365281
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 25C3DCA9180CACCA9583EE7159491293
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js
Frame ID: B270FFEC4318BFCD48533EE947E94376
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js
Frame ID: 5D31EF6D33E5D259C6DF409F45B6BA34
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 76F70B3DCB24E785CBB56C93FBF7F4C2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A09EB0FAA1AFA6A4F6F34CC1913D0F18
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

مشاهدة قناة بي ان سبورت beIN Sports 4 HD بث مباشر بدون تقطيع - يلا شوت الجديد الرسمي | Yalla Shoot New أهم مباريات اليوم بث مباشر جوال

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

305
Requests

93 %
HTTPS

38 %
IPv6

52
Domains

86
Subdomains

75
IPs

10
Countries

10196 kB
Transfer

16577 kB
Size

42
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer.php?u=https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Title: فيسبوك

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Title: تويتر

Search URL Search Domain Scan URL

URL: https://web.whatsapp.com/send?text=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%82%D9%86%D8%A7%D8%A9%20%D8%A8%D9%8A%20%D8%A7%D9%86%20%D8%B3%D8%A8%D9%88%D8%B1%D8%AA%20beIN%20Sports%204%20HD%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%AA%D9%82%D8%B7%D9%8A%D8%B9%20|%20https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Title: واتساب

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%82%D9%86%D8%A7%D8%A9%20%D8%A8%D9%8A%20%D8%A7%D9%86%20%D8%B3%D8%A8%D9%88%D8%B1%D8%AA%20beIN%20Sports%204%20HD%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%AA%D9%82%D8%B7%D9%8A%D8%B9%20|%20https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Title: واتساب

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%82%D9%86%D8%A7%D8%A9%20%D8%A8%D9%8A%20%D8%A7%D9%86%20%D8%B3%D8%A8%D9%88%D8%B1%D8%AA%20beIN%20Sports%204%20HD%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%AA%D9%82%D8%B7%D9%8A%D8%B9%20|%20https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Title: تيليجرام

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://gum.criteo.com/sid/json?origin=publishertagids&domain=yalla-shoot.io&sn=ChromeSyncframe&so=0&topUrl=stad.yalla-shoot.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=YG_H0XxGVVo0b21IbXRZTFZReGJxUkxwMFEyLzRVV2NIYVZSN3FWSTNaZ2N1NUNBb0JtRXVpZGJIUE5mQStPTjg1dklYL3AxUFNhSkNWaWNKNHdtSkUzV3huN3N6RmY4UlVMcldocmYwZXZJMUlFMk1DRGl0Q1VKYjJtbVNwNFhhTHdkc2ZBZGI2U09GdlljRlpVT3R1b2ozM0NiRE5kb1BwVlR5dVBLR2F2MmlzanA5RzI1WVVMdUUyRXpZU05mVmJqYkN3RlR2cDdNQWlnUjhtVlBBNmhrK0lLUnJvMEhRZjNCdHpySUd1ekhNNDBKZ1p1OEhTU2liY3RrdlErbGJtUXlKRU9jalFLeU5jdVpncjNCcFN2SjNlQkUxTnlrSVJGTDFNSHVCck96NkliZz18&cppv=2

Request Chain 73

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKx_B4UXoHrjuyMrh2EMHeQ&google_cver=1

Request Chain 74

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJdjNyhgHrldIR4XROftXAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKx_B4UXoHrjuyMrh2EMHeQ&google_cver=1

Request Chain 75

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJfRmV5QnN7_3g-KjhpntHU&google_cver=1

Request Chain 76

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ5OTc5MTgwODA5MjI1Nzk4MA%3D%3D

Request Chain 82

https://fw.adsafeprotected.com/rfw/bgd/1352960/70224085/xbbe/creative/adj?p=APEucNV-lxYwbp6-MYdZ0-JVH3XgXlUgikSRNXcPUd9Ao5Poj6vBOoE&d=CokBAKAmf-Dq0InUmFCZoEip_vkLCp-x6hVGTUhXSoRl2HUb_lbdaD6mAsXbTmB-9Qjn7HML4MCbf55H3P9mJI2V1Y_Wv-rhcfoLDAoi_pcXp86ydqME-YUqah1m4WnxVnWaG6GjqLbRPIH18e72us58sfiG00BqZ0zxzdroubM6Ot0_GmaktYj30fsSqRUAoCZ_4BYI6HSG7a-orW3erIWNfK1cBMk4rntKyVRDVYQIdRfODpcSYD2BoZpXIpRBBnCNDNMQQnEOlxT0jwHcZBTkY7OHlz3gtB7_FkIrjvZttT3-BrbE0XvxjI4XecCnURhAm7SOvkEczt1Sm5kYA0z7L1r6GFHrxfkDJtaZFJBe65JjRnwyPlXZ28GY9PwZQMdIYPi4vMYVh85De0aROMQcIjQEtr-x08FBRzyI5-lIxmtrLf22t_nYZH-uYij-aJh2oCqTOP4pJVqCKTcuuTdUqovKEtswwBk4h8RT-HaxP-WHxa1e9GRBQZ5_VGAYlqHjgG9gD3oOTr4XpUl76kX8xqwRvqpIG-gHu68TicA59gD6suifnl6iqJ4WhxaEvf0KDYv53W61l3am8_fXUlZabbPXLsfiElem2uUAqb5a2pPPlATI49gguUFglqZdjvlLeKCv3Hj23MKMBx9bWVxCoY5ZZFeWcoPXE_HtrVy3jm4buFYurPU3bqfT7LeUYq-5u5AoltsdBcLWgweQ2XG9qqj7uoIUurGWUf8kj18a2ByvmzSKt7Lji3fkSPO9-XJbGW-VEmDxXYzEbOu7Pu6fYhaL3mJxvn4wpbbwHXxpwa5Ta9ncx3b1DWM40YaZ_GF2V_akIn_T7VVZO7zGT1udynYIjM7XZ4CHOs_JvrebPBEM32-L4FV7BPbJQC39nCIqrkzmketvaAaQFy2D-Cn1O_zP_Do8zyLcNXf3KPhGjh6uxeXtBbYYMZrCelOMhXDjGWYMG9VXGTPH3DgD3FtIIuB2gax3w5_geaDegx2pZeSxhlB7bwvb4jXHmwJcbgRuJ-gmLPqmSiVup3GOLYhfSWY653Ncao2FTnbIu_o8KuUsXarkdmWiDNcFQ3RqvxHGtaUkE3N79mZi1aPUI9MFox8ZkiH5tYuE6axsR5Rw8lRYNu1D20ZulI40Ussnbc_Q4JjOT3rgf3jqqYssqZYtAVIrkJ5CNVwRrV4dqW0jKDc8czhigJW-D8hrCNtqqeyJbWzHsacieZpWG7CfZY6pmA08mGrDaQ2RNqtcZ0Nqb1XwPKBbmynaBI9NPDizEjCTa5tNUSI9eDgB88ptg2lfY7m6n9BOg9do71bc0yvaqwvD_JCObod5DqtPihzY2X-nYVoveX3y6687cWoJpnX13pN-1nHIbfxFfh94mMuo044sUUnW7XxCjM4hM0lmBHHnVcECqKfMsVQIU8Gy9uOCZC9mZeZCHh34htggTGTaPdhJept_rBzMY_1EPmT4ITfj0Pt7_w5L-kQMfDp9HXeJq1i0BAj48HD1sq1GR1VdIhTYlwqicxswSvVqD7NqKfqbqkQ5VUZ3vvJyKbPwM31rcnq7Wdf0AgtXtrBrV1CvF3tcDMmGH6SHm50Bxz-OAUJK3nZ8kiEOIK-brYeT1SL27uQfRyRmPvooI5EPQbvzsSTmhHAqFrHBleFFF6TQEHC-c0JT9JpySjjcOlV5JkqT6wtRzuKx6jIyu_fPB8t1hfg41RFCN7vvP3rNRPaShiNrm5F3L6M8JjPQGOElUmqfYU-p5NKItNmyQVC2RskR1WtlFoW2MDl4JcIE67kFqkXmH5iwXyHWUbP9YF83ZRYCuOms3qiM77QcnP8Lqow6bJzO1sOvknLML3oo-V3MOuH9GtfuTT1TbJDbqrqCKWYK0QDiOq45FWE7ycQsLz-TC4yTJXTXoFnjY09XgwOYyfiaUkKaTha4udCtD_tP9N2s8geDdY8ELUATQIvsy5xv58ZHRx_L7j1Tqa13mcUnQjuNrB0fcXgGcTWHWG0ab1DK1qd39XCT96RQHDM_qryk4Mr-lt9xieMBkSskoIYsUs69Mp7M1TFpXE66kFfK7f3_8S8Y81d107Pj2qsy18shx0aUQ9hWsGb5HfX8bIRWMFAByHBdh2j21vT8XOFdfsScFa8wzY8mJuBxav7MnMRdC0tL3zA2KAFw7aC6Lmu9XWfc4CJD-OrXII3I_vqPnjtDelvS0Th5kWZa9NEcQDnuW7HQsrllHWRMfDeAmzpjg6d7JApf0IGENVNRn6_89Hv52PhcHIwkbWAllf3u6XLahAcghymU4Zue-UP9KHVerkfQ8GqSX2BRhjQr97R4v2tU45fW4O1LbWsKDdoLBDJ9Ns0QP7aMFCOkkP5vsblE8qL-FHw1U7iaNud8dZ0flzhVowqj9lDcDmpkf7eZIUhRBEmhypKhidq9S425UQnyHUbrSGto2dmz1eQAt4TNk7YVoZWNB8-JHm_qdnIRAuC-IvGJL686rCPZVBymBuXWEuGLTfZsAgi2hlxNkjXyL1QAou9WBCzvuXonze-ZwOjKaWFcrUmTiipsCvZ5MNWG1_QzD_Kqqfx7u34fKL8WIsbjLHl2MVIZq7aCnCEpHCIHboC2Gy2JK-4buGRhgWnNV2D9S2AsMGxEmW-b0FfS24OwcN0WDs-oVL3vjhhXjs2BgiMgMfPN8SndeBBMrHwg9aBm5lRVb-nVJEA7khB5gCu7imzlYEIU6zn2BtCiBpn8OouEDrR41zH8SoM08X7X_RHzmI4GefEPcc7Y16q1W0EUNNCCClz1IupBFqejPTlrIJVE7rGtuX5EeOVqmhW92BEDGQZZf01fwzzC1l0LlHV5H9eEf-w1uK8aIYjBNLOrehovA_gVSS7nS1kvRiykcBSXsnDfPBzKCs1Pd8dDC9_usCMGm5xZqqtyPuf5BNAOZ0kswalc5AKcAziUBfE-9o7xZ76x-D6-g1jxWXA_IpunxQ0jOa8WSdy-n92mEcaOI47diEgEryf7m3L2061BNZJ6BaE6ugxWDsxsLFsYAZlcY_oI1OhJ48BBrvN5XXXSK7t4JIQ8BrI3yddaAPWRaRmBMT6pUJlqPbWVDX_fJpE5XwPT1UyAWfKnYDGcPDabB5Hyg--sSTvoyMWuPiuCBVfSOn_IyTXOPOWm1NijU7y_CxLFaZbJiUieGK1V_XZ6dT9RsZ3-zYN4YJWJ9TSguN7a9lJHo94RvM8bcBuAnKAzVrxYD13hORDZolMCvB6Ypjlf0zlj4wiSDeIsrmZ3arEz_gQ0drDnWFYIpNPDwcSZkl-QOXmhCYbbAglb5qyCJYkMGAoSvNq0RAxyrEjWoMTKw-H6UuNNTkBQDrW6Tbj2tw3Xc_7is_X95A3Gqy6GbTWk8ZNGhJeLY-Q94zhURIUzyu4p9YScw7TxSJbNJ7BRZN1me_YkoVyLFZnEb6wxnQQx4Gc4PzAgtkCCbkwu3Cu7-47Ko3C7_Unig1sfa9aT5b06x-AwjG6b-8az291jgLOVLt4PYM7Lo6ZEET_9cOM7aM5HyCdY9lnAAWfJxjhnXY6UNyxwyKMIOcgBc5yf3wwG1ZMXLVs0UV6XOPfk5sALvMcYEgCDDcw52eMeeHAfuupPA_Prb2XKLfGrU38tSVR4V1fYVlsoecMjXU_eHYKJxUXVKEMaA0SuXmpOp1d40EgHoWT1i4wIXn7dUwIYVJNQhQQUZzL3WIoBUdMI2WARhzqUVRiPcsVRAiAjZvOKXDPzASNJlqlb1uBxkX4OC0lqhz_bOizRjzJkcHZ15M0k3XOnk-XzsbZrSaxu8cT_gSApRT1y4FMfFY-Z7hvQPHYzyDCUmBozCAQSLQBygQiDSHzGLWUr-BN6OWe08iY2l0EvNpzkOtw6cGFnx7ZndlCQV4W0HqRDqhgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-2930805104418204&ias_chanId=1&ias_placementId=18640275745&bidurl=https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gO5izKdoVy5KuIE280gMsy&adsafe_url=https%3A%2F%2Fstad.yalla-shoot.io&adsafe_type=y&adsafe_url=https%3A%2F%2Fstad.yalla-shoot.io%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:d6f58e8d-b266-3fdc-c43e-3f11ef83681b,c:guHiEA,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-664b4f8f74-6qs7b,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tI8xLDG+11%7C12%7C13%7C14%7C15*.1352960-70224085%7C151%7C152,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:20,oid:fc0ad161-12d7-11ee-87aa-6225af02f0ad,v:19.8.421,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNV-lxYwbp6-MYdZ0-JVH3XgXlUgikSRNXcPUd9Ao5Poj6vBOoE&d=CokBAKAmf-Dq0InUmFCZoEip_vkLCp-x6hVGTUhXSoRl2HUb_lbdaD6mAsXbTmB-9Qjn7HML4MCbf55H3P9mJI2V1Y_Wv-rhcfoLDAoi_pcXp86ydqME-YUqah1m4WnxVnWaG6GjqLbRPIH18e72us58sfiG00BqZ0zxzdroubM6Ot0_GmaktYj30fsSqRUAoCZ_4BYI6HSG7a-orW3erIWNfK1cBMk4rntKyVRDVYQIdRfODpcSYD2BoZpXIpRBBnCNDNMQQnEOlxT0jwHcZBTkY7OHlz3gtB7_FkIrjvZttT3-BrbE0XvxjI4XecCnURhAm7SOvkEczt1Sm5kYA0z7L1r6GFHrxfkDJtaZFJBe65JjRnwyPlXZ28GY9PwZQMdIYPi4vMYVh85De0aROMQcIjQEtr-x08FBRzyI5-lIxmtrLf22t_nYZH-uYij-aJh2oCqTOP4pJVqCKTcuuTdUqovKEtswwBk4h8RT-HaxP-WHxa1e9GRBQZ5_VGAYlqHjgG9gD3oOTr4XpUl76kX8xqwRvqpIG-gHu68TicA59gD6suifnl6iqJ4WhxaEvf0KDYv53W61l3am8_fXUlZabbPXLsfiElem2uUAqb5a2pPPlATI49gguUFglqZdjvlLeKCv3Hj23MKMBx9bWVxCoY5ZZFeWcoPXE_HtrVy3jm4buFYurPU3bqfT7LeUYq-5u5AoltsdBcLWgweQ2XG9qqj7uoIUurGWUf8kj18a2ByvmzSKt7Lji3fkSPO9-XJbGW-VEmDxXYzEbOu7Pu6fYhaL3mJxvn4wpbbwHXxpwa5Ta9ncx3b1DWM40YaZ_GF2V_akIn_T7VVZO7zGT1udynYIjM7XZ4CHOs_JvrebPBEM32-L4FV7BPbJQC39nCIqrkzmketvaAaQFy2D-Cn1O_zP_Do8zyLcNXf3KPhGjh6uxeXtBbYYMZrCelOMhXDjGWYMG9VXGTPH3DgD3FtIIuB2gax3w5_geaDegx2pZeSxhlB7bwvb4jXHmwJcbgRuJ-gmLPqmSiVup3GOLYhfSWY653Ncao2FTnbIu_o8KuUsXarkdmWiDNcFQ3RqvxHGtaUkE3N79mZi1aPUI9MFox8ZkiH5tYuE6axsR5Rw8lRYNu1D20ZulI40Ussnbc_Q4JjOT3rgf3jqqYssqZYtAVIrkJ5CNVwRrV4dqW0jKDc8czhigJW-D8hrCNtqqeyJbWzHsacieZpWG7CfZY6pmA08mGrDaQ2RNqtcZ0Nqb1XwPKBbmynaBI9NPDizEjCTa5tNUSI9eDgB88ptg2lfY7m6n9BOg9do71bc0yvaqwvD_JCObod5DqtPihzY2X-nYVoveX3y6687cWoJpnX13pN-1nHIbfxFfh94mMuo044sUUnW7XxCjM4hM0lmBHHnVcECqKfMsVQIU8Gy9uOCZC9mZeZCHh34htggTGTaPdhJept_rBzMY_1EPmT4ITfj0Pt7_w5L-kQMfDp9HXeJq1i0BAj48HD1sq1GR1VdIhTYlwqicxswSvVqD7NqKfqbqkQ5VUZ3vvJyKbPwM31rcnq7Wdf0AgtXtrBrV1CvF3tcDMmGH6SHm50Bxz-OAUJK3nZ8kiEOIK-brYeT1SL27uQfRyRmPvooI5EPQbvzsSTmhHAqFrHBleFFF6TQEHC-c0JT9JpySjjcOlV5JkqT6wtRzuKx6jIyu_fPB8t1hfg41RFCN7vvP3rNRPaShiNrm5F3L6M8JjPQGOElUmqfYU-p5NKItNmyQVC2RskR1WtlFoW2MDl4JcIE67kFqkXmH5iwXyHWUbP9YF83ZRYCuOms3qiM77QcnP8Lqow6bJzO1sOvknLML3oo-V3MOuH9GtfuTT1TbJDbqrqCKWYK0QDiOq45FWE7ycQsLz-TC4yTJXTXoFnjY09XgwOYyfiaUkKaTha4udCtD_tP9N2s8geDdY8ELUATQIvsy5xv58ZHRx_L7j1Tqa13mcUnQjuNrB0fcXgGcTWHWG0ab1DK1qd39XCT96RQHDM_qryk4Mr-lt9xieMBkSskoIYsUs69Mp7M1TFpXE66kFfK7f3_8S8Y81d107Pj2qsy18shx0aUQ9hWsGb5HfX8bIRWMFAByHBdh2j21vT8XOFdfsScFa8wzY8mJuBxav7MnMRdC0tL3zA2KAFw7aC6Lmu9XWfc4CJD-OrXII3I_vqPnjtDelvS0Th5kWZa9NEcQDnuW7HQsrllHWRMfDeAmzpjg6d7JApf0IGENVNRn6_89Hv52PhcHIwkbWAllf3u6XLahAcghymU4Zue-UP9KHVerkfQ8GqSX2BRhjQr97R4v2tU45fW4O1LbWsKDdoLBDJ9Ns0QP7aMFCOkkP5vsblE8qL-FHw1U7iaNud8dZ0flzhVowqj9lDcDmpkf7eZIUhRBEmhypKhidq9S425UQnyHUbrSGto2dmz1eQAt4TNk7YVoZWNB8-JHm_qdnIRAuC-IvGJL686rCPZVBymBuXWEuGLTfZsAgi2hlxNkjXyL1QAou9WBCzvuXonze-ZwOjKaWFcrUmTiipsCvZ5MNWG1_QzD_Kqqfx7u34fKL8WIsbjLHl2MVIZq7aCnCEpHCIHboC2Gy2JK-4buGRhgWnNV2D9S2AsMGxEmW-b0FfS24OwcN0WDs-oVL3vjhhXjs2BgiMgMfPN8SndeBBMrHwg9aBm5lRVb-nVJEA7khB5gCu7imzlYEIU6zn2BtCiBpn8OouEDrR41zH8SoM08X7X_RHzmI4GefEPcc7Y16q1W0EUNNCCClz1IupBFqejPTlrIJVE7rGtuX5EeOVqmhW92BEDGQZZf01fwzzC1l0LlHV5H9eEf-w1uK8aIYjBNLOrehovA_gVSS7nS1kvRiykcBSXsnDfPBzKCs1Pd8dDC9_usCMGm5xZqqtyPuf5BNAOZ0kswalc5AKcAziUBfE-9o7xZ76x-D6-g1jxWXA_IpunxQ0jOa8WSdy-n92mEcaOI47diEgEryf7m3L2061BNZJ6BaE6ugxWDsxsLFsYAZlcY_oI1OhJ48BBrvN5XXXSK7t4JIQ8BrI3yddaAPWRaRmBMT6pUJlqPbWVDX_fJpE5XwPT1UyAWfKnYDGcPDabB5Hyg--sSTvoyMWuPiuCBVfSOn_IyTXOPOWm1NijU7y_CxLFaZbJiUieGK1V_XZ6dT9RsZ3-zYN4YJWJ9TSguN7a9lJHo94RvM8bcBuAnKAzVrxYD13hORDZolMCvB6Ypjlf0zlj4wiSDeIsrmZ3arEz_gQ0drDnWFYIpNPDwcSZkl-QOXmhCYbbAglb5qyCJYkMGAoSvNq0RAxyrEjWoMTKw-H6UuNNTkBQDrW6Tbj2tw3Xc_7is_X95A3Gqy6GbTWk8ZNGhJeLY-Q94zhURIUzyu4p9YScw7TxSJbNJ7BRZN1me_YkoVyLFZnEb6wxnQQx4Gc4PzAgtkCCbkwu3Cu7-47Ko3C7_Unig1sfa9aT5b06x-AwjG6b-8az291jgLOVLt4PYM7Lo6ZEET_9cOM7aM5HyCdY9lnAAWfJxjhnXY6UNyxwyKMIOcgBc5yf3wwG1ZMXLVs0UV6XOPfk5sALvMcYEgCDDcw52eMeeHAfuupPA_Prb2XKLfGrU38tSVR4V1fYVlsoecMjXU_eHYKJxUXVKEMaA0SuXmpOp1d40EgHoWT1i4wIXn7dUwIYVJNQhQQUZzL3WIoBUdMI2WARhzqUVRiPcsVRAiAjZvOKXDPzASNJlqlb1uBxkX4OC0lqhz_bOizRjzJkcHZ15M0k3XOnk-XzsbZrSaxu8cT_gSApRT1y4FMfFY-Z7hvQPHYzyDCUmBozCAQSLQBygQiDSHzGLWUr-BN6OWe08iY2l0EvNpzkOtw6cGFnx7ZndlCQV4W0HqRDqhgBYAE&cry=1&bundleId=

Request Chain 92

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

Request Chain 93

https://csync.loopme.me/?pubid=11455&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1687642935216-936808372678-001197-007-006844%26key%3D%7Bdevice_id%7D HTTP 307
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1687642935216-936808372678-001197-007-006844&key=40bbb68e-9c68-42f2-98b7-610adf7fc86a&gdpr_consent=null&gdpr=1

Request Chain 95

https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1687642935216-936808372678-001197-007-006844%26key%3D%25%25VGUID%25%25 HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1687642935216-936808372678-001197-007-006844&key=pfxQuziWJuWH&ev=1&us_privacy=1---&pid=562704

Request Chain 97

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1687642935216-936808372678-001197-007-006844%26key%3D%5BRX_UUID%5D HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1687642935216-936808372678-001197-007-006844&key=OPTOUT

Request Chain 98

https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent= HTTP 302
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=bd95dc6614485e81e42db31b5a6d539&_fw_gdpr=1&_fw_gdpr_consent=

Request Chain 102

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1687642935216-936808372678-001197-007-006844%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1687642935216-936808372678-001197-007-006844%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1687642935216-936808372678-001197-007-006844&key=cad6bad1-dab8-4910-b12d-17a0b3c4a8a8

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKx_B4UXoHrjuyMrh2EMHeQ&google_cver=1

Request Chain 127

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJdjNyhgHrldIR4XROftXAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKx_B4UXoHrjuyMrh2EMHeQ&google_cver=1

Request Chain 128

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJfRmV5QnN7_3g-KjhpntHU&google_cver=1

Request Chain 129

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ5OTc5MTgwODA5MjI1Nzk4MA%3D%3D

Request Chain 151

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=243BVSUNSWGAcPAUZV32jA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=243BVSUNSWGAcPAUZV32jA

Request Chain 152

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=bJ69KrSGSS-xkSvkyweL_w&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bJ69KrSGSS-xkSvkyweL_w

Request Chain 154

https://dmp.brand-display.com/cm/api/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=3fa41ab2-7837-10da-bd492d51

Request Chain 155

https://token.rubiconproject.com/token?pid=2046&pt=n&a=1 HTTP 302
https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=9L5R9BD2XoHhMoUFOxVy5Q

Request Chain 156

https://rcp.c.appier.net/rbcm HTTP 302
https://pixel.rubiconproject.com/tap.php?v=70596&nid=3632&put=o9hBdDL2DVCcirDaOWOXZA&expires=365

Request Chain 183

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 217

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 220

https://gcdn.2mdn.net/videoplayback/id/9d4c6e9ee61b6206/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3824719061/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/1F81B39B4589852AE1DDDF7CD670AE9E89899C86.809EA14021996F6966EF12ADB82C233CA95AC32F/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/9d4c6e9ee61b6206/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3824719061/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2660E3ECDC06F4CA04CD75AC377DDF7A1491FDA1.7AEEB21330FAF1418E937D8DDACF1A0E05D83C5B/key/cms1/cms_redirect/yes/mh/yH/mip/2a02:6ea0:c71b:0:1012:e7a3:ef71:a9e4/mm/42/mn/sn-4g5e6nsk/ms/onc/mt/1687641833/mv/u/mvi/4/pl/48/file/file.mp4

Request Chain 245

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMVb5fNw4k0nXIVXQ7SSys&google_cver=1

Request Chain 247

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEFFARz-aDv0uV2FB7WtW8Y8&google_cver=1

Request Chain 257

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

305 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
stad.yalla-shoot.io/channels/bein-sport-4d-hd/ 53 KB
14 KB 106ms
71ms Document
text/html 2606:4700:20::681a:b15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 605faec36fd7b78320cb9c22282787d5b34a92356b909f52b2e4f1ba5a5050fe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7dc823b2ebc51c19-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 24 Jun 2023 21:42:14 GMT
link: <https://stad.yalla-shoot.io/wp-json/>; rel="https://api.w.org/" <https://stad.yalla-shoot.io/?p=15255>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95%2BM6NsckPSOitp6R8Nn5lhYQkXxMumPrGiINOL7A8GW7xUaF4m36s9A81iOBsaaYvGfU%2B%2BZbfVkBXAp8gR%2BBxXFKKG5Kmx3nAWT8kFZIhiVS7ayM68bssuGcfYtMZEsF3g7Z9ortjRHfAfSj4PHcmU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-fastcgi-cache: BYPASS

GET
H2 200 classic-themes.min.css
stad.yalla-shoot.io/wp-includes/css/ 291 B
543 B 16ms
15ms Stylesheet
text/css 2606:4700:20::681a:b15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stad.yalla-shoot.io/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 00:06:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3254
etag: W/"6424d29c-123"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FC1VEEobqAFQ9KOgCgStXfv1QJto%2BPuRmUKrwRum4f5F%2B66qJivb5D82bOaOqpri%2BKbuB%2FB2lH%2BViVH60Wy2GgGlO3Qgyn2l7xm4ZofZ%2FSWdMmbuVO2fD8J%2Bq006UasOmDAKK926x4BILEanPL%2FZGbM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7dc823b36c401c19-FRA

GET
H2 200 logo.png
stad.yalla-shoot.io/wp-content/themes/YallaShoot1/img/ 1 KB
2 KB 17ms
16ms Image
image/webp 2606:4700:20::681a:b15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoot.io/wp-content/themes/YallaShoot1/img/logo.png
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 550cb9add249cab0af5d81b7b7293170a9436d2f7fbece20ca02a52978d72a44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6190
cf-polished: origFmt=png, origSize=4095
content-disposition: inline; filename="logo.webp"
content-length: 1478
cf-bgj: imgq:100,h2pri
last-modified: Sat, 01 Jan 2022 19:02:44 GMT
server: cloudflare
etag: "61d0a554-fff"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yEviwwPekHZkJOPJwD594Lf7SPZTcDnm8OMCZfOTd%2F1np7pEMwwzVy1bd%2BAHElPuTz6N1mJUAec0wRgSOZjTzfJbI%2BZZ%2BYpRUAydGkoWOL4TWUdV4Di4Z5Bq04m3BFoNlMmnBZtHfm7dOk3X2TfpTg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7dc823b36c421c19-FRA

GET
H2 200 yalla-shootheadmatag.js Show response
jscdn.greeter.me/ 7 KB
8 KB 62ms
9ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/yalla-shootheadmatag.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

4c1fd5df408874cca82afe627a36a9ba0988d5a350a38ba572053d38941736f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 09 Apr 2023 14:11:29 GMT
x-amz-request-id: tx00000000000003684ffca-0064975e75-a54967db-fra1b
etag: "30f42b42f65a446e0ae7f55cea523b81"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1687642934.dop124.fr8.t,1687642934.cds230.fr8.hn,1687642934.cds340.fr8.c
content-type: text/javascript
cache-control: max-age=2383
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 7458

GET
H2 200 yalla-shoot.io.video.js Show response
jscdn.greeter.me/ 1 KB
2 KB 63ms
10ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/yalla-shoot.io.video.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

2df957d141202a0ff7127f12d1df45b6c0e689872d63accc4d91f600b0056ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 15 Dec 2021 09:52:48 GMT
x-amz-request-id: tx000000000000036928be8-0064976116-a510bf41-fra1b
etag: "bdea9baff06ff01dd168099ecf27e5a6"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1687642934.dop124.fr8.t,1687642934.cds230.fr8.hn,1687642934.cds258.fr8.c
content-type: text/javascript
cache-control: max-age=3056
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 1390

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 124 KB
48 KB 60ms
26ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-107335079-1

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e77eb1880aa724e4c041a5b3dbdeedceb28b90a0662c24107f7d7af4535cbcfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 48971
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 24 Jun 2023 21:42:14 GMT

GET
H2 200 jquery.min.js Show response
stad.yalla-shoot.io/wp-content/themes/YallaShoot1/js/ 94 KB
34 KB 25ms
18ms Script
application/javascript 2606:4700:20::681a:b15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stad.yalla-shoot.io/wp-content/themes/YallaShoot1/js/jquery.min.js
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e30b4f5df3c9773448d5e9a2f8b772308ffc80db3a4e437bd1e409fce41ebfaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 02 Jan 2022 15:56:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1984
etag: W/"61d1cb26-179cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ciKJK7e5ZtzVKYc7hS65C7muWanaiogYZCk0y6iKPNN9NE8mLKNVLptgO6wOzZHlBiYvKHm%2F7wtVyK79YaGqOS%2Bnnbx8vcCVRo2kovAtU66BZjGBH1CFA39sTmV3eVY1ihWSTB29%2B8aL1G0u4zIGZSc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 7dc823b38c521c19-FRA

GET
H2 200 lazyload.js Show response
stad.yalla-shoot.io/wp-content/themes/YallaShoot1/js/ 7 KB
3 KB 20ms
14ms Script
application/javascript 2606:4700:20::681a:b15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stad.yalla-shoot.io/wp-content/themes/YallaShoot1/js/lazyload.js
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8150ac13ec014fb343f5a481c41e92eee8e1281c02e36b0c3ca7f7de8ad82fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 02 Jan 2022 15:54:22 GMT
server: cloudflare
age: 6190
cf-polished: origSize=7327
etag: W/"61d1caae-1c9f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrGja01Bh3wWpgEtOCQH2FYzzwozbM1oXSacbm6HyKAIxvXUy9syIKgqZVykM4cP5dQoEiZb05DsAOkc0iieMpJRoSGQt7qnHLG%2BTCm0Mcglkw8%2B1XPBjwigxRjr%2Ffa6DURmopbKKMZrIFurwWF2nZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7dc823b38c531c19-FRA

GET
H2 200 / Show response
live.yalla-shoott.xyz/albaplayer/sport-4/ Frame 172C 27 KB
11 KB 149ms
111ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.yalla-shoott.xyz/albaplayer/sport-4/
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a195a536325adf7801121e1ea72782cb772259aed1fcf0da91eb0d18cfe5ec7

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7dc823b3fe329968-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 24 Jun 2023 21:42:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbFctjURTkBRNzZHdn2WWFCuy52ROLTzmvft%2FOd4OShKrDaY3BJFOzJkSyfJ1LgU4zChxGCvYv3JwVz9mAw%2Fbm8P%2Fx9QNCyw8VPRX1Tyz7b%2BfT61dM6bPzL4Xs6jm2uERRxx4gO1gbvGXBipdTOWnGEo19s%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Cookie

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 401 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 NeoSansArabic.woff
stad.yalla-shoot.io/wp-content/themes/YallaShoot1/fonts/ 56 KB
56 KB 13ms
13ms Font
font/woff 2606:4700:20::681a:b15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stad.yalla-shoot.io/wp-content/themes/YallaShoot1/fonts/NeoSansArabic.woff
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Request headers

Referer: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Origin: https://stad.yalla-shoot.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
cf-cache-status: HIT
last-modified: Sat, 01 Jan 2022 19:02:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 279
etag: "61d0a554-e014"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JApAa3D6khs93HbldUlKU6MCCq8Z2MqCxvOy1rVS1U2pHPd8afu7%2BrsfUviJQ6o4r0bXmsbsZelv4CVzks6XhMWwVHV5O0c7WmzUlVjSB%2BbzUHUkt4aWDNYok8jqmr5qS0XX4f4S1s%2FxHcbO64xVmo8%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7dc823b3dca11c19-FRA
content-length: 57364

GET
H2 200 hb_502684_12987.js Show response
player.aplhb.adipolo.com/prebidlink/468789/ 1 B
228 B 50ms
6ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/468789/hb_502684_12987.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shootheadmatag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
last-modified: Thu, 16 Feb 2023 14:55:08 GMT
server: nginx
etag: "63ee43cc-1"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1
expires: Sat, 24 Jun 2023 22:42:14 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 90ms
31ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shootheadmatag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cc542e7865fd9f0083eea7ab967802a0796cb2f644389c3b940d291c352ef5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26461
x-xss-protection: 0
server: cafe
etag: 179 / 19532 / 31075546 / config-hash: 3635630053877940451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 21:42:14 GMT

GET
H2 200 wrapper_hb_502684_12987.js Show response
player.aplhb.adipolo.com/prebidlink/468789/ 127 B
352 B 50ms
6ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/468789/wrapper_hb_502684_12987.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shootheadmatag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5ea995481d7dfddb5307f94aedabe955e8bdd9ba40b925007532997185cd35c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
content-encoding: gzip
last-modified: Thu, 16 Feb 2023 14:55:08 GMT
server: nginx
etag: W/"63ee43cc-7f"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Sat, 24 Jun 2023 22:42:14 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
26 KB 50ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shootheadmatag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e002c6020378aeebb5600b0773d720e1cb774c01862c69fdfba6cc306ab065e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26460
x-xss-protection: 0
server: cafe
etag: 964 / 19532 / m202306200101 / config-hash: 3635630053877940451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 21:42:14 GMT

GET
H/1.1 200
OK spt Show response
tg1.modoro360.com/api/adserver/ 28 KB
8 KB 66ms
7ms Script
text/javascript 2a02:26f0:3100::1735:2b93
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=61829aec12a96609532b3fd9&AV_PUBLISHERID=6181354e7fb04045d1763610
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/yalla-shoot.io.video.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2b93 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 1cf86132868477d53c7ae50695c079df445777d204b11f89235d43aa889c05ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

X-Bamboo-C-SkSt: 1
Content-Encoding: gzip
X-Bamboo-C-SkFe: 1
X-Bamboo-C-S: BYPASS
Date: Sat, 24 Jun 2023 21:42:14 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Vary: Accept-Encoding
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Content-Length: 7189
Expires: Sat, 24 Jun 2023 21:47:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
82 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2Y3HW36EKK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-107335079-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43ea5d14a41cebe3bd32efa9ea3a731bb515650ea4aa3df2859af77e4ccf9c93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83933
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 24 Jun 2023 21:42:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 34ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-107335079-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 24 Jun 2023 21:04:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2253
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 24 Jun 2023 23:04:41 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/ 393 KB
125 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

923ac60ae2b51d9cb2025f34d30e8188c5bdfb61e04f7d5c88908b56800c7ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9408
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127691
x-xss-protection: 0
server: cafe
etag: 13681810057703077335
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 23 Jun 2024 19:05:26 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
1 KB 62ms
42ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=stad.yalla-shoot.io

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4722d1a48e2574651587d3052507794d85f83641dda400c213c4283fba8d5977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 558
x-xss-protection: 0
expires: Sat, 24 Jun 2023 21:42:14 GMT

GET
H2 200 631a2480b3d08269680f4be2 Show response
feed.avplayer.com/backend/api/playlist/ 5 KB
924 B 55ms
10ms XHR
application/json 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://feed.avplayer.com/backend/api/playlist/631a2480b3d08269680f4be2?AV_TAGID=61829aec12a96609532b3fd9&pid=6181354e7fb04045d1763610&cid=61829607b5bef343b31cc918&AV_TEMPID=635e40ee9cca104d830d91c4&AV_PUBLISHERID=6181354e7fb04045d1763610
Requested by: Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=61829aec12a96609532b3fd9&AV_PUBLISHERID=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: b0e5ffbe1fbf32b9f80e09a1c81a35f51defe2846347e186184e3cea5a264280

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
content-encoding: gzip
x-hw: 1687642934.dop142.fr8.t,1687642934.cds204.fr8.hn,1687642934.cds340.fr8.c
content-type: application/json; charset=utf-8
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 716

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/2/v/ 251 KB
60 KB 44ms
9ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/v/avcplayer.js
Requested by: Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=61829aec12a96609532b3fd9&AV_PUBLISHERID=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: /
Resource Hash: 4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 17:18:44 GMT
etag: "1646327924"
x-hw: 1687642934.dop272.fr8.t,1687642934.cds255.fr8.hn,1687642934.cds249.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 61326

GET
H2 200 track
servt.modoro360.com/ 0
98 B 344ms
100ms Image
text/plain 3.214.255.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?pid=6181354e7fb04045d1763610&cid=61829607b5bef343b31cc918&cb=1687642934462&r=stad.yalla-shoot.io&stagid=61829aec12a96609532b3fd9&stplid=635e40ee9cca104d830d91c4&d35=&d65=Test1&d66=7&d74=&e=playerLoaded&cpid=631a2480b3d08269680f4be2&str=viewable
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.255.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-255-62.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 15ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=988550895&t=pageview&_s=1&dl=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sport-4d-hd%2F&ul=en-us&de=UTF-8&dt=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%82%D9%86%D8%A7%D8%A9%20%D8%A8%D9%8A%20%D8%A7%D9%86%20%D8%B3%D8%A8%D9%88%D8%B1%D8%AA%20beIN%20Sports%204%20HD%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%AA%D9%82%D8%B7%D9%8A%D8%B9%20-%20%D9%8A%D9%84%D8%A7%20%D8%B4%D9%88%D8%AA%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%20%D8%A7%D9%84%D8%B1%D8%B3%D9%85%D9%8A%20%7C%20Yalla%20Shoot%20New%20%D8%A3%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%AC%D9%88%D8%A7%D9%84&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=613405103&gjid=1396085658&cid=212665835.1687642934&tid=UA-107335079-1&_gid=1101782043.1687642934&_r=1&gtm=457e36l0&jsscut=1&z=719294572

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://stad.yalla-shoot.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 43ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2Y3HW36EKK&gtm=45je36l0&_p=988550895&cid=212665835.1687642934&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1687642934&sct=1&seg=0&dl=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sport-4d-hd%2F&dt=%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%82%D9%86%D8%A7%D8%A9%20%D8%A8%D9%8A%20%D8%A7%D9%86%20%D8%B3%D8%A8%D9%88%D8%B1%D8%AA%20beIN%20Sports%204%20HD%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%A8%D8%AF%D9%88%D9%86%20%D8%AA%D9%82%D8%B7%D9%8A%D8%B9%20-%20%D9%8A%D9%84%D8%A7%20%D8%B4%D9%88%D8%AA%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%20%D8%A7%D9%84%D8%B1%D8%B3%D9%85%D9%8A%20%7C%20Yalla%20Shoot%20New%20%D8%A3%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%D8%AC%D9%88%D8%A7%D9%84&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2Y3HW36EKK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 43ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=stad.yalla-shoot.io

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
878 B 45ms
7ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 24 Jun 2023 21:42:14 GMT
x-content-type-options: nosniff
content-encoding: br
age: 37350
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230031-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 37ms
10ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:18:18 GMT
via: 1.1 google
age: 1436
x-guploader-uploadid: ADPycduYUtOIn0FL5_kqkAbDEhJK5dYpxvdMqGS9Zq3IHUxc5i-wff9ZwrH-AKEFOJ9u46GAxxhmRYq-NwLsUIIKILuXRV-FeADP
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Sat, 24 Jun 2023 22:18:18 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 87ms
25ms Script
text/javascript 108.156.2.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.2.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-2-55.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 05:20:10 GMT
content-encoding: gzip
via: 1.1 6d6c936c7593d0a2d5f410555483ffa0.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: MXP63-P4
age: 58925
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: i4T2K0xXZQ2lZjAbvL9wyCm_FcDVjvDWqYNu7m1G-4UDphbptO9HhQ==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 44ms
18ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: 1WTS3PXJ3PW0DRYQ
age: 3036
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7dc823b51ec030f9-FRA
x-amz-id-2: b6msF3rN/zhF2drF/ZyVJ/eaOX6n6q7WjUHiW7fgtpM7i2lpEc/zln9UFz7xrVPSz52wpUIlNcU=

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 68ms
12ms Script
text/javascript 2600:9000:225b:c800:a:e047:753:be1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:c800:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: null
Date: Sat, 24 Jun 2023 05:58:55 GMT
Via: 1.1 5399a427cccb3191e8715ae58ba175aa.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P1
Age: 56600
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: k0_XSGPJGR2M66PL9uxZd8ymX1uKJ1L0A0hcuCgNw5dGg7qD640ysw==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 65ms
19ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 25 Jun 2023 21:42:14 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 120 KB
42 KB 1461ms
1459ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4459016729670276&correlator=2290971352124311&eid=31074650%2C31075556%2C31075617%2C31068366&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fif&iu_parts=21939239661%3A22689168218%2Capl%2Caplmcm%2Ccube&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C320x50%7C320x100&ifi=1&adks=900511283&didk=2675907389&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1687642934552&lmt=1687642934&dlt=1687642934303&idt=205&adxs=650&adys=1500&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sport-4d-hd%2F&frm=20&vis=1&psz=976x0&msz=976x0&fws=4&ohw=1000&ga_vid=212665835.1687642934&ga_sid=1687642935&ga_hid=988550895&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYkZru-o4xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiRmu76jjFIAFICCGQSGQoKcHViY2lkLm9yZxiRmu76jjFIAFICCGQSFwoIcnRiaG91c2UYkZru-o4xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJGa7vqOMUgAUgIIZBIZCgp1aWRhcGkuY29tGJGa7vqOMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbd3a012c540f71ca5869fd468bf3d05daf0f8b735d1d86f78775414835ab231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42366
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 881ms
879ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4459016729670276&correlator=2290971352124311&eid=31074650%2C31075556%2C31075617%2C31068366&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fif&iu_parts=21939239661%3A22689168218%2Capl%2Caplmcm%2Ccube3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C320x50%7C320x100&ifi=2&adks=2762301397&didk=2675907387&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1687642934559&lmt=1687642934&dlt=1687642934303&idt=205&adxs=650&adys=260&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sport-4d-hd%2F&frm=20&vis=1&psz=976x0&msz=976x0&fws=4&ohw=1000&ga_vid=212665835.1687642934&ga_sid=1687642935&ga_hid=988550895&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYkZru-o4xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiRmu76jjFIAFICCGQSGQoKcHViY2lkLm9yZxiRmu76jjFIAFICCGQSFwoIcnRiaG91c2UYkZru-o4xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJGa7vqOMUgAUgIIZBIZCgp1aWRhcGkuY29tGJGa7vqOMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2238dba32596d466c32d34a64f952e8d343263efc859357ead281895fb39e57e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10731
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
13 KB 382ms
380ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4459016729670276&correlator=2290971352124311&eid=31074650%2C31075556%2C31075617%2C31068366&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fif&iu_parts=21939239661%3A22689168218%2Capl%2Caplmcm%2Csky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C320x50%7C320x100%7C300x600&ifi=3&adks=512602593&didk=2675907384&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1687642934562&lmt=1687642934&dlt=1687642934303&idt=205&adxs=650&adys=985&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sport-4d-hd%2F&frm=20&vis=1&psz=976x0&msz=976x0&fws=4&ohw=1000&ga_vid=212665835.1687642934&ga_sid=1687642935&ga_hid=988550895&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYkZru-o4xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiRmu76jjFIAFICCGQSGQoKcHViY2lkLm9yZxiRmu76jjFIAFICCGQSFwoIcnRiaG91c2UYkZru-o4xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJGa7vqOMUgAUgIIZBIZCgp1aWRhcGkuY29tGJGa7vqOMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47ca804904884085125b67b83b706edc875fab19e98a541e8fe46bb5c01bf9aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12484
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 117 KB
38 KB 2534ms
2532ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4459016729670276&correlator=2290971352124311&eid=31074650%2C31075556%2C31075617%2C31068366&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fif&iu_parts=21939239661%3A22689168218%2Capl%2Caplmcm%2Cresponsive&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=4&adks=3714974203&didk=2675907335&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1687642934564&lmt=1687642934&dlt=1687642934303&idt=205&adxs=640&adys=110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sport-4d-hd%2F&frm=20&vis=1&psz=1000x0&msz=1000x0&fws=0&ohw=0&ga_vid=212665835.1687642934&ga_sid=1687642935&ga_hid=988550895&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYkZru-o4xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiRmu76jjFIAFICCGQSGQoKcHViY2lkLm9yZxiRmu76jjFIAFICCGQSFwoIcnRiaG91c2UYkZru-o4xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJGa7vqOMUgAUgIIZBIZCgp1aWRhcGkuY29tGJGa7vqOMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

027d1d05c48887ea0c10539e5c3ed5960b8a63df4672c9b5c8949f06be6a113a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38511
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
10 KB 2154ms
2152ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4459016729670276&correlator=2290971352124311&eid=31074650%2C31075556%2C31075617%2C31068366&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fif&iu_parts=21939239661%3A22689168218%2Capl%2Caplmcm%2Cresponsive3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C320x100%7C300x250&ifi=5&adks=1504892565&didk=2675907334&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1687642934566&lmt=1687642934&dlt=1687642934303&idt=205&adxs=640&adys=772&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sport-4d-hd%2F&frm=20&vis=1&psz=976x0&msz=976x0&fws=4&ohw=1000&ga_vid=212665835.1687642934&ga_sid=1687642935&ga_hid=988550895&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYkZru-o4xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiRmu76jjFIAFICCGQSGQoKcHViY2lkLm9yZxiRmu76jjFIAFICCGQSFwoIcnRiaG91c2UYkZru-o4xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJGa7vqOMUgAUgIIZBIZCgp1aWRhcGkuY29tGJGa7vqOMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

657696b1ac4f6568f6c3b5cf237463d7561b25e3f55afdca19522f97b0db0303

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9592
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 162 KB
47 KB 1162ms
1161ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4459016729670276&correlator=2290971352124311&eid=31074650%2C31075556%2C31075617%2C31068366&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fif&iu_parts=21939239661%3A22689168218%2Capl%2Cinter&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=6&adks=2777488063&didk=2634695916&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1687642934568&lmt=1687642934&dlt=1687642934303&idt=205&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sport-4d-hd%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=212665835.1687642934&ga_sid=1687642935&ga_hid=988550895&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYkZru-o4xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiRmu76jjFIAFICCGQSGQoKcHViY2lkLm9yZxiRmu76jjFIAFICCGQSFwoIcnRiaG91c2UYkZru-o4xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJGa7vqOMUgAUgIIZBIZCgp1aWRhcGkuY29tGJGa7vqOMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

304fd0722ffb85ff2ffdb8d78290052be2ad5097b69254d692e11f965a050378

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47990
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 127 KB
40 KB 1843ms
1841ms XHR
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4459016729670276&correlator=2290971352124311&eid=31074650%2C31075556%2C31075617%2C31068366&output=ldjh&gdfp_req=1&vrg=202306200101&ptt=17&impl=fif&iu_parts=21939239661%3A22689168218%2Capl%2Canchor%2Canchortop&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=7&adks=2541479151&didk=755213686&sfv=1-0-40&ists=1&fas=2&sc=1&cookie_enabled=1&abxe=1&dt=1687642934569&lmt=1687642934&dlt=1687642934303&idt=205&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sport-4d-hd%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=212665835.1687642934&ga_sid=1687642935&ga_hid=988550895&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYkZru-o4xSABSAghkEhsKDGlkNS1zeW5jLmNvbRiRmu76jjFIAFICCGQSGQoKcHViY2lkLm9yZxiRmu76jjFIAFICCGQSFwoIcnRiaG91c2UYkZru-o4xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJGa7vqOMUgAUgIIZBIZCgp1aWRhcGkuY29tGJGa7vqOMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0a6703c6269efa01aa462927a7e2090a33f03dfe07d0e11a23716c9a8235b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41102
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A945 6 KB
3 KB 83ms
14ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 21:42:14 GMT
expires: Sun, 23 Jun 2024 21:42:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/ 37 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab6608273f8d3c48c4080e531a5f99a8365dac7245e362cdb57c59e024b20a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9406
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13138
x-xss-protection: 0
server: cafe
etag: 11137768676305576577
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 23 Jun 2024 19:05:28 GMT

GET
H2 200 clappr.min.js Show response
m.livehd7xc.com/ Frame 172C 470 KB
127 KB 65ms
28ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.livehd7xc.com/clappr.min.js

Requested by

Host: live.yalla-shoott.xyz
URL: https://live.yalla-shoott.xyz/albaplayer/sport-4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4f3fa87bef5662f39154b0ac24bdc5fac80fa70d732ba488858c344b5d52b33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1467207
content-encoding: br
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Jun 2023 21:55:46 GMT
server: cloudflare
etag: W/"6480fce2-75603"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPuipMvUflLiPeEZE8%2B1WZPI5demZBwM%2Bz4OUMRvd2WbwfqkswhQFO8QCFmAGCPCtExwKJtY%2F3DUww3USdiwFbeAcaI1FODg7oOW7wJgwWQmFASpdQGdy8rpeSyFkoUMuWSk1PZXIKPy1ddd75U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7dc823b66e6d37d8-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 level-selector.min.js Show response
m.livehd7xc.com/ Frame 172C 30 KB
11 KB 52ms
15ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.livehd7xc.com/level-selector.min.js

Requested by

Host: live.yalla-shoott.xyz
URL: https://live.yalla-shoott.xyz/albaplayer/sport-4/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e1f566a0be2ff302a602dbd795a5497eb03ce8990eccc9d0a10fd62088badb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1467207
content-encoding: br
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Jun 2023 21:56:33 GMT
server: cloudflare
etag: W/"6480fd11-76e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhwxTojypBZwobFt5tpWDU44MAZmHkpdrVJEIEpK3xEtXmDJBs1BnVOA56ZeK4%2F1L2kOzx6YAxvw%2BEbGOQ7WBkMt3H%2BUApMZMXfd9V53EsE5zToEMiZZR2SI3zjwTJMzRWPUEUpicPWR3YBklPY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7dc823b66e7037d8-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 large-poster.jpg
content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/ 17 KB
17 KB 32ms
9ms Image
image/jpeg 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/large-poster.jpg
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash: 9f66145fbaf681859fb04fc4cdedf358806d85dd27355199545b97db90d48829

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
x-guploader-uploadid: ADPycds9hmPQVvV_SyNij7hk4huNMTBuka29wSJRy4rbUE1ADXaoPNzZxhdm_8w8QbcSbzhNQuIeFaNOFQIgoTzXSBwCvTtE1Cqt
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 16959
last-modified: Thu, 08 Sep 2022 15:38:37 GMT
server: UploadServer
etag: "0ee97d2dcd219d582aee0cecbb70cafd"
x-goog-generation: 1662651517684609
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=SZ/7Cg==, md5=Dul9Lc0hnVgq7gzsu3DK/Q==
access-control-expose-headers: Content-Type, range
cache-control: public, max-age=2592000
x-hw: 1687642934.dop272.fr8.t,1687642934.cds255.fr8.hn,1687642934.cds324.fr8.c
x-goog-stored-content-length: 16959
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame CF6B 468 KB
126 KB 47ms
7ms Script
text/javascript 2a02:26f0:480:7b5::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:7b5::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: a2bc604c9b03104474fef892077388280342c9135ce7b20f82843db046446d5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdsPadLt-hD7vzB8LjNBcYleg-w6we_USm7JuDptQsG3Q7fKZg2XC3Gnp3EsCXAXqg-FL8nQX1N4AWUiZpZxksW61KDDDCNY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 128271
last-modified: Wed, 21 Jun 2023 06:26:40 GMT
server: UploadServer
etag: "d77a3899b91455c6f877ae06d0086933"
vary: Accept-Encoding
x-goog-generation: 1687328800542478
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=vx6g0Q==, md5=13o4mbkUVcb4d64G0AhpMw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 128271
accept-ranges: bytes
expires: Sat, 24 Jun 2023 21:52:14 GMT

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 241 B
335 B 30ms
29ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: d87c9d3bcb59e9c614ce340d9c6855e7754697b58498222ecb33e698d598f1ce

Request headers

Referer: https://stad.yalla-shoot.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 6962fc9c19f7a697504a74c94c451219
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 241

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 42ms
21ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://stad.yalla-shoot.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://stad.yalla-shoot.io
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Sat, 24 Jun 2023 21:42:14 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: 458df0b4ff43626cea440660fcf8ed60

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
328 B 36ms
7ms XHR
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://stad.yalla-shoot.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://stad.yalla-shoot.io
date: Sat, 24 Jun 2023 21:42:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
336 B 103ms
32ms XHR
application/json 54.220.16.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.16.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-16-63.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 0da36ff249ba1ea612b5569a23b0de4a5b41846f9d269309035782881734bf8b

Request headers

Referer: https://stad.yalla-shoot.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:14 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://stad.yalla-shoot.io
cache-control: no-cache
x-server: 10.45.7.55
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D573 15 KB
6 KB 83ms
16ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=stad.yalla-shoot.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 21:42:14 GMT
server: Kestrel
server-processing-duration-in-ticks: 300433
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 577 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
serv.modoro360.com/api/adserver/tag/ 26 KB
5 KB 431ms
179ms XHR
application/json 34.200.86.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://serv.modoro360.com/api/adserver/tag/?AV_TAGID=61829aec12a96609532b3fd9&AV_PUBLISHERID=6181354e7fb04045d1763610&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fstad.yalla-shoot.io%2Fchannels%2Fbein-sport-4d-hd%2F&AV_CHANNELID=61829607b5bef343b31cc918&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=stad.yalla-shoot.io&AV_DADPOS=1&AV_OPLACEMENT=1&AV_TAG=61829aec12a96609532b3fd9&AV_TEMPLATE=635e40ee9cca104d830d91c4&AV_GPID=/6181354e7fb04045d1763610/61829aec12a96609532b3fd9/stad.yalla-shoot.io&d36=6.2.108&responsive=1&sver=4&avtoken=934915&omv=1.0.1&AV_D65=Test1&clsid=9cb63f87-fbbf-4fb4-aedc-85c3b4373701&rando=65&AV_WIDTH=450&AV_HEIGHT=253&AV_DNT=0&cb=1687642934917&AV_CGUID=01ftrvrvyj4bm5fq8f05&AV_CGUIDLIST=01ftrvrvyj4bm5fq8f05,01ftrvrvyj4bm5fq8f06,01ftrvrvyj4bm5fq8f04&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.200.86.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-200-86-209.compute-1.amazonaws.com
Software: /
Resource Hash: b5f29cbb6a60a0fe89e12a35ebede54845586bceeac3078794e45eee8130e22c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:15 GMT
x-bamboo-c-skst: 1
content-encoding: gzip
x-bamboo-c-skfe: 1
x-bamboo-c-s: BYPASS
access-control-max-age: 1728000
vary: Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin: https://stad.yalla-shoot.io
content-type: application/json
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires: Tue, 13 Jun 2023 07:55:35 GMT

GET
H2 200 track
servt.modoro360.com/ 0
97 B 99ms
99ms Image
text/plain 3.214.255.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?r=stad.yalla-shoot.io&sn=&ic=0&tgt=0&app=&wi=450&he=253&test=&d36=6.2.108&apppkg=&fv=1&proto=https&d65=Test1&clsid=9cb63f87-fbbf-4fb4-aedc-85c3b4373701&rando=65&pid=6181354e7fb04045d1763610&cid=61829607b5bef343b31cc918&stagid=61829aec12a96609532b3fd9&stplid=635e40ee9cca104d830d91c4&e=inventory&vi=100&cb=1687642934916
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.255.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-255-62.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 chunklist_DVR.m3u8 Show response
live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/ Frame 172C 199 KB
13 KB 50ms
9ms XHR
application/vnd.apple.mpegurl 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/chunklist_DVR.m3u8
Requested by: Host: m.livehd7xc.com
URL: https://m.livehd7xc.com/clappr.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 9267e927c8b6852d835ecfb338c9b7dfc803d3fd2c2c3eb43c1a7627f8eb19bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: OPTIONS, GET, POST, HEAD
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
x-hw: 1687642934.cds278.fr8.hn,1687642934.cds246.fr8.c
access-control-expose-headers: Date, Server, Content-Type, Content-Length
cache-control: max-age=1
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
content-length: 13292

GET
H2

200

sid Show response
mug.criteo.com/ Frame D573
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=yalla-shoot.io&sn=ChromeSyncframe&so=0&topUrl=stad.yalla-shoot.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=YG_H0XxGVVo0b21IbXRZTFZReGJxUkxwMFEyLzRVV2NIYVZSN3FWSTNaZ2N1NUNBb0JtRXVpZGJIUE5mQStPTjg1dklYL3AxUFNhSkNWaWNKNHdtSkUzV3huN3N6RmY4UlVMcldocmYwZXZJMUlFMk1DRGl0Q1VKYjJtbV...

433 B
658 B

74ms
13ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=YG_H0XxGVVo0b21IbXRZTFZReGJxUkxwMFEyLzRVV2NIYVZSN3FWSTNaZ2N1NUNBb0JtRXVpZGJIUE5mQStPTjg1dklYL3AxUFNhSkNWaWNKNHdtSkUzV3huN3N6RmY4UlVMcldocmYwZXZJMUlFMk1DRGl0Q1VKYjJtbVNwNFhhTHdkc2ZBZGI2U09GdlljRlpVT3R1b2ozM0NiRE5kb1BwVlR5dVBLR2F2MmlzanA5RzI1WVVMdUUyRXpZU05mVmJqYkN3RlR2cDdNQWlnUjhtVlBBNmhrK0lLUnJvMEhRZjNCdHpySUd1ekhNNDBKZ1p1OEhTU2liY3RrdlErbGJtUXlKRU9jalFLeU5jdVpncjNCcFN2SjNlQkUxTnlrSVJGTDFNSHVCck96NkliZz18&cppv=2

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0a5ff0203c96d0cd6110d3b9d485a1835c2b341f511d8d7ce46c6c2e37dbc09e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:14 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1053838
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:14 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=YG_H0XxGVVo0b21IbXRZTFZReGJxUkxwMFEyLzRVV2NIYVZSN3FWSTNaZ2N1NUNBb0JtRXVpZGJIUE5mQStPTjg1dklYL3AxUFNhSkNWaWNKNHdtSkUzV3huN3N6RmY4UlVMcldocmYwZXZJMUlFMk1DRGl0Q1VKYjJtbVNwNFhhTHdkc2ZBZGI2U09GdlljRlpVT3R1b2ozM0NiRE5kb1BwVlR5dVBLR2F2MmlzanA5RzI1WVVMdUUyRXpZU05mVmJqYkN3RlR2cDdNQWlnUjhtVlBBNmhrK0lLUnJvMEhRZjNCdHpySUd1ekhNNDBKZ1p1OEhTU2liY3RrdlErbGJtUXlKRU9jalFLeU5jdVpncjNCcFN2SjNlQkUxTnlrSVJGTDFNSHVCck96NkliZz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 211695
content-length: 0
expires: 0

GET
H2 200 container.html Show response
41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4613 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 21:42:14 GMT
expires: Sun, 23 Jun 2024 21:42:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 828B 624 B
826 B 48ms
20ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY24jo4gEwAQ&v=APEucNUobv8rQqCMuGPTlTheuDO2ErcIsI7cxwgiwZT6eoqR9h1gz3iTEak9332_V1bGSJdKeL5iAW_Hp-BlaYV71OnzvtI2akYVVtO9Mt5NA3bZkGH4-RICVugAcW7FeBPjTfq_TI9v0IisrFiI3ZHsmIRYvFXv_d3skflDwysj6ZJaUQFGGG0

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 21:42:15 GMT
expires: Sat, 24 Jun 2023 21:42:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4613 78 KB
28 KB 62ms
28ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 21:42:15 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4613 42 B
173 B 74ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AjgZaywvVxRM9IwKQ4wOCli6eqfnStk8Qaa1h7eHRZceTct4eYCK1e_zBGnpyl-nscS3Onu2J21fDe01to9mudAxIXJ_eJAw6-l3CgHIgwr5YGZuY

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4613 0
58 B 75ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=223706619978749074&x=1&ct=76

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1352960/70224085/xbbe/creative/ Frame 4613 253 KB
77 KB 153ms
61ms Script
application/javascript 54.246.204.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1352960/70224085/xbbe/creative/adj?p=APEucNV-lxYwbp6-MYdZ0-JVH3XgXlUgikSRNXcPUd9Ao5Poj6vBOoE&d=CokBAKAmf-Dq0InUmFCZoEip_vkLCp-x6hVGTUhXSoRl2HUb_lbdaD6mAsXbTmB-9Qjn7HML4MCbf55H3P9mJI2V1Y_Wv-rhcfoLDAoi_pcXp86ydqME-YUqah1m4WnxVnWaG6GjqLbRPIH18e72us58sfiG00BqZ0zxzdroubM6Ot0_GmaktYj30fsSqRUAoCZ_4BYI6HSG7a-orW3erIWNfK1cBMk4rntKyVRDVYQIdRfODpcSYD2BoZpXIpRBBnCNDNMQQnEOlxT0jwHcZBTkY7OHlz3gtB7_FkIrjvZttT3-BrbE0XvxjI4XecCnURhAm7SOvkEczt1Sm5kYA0z7L1r6GFHrxfkDJtaZFJBe65JjRnwyPlXZ28GY9PwZQMdIYPi4vMYVh85De0aROMQcIjQEtr-x08FBRzyI5-lIxmtrLf22t_nYZH-uYij-aJh2oCqTOP4pJVqCKTcuuTdUqovKEtswwBk4h8RT-HaxP-WHxa1e9GRBQZ5_VGAYlqHjgG9gD3oOTr4XpUl76kX8xqwRvqpIG-gHu68TicA59gD6suifnl6iqJ4WhxaEvf0KDYv53W61l3am8_fXUlZabbPXLsfiElem2uUAqb5a2pPPlATI49gguUFglqZdjvlLeKCv3Hj23MKMBx9bWVxCoY5ZZFeWcoPXE_HtrVy3jm4buFYurPU3bqfT7LeUYq-5u5AoltsdBcLWgweQ2XG9qqj7uoIUurGWUf8kj18a2ByvmzSKt7Lji3fkSPO9-XJbGW-VEmDxXYzEbOu7Pu6fYhaL3mJxvn4wpbbwHXxpwa5Ta9ncx3b1DWM40YaZ_GF2V_akIn_T7VVZO7zGT1udynYIjM7XZ4CHOs_JvrebPBEM32-L4FV7BPbJQC39nCIqrkzmketvaAaQFy2D-Cn1O_zP_Do8zyLcNXf3KPhGjh6uxeXtBbYYMZrCelOMhXDjGWYMG9VXGTPH3DgD3FtIIuB2gax3w5_geaDegx2pZeSxhlB7bwvb4jXHmwJcbgRuJ-gmLPqmSiVup3GOLYhfSWY653Ncao2FTnbIu_o8KuUsXarkdmWiDNcFQ3RqvxHGtaUkE3N79mZi1aPUI9MFox8ZkiH5tYuE6axsR5Rw8lRYNu1D20ZulI40Ussnbc_Q4JjOT3rgf3jqqYssqZYtAVIrkJ5CNVwRrV4dqW0jKDc8czhigJW-D8hrCNtqqeyJbWzHsacieZpWG7CfZY6pmA08mGrDaQ2RNqtcZ0Nqb1XwPKBbmynaBI9NPDizEjCTa5tNUSI9eDgB88ptg2lfY7m6n9BOg9do71bc0yvaqwvD_JCObod5DqtPihzY2X-nYVoveX3y6687cWoJpnX13pN-1nHIbfxFfh94mMuo044sUUnW7XxCjM4hM0lmBHHnVcECqKfMsVQIU8Gy9uOCZC9mZeZCHh34htggTGTaPdhJept_rBzMY_1EPmT4ITfj0Pt7_w5L-kQMfDp9HXeJq1i0BAj48HD1sq1GR1VdIhTYlwqicxswSvVqD7NqKfqbqkQ5VUZ3vvJyKbPwM31rcnq7Wdf0AgtXtrBrV1CvF3tcDMmGH6SHm50Bxz-OAUJK3nZ8kiEOIK-brYeT1SL27uQfRyRmPvooI5EPQbvzsSTmhHAqFrHBleFFF6TQEHC-c0JT9JpySjjcOlV5JkqT6wtRzuKx6jIyu_fPB8t1hfg41RFCN7vvP3rNRPaShiNrm5F3L6M8JjPQGOElUmqfYU-p5NKItNmyQVC2RskR1WtlFoW2MDl4JcIE67kFqkXmH5iwXyHWUbP9YF83ZRYCuOms3qiM77QcnP8Lqow6bJzO1sOvknLML3oo-V3MOuH9GtfuTT1TbJDbqrqCKWYK0QDiOq45FWE7ycQsLz-TC4yTJXTXoFnjY09XgwOYyfiaUkKaTha4udCtD_tP9N2s8geDdY8ELUATQIvsy5xv58ZHRx_L7j1Tqa13mcUnQjuNrB0fcXgGcTWHWG0ab1DK1qd39XCT96RQHDM_qryk4Mr-lt9xieMBkSskoIYsUs69Mp7M1TFpXE66kFfK7f3_8S8Y81d107Pj2qsy18shx0aUQ9hWsGb5HfX8bIRWMFAByHBdh2j21vT8XOFdfsScFa8wzY8mJuBxav7MnMRdC0tL3zA2KAFw7aC6Lmu9XWfc4CJD-OrXII3I_vqPnjtDelvS0Th5kWZa9NEcQDnuW7HQsrllHWRMfDeAmzpjg6d7JApf0IGENVNRn6_89Hv52PhcHIwkbWAllf3u6XLahAcghymU4Zue-UP9KHVerkfQ8GqSX2BRhjQr97R4v2tU45fW4O1LbWsKDdoLBDJ9Ns0QP7aMFCOkkP5vsblE8qL-FHw1U7iaNud8dZ0flzhVowqj9lDcDmpkf7eZIUhRBEmhypKhidq9S425UQnyHUbrSGto2dmz1eQAt4TNk7YVoZWNB8-JHm_qdnIRAuC-IvGJL686rCPZVBymBuXWEuGLTfZsAgi2hlxNkjXyL1QAou9WBCzvuXonze-ZwOjKaWFcrUmTiipsCvZ5MNWG1_QzD_Kqqfx7u34fKL8WIsbjLHl2MVIZq7aCnCEpHCIHboC2Gy2JK-4buGRhgWnNV2D9S2AsMGxEmW-b0FfS24OwcN0WDs-oVL3vjhhXjs2BgiMgMfPN8SndeBBMrHwg9aBm5lRVb-nVJEA7khB5gCu7imzlYEIU6zn2BtCiBpn8OouEDrR41zH8SoM08X7X_RHzmI4GefEPcc7Y16q1W0EUNNCCClz1IupBFqejPTlrIJVE7rGtuX5EeOVqmhW92BEDGQZZf01fwzzC1l0LlHV5H9eEf-w1uK8aIYjBNLOrehovA_gVSS7nS1kvRiykcBSXsnDfPBzKCs1Pd8dDC9_usCMGm5xZqqtyPuf5BNAOZ0kswalc5AKcAziUBfE-9o7xZ76x-D6-g1jxWXA_IpunxQ0jOa8WSdy-n92mEcaOI47diEgEryf7m3L2061BNZJ6BaE6ugxWDsxsLFsYAZlcY_oI1OhJ48BBrvN5XXXSK7t4JIQ8BrI3yddaAPWRaRmBMT6pUJlqPbWVDX_fJpE5XwPT1UyAWfKnYDGcPDabB5Hyg--sSTvoyMWuPiuCBVfSOn_IyTXOPOWm1NijU7y_CxLFaZbJiUieGK1V_XZ6dT9RsZ3-zYN4YJWJ9TSguN7a9lJHo94RvM8bcBuAnKAzVrxYD13hORDZolMCvB6Ypjlf0zlj4wiSDeIsrmZ3arEz_gQ0drDnWFYIpNPDwcSZkl-QOXmhCYbbAglb5qyCJYkMGAoSvNq0RAxyrEjWoMTKw-H6UuNNTkBQDrW6Tbj2tw3Xc_7is_X95A3Gqy6GbTWk8ZNGhJeLY-Q94zhURIUzyu4p9YScw7TxSJbNJ7BRZN1me_YkoVyLFZnEb6wxnQQx4Gc4PzAgtkCCbkwu3Cu7-47Ko3C7_Unig1sfa9aT5b06x-AwjG6b-8az291jgLOVLt4PYM7Lo6ZEET_9cOM7aM5HyCdY9lnAAWfJxjhnXY6UNyxwyKMIOcgBc5yf3wwG1ZMXLVs0UV6XOPfk5sALvMcYEgCDDcw52eMeeHAfuupPA_Prb2XKLfGrU38tSVR4V1fYVlsoecMjXU_eHYKJxUXVKEMaA0SuXmpOp1d40EgHoWT1i4wIXn7dUwIYVJNQhQQUZzL3WIoBUdMI2WARhzqUVRiPcsVRAiAjZvOKXDPzASNJlqlb1uBxkX4OC0lqhz_bOizRjzJkcHZ15M0k3XOnk-XzsbZrSaxu8cT_gSApRT1y4FMfFY-Z7hvQPHYzyDCUmBozCAQSLQBygQiDSHzGLWUr-BN6OWe08iY2l0EvNpzkOtw6cGFnx7ZndlCQV4W0HqRDqhgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-2930805104418204&ias_chanId=1&ias_placementId=18640275745&bidurl=https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gO5izKdoVy5KuIE280gMsy
Requested by: Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.204.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-204-72.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b8eae5eb6b0d3e7ece793e03e9c192a4f61eae565cab699b5e20107aa2227937

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 4613 3 KB
1 KB 43ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 16:34:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 16:34:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 4613 19 KB
8 KB 42ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9020
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:11:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4613 179 KB
56 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jun 2023 21:42:14 GMT

GET
H2 200 chunklist_DVR.m3u8 Show response
live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/ Frame 172C 199 KB
13 KB 9ms
9ms XHR
application/vnd.apple.mpegurl 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/chunklist_DVR.m3u8
Requested by: Host: m.livehd7xc.com
URL: https://m.livehd7xc.com/clappr.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 9267e927c8b6852d835ecfb338c9b7dfc803d3fd2c2c3eb43c1a7627f8eb19bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:14 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: OPTIONS, GET, POST, HEAD
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
x-hw: 1687642934.cds278.fr8.hn,1687642934.cds246.fr8.c
access-control-expose-headers: Date, Server, Content-Type, Content-Length
cache-control: max-age=1
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
content-length: 13292

GET
H2 200 media-u1jbjx32p_DVR_4983.ts Show response
live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/ Frame 172C 274 KB
275 KB 8ms
8ms XHR
video/mp2t 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/media-u1jbjx32p_DVR_4983.ts
Requested by: Host: m.livehd7xc.com
URL: https://m.livehd7xc.com/clappr.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: e0f8199c62d018c38c3ff79ad3632c831dcd60cf3e1c926f0a83da953a8348e2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:15 GMT
server: nginx
access-control-allow-methods: OPTIONS, GET, POST, HEAD
content-type: video/MP2T
access-control-allow-origin: *
x-hw: 1687642935.cds278.fr8.hn,1687642935.cds212.fr8.c
access-control-expose-headers: Date, Server, Content-Type, Content-Length
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
content-length: 281060

GET
BLOB 200
OK e79a4587-fc33-4509-bd52-fefb5ac0017c
https://live.yalla-shoott.xyz/ Frame 172C 62 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://live.yalla-shoott.xyz/e79a4587-fc33-4509-bd52-fefb5ac0017c
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2e2ee124a92ca6673a9ce2508260ac228832de36594217daffcbce988758fc5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Length: 63763
Content-Type: text/javascript

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 828B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKx_B4UXoHrjuyMrh2EMHeQ&google_cver=1

43 B
766 B

13ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKx_B4UXoHrjuyMrh2EMHeQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY24jo4gEwAQ&v=APEucNUobv8rQqCMuGPTlTheuDO2ErcIsI7cxwgiwZT6eoqR9h1gz3iTEak9332_V1bGSJdKeL5iAW_Hp-BlaYV71OnzvtI2akYVVtO9Mt5NA3bZkGH4-RICVugAcW7FeBPjTfq_TI9v0IisrFiI3ZHsmIRYvFXv_d3skflDwysj6ZJaUQFGGG0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Jun 2023 21:42:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKx_B4UXoHrjuyMrh2EMHeQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 828B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJdjNyhgHrldIR4XROftXAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKx_B4UXoHrjuyMrh2EMHeQ&google_cver=1

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKx_B4UXoHrjuyMrh2EMHeQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY24jo4gEwAQ&v=APEucNUobv8rQqCMuGPTlTheuDO2ErcIsI7cxwgiwZT6eoqR9h1gz3iTEak9332_V1bGSJdKeL5iAW_Hp-BlaYV71OnzvtI2akYVVtO9Mt5NA3bZkGH4-RICVugAcW7FeBPjTfq_TI9v0IisrFiI3ZHsmIRYvFXv_d3skflDwysj6ZJaUQFGGG0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Jun 2023 21:42:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKx_B4UXoHrjuyMrh2EMHeQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 828B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJfRmV5QnN7_3g-KjhpntHU&google_cver=1

43 B
1 KB

24ms
13ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJfRmV5QnN7_3g-KjhpntHU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY24jo4gEwAQ&v=APEucNUobv8rQqCMuGPTlTheuDO2ErcIsI7cxwgiwZT6eoqR9h1gz3iTEak9332_V1bGSJdKeL5iAW_Hp-BlaYV71OnzvtI2akYVVtO9Mt5NA3bZkGH4-RICVugAcW7FeBPjTfq_TI9v0IisrFiI3ZHsmIRYvFXv_d3skflDwysj6ZJaUQFGGG0

Protocol

HTTP/1.1

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Jun 2023 21:42:15 GMT
AN-X-Request-Uuid: 482b7353-67eb-464c-a4cd-7a82de818993
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJfRmV5QnN7_3g-KjhpntHU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 828B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ5OTc5MTgwODA5MjI1Nzk4MA%3D%3D

170 B
243 B

17ms
16ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ5OTc5MTgwODA5MjI1Nzk4MA%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 24 Jun 2023 21:42:15 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e7bf6439-2046-40da-873b-d69e60426eed
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ5OTc5MTgwODA5MjI1Nzk4MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4613 0
56 B 41ms
41ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4904759817233&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4613 0
56 B 41ms
40ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4904759817233&version=m202301230201&ct=76&x=1&cor=223706619978749100

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4613 15 KB
11 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dm64wKDly2PFAL-RWgND9xySYzlxPtgxoumZ8ZtQD1UtcPosPWDHR_4vsKQA-JBUh9Otw1v3_4w_daOnM8guaiioTu6MX868DWCRfyLWAvxHx5f-1h6WCMbqMQdVlQptoiJ-c8_LmyCEUXdMBpvLSI7uv0LJMTc8lSZRntyOgO_r_MKyk&cry=1&dbm_d=AKAmf-Dn3hWyjxjfNPszLZmsLlPjc4y0VtabeAz2vAuXqPjEZXr_zgHogLU12UzD-SFyrfiNckDhLg5eZ0hLtMDbLoB4sXbStxZhfWOQIvBimk2fXZsCH9ijJGdg2Z39R7pP6-wZFX0Na81LPJKEX8kxQe7OLb5cIMD9Wx8iCrNqzxHfrIWR29YlCVlG9WtVEvSWkd9u4_7X6-m3g6CTMaNKdmDRJatUe90oblVvNbsYfDRB6lWSF2yzQruHG-TItHwvo01fNgMt_2I5X3sPLX91U3gytG_9ethDTUSlF-r1KMCoKnzbEKLr4LII6tKymisd2Pg_1KV36Ytjj36HHGguKySK5gJCKqBZQy1Ibz7Cuc0d7a6w3lOMmEsl3bpTryLL06hMQwWxuopS-_2DtrNFh2LUxckv6agIZpXMCerd_XIp8fzI9HKQQDSKrLEroaVZPVHMn1HL19feHq5fk4G-am36JypeWad_UnNINnJr024NsFuaOrlYL6HkW4nEOhc51JaUeU86nHijGCu47qNFvvrMYxB3MTPRqKtcVz-kFTHqqdRCUqXW7dTsF8M2d2kF6mwtO-T66bTfoF6clWNg1zazDHZpdhvBPRbmAbbQ4cc9O0yD57XZ_AQloOYt2hvm46KWx9wCgt5qtGHVq636d8zXQVfw55s3vivzmB2VmNs9hcA0ikrvIOt4r6T3pckE1lT67FfjEAwzh4q2VLOf4VDJ3qc268ndT1_4tWoYSEBg3WBm-VoswiEMv81uWPMaZ8hkgy2mHWtP4MWqqpfs4m6EhiKP40naxbueYFjJCUnEFG1s1LEZvOdZdNUd0Kcl-GbwXZWz5LRh4wnZHqak9ywIMdcfA8VrrhwfnbE_JhnENY6bGdbw8_uxsRII8BlSJt5UDKF6Ita3zeacAY8tXcL8aVCkamnTxl7XyCYyAZrg-a1ALR6cgZMZNWUHKsRVi0QthXzWDFpFVuLdTh2-H15MDdLE9iMpnrapkCdmzMDta6tCu0OBUCpdiaQqziiOKMFfasM5wjsCAhKy1608tHIJaBsoz7QdnVk_go3D1qwUjmBsdEjYdngsy2J0A8Buz2OiUnwNN5m3Ajb65HOeulLQa0ZYqshs9BT-eyTzk-OKnsHCtb2Nasfok4bW-IxoXH8iDpvJGb9WLaAPV2elQ5UgBmXBybjau-H2EWROJBBaq0iGUJJJkyWRDJ_lCMOaBzNMbfkquEtZ0zklxDrtMhc1nrwm_QUgogX2zmE41v0rXeJy3JmU6fDm-hd0Ku9zZfhYq1mT0eWLDrCG2GwpnlnAtiY9Qe3wg_SZh4rC-kKbBQnvsdiKN1whzAdzU61vn95WQftRdwZImNYEdl-ldq4sAKPgTrZncNG2luWjQT1MWpW06notirHxGZicKiAc1wb3jiiB3izEms0bahktCt8raF6b_fhtUGcRsOdTwJRCZKRmC07DekgHbaXzVQ0s59JIMPaDvH3VlO--vVdGuB1Q3mBu4N9M1A3dgj_xRDZhP9VkT2ZTMu9lDxw5iqmePNhHbpvBza8CAvV88-IqdtGhtUcOi5_4Rk_8Z4JvkSVZ9aov2iKEUkQYUSvczkIUpPFw_mGl05BOWrmNiexR6QKu1HxbALsg9zrgDyzBb9Vq39VMg8Ki-B8B1Q0gIo88fX4mb-lJ7MzMCsQNrfdfoH10E502Ys-UH_vgm0Zmu-lry81aHxPcdGtquiWeBoQw6A-bCiioEyNs6IEDJ8MFaXIZEaRb1YCc0b96DswI1RTC58z79Ju6laYqXrt--BmmysmFMmLILYSdgdicN0Z_2EewszqJti-ZHtjwy3Wu7ynt4iX5cGbWfCrgR3EwOw7WjoshcKxc-LFAsoWezczIlJaR-69wgjJly3THKu5SGsMIaQ7fSbsAfs-2uM1WQcP37Pc1p5-9qk7JH-tECD84_GYYbK77DOfWC7HfwJ9CFpGIp5qAS6imaOpae1mriY604O73ZOczHwLK7yDACgAufgom5bKvLOqUyoL1zCAXHnb8ftWs6MaDlnaWxXJ8NlGxhze1gUKWh9zdQ7Afi1yS03h3SXixIZ8hE4fAMB_P6pMwMixK3KQw-LeV_E0BRmHnLeq-eOCX2kr8kC5TyCVQUv47lWy2giD80fOSRB0g65U5piYpszo9Db_7Gd2SEdnsY_X0fvhRDRmfs_wyZoPF0-i4cJDAn-_d6iGv25pux-eo-tFanjKwLrWEShjReGIugqJAhmwG_-1_Ja9PwvhiobY9INuUqqE5CMx5lZbY1Ujr3oMTsLa8EEeDlJQqV15iv0w_DeNFPt3JrldoozQB43j5VdVZmgEcl4myZHJaUqZA39Oc_cJbdyG9Q9rlQMY1bqw8KmlK76pesbRMnzk-XjpZOYp6A_Qzpf4DFd9Qm8DwYK0AIyoFUSGrlS1wm-pOJMiNKMfuQI13giDANmuTh29ZL7Wcx92eJVCZXtC8C8Dwx4SKwlBDAeRyTLdjT-E2_wAxNuFFdLLkJ9tPU53Rv7MNdZhItBzh6dgNflfbnGH6YWfmDapL15JR935L5V2EhiAazbbb5kofSBARTwmu6Hz-fEHq4QzI92-HUdqPMkCq6-_0LCTiNvTRMP_UlTNBwMSkR9M73Bpg7fvUAvSlbdidOoZTrKnhrpRa5WPECl0C4F4gHOwn-qYg8gtoF72ICj4m2bpE555bhJMjYdt5hXxWcD99GRIHIJ3xiXQMdaTfX-Fh5oz89XOp31dsXCHUNGaRD7lTsj7LlL1-elKP5t6dUTZK0-yBa0SGbuyY3OCgAV9XkhKKXZnghEIY5mfc5CU1vnC_yzZqTf5zpcw-X3biFTlMdY9uD5CZUtuPF6nXgoJOSfrOmF8l0h0U6Ml1EnM5ibMm3iUmB3nxyppOnoTLL2-_37N6F8Gmk0RUrlUdrVnY6peoAZ1RIm-J5z-31PyPlhSVAcaibGPrJdzt86c8oqPuu7HTjrTya5dz3ccaAK-Le-KXVk43867u7syKHYQYZep6s598LK2OGFnNQZ8EUOmzauaXeP9aQxf8DtjWKTN5nWNcgNEVrHZhEhXxRhqfd4js&cid=CAQSLQBygQiDSHzGLWUr-BN6OWe08iY2l0EvNpzkOtw6cGFnx7ZndlCQV4W0HqRDqhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fstad.yalla-shoot.io%2F&ds=l&xdt=1&iif=1&cor=223706619978749100&adk=1964084972&idt=69&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1d0dd9194383a0e25266d9973394c2be5613b214d0c4c5fad6ce95f1849e583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11388
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4613 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dm64wKDly2PFAL-RWgND9xySYzlxPtgxoumZ8ZtQD1UtcPosPWDHR_4vsKQA-JBUh9Otw1v3_4w_daOnM8guaiioTu6MX868DWCRfyLWAvxHx5f-1h6WCMbqMQdVlQptoiJ-c8_LmyCEUXdMBpvLSI7uv0LJMTc8lSZRntyOgO_r_MKyk&cry=1&dbm_d=AKAmf-Dn3hWyjxjfNPszLZmsLlPjc4y0VtabeAz2vAuXqPjEZXr_zgHogLU12UzD-SFyrfiNckDhLg5eZ0hLtMDbLoB4sXbStxZhfWOQIvBimk2fXZsCH9ijJGdg2Z39R7pP6-wZFX0Na81LPJKEX8kxQe7OLb5cIMD9Wx8iCrNqzxHfrIWR29YlCVlG9WtVEvSWkd9u4_7X6-m3g6CTMaNKdmDRJatUe90oblVvNbsYfDRB6lWSF2yzQruHG-TItHwvo01fNgMt_2I5X3sPLX91U3gytG_9ethDTUSlF-r1KMCoKnzbEKLr4LII6tKymisd2Pg_1KV36Ytjj36HHGguKySK5gJCKqBZQy1Ibz7Cuc0d7a6w3lOMmEsl3bpTryLL06hMQwWxuopS-_2DtrNFh2LUxckv6agIZpXMCerd_XIp8fzI9HKQQDSKrLEroaVZPVHMn1HL19feHq5fk4G-am36JypeWad_UnNINnJr024NsFuaOrlYL6HkW4nEOhc51JaUeU86nHijGCu47qNFvvrMYxB3MTPRqKtcVz-kFTHqqdRCUqXW7dTsF8M2d2kF6mwtO-T66bTfoF6clWNg1zazDHZpdhvBPRbmAbbQ4cc9O0yD57XZ_AQloOYt2hvm46KWx9wCgt5qtGHVq636d8zXQVfw55s3vivzmB2VmNs9hcA0ikrvIOt4r6T3pckE1lT67FfjEAwzh4q2VLOf4VDJ3qc268ndT1_4tWoYSEBg3WBm-VoswiEMv81uWPMaZ8hkgy2mHWtP4MWqqpfs4m6EhiKP40naxbueYFjJCUnEFG1s1LEZvOdZdNUd0Kcl-GbwXZWz5LRh4wnZHqak9ywIMdcfA8VrrhwfnbE_JhnENY6bGdbw8_uxsRII8BlSJt5UDKF6Ita3zeacAY8tXcL8aVCkamnTxl7XyCYyAZrg-a1ALR6cgZMZNWUHKsRVi0QthXzWDFpFVuLdTh2-H15MDdLE9iMpnrapkCdmzMDta6tCu0OBUCpdiaQqziiOKMFfasM5wjsCAhKy1608tHIJaBsoz7QdnVk_go3D1qwUjmBsdEjYdngsy2J0A8Buz2OiUnwNN5m3Ajb65HOeulLQa0ZYqshs9BT-eyTzk-OKnsHCtb2Nasfok4bW-IxoXH8iDpvJGb9WLaAPV2elQ5UgBmXBybjau-H2EWROJBBaq0iGUJJJkyWRDJ_lCMOaBzNMbfkquEtZ0zklxDrtMhc1nrwm_QUgogX2zmE41v0rXeJy3JmU6fDm-hd0Ku9zZfhYq1mT0eWLDrCG2GwpnlnAtiY9Qe3wg_SZh4rC-kKbBQnvsdiKN1whzAdzU61vn95WQftRdwZImNYEdl-ldq4sAKPgTrZncNG2luWjQT1MWpW06notirHxGZicKiAc1wb3jiiB3izEms0bahktCt8raF6b_fhtUGcRsOdTwJRCZKRmC07DekgHbaXzVQ0s59JIMPaDvH3VlO--vVdGuB1Q3mBu4N9M1A3dgj_xRDZhP9VkT2ZTMu9lDxw5iqmePNhHbpvBza8CAvV88-IqdtGhtUcOi5_4Rk_8Z4JvkSVZ9aov2iKEUkQYUSvczkIUpPFw_mGl05BOWrmNiexR6QKu1HxbALsg9zrgDyzBb9Vq39VMg8Ki-B8B1Q0gIo88fX4mb-lJ7MzMCsQNrfdfoH10E502Ys-UH_vgm0Zmu-lry81aHxPcdGtquiWeBoQw6A-bCiioEyNs6IEDJ8MFaXIZEaRb1YCc0b96DswI1RTC58z79Ju6laYqXrt--BmmysmFMmLILYSdgdicN0Z_2EewszqJti-ZHtjwy3Wu7ynt4iX5cGbWfCrgR3EwOw7WjoshcKxc-LFAsoWezczIlJaR-69wgjJly3THKu5SGsMIaQ7fSbsAfs-2uM1WQcP37Pc1p5-9qk7JH-tECD84_GYYbK77DOfWC7HfwJ9CFpGIp5qAS6imaOpae1mriY604O73ZOczHwLK7yDACgAufgom5bKvLOqUyoL1zCAXHnb8ftWs6MaDlnaWxXJ8NlGxhze1gUKWh9zdQ7Afi1yS03h3SXixIZ8hE4fAMB_P6pMwMixK3KQw-LeV_E0BRmHnLeq-eOCX2kr8kC5TyCVQUv47lWy2giD80fOSRB0g65U5piYpszo9Db_7Gd2SEdnsY_X0fvhRDRmfs_wyZoPF0-i4cJDAn-_d6iGv25pux-eo-tFanjKwLrWEShjReGIugqJAhmwG_-1_Ja9PwvhiobY9INuUqqE5CMx5lZbY1Ujr3oMTsLa8EEeDlJQqV15iv0w_DeNFPt3JrldoozQB43j5VdVZmgEcl4myZHJaUqZA39Oc_cJbdyG9Q9rlQMY1bqw8KmlK76pesbRMnzk-XjpZOYp6A_Qzpf4DFd9Qm8DwYK0AIyoFUSGrlS1wm-pOJMiNKMfuQI13giDANmuTh29ZL7Wcx92eJVCZXtC8C8Dwx4SKwlBDAeRyTLdjT-E2_wAxNuFFdLLkJ9tPU53Rv7MNdZhItBzh6dgNflfbnGH6YWfmDapL15JR935L5V2EhiAazbbb5kofSBARTwmu6Hz-fEHq4QzI92-HUdqPMkCq6-_0LCTiNvTRMP_UlTNBwMSkR9M73Bpg7fvUAvSlbdidOoZTrKnhrpRa5WPECl0C4F4gHOwn-qYg8gtoF72ICj4m2bpE555bhJMjYdt5hXxWcD99GRIHIJ3xiXQMdaTfX-Fh5oz89XOp31dsXCHUNGaRD7lTsj7LlL1-elKP5t6dUTZK0-yBa0SGbuyY3OCgAV9XkhKKXZnghEIY5mfc5CU1vnC_yzZqTf5zpcw-X3biFTlMdY9uD5CZUtuPF6nXgoJOSfrOmF8l0h0U6Ml1EnM5ibMm3iUmB3nxyppOnoTLL2-_37N6F8Gmk0RUrlUdrVnY6peoAZ1RIm-J5z-31PyPlhSVAcaibGPrJdzt86c8oqPuu7HTjrTya5dz3ccaAK-Le-KXVk43867u7syKHYQYZep6s598LK2OGFnNQZ8EUOmzauaXeP9aQxf8DtjWKTN5nWNcgNEVrHZhEhXxRhqfd4js&cid=CAQSLQBygQiDSHzGLWUr-BN6OWe08iY2l0EvNpzkOtw6cGFnx7ZndlCQV4W0HqRDqhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fstad.yalla-shoot.io%2F&ds=l&xdt=1&iif=1&cor=223706619978749100&adk=1964084972&idt=69&cac=0&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 13:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jun 2024 13:19:10 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7B4E 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 79796
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jun 2023 23:32:19 GMT
expires: Sat, 22 Jun 2024 23:32:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 4613
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1352960/70224085/xbbe/creative/adj?p=APEucNV-lxYwbp6-MYdZ0-JVH3XgXlUgikSRNXcPUd9Ao5Poj6vBOoE&d=CokBAKAmf-Dq0InUmFCZoEip_vkLCp-x6hVGTUhXSoRl2HUb_lbdaD6mAsXbTmB...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNV-lxYwbp6-MYdZ0-JVH3XgXlUgikSRNXcPUd9Ao5Poj6vBOoE&d=CokBAKAmf-Dq0InUmFCZoEip_vkLCp-x6hVGTUhXSoRl2HUb_lbdaD6mAsXbTmB-9Qjn7HML4MCbf55H3P9mJI2V1...

76 KB
25 KB

113ms
53ms

Script
text/javascript

74.125.71.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNV-lxYwbp6-MYdZ0-JVH3XgXlUgikSRNXcPUd9Ao5Poj6vBOoE&d=CokBAKAmf-Dq0InUmFCZoEip_vkLCp-x6hVGTUhXSoRl2HUb_lbdaD6mAsXbTmB-9Qjn7HML4MCbf55H3P9mJI2V1Y_Wv-rhcfoLDAoi_pcXp86ydqME-YUqah1m4WnxVnWaG6GjqLbRPIH18e72us58sfiG00BqZ0zxzdroubM6Ot0_GmaktYj30fsSqRUAoCZ_4BYI6HSG7a-orW3erIWNfK1cBMk4rntKyVRDVYQIdRfODpcSYD2BoZpXIpRBBnCNDNMQQnEOlxT0jwHcZBTkY7OHlz3gtB7_FkIrjvZttT3-BrbE0XvxjI4XecCnURhAm7SOvkEczt1Sm5kYA0z7L1r6GFHrxfkDJtaZFJBe65JjRnwyPlXZ28GY9PwZQMdIYPi4vMYVh85De0aROMQcIjQEtr-x08FBRzyI5-lIxmtrLf22t_nYZH-uYij-aJh2oCqTOP4pJVqCKTcuuTdUqovKEtswwBk4h8RT-HaxP-WHxa1e9GRBQZ5_VGAYlqHjgG9gD3oOTr4XpUl76kX8xqwRvqpIG-gHu68TicA59gD6suifnl6iqJ4WhxaEvf0KDYv53W61l3am8_fXUlZabbPXLsfiElem2uUAqb5a2pPPlATI49gguUFglqZdjvlLeKCv3Hj23MKMBx9bWVxCoY5ZZFeWcoPXE_HtrVy3jm4buFYurPU3bqfT7LeUYq-5u5AoltsdBcLWgweQ2XG9qqj7uoIUurGWUf8kj18a2ByvmzSKt7Lji3fkSPO9-XJbGW-VEmDxXYzEbOu7Pu6fYhaL3mJxvn4wpbbwHXxpwa5Ta9ncx3b1DWM40YaZ_GF2V_akIn_T7VVZO7zGT1udynYIjM7XZ4CHOs_JvrebPBEM32-L4FV7BPbJQC39nCIqrkzmketvaAaQFy2D-Cn1O_zP_Do8zyLcNXf3KPhGjh6uxeXtBbYYMZrCelOMhXDjGWYMG9VXGTPH3DgD3FtIIuB2gax3w5_geaDegx2pZeSxhlB7bwvb4jXHmwJcbgRuJ-gmLPqmSiVup3GOLYhfSWY653Ncao2FTnbIu_o8KuUsXarkdmWiDNcFQ3RqvxHGtaUkE3N79mZi1aPUI9MFox8ZkiH5tYuE6axsR5Rw8lRYNu1D20ZulI40Ussnbc_Q4JjOT3rgf3jqqYssqZYtAVIrkJ5CNVwRrV4dqW0jKDc8czhigJW-D8hrCNtqqeyJbWzHsacieZpWG7CfZY6pmA08mGrDaQ2RNqtcZ0Nqb1XwPKBbmynaBI9NPDizEjCTa5tNUSI9eDgB88ptg2lfY7m6n9BOg9do71bc0yvaqwvD_JCObod5DqtPihzY2X-nYVoveX3y6687cWoJpnX13pN-1nHIbfxFfh94mMuo044sUUnW7XxCjM4hM0lmBHHnVcECqKfMsVQIU8Gy9uOCZC9mZeZCHh34htggTGTaPdhJept_rBzMY_1EPmT4ITfj0Pt7_w5L-kQMfDp9HXeJq1i0BAj48HD1sq1GR1VdIhTYlwqicxswSvVqD7NqKfqbqkQ5VUZ3vvJyKbPwM31rcnq7Wdf0AgtXtrBrV1CvF3tcDMmGH6SHm50Bxz-OAUJK3nZ8kiEOIK-brYeT1SL27uQfRyRmPvooI5EPQbvzsSTmhHAqFrHBleFFF6TQEHC-c0JT9JpySjjcOlV5JkqT6wtRzuKx6jIyu_fPB8t1hfg41RFCN7vvP3rNRPaShiNrm5F3L6M8JjPQGOElUmqfYU-p5NKItNmyQVC2RskR1WtlFoW2MDl4JcIE67kFqkXmH5iwXyHWUbP9YF83ZRYCuOms3qiM77QcnP8Lqow6bJzO1sOvknLML3oo-V3MOuH9GtfuTT1TbJDbqrqCKWYK0QDiOq45FWE7ycQsLz-TC4yTJXTXoFnjY09XgwOYyfiaUkKaTha4udCtD_tP9N2s8geDdY8ELUATQIvsy5xv58ZHRx_L7j1Tqa13mcUnQjuNrB0fcXgGcTWHWG0ab1DK1qd39XCT96RQHDM_qryk4Mr-lt9xieMBkSskoIYsUs69Mp7M1TFpXE66kFfK7f3_8S8Y81d107Pj2qsy18shx0aUQ9hWsGb5HfX8bIRWMFAByHBdh2j21vT8XOFdfsScFa8wzY8mJuBxav7MnMRdC0tL3zA2KAFw7aC6Lmu9XWfc4CJD-OrXII3I_vqPnjtDelvS0Th5kWZa9NEcQDnuW7HQsrllHWRMfDeAmzpjg6d7JApf0IGENVNRn6_89Hv52PhcHIwkbWAllf3u6XLahAcghymU4Zue-UP9KHVerkfQ8GqSX2BRhjQr97R4v2tU45fW4O1LbWsKDdoLBDJ9Ns0QP7aMFCOkkP5vsblE8qL-FHw1U7iaNud8dZ0flzhVowqj9lDcDmpkf7eZIUhRBEmhypKhidq9S425UQnyHUbrSGto2dmz1eQAt4TNk7YVoZWNB8-JHm_qdnIRAuC-IvGJL686rCPZVBymBuXWEuGLTfZsAgi2hlxNkjXyL1QAou9WBCzvuXonze-ZwOjKaWFcrUmTiipsCvZ5MNWG1_QzD_Kqqfx7u34fKL8WIsbjLHl2MVIZq7aCnCEpHCIHboC2Gy2JK-4buGRhgWnNV2D9S2AsMGxEmW-b0FfS24OwcN0WDs-oVL3vjhhXjs2BgiMgMfPN8SndeBBMrHwg9aBm5lRVb-nVJEA7khB5gCu7imzlYEIU6zn2BtCiBpn8OouEDrR41zH8SoM08X7X_RHzmI4GefEPcc7Y16q1W0EUNNCCClz1IupBFqejPTlrIJVE7rGtuX5EeOVqmhW92BEDGQZZf01fwzzC1l0LlHV5H9eEf-w1uK8aIYjBNLOrehovA_gVSS7nS1kvRiykcBSXsnDfPBzKCs1Pd8dDC9_usCMGm5xZqqtyPuf5BNAOZ0kswalc5AKcAziUBfE-9o7xZ76x-D6-g1jxWXA_IpunxQ0jOa8WSdy-n92mEcaOI47diEgEryf7m3L2061BNZJ6BaE6ugxWDsxsLFsYAZlcY_oI1OhJ48BBrvN5XXXSK7t4JIQ8BrI3yddaAPWRaRmBMT6pUJlqPbWVDX_fJpE5XwPT1UyAWfKnYDGcPDabB5Hyg--sSTvoyMWuPiuCBVfSOn_IyTXOPOWm1NijU7y_CxLFaZbJiUieGK1V_XZ6dT9RsZ3-zYN4YJWJ9TSguN7a9lJHo94RvM8bcBuAnKAzVrxYD13hORDZolMCvB6Ypjlf0zlj4wiSDeIsrmZ3arEz_gQ0drDnWFYIpNPDwcSZkl-QOXmhCYbbAglb5qyCJYkMGAoSvNq0RAxyrEjWoMTKw-H6UuNNTkBQDrW6Tbj2tw3Xc_7is_X95A3Gqy6GbTWk8ZNGhJeLY-Q94zhURIUzyu4p9YScw7TxSJbNJ7BRZN1me_YkoVyLFZnEb6wxnQQx4Gc4PzAgtkCCbkwu3Cu7-47Ko3C7_Unig1sfa9aT5b06x-AwjG6b-8az291jgLOVLt4PYM7Lo6ZEET_9cOM7aM5HyCdY9lnAAWfJxjhnXY6UNyxwyKMIOcgBc5yf3wwG1ZMXLVs0UV6XOPfk5sALvMcYEgCDDcw52eMeeHAfuupPA_Prb2XKLfGrU38tSVR4V1fYVlsoecMjXU_eHYKJxUXVKEMaA0SuXmpOp1d40EgHoWT1i4wIXn7dUwIYVJNQhQQUZzL3WIoBUdMI2WARhzqUVRiPcsVRAiAjZvOKXDPzASNJlqlb1uBxkX4OC0lqhz_bOizRjzJkcHZ15M0k3XOnk-XzsbZrSaxu8cT_gSApRT1y4FMfFY-Z7hvQPHYzyDCUmBozCAQSLQBygQiDSHzGLWUr-BN6OWe08iY2l0EvNpzkOtw6cGFnx7ZndlCQV4W0HqRDqhgBYAE&cry=1&bundleId=

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

74.125.71.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wn-in-f155.1e100.net

Software

cafe /

Resource Hash

53f328d5b1bc412e4459c4d0cffcf91ce00088b7f12e62259b2fc80178fbf5a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25500
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
server: nginx
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNV-lxYwbp6-MYdZ0-JVH3XgXlUgikSRNXcPUd9Ao5Poj6vBOoE&d=CokBAKAmf-Dq0InUmFCZoEip_vkLCp-x6hVGTUhXSoRl2HUb_lbdaD6mAsXbTmB-9Qjn7HML4MCbf55H3P9mJI2V1Y_Wv-rhcfoLDAoi_pcXp86ydqME-YUqah1m4WnxVnWaG6GjqLbRPIH18e72us58sfiG00BqZ0zxzdroubM6Ot0_GmaktYj30fsSqRUAoCZ_4BYI6HSG7a-orW3erIWNfK1cBMk4rntKyVRDVYQIdRfODpcSYD2BoZpXIpRBBnCNDNMQQnEOlxT0jwHcZBTkY7OHlz3gtB7_FkIrjvZttT3-BrbE0XvxjI4XecCnURhAm7SOvkEczt1Sm5kYA0z7L1r6GFHrxfkDJtaZFJBe65JjRnwyPlXZ28GY9PwZQMdIYPi4vMYVh85De0aROMQcIjQEtr-x08FBRzyI5-lIxmtrLf22t_nYZH-uYij-aJh2oCqTOP4pJVqCKTcuuTdUqovKEtswwBk4h8RT-HaxP-WHxa1e9GRBQZ5_VGAYlqHjgG9gD3oOTr4XpUl76kX8xqwRvqpIG-gHu68TicA59gD6suifnl6iqJ4WhxaEvf0KDYv53W61l3am8_fXUlZabbPXLsfiElem2uUAqb5a2pPPlATI49gguUFglqZdjvlLeKCv3Hj23MKMBx9bWVxCoY5ZZFeWcoPXE_HtrVy3jm4buFYurPU3bqfT7LeUYq-5u5AoltsdBcLWgweQ2XG9qqj7uoIUurGWUf8kj18a2ByvmzSKt7Lji3fkSPO9-XJbGW-VEmDxXYzEbOu7Pu6fYhaL3mJxvn4wpbbwHXxpwa5Ta9ncx3b1DWM40YaZ_GF2V_akIn_T7VVZO7zGT1udynYIjM7XZ4CHOs_JvrebPBEM32-L4FV7BPbJQC39nCIqrkzmketvaAaQFy2D-Cn1O_zP_Do8zyLcNXf3KPhGjh6uxeXtBbYYMZrCelOMhXDjGWYMG9VXGTPH3DgD3FtIIuB2gax3w5_geaDegx2pZeSxhlB7bwvb4jXHmwJcbgRuJ-gmLPqmSiVup3GOLYhfSWY653Ncao2FTnbIu_o8KuUsXarkdmWiDNcFQ3RqvxHGtaUkE3N79mZi1aPUI9MFox8ZkiH5tYuE6axsR5Rw8lRYNu1D20ZulI40Ussnbc_Q4JjOT3rgf3jqqYssqZYtAVIrkJ5CNVwRrV4dqW0jKDc8czhigJW-D8hrCNtqqeyJbWzHsacieZpWG7CfZY6pmA08mGrDaQ2RNqtcZ0Nqb1XwPKBbmynaBI9NPDizEjCTa5tNUSI9eDgB88ptg2lfY7m6n9BOg9do71bc0yvaqwvD_JCObod5DqtPihzY2X-nYVoveX3y6687cWoJpnX13pN-1nHIbfxFfh94mMuo044sUUnW7XxCjM4hM0lmBHHnVcECqKfMsVQIU8Gy9uOCZC9mZeZCHh34htggTGTaPdhJept_rBzMY_1EPmT4ITfj0Pt7_w5L-kQMfDp9HXeJq1i0BAj48HD1sq1GR1VdIhTYlwqicxswSvVqD7NqKfqbqkQ5VUZ3vvJyKbPwM31rcnq7Wdf0AgtXtrBrV1CvF3tcDMmGH6SHm50Bxz-OAUJK3nZ8kiEOIK-brYeT1SL27uQfRyRmPvooI5EPQbvzsSTmhHAqFrHBleFFF6TQEHC-c0JT9JpySjjcOlV5JkqT6wtRzuKx6jIyu_fPB8t1hfg41RFCN7vvP3rNRPaShiNrm5F3L6M8JjPQGOElUmqfYU-p5NKItNmyQVC2RskR1WtlFoW2MDl4JcIE67kFqkXmH5iwXyHWUbP9YF83ZRYCuOms3qiM77QcnP8Lqow6bJzO1sOvknLML3oo-V3MOuH9GtfuTT1TbJDbqrqCKWYK0QDiOq45FWE7ycQsLz-TC4yTJXTXoFnjY09XgwOYyfiaUkKaTha4udCtD_tP9N2s8geDdY8ELUATQIvsy5xv58ZHRx_L7j1Tqa13mcUnQjuNrB0fcXgGcTWHWG0ab1DK1qd39XCT96RQHDM_qryk4Mr-lt9xieMBkSskoIYsUs69Mp7M1TFpXE66kFfK7f3_8S8Y81d107Pj2qsy18shx0aUQ9hWsGb5HfX8bIRWMFAByHBdh2j21vT8XOFdfsScFa8wzY8mJuBxav7MnMRdC0tL3zA2KAFw7aC6Lmu9XWfc4CJD-OrXII3I_vqPnjtDelvS0Th5kWZa9NEcQDnuW7HQsrllHWRMfDeAmzpjg6d7JApf0IGENVNRn6_89Hv52PhcHIwkbWAllf3u6XLahAcghymU4Zue-UP9KHVerkfQ8GqSX2BRhjQr97R4v2tU45fW4O1LbWsKDdoLBDJ9Ns0QP7aMFCOkkP5vsblE8qL-FHw1U7iaNud8dZ0flzhVowqj9lDcDmpkf7eZIUhRBEmhypKhidq9S425UQnyHUbrSGto2dmz1eQAt4TNk7YVoZWNB8-JHm_qdnIRAuC-IvGJL686rCPZVBymBuXWEuGLTfZsAgi2hlxNkjXyL1QAou9WBCzvuXonze-ZwOjKaWFcrUmTiipsCvZ5MNWG1_QzD_Kqqfx7u34fKL8WIsbjLHl2MVIZq7aCnCEpHCIHboC2Gy2JK-4buGRhgWnNV2D9S2AsMGxEmW-b0FfS24OwcN0WDs-oVL3vjhhXjs2BgiMgMfPN8SndeBBMrHwg9aBm5lRVb-nVJEA7khB5gCu7imzlYEIU6zn2BtCiBpn8OouEDrR41zH8SoM08X7X_RHzmI4GefEPcc7Y16q1W0EUNNCCClz1IupBFqejPTlrIJVE7rGtuX5EeOVqmhW92BEDGQZZf01fwzzC1l0LlHV5H9eEf-w1uK8aIYjBNLOrehovA_gVSS7nS1kvRiykcBSXsnDfPBzKCs1Pd8dDC9_usCMGm5xZqqtyPuf5BNAOZ0kswalc5AKcAziUBfE-9o7xZ76x-D6-g1jxWXA_IpunxQ0jOa8WSdy-n92mEcaOI47diEgEryf7m3L2061BNZJ6BaE6ugxWDsxsLFsYAZlcY_oI1OhJ48BBrvN5XXXSK7t4JIQ8BrI3yddaAPWRaRmBMT6pUJlqPbWVDX_fJpE5XwPT1UyAWfKnYDGcPDabB5Hyg--sSTvoyMWuPiuCBVfSOn_IyTXOPOWm1NijU7y_CxLFaZbJiUieGK1V_XZ6dT9RsZ3-zYN4YJWJ9TSguN7a9lJHo94RvM8bcBuAnKAzVrxYD13hORDZolMCvB6Ypjlf0zlj4wiSDeIsrmZ3arEz_gQ0drDnWFYIpNPDwcSZkl-QOXmhCYbbAglb5qyCJYkMGAoSvNq0RAxyrEjWoMTKw-H6UuNNTkBQDrW6Tbj2tw3Xc_7is_X95A3Gqy6GbTWk8ZNGhJeLY-Q94zhURIUzyu4p9YScw7TxSJbNJ7BRZN1me_YkoVyLFZnEb6wxnQQx4Gc4PzAgtkCCbkwu3Cu7-47Ko3C7_Unig1sfa9aT5b06x-AwjG6b-8az291jgLOVLt4PYM7Lo6ZEET_9cOM7aM5HyCdY9lnAAWfJxjhnXY6UNyxwyKMIOcgBc5yf3wwG1ZMXLVs0UV6XOPfk5sALvMcYEgCDDcw52eMeeHAfuupPA_Prb2XKLfGrU38tSVR4V1fYVlsoecMjXU_eHYKJxUXVKEMaA0SuXmpOp1d40EgHoWT1i4wIXn7dUwIYVJNQhQQUZzL3WIoBUdMI2WARhzqUVRiPcsVRAiAjZvOKXDPzASNJlqlb1uBxkX4OC0lqhz_bOizRjzJkcHZ15M0k3XOnk-XzsbZrSaxu8cT_gSApRT1y4FMfFY-Z7hvQPHYzyDCUmBozCAQSLQBygQiDSHzGLWUr-BN6OWe08iY2l0EvNpzkOtw6cGFnx7ZndlCQV4W0HqRDqhgBYAE&cry=1&bundleId=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame C67A 91 KB
23 KB 83ms
13ms Script
application/javascript 2600:9000:26da:f400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:f400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 21:19:49 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 5f2f5e879d7e38fec917517376aca8bc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 1383747
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: ggCs5ZrXT5wq3R23g6L2WrTOTo9mcK-YnZCLzqjJCon8l6xNvOP3Kg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4613 43 B
216 B 529ms
165ms Image
image/gif 2600:1f13:800:7781:2c5e:9481:735c:93a8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=d6f58e8d-b266-3fdc-c43e-3f11ef83681b&tv=%7Bc:guHiFc,pingTime:-3,time:58,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:58,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B52~0%5D,as:%5B52~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tI8xLDG+11%7C12%7C13%7C14%7C15*.1352960-70224085%7C151%7C152,idMap:15*,rmeas:1,rend:0,renddet:IMG.us,siq:21%7D&br=c
Requested by: Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:2c5e:9481:735c:93a8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4613 43 B
215 B 527ms
166ms Image
image/gif 2600:1f13:800:7781:2c5e:9481:735c:93a8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=d6f58e8d-b266-3fdc-c43e-3f11ef83681b&tv=%7Bc:guHiFd,pingTime:-6,time:59,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:59,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B53~0%5D,as:%5B53~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tI8xLDG+11%7C12%7C13%7C14%7C15*.1352960-70224085%7C151%7C152,idMap:15*,rmeas:1,rend:0,renddet:IMG.us,siq:21%7D&tpiLookup=ao:stad.yalla-shoot.io*&br=c
Requested by: Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:2c5e:9481:735c:93a8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 media-u1jbjx32p_DVR_4984.ts Show response
live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/ Frame 172C 566 KB
567 KB 9ms
9ms XHR
video/mp2t 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/media-u1jbjx32p_DVR_4984.ts
Requested by: Host: m.livehd7xc.com
URL: https://m.livehd7xc.com/clappr.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: c12d4ad7e44902963384de867b055e43ff6bc5d067c57fb8fdc46518b4540191

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:15 GMT
server: nginx
access-control-allow-methods: OPTIONS, GET, POST, HEAD
content-type: video/MP2T
access-control-allow-origin: *
x-hw: 1687642935.cds278.fr8.hn,1687642935.cds212.fr8.c
access-control-expose-headers: Date, Server, Content-Type, Content-Length
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
content-length: 579980

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4613 43 B
215 B 519ms
166ms Image
image/gif 2600:1f13:800:7781:2c5e:9481:735c:93a8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=d6f58e8d-b266-3fdc-c43e-3f11ef83681b&tv=%7Bc:guHiFm,pingTime:-2,time:68,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:220,beZ:221,mfA:223,cmA:224,inA:225,inZ:228,prA:228,prZ:235,si:240,poA:241,poZ:259,cmZ:259,mfZ:259,loA:278,loZ:280,ltA:288,ltZ:288%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:68,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B62~0%5D,as:%5B62~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tI8xLDG+11%7C12%7C13%7C14%7C15*.1352960-70224085%7C151%7C152,idMap:15*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:21,sinceFw:46,readyFired:false%7D&br=c
Requested by: Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:2c5e:9481:735c:93a8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame 7B4E 37 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 12:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Jun 2024 12:12:57 GMT

GET
H2 200 media-u1jbjx32p_DVR_4985.ts Show response
live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/ Frame 172C 631 KB
632 KB 8ms
8ms XHR
video/mp2t 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/media-u1jbjx32p_DVR_4985.ts
Requested by: Host: m.livehd7xc.com
URL: https://m.livehd7xc.com/clappr.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: c7edb5d4d78ea14da7a91764cdcb5ea177233e63d1c3803073b6c4d4104c2cb1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:15 GMT
server: nginx
access-control-allow-methods: OPTIONS, GET, POST, HEAD
content-type: video/MP2T
access-control-allow-origin: *
x-hw: 1687642935.cds278.fr8.hn,1687642935.cds212.fr8.c
access-control-expose-headers: Date, Server, Content-Type, Content-Length
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
content-length: 646344

GET
H2 200 cookie Show response
cm.adform.net/ Frame E862 43 B
106 B 71ms
18ms Document
image/gif 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D60095c900c0799791c46d8d4%26biddername%3D46%26auid%3D1687642935216-936808372678-001197-007-006844%26key%3D%24UID
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Sat, 24 Jun 2023 21:42:15 GMT
server: nginx

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2EF0 16 KB
6 KB 97ms
7ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fpbs.aniview.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D1%26gdpr_consent%3D%26uid%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=152203
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sat, 24 Jun 2023 21:42:15 GMT
expires: Mon, 26 Jun 2023 15:58:58 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame CE9E
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

281 B
554 B

71ms
14ms

Document
text/html

23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 24 Jun 2023 21:42:15 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 24 Jun 2023 21:42:15 GMT
location: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server: AkamaiGHost

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame E687
Redirect Chain

https://csync.loopme.me/?pubid=11455&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1687642935216-9...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1687642935216-936808372678-001197-007-006844&key=40bbb68e-9c68-42f2-98b7-610adf7fc86a&gdpr_consent=nul...

0
241 B

320ms
97ms

Document
text/plain

3.232.175.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1687642935216-936808372678-001197-007-006844&key=40bbb68e-9c68-42f2-98b7-610adf7fc86a&gdpr_consent=null&gdpr=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.175.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-175-212.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sat, 24 Jun 2023 21:42:15 GMT

Redirect headers

content-length: 0
date: Sat, 24 Jun 2023 21:42:15 GMT
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1687642935216-936808372678-001197-007-006844&key=40bbb68e-9c68-42f2-98b7-610adf7fc86a&gdpr_consent=null&gdpr=1
server: _

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 00B7 16 KB
6 KB 94ms
7ms Document
text/html 23.32.184.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1687642935216-936808372678-001197-007-006844%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=152203
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sat, 24 Jun 2023 21:42:15 GMT
expires: Mon, 26 Jun 2023 15:58:58 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 5D48
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1687642935...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1687642935216-936808372678-001197-007-006844&key=pfxQuziWJuWH&ev=1&us_privacy=1---&pid=562704

0
208 B

304ms
98ms

Document
text/plain

3.232.175.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1687642935216-936808372678-001197-007-006844&key=pfxQuziWJuWH&ev=1&us_privacy=1---&pid=562704
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.175.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-175-212.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sat, 24 Jun 2023 21:42:15 GMT

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control: private, max-age=0, no-cache, no-store
content-language: de-DE
cw-server: bh-deployment-6d945594b4-rw472
expires: -1
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1687642935216-936808372678-001197-007-006844&key=pfxQuziWJuWH&ev=1&us_privacy=1---&pid=562704
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server: Jetty(10.0.14)
strict-transport-security: max-age=15768000

GET
H2 204 /
onetag-sys.com/usync/ Frame CEEA 0
0 31ms
7ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 50CD
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26au...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1687642935216-936808372678-001197-007-006844&key=OPTOUT

0
38 B

343ms
97ms

Document
text/plain

3.232.175.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1687642935216-936808372678-001197-007-006844&key=OPTOUT
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.175.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-175-212.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sat, 24 Jun 2023 21:42:15 GMT

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Sat, 24 Jun 2023 21:42:15 GMT
etag: OPTOUT
expires: 0
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1687642935216-936808372678-001197-007-006844&key=OPTOUT
pragma: no-cache

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame E103
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent=
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=bd95dc6614485e81e42db31b5a6d539&_fw_gdpr=1&_fw_gdpr_consent=

0
232 B

324ms
99ms

Document
text/plain

35.174.100.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=bd95dc6614485e81e42db31b5a6d539&_fw_gdpr=1&_fw_gdpr_consent=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.100.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-100-165.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sat, 24 Jun 2023 21:42:15 GMT

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Sat, 24 Jun 2023 21:42:15 GMT
Expires: Sat, 24 Jun 2023 21:42:15 GMT
Location: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=bd95dc6614485e81e42db31b5a6d539&_fw_gdpr=1&_fw_gdpr_consent=
Pragma: no-cache
Server: nginx
x-sticky-vk: 1687642935505048-429

GET
H/1.1 200
OK auto-user-sync Show response
ads.stickyadstv.com/ Frame 9594 43 B
576 B 204ms
16ms Document
image/gif 23.55.161.173
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.161.173 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-55-161-173.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sat, 24 Jun 2023 21:42:15 GMT
Expires: Sat, 24 Jun 2023 21:42:15 GMT
Pragma: no-cache
Server: nginx
x-sticky-vk: 1687642935508049-363

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame ED02 49 KB
18 KB 177ms
74ms Document
text/html 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1687642935216-936808372678-001197-007-006844%26key%3D%7B%7BVID%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ce33815b4c0f7c15686c773ff8b0e5092b36696a6c758ef499dc32e5a8f01e9a

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Sat, 24 Jun 2023 21:42:15 GMT
etag: W/"64243ed7-c28e"
last-modified: Wed, 29 Mar 2023 13:36:23 GMT
server: CDN77-Turbo
vary: Accept-Encoding
x-77-cache: MISS
x-77-nzt: AcO1qhHv4meh
x-77-nzt-ray: 4c1562247077f6583763976492b2801b
x-77-pop: frankfurtDE
x-cache: MISS

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58543/ Frame 70E1 0
0 77ms
9ms Document
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
date: Sat, 24 Jun 2023 21:42:15 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.57
strict-transport-security: max-age=31536000

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame D2D6
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1687642935216-936808372678-...
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1687642935216-9368083...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1687642935216-936808372678-001197-007-006844&key=cad6bad1-dab8-4910-b12d-17a0b3c4a8a8

0
239 B

194ms
98ms

Document
text/plain

3.232.175.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1687642935216-936808372678-001197-007-006844&key=cad6bad1-dab8-4910-b12d-17a0b3c4a8a8
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.175.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-175-212.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sat, 24 Jun 2023 21:42:15 GMT

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Sat, 24 Jun 2023 21:42:15 GMT
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1687642935216-936808372678-001197-007-006844&key=cad6bad1-dab8-4910-b12d-17a0b3c4a8a8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame B5A3 0
0 88ms
22ms Document
text/plain 216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D18%26auid%3D1687642935216-936808372678-001197-007-006844%26key%3D%24UID
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Sat, 24 Jun 2023 21:42:15 GMT
X-Sovrn-Pod: ad_ap6ams1

GET
H2 204 0
prebid.a-mo.net/cchain/ Frame ABB7 0
0 48ms
13ms Document
text/plain 147.75.84.158
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D105%26auid%3D1687642935216-936808372678-001197-007-006844%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Sat, 24 Jun 2023 21:42:15 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 0

GET
H2 200 sync
x.bidswitch.net/ 43 B
146 B 40ms
7ms Image
image/gif 52.57.76.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=&user_id=1687642935216-936808372678-001197-007-006844&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.76.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-76-205.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1687642935216-936808372678-001197-007-006844%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ 43 B
145 B 40ms
7ms Image
image/gif 52.57.76.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1687642935216-936808372678-001197-007-006844%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.76.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-76-205.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4613 172 KB
61 KB 42ms
6ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
Origin: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28180
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Jun 2023 13:52:35 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/ Frame 4613 11 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1352960/70224085/xbbe/creative/adj?p=APEucNV-lxYwbp6-MYdZ0-JVH3XgXlUgikSRNXcPUd9Ao5Poj6vBOoE&d=CokBAKAmf-Dq0InUmFCZoEip_vkLCp-x6hVGTUhXSoRl2HUb_lbdaD6mAsXbTmB-9Qjn7HML4MCbf55H3P9mJI2V1Y_Wv-rhcfoLDAoi_pcXp86ydqME-YUqah1m4WnxVnWaG6GjqLbRPIH18e72us58sfiG00BqZ0zxzdroubM6Ot0_GmaktYj30fsSqRUAoCZ_4BYI6HSG7a-orW3erIWNfK1cBMk4rntKyVRDVYQIdRfODpcSYD2BoZpXIpRBBnCNDNMQQnEOlxT0jwHcZBTkY7OHlz3gtB7_FkIrjvZttT3-BrbE0XvxjI4XecCnURhAm7SOvkEczt1Sm5kYA0z7L1r6GFHrxfkDJtaZFJBe65JjRnwyPlXZ28GY9PwZQMdIYPi4vMYVh85De0aROMQcIjQEtr-x08FBRzyI5-lIxmtrLf22t_nYZH-uYij-aJh2oCqTOP4pJVqCKTcuuTdUqovKEtswwBk4h8RT-HaxP-WHxa1e9GRBQZ5_VGAYlqHjgG9gD3oOTr4XpUl76kX8xqwRvqpIG-gHu68TicA59gD6suifnl6iqJ4WhxaEvf0KDYv53W61l3am8_fXUlZabbPXLsfiElem2uUAqb5a2pPPlATI49gguUFglqZdjvlLeKCv3Hj23MKMBx9bWVxCoY5ZZFeWcoPXE_HtrVy3jm4buFYurPU3bqfT7LeUYq-5u5AoltsdBcLWgweQ2XG9qqj7uoIUurGWUf8kj18a2ByvmzSKt7Lji3fkSPO9-XJbGW-VEmDxXYzEbOu7Pu6fYhaL3mJxvn4wpbbwHXxpwa5Ta9ncx3b1DWM40YaZ_GF2V_akIn_T7VVZO7zGT1udynYIjM7XZ4CHOs_JvrebPBEM32-L4FV7BPbJQC39nCIqrkzmketvaAaQFy2D-Cn1O_zP_Do8zyLcNXf3KPhGjh6uxeXtBbYYMZrCelOMhXDjGWYMG9VXGTPH3DgD3FtIIuB2gax3w5_geaDegx2pZeSxhlB7bwvb4jXHmwJcbgRuJ-gmLPqmSiVup3GOLYhfSWY653Ncao2FTnbIu_o8KuUsXarkdmWiDNcFQ3RqvxHGtaUkE3N79mZi1aPUI9MFox8ZkiH5tYuE6axsR5Rw8lRYNu1D20ZulI40Ussnbc_Q4JjOT3rgf3jqqYssqZYtAVIrkJ5CNVwRrV4dqW0jKDc8czhigJW-D8hrCNtqqeyJbWzHsacieZpWG7CfZY6pmA08mGrDaQ2RNqtcZ0Nqb1XwPKBbmynaBI9NPDizEjCTa5tNUSI9eDgB88ptg2lfY7m6n9BOg9do71bc0yvaqwvD_JCObod5DqtPihzY2X-nYVoveX3y6687cWoJpnX13pN-1nHIbfxFfh94mMuo044sUUnW7XxCjM4hM0lmBHHnVcECqKfMsVQIU8Gy9uOCZC9mZeZCHh34htggTGTaPdhJept_rBzMY_1EPmT4ITfj0Pt7_w5L-kQMfDp9HXeJq1i0BAj48HD1sq1GR1VdIhTYlwqicxswSvVqD7NqKfqbqkQ5VUZ3vvJyKbPwM31rcnq7Wdf0AgtXtrBrV1CvF3tcDMmGH6SHm50Bxz-OAUJK3nZ8kiEOIK-brYeT1SL27uQfRyRmPvooI5EPQbvzsSTmhHAqFrHBleFFF6TQEHC-c0JT9JpySjjcOlV5JkqT6wtRzuKx6jIyu_fPB8t1hfg41RFCN7vvP3rNRPaShiNrm5F3L6M8JjPQGOElUmqfYU-p5NKItNmyQVC2RskR1WtlFoW2MDl4JcIE67kFqkXmH5iwXyHWUbP9YF83ZRYCuOms3qiM77QcnP8Lqow6bJzO1sOvknLML3oo-V3MOuH9GtfuTT1TbJDbqrqCKWYK0QDiOq45FWE7ycQsLz-TC4yTJXTXoFnjY09XgwOYyfiaUkKaTha4udCtD_tP9N2s8geDdY8ELUATQIvsy5xv58ZHRx_L7j1Tqa13mcUnQjuNrB0fcXgGcTWHWG0ab1DK1qd39XCT96RQHDM_qryk4Mr-lt9xieMBkSskoIYsUs69Mp7M1TFpXE66kFfK7f3_8S8Y81d107Pj2qsy18shx0aUQ9hWsGb5HfX8bIRWMFAByHBdh2j21vT8XOFdfsScFa8wzY8mJuBxav7MnMRdC0tL3zA2KAFw7aC6Lmu9XWfc4CJD-OrXII3I_vqPnjtDelvS0Th5kWZa9NEcQDnuW7HQsrllHWRMfDeAmzpjg6d7JApf0IGENVNRn6_89Hv52PhcHIwkbWAllf3u6XLahAcghymU4Zue-UP9KHVerkfQ8GqSX2BRhjQr97R4v2tU45fW4O1LbWsKDdoLBDJ9Ns0QP7aMFCOkkP5vsblE8qL-FHw1U7iaNud8dZ0flzhVowqj9lDcDmpkf7eZIUhRBEmhypKhidq9S425UQnyHUbrSGto2dmz1eQAt4TNk7YVoZWNB8-JHm_qdnIRAuC-IvGJL686rCPZVBymBuXWEuGLTfZsAgi2hlxNkjXyL1QAou9WBCzvuXonze-ZwOjKaWFcrUmTiipsCvZ5MNWG1_QzD_Kqqfx7u34fKL8WIsbjLHl2MVIZq7aCnCEpHCIHboC2Gy2JK-4buGRhgWnNV2D9S2AsMGxEmW-b0FfS24OwcN0WDs-oVL3vjhhXjs2BgiMgMfPN8SndeBBMrHwg9aBm5lRVb-nVJEA7khB5gCu7imzlYEIU6zn2BtCiBpn8OouEDrR41zH8SoM08X7X_RHzmI4GefEPcc7Y16q1W0EUNNCCClz1IupBFqejPTlrIJVE7rGtuX5EeOVqmhW92BEDGQZZf01fwzzC1l0LlHV5H9eEf-w1uK8aIYjBNLOrehovA_gVSS7nS1kvRiykcBSXsnDfPBzKCs1Pd8dDC9_usCMGm5xZqqtyPuf5BNAOZ0kswalc5AKcAziUBfE-9o7xZ76x-D6-g1jxWXA_IpunxQ0jOa8WSdy-n92mEcaOI47diEgEryf7m3L2061BNZJ6BaE6ugxWDsxsLFsYAZlcY_oI1OhJ48BBrvN5XXXSK7t4JIQ8BrI3yddaAPWRaRmBMT6pUJlqPbWVDX_fJpE5XwPT1UyAWfKnYDGcPDabB5Hyg--sSTvoyMWuPiuCBVfSOn_IyTXOPOWm1NijU7y_CxLFaZbJiUieGK1V_XZ6dT9RsZ3-zYN4YJWJ9TSguN7a9lJHo94RvM8bcBuAnKAzVrxYD13hORDZolMCvB6Ypjlf0zlj4wiSDeIsrmZ3arEz_gQ0drDnWFYIpNPDwcSZkl-QOXmhCYbbAglb5qyCJYkMGAoSvNq0RAxyrEjWoMTKw-H6UuNNTkBQDrW6Tbj2tw3Xc_7is_X95A3Gqy6GbTWk8ZNGhJeLY-Q94zhURIUzyu4p9YScw7TxSJbNJ7BRZN1me_YkoVyLFZnEb6wxnQQx4Gc4PzAgtkCCbkwu3Cu7-47Ko3C7_Unig1sfa9aT5b06x-AwjG6b-8az291jgLOVLt4PYM7Lo6ZEET_9cOM7aM5HyCdY9lnAAWfJxjhnXY6UNyxwyKMIOcgBc5yf3wwG1ZMXLVs0UV6XOPfk5sALvMcYEgCDDcw52eMeeHAfuupPA_Prb2XKLfGrU38tSVR4V1fYVlsoecMjXU_eHYKJxUXVKEMaA0SuXmpOp1d40EgHoWT1i4wIXn7dUwIYVJNQhQQUZzL3WIoBUdMI2WARhzqUVRiPcsVRAiAjZvOKXDPzASNJlqlb1uBxkX4OC0lqhz_bOizRjzJkcHZ15M0k3XOnk-XzsbZrSaxu8cT_gSApRT1y4FMfFY-Z7hvQPHYzyDCUmBozCAQSLQBygQiDSHzGLWUr-BN6OWe08iY2l0EvNpzkOtw6cGFnx7ZndlCQV4W0HqRDqhgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-2930805104418204&ias_chanId=1&ias_placementId=18640275745&bidurl=https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gO5izKdoVy5KuIE280gMsy&adsafe_url=https%3A%2F%2Fstad.yalla-shoot.io&adsafe_type=y&adsafe_url=https%3A%2F%2Fstad.yalla-shoot.io%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:d6f58e8d-b266-3fdc-c43e-3f11ef83681b,c:guHiEA,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-664b4f8f74-6qs7b,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tI8xLDG+11%7C12%7C13%7C14%7C15*.1352960-70224085%7C151%7C152,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:20,oid:fc0ad161-12d7-11ee-87aa-6225af02f0ad,v:19.8.421,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:12:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:12:34 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 4613 30 KB
11 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c99a1db5a8ee11a2fc13ab0544e3865f781fab4515592ff6467e7273478f813d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:10:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11398
x-xss-protection: 0
server: cafe
etag: 3934322099733601226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 17:10:37 GMT

GET
DATA 200
OK truncated
/ Frame 4613 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08745b0c47e0b75e0f0b84d3a29b802aeaa865550c3f25d09343a340b84f154a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 259D 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 21:42:14 GMT
expires: Sun, 23 Jun 2024 21:42:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 00B7 0
42 B 67ms
12ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=64524391&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1687642935216-936808372678-001197-007-006844%26key%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:15 GMT
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame CE9E 34 KB
10 KB 7ms
7ms Script
text/html 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9869cc919f23de9da5acd3ae15c16e487b507092244e2d9c82a99044ef2970f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 24 Jun 2023 21:42:15 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Jun 2023 10:06:18 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=44664
Connection: keep-alive
Content-Length: 10113
Expires: Sun, 25 Jun 2023 10:06:39 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B4E 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bab4mN2OXZLr6B4iOjuwPzI2ToAcAAAAAOAHgBAI&bg=!Q0ClQBTNAAYQ3eRoMN07ADkAdvg8WuDW-5KaWNVGE8n1Kr0VwB0PGgFrdF5BMi7TBk-exANouq9xd4r6KktfoBGwkdo5m8eL3EQCAAAA1FIAAAACaAEHmQL8KbMdiUZ17cHG3eHjuB6JHoBRru-OV-HMYGwK9bZF2CTvq19FHU4Hr347auJ7kj59njiXKU-4hx8F22NylWHVkYKaMHJEOTKNJtDpPgEnop_QqM3Q_BVTMF1Xj1wsbt0MYU-06VPyjg5ELEbcxrGu5IkeqFTLqesYeTrNZA-CTX9lXwqILXEkwrh3AtRHFQg4m2X2IDBXKmbc6zwOY_tQVAy62F8lLmk6gr5W-ENV5DT4cGPU-M-DWRrk0w23X1pD4DGXCcToeowUW110EdWo3v-Atipqi11dIvPsga0aVM2S7fiCMtTsxXgXzME1_mQ6xy5TFvbsD-QVZqPcNoHIA-kPjrkNYvmI66l0A5mwqVGq-ovGBdnd3OeDR4T3zjORe5MULTMv8vdSliYDMu30QgUZKTFkMu6qozfvzSdIoJmUyjRRKfCsKXFMJFIGc9b5yy89jphH0cTdjJrTPnsz8JaWfis1jjZ_JFvFQ5ZMZ8Fgtn6KVD3Yo9cUuuyQ51AdejIsflr828f3dt4i7nROUvCLJ3t7QHk6-ztGic-hcH_9UFeAkVHes9p-_bKZgL4DFXDO9JyXH7VReuJ1kre4pBYcFQ6m1Z0fbp1D-D4vB84pyy8DMvNgNq_fhUXP-i1EQrP_GOhfAQtRDrnMCRyamdkgaORpRq2vvNSIpg_IT-318LJm2tGzCT_J-Cu5BW-74hozD1l1K4XMeo5TxHz3TZcxdxqHAnscRGk1GNglOeU_70dSDWLp-qYL4zeqTEbRYPIjllYADdv3d5gL0YJV-2NGI0gwSzCW9Hmf7mublzUEBe0zXabDmADjJpH-cFb58LU-eVugM7tXWcGiKJh0CStJe6AldtMcGzQPEsbCO0_S1Nia0CRWldznIWP2hXzgpcM6McOYlqTOwJ5wBr6aEziMo03uXrB3oYixbS5pG_GDDH3gYqSAcitDnm43Go12DKU-5tLnk3Xg6WHD2mxp5wHCSsihsMSSLsJSNWt5bq3Xjiolr8hKlF9Ayfw

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AF72 624 B
245 B 22ms
20ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhD7ppe5BBi7x7TuATAB&v=APEucNXJZU5eBgI7WOdJ11Y1bXtoT5jeOp425kQ3WzPRaCA8oi7SsJDPqS5A63wCKTs2w2iy2xzlUxlt3MXDyJ2VmM0HABBYo0Ca1iBCkyffpwpSXP8KMdocMaBmRGOFkz8kbBvrFyj-90Agw1bXiZA4F7AYm_IhrobH0_s89KPRj4MhsDMGMc0

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 21:42:15 GMT
expires: Sat, 24 Jun 2023 21:42:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 259D 78 KB
27 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 21:42:15 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 259D 42 B
63 B 43ms
42ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dvmb2iwXbdZLuqg4G4im8g48GqpThPKXEHLOmkgUzpZaK1PZbFeOmh8C-UDAh90BgxraVas_parMRtxJiP4UjTyy2CI-8YfPAjxi7IKkYuh2BkocE

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 259D 0
20 B 43ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15941378958748344144&x=1&ct=77

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 259D 15 KB
9 KB 26ms
18ms Script
text/javascript 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=65509680;gdpr=;gdpr_consent=;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C7NcBNmOXZOriOMjD9u8PtK6d6Avc2taNcZ-wvbHbEbfpor3AARABIKiyhXxglfqXgqwHyAEJqQI2xPCRH0eyPqgDAcgDmwSqBIMCT9CYUtdKBiGfko3-3aJWC3LJv6_oftjyntzIwiRhRT-NYE59C7SBqt6Zb_g3S9gUgXv99n0KC60hb6J_oViieJzHz3BfJHcD-tJKUvKt0yI9ocVjJbk45eQCn4FEm8BADAKLyBoufIltA7H6QxJS91iwIZyPrJ6GYd4smOEvX6ynvlyWt6LdySxB4DF3KC6mngj3MmRZN1twFb9F3LtcvIJw19W6y1WTbvnqHkhtIL8tJ6tykdams80jWF7eiLVb0vjpsxnFK4CHMuxxjQ-66ROEORFF5O4-dahqsM_fGeBkmy3sL9c_rV7-2SCsfHLrl6fILGJGvcTDdWUL4fjd1F5Zc8AEy_DmpKUE4AQDkAYBoAZNgAfjqJ2PBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOWseoT0BMA2BMK2BQB0BUB-BYBgBcB6BcB&ae=1&num=1&cid=CAQSSwBygQiDrd-qQ0kc_LcOBuuyfVe5uzkriO12Oqu9xKJE0kA1lvaaC3PILp61V00_iWsf__-NdpetGtJ-fwKJCbAlzPMByB1O06C5URgB&sig=AOD64_3wc9Pl9CnrNYI_vqa6iPovGpkGyQ&client=ca-pub-2930805104418204&dbm_c=AKAmf-AJQOL0pkgxMPjI-lyb1qyYrTizV4_1Pu44YfqbIhZFdMEnK7j6YWkUWOXAjolyWTN7F7b_E9J95DQBV-8BCzA7uc6qMFNgtRDnqqvslzKpNbUnkQB6WYIQRpAL85MkOK99meG06EXVc6eR4JfPZnmH5slfKnuCmhhdTyb343sEyMkAcnc&cry=1&dbm_d=AKAmf-DYWQuRV_I7Mk_HKjMebMdJd2FNq4RMupVsjwXmwjaIeFnaa58nwSqf2sNW2DeO_a8H5LAhFBrLxJDS7PkW9Zu34lsG5qbIpj-6l4tRYBB-rmUR5DgcooK4xP_y9wYfdHclTVyLs8Tbif3NoMYsn8DrNfTizt8SSlGPLEW_4PSyHVLBX0bNtpKUT2ZMqnfr4JxBPkXbBLq7cGsiz_Z_stvlvRPetRrs6JbsF8wZQUPMnItTLfencKgWrbt3z6fndw75-wYPFk7McZ0KzuuIGh3HM-7Xagz9MUOK-AE4aWC3Qd9HjYXViot_y-GjpC_Y-XBA5T_UaenHM9en1y0vBkFTTnIbBm6KMu9fzWMR0N69kvHlf7wKrBoF87SerWrH-83GKMefrGGZ1YXPb7LdE6rCPfsHRRuK-uICp2R2tXPfCFd9sInPSBGanz3GaazUS7fCL-jsn4Azde67B11PhbhFmVWfu17Rat6ermaE4ZQVDunB5JFk5JqFkf3XxOnBfehi5XwHV6aIp1MqLHo7ppYGpqjjJZf8wxT4JGFKmSvO4I0CySyZovfGUQ6-hoA0pVD5NjlvvS8SR1dMdedIqewtv54ZSg&adurl=

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

02efd28827917660f671b8f9242f78a0f1db99c63e7082fd06fb7a29d89d8605

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 8313
expires: -1

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 259D 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 16:34:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 16:34:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 259D 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9020
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:11:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 259D 179 KB
56 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jun 2023 21:42:15 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/346383189655976896/ Frame F7F6 1 KB
767 B 40ms
26ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=EmwfWBRKDx&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c36f708542bca1b708ec3db7d82a1a8521966d09a2cc57a0a368f107b05d1da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 739
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 21:42:15 GMT
expires: Sun, 23 Jun 2024 21:42:15 GMT
last-modified: Thu, 27 Apr 2023 13:48:41 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4613 0
0 110ms
44ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvUis-UzNMhe_5Zz0voU6xM-x2xapaGkv0JsL02sgetq0C6OerSkwj4PKdRqbJD4LRIJQlm0OtNVR5PNjeJQkufYWL54CMTjfiXhZSdtMo4BCwRdNsdC5l3Ex4AGdVETz6FdsICgJvDUz5NiADU1k_5I73XrOZOd2IR9H0Yr3Cd_kJJag&sai=AMfl-YTFXlkj4cz9m3U3v0L69xpuRJ8nnD5wAmsJtOICNjI3Ifda-bZ1J-buWgH1PuEHTEIwcuwLqGRWoFRgybAdr4lwRVuUlLHVJ7_ioZyhNN-3WsaNFLYpvjNzuZ6pvA&sig=Cg0ArKJSzMXogh4ZF1jzEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=121&cbvp=1&cstd=112&cisv=r20230620.44135&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 24 Jun 2023 21:42:15 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 4613 43 B
1 KB 86ms
19ms Image
image/gif 85.14.248.71
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=181030143&extPm=361198394&gdpr_consent=&gdpr=

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.71 Mülheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Sat, 24 Jun 2023 21:42:15 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Sa, 24 Jun 2023 09:42:15 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1119
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AF72
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKx_B4UXoHrjuyMrh2EMHeQ&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKx_B4UXoHrjuyMrh2EMHeQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhD7ppe5BBi7x7TuATAB&v=APEucNXJZU5eBgI7WOdJ11Y1bXtoT5jeOp425kQ3WzPRaCA8oi7SsJDPqS5A63wCKTs2w2iy2xzlUxlt3MXDyJ2VmM0HABBYo0Ca1iBCkyffpwpSXP8KMdocMaBmRGOFkz8kbBvrFyj-90Agw1bXiZA4F7AYm_IhrobH0_s89KPRj4MhsDMGMc0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Jun 2023 21:42:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKx_B4UXoHrjuyMrh2EMHeQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AF72
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJdjNyhgHrldIR4XROftXAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKx_B4UXoHrjuyMrh2EMHeQ&google_cver=1

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKx_B4UXoHrjuyMrh2EMHeQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhD7ppe5BBi7x7TuATAB&v=APEucNXJZU5eBgI7WOdJ11Y1bXtoT5jeOp425kQ3WzPRaCA8oi7SsJDPqS5A63wCKTs2w2iy2xzlUxlt3MXDyJ2VmM0HABBYo0Ca1iBCkyffpwpSXP8KMdocMaBmRGOFkz8kbBvrFyj-90Agw1bXiZA4F7AYm_IhrobH0_s89KPRj4MhsDMGMc0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Jun 2023 21:42:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=494
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKx_B4UXoHrjuyMrh2EMHeQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame AF72
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJfRmV5QnN7_3g-KjhpntHU&google_cver=1

43 B
1 KB

18ms
16ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJfRmV5QnN7_3g-KjhpntHU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhD7ppe5BBi7x7TuATAB&v=APEucNXJZU5eBgI7WOdJ11Y1bXtoT5jeOp425kQ3WzPRaCA8oi7SsJDPqS5A63wCKTs2w2iy2xzlUxlt3MXDyJ2VmM0HABBYo0Ca1iBCkyffpwpSXP8KMdocMaBmRGOFkz8kbBvrFyj-90Agw1bXiZA4F7AYm_IhrobH0_s89KPRj4MhsDMGMc0

Protocol

HTTP/1.1

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Jun 2023 21:42:15 GMT
AN-X-Request-Uuid: 2003ca6b-43a6-4d9e-b741-617aced41e0f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJfRmV5QnN7_3g-KjhpntHU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AF72
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ5OTc5MTgwODA5MjI1Nzk4MA%3D%3D

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ5OTc5MTgwODA5MjI1Nzk4MA%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 24 Jun 2023 21:42:15 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 56321130-4e05-4dd0-b433-e2812f349bbf
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQ5OTc5MTgwODA5MjI1Nzk4MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame CE9E 284 B
536 B 64ms
9ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 259D 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2072477521801&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 259D 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2072477521801&version=m202301230201&ct=77&x=1&cor=15941378958748344000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 259D 29 KB
17 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJrm26ugFXwGU1ZV2_OUxAexQXEF6Qk7PdEs-JE2Zn5BdKbKubHt0yu-m4ry2JAW511RtqdQwLnPACXqpFtOwBWq1YmgYOCkoXmBOeL3nDuYlNzSx3zpFEADeQ8mxnUk37uQHND9a-so2J3cS8l6tdhFaJygDC4TVd00SkRq83qNyJJoI&cry=1&dbm_d=AKAmf-Bo5UcQ-cvJ3jWb_CBgteKSINWt7nQCJmCPf-dF5d98enXzcVQkCImUZwTzqnmS-OWnE22yrDKfgYI-b2C2UYQegcDWWzwA-DWeyjeJT3KScXcSQihuiwKebsWpza1XdpLTvhy5pvgP6WgullK9wgtt7uIod0GqpVQGOdT21Zw0AoL2I3Gs0eTSXBtfd_kcXVqYxnchGhKw4K5DOvCpIwfOrs9AdXbRGtcpoh7XpdB9D9Fvrk_D2LrhV7m2-Ank1EcdGSmj-9ZN_vBsUepuQgSprP2gPsHV2Auh7h0bHw5hFI1o9Q9OkQdHxpfxoOvnDFb0NS5tWs3c8JA-HWeqtNsasIWGq9_NI8C63IFckvMckSh6E8mSzK04g89KO4rksPF0do1hEsqSk8deNU1o5IZG3-fpgNJ2-nNxetgSbVPUI9qYTAs_rmr_geJscY_nKI8aX-w1_tjzAi-KeC0Aujvtf0XqAkzCKFAicDdBbFmO8A2TuiZD7Bcfxx9gBxH_kICIilPK-b7ivARns226ggOlTnswNDjTPXs6RwuYUYZvvaWrTpFzPDqBCUoGKkhQa4KsUGTUlc8DYElAZBVlAlmEjjyc_soExO5MDyy34wThAxQDiiWYD4_BAPOYXw29HtmDH-O7LOKoVwnPTF5zqtwjHaRdCCyoJZdFfKyxl45fBQl8Xt0jcz4L8-XNdVfiHTlrbkh4NY8mla1lS9Lb1t5czCrHuzCtxyoeXk-7J7iM7phYWhq-56EH0GBzthYh70tO1rGwrA1n5vj6CrU0Qh-JvKaUykeQRocop4UBrmgxUUBuCEFl9e8zHsUUYJPjJ4gGNlJQAFoFvrgK46QQw0qTQGmpRE98S2sP7VOCScAFigpcgXhfpE3ktwA9ddSOjwmLgbLFPs3E0D2f7fudV754w7dbelG2FUDBj2BGBz7ZBLJIRo2OMWeujoSLTZ9Je6uU-i1Rjq2OlJcpT-Uz5x0MPPQi6z8yFyTm8sY6SRK7WfxK2eLy4SVoJ8swaDHgS287IkgVNtF-N7ffuDNniT1ZO7_tlhkXlIg-FHAz68bQiVrt6TP32km9MTvUYmDpD-rPgiPCpLeN_VkYY6yviXp8u7MZitZo-U12mN-DqoSZSCQi1fDky7YVHf010H6qX0AlP67FjdTyUqnEKkiVsfSe9M3m8ClmYjp-7wf3browyp8zZNDMlJ7Rj9l43DxVaymejvsKeP5ObhRBaV77yto9MJDs3uxHdxigAysf6rJexXuedCC2L04XnGNLy8wYODnFQfOqEQnUDXR8RaMYqb93W_BdaKhN8We8l4aq4wAzdNK_eoDA3So1-wvWZ42bhf7_t1-YgVyPyeCMbZtxBohokdRD03smi-VUJq64pohWfxCqp8J_pmwuBN-rLJ_tQ-t4boP-wHWc_UekZoE1-OINQ-tvM-A4GAKkzSRjtDMzNRSTgl4n8DIpvH4UJyC3jZLe4fHN41nRIu6gUJS8InUzKZ0qc4HMab0KrqYHWYFghXzaVL0oNlH8v-7oLr-Qj8B2MpIKjAtrhZD_wZSmbdF4HUgYbUWe4JLVFwh0h_MF17vnaQdJcdSTmqhNs8hBNcG9krQs4t8lArYlhoi13fxgj3i676XNpa3siwGEOtb8XCsWeZlRNXq3dWC8sIlVT38o-LOv9AYIyOFKut9ghZAy4sqb2sLa0e5zsibd97K46PrjJfcAhxH0PK913-PpbkQR7pCmRaIs-X2fYqs_J8IXIDq45KUAFaMUvcqCgGv8iJhLxNHS4d_tW1mr3dd1ZkIuSK9_F8YpBmTJoR5wd651ZWoVwNsEmTP4mteZQe4IhLShmu9Hk1WpwyzS2kWfJB7TDLMr1THaSp68RLCuWgN4YBZHojI0tAebofbzxDDJUNE2nhh-fKpmamv0w7lZT56J8K0vT1u7YMTxQIwjgqkQjPaawt578IYjxJjxS4_d6113kOnFh6HspF2GrFa0Z8UosDNdIErrgV0cLazC9iSoEkCzM3KaTiM0rIG6Qk4djgnjgqXs4gx_nC1GRy5MdSxC3sOYjFSeFcdCq8PVNzAhN2tE1QfCItpYcUlWbaJh_H1kGxAyPGQAIaNJsHdyfsnx3v7DlBklD9wrwNDxvNpjut_6FKrPl38DqU5zeCQB5TkJboQLthr5b5_Ja4ii-CzEOcrL5is3yUANcBtr4WwIEihBcYZbAqR5xHerXNNpkxhgbgBs8QRawttPjo33U0-HfqCVzzJ_1L39JKZeZxAiBGdlRTTyhoknaswwqAXbBdqhHQw4oVdg6xh3BX-UEU2-jXb6XGyvx20z2rbKUvI8PqCvvxdO8QAmP7qH9tvO1XUG3KazuAovwDM9TqWxEDGcRaB8ipC3KT146jjwcn_zfj7bIalfxTponB3T7JikQzMq3nPgAI_tkdhcbtmvKUGOC262jc7KqPt1PfvFDeNM3HAXe-pAOkHWpYiMI-MvDxVXYr0V2JJxwQcww42kV5hw4oXaBA44JlwWvYW5swIzjzyTSDLr47LbNHvwG5pVYYGFUPlxoZRp-ojMeUZ1HXWktozt83Rm1YH5lhJnDX7xxEzkyMsi8NPSEohg2JA7kmqPbQzRYH_UCVjNuYU4aBpQy1iQ2JwzMI4eOwz1djIU7Q4bj6_QQn501yR1k8a5FIiSXc-JTLIpmNk1bVC-fzJLa3bmSXVieNUNHB-J5-KhfhAveu9wgwYPiTSF7M0zLoFPDYLATvWYBwKeearOdWULnu9OyEeTAwMmPBckPDfCdBNI_0OU6-vzN_4L_zrJTcycEg_jNEdwexD6urZix-dXYoh1NoIyI7xOjMlZWn2J73NQ3UV_mGr1sYq7TgoyO4cAC5EQf-0qmLe_BjNXLqHg0pMGSM0geKL7M5XbnLjwWJQtjVtsYL70gDxzCBc1ZENQSJaalHt4mCyJy7qKVSaKnedI76WxIE9oFDk9mTO7CdN5r0ll9ZTznInsa3KJ4rgoANkatGs9jodYaBrbiijfdalgmZ1xvZu8olxkOJNWU6pZmfZIFVq6hCteE-YyRZa5w3Sz3VuZ4VR7tKUK7yENmbzqoeM8S1cHQ3d0WUW5CBKpVuIW2cKtzQSghnIWZCGZhIa6ovaU1jaCAK-6Bor9YzB1gyEgyokBNoIZMqAhASsaXV1BM6hc3ngdb2c4dTgp-7AA5aIuZdQNa5FDE4hy7RfXEVTuwIfz99Zpf3nhfoCejplUQI8-lBWRDFIhwlS1TePXrNy7XDgUnBJHNaN-5Wzu4TT38isAOAVsZ9KpjZbY42to-SH-3LW03Dz1VEWTsuDO7df9lza2PJ4ri5IT-lhLFov7EYrGcxj_-JvSQRA454rTLWQriIRoSTn_ukBbSfkkN8qhlauq0bAliUvr7_ubJm-Tw6-ciCTc1P0NE5k4tL7xClKedk9LpgfW1TYDT9vuQSEA4aI0L46Kx2KEVajyyEpy6aVTDneP_7RocjrW3XKPNOoLHPtNnm75as6sCYtOAQM0UB5iMKcpS4r6Eyp_0w8CUi2kAeKNW9dgBYogRWjdg_ODbGTgmOCkL_tlaJYV-huZXDrIsqLjxCU1btLwskDGR2ozL5P5O61oe5ArbiQWbE6Yl62GigvDB1F4pN_EhcNqiVuQ793-Y32Xn2BtlHaOMMfQQtKSH7-VX7hHK_Q-tmTUWCy2fcrgqvS1_aY&cid=CAQSSwBygQiDrd-qQ0kc_LcOBuuyfVe5uzkriO12Oqu9xKJE0kA1lvaaC3PILp61V00_iWsf__-NdpetGtJ-fwKJCbAlzPMByB1O06C5URgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fstad.yalla-shoot.io%2F&ds=l&xdt=1&iif=1&cor=15941378958748344000&adk=943508955&idt=27&cac=0&dtd=47

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ac19ab6cd1bfbfe8e8b7acf7fa941266435fbbf5aa7842e37574ee392a92acb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17164
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame F7F6 113 KB
38 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=EmwfWBRKDx&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=EmwfWBRKDx&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 24 Jun 2023 21:42:15 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame F7F6 118 KB
40 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=EmwfWBRKDx&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=EmwfWBRKDx&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 13:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Jun 2023 13:52:36 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4613 43 B
215 B 166ms
166ms Image
image/gif 2600:1f13:800:7781:2c5e:9481:735c:93a8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=d6f58e8d-b266-3fdc-c43e-3f11ef83681b&tv=%7Bc:guHiMm,pingTime:-10,time:502,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xMzMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1687642935685%7C%7Ce8e726d61b576096c7abcb664a52e98a%7C%7C8623b242deb4313525321dba17b62725%7C%7Cedb74678b8918dd3747ff5b6b9047fff%7C%7C506c2464fe58bf9d733d9694ed2b8bee%7C%7Cd83833e6cf4f6abc332aff8faaaee817%7C%7Cba74d1417c96d95c083d0933c4d74056%7C%7Cf2ee0cff5c19442a909b20806f92667d%7C%7C1663701684%7D
Requested by: Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:2c5e:9481:735c:93a8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
server: nginx
x-server-name: dt25.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame CE9E 0
239 B 428ms
97ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: b5ba23d75d0dcd35432b720d73e3149b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 urlsvid.json Show response
vpaid.vidoomy.com/sync/ Frame ED02 1 KB
815 B 84ms
6ms XHR
application/json 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1687642935216-936808372678-001197-007-006844%26key%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 81a4bd27e957576653d3059ac699bf25e16698b98a98e26a6a84cf1d6d9660b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 24 Jun 2023 21:42:15 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 295963
x-accel-date: 1687346972
x-77-nzt: AZySIYg4yDL/G4QEAA
x-accel-expires: @1688383772
last-modified: Wed, 29 Mar 2023 10:31:18 GMT
server: CDN77-Turbo
etag: W/"64241376-446"
x-77-nzt-ray: f6587a1d08da36e33763976442e08a30
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://vid.vidoomy.com
access-control-allow-credentials: true

GET
H2 200 media-u1jbjx32p_DVR_4986.ts Show response
live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/ Frame 172C 619 KB
619 KB 9ms
8ms XHR
video/mp2t 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/media-u1jbjx32p_DVR_4986.ts
Requested by: Host: m.livehd7xc.com
URL: https://m.livehd7xc.com/clappr.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: db63c8f249fee1a8e3137b6787aefe82cdc442d94315e021950d36875470ca05

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:15 GMT
server: nginx
access-control-allow-methods: OPTIONS, GET, POST, HEAD
content-type: video/MP2T
access-control-allow-origin: *
x-hw: 1687642935.cds278.fr8.hn,1687642935.cds212.fr8.c
access-control-expose-headers: Date, Server, Content-Type, Content-Length
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
content-length: 633372

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 259D 30 KB
11 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJrm26ugFXwGU1ZV2_OUxAexQXEF6Qk7PdEs-JE2Zn5BdKbKubHt0yu-m4ry2JAW511RtqdQwLnPACXqpFtOwBWq1YmgYOCkoXmBOeL3nDuYlNzSx3zpFEADeQ8mxnUk37uQHND9a-so2J3cS8l6tdhFaJygDC4TVd00SkRq83qNyJJoI&cry=1&dbm_d=AKAmf-Bo5UcQ-cvJ3jWb_CBgteKSINWt7nQCJmCPf-dF5d98enXzcVQkCImUZwTzqnmS-OWnE22yrDKfgYI-b2C2UYQegcDWWzwA-DWeyjeJT3KScXcSQihuiwKebsWpza1XdpLTvhy5pvgP6WgullK9wgtt7uIod0GqpVQGOdT21Zw0AoL2I3Gs0eTSXBtfd_kcXVqYxnchGhKw4K5DOvCpIwfOrs9AdXbRGtcpoh7XpdB9D9Fvrk_D2LrhV7m2-Ank1EcdGSmj-9ZN_vBsUepuQgSprP2gPsHV2Auh7h0bHw5hFI1o9Q9OkQdHxpfxoOvnDFb0NS5tWs3c8JA-HWeqtNsasIWGq9_NI8C63IFckvMckSh6E8mSzK04g89KO4rksPF0do1hEsqSk8deNU1o5IZG3-fpgNJ2-nNxetgSbVPUI9qYTAs_rmr_geJscY_nKI8aX-w1_tjzAi-KeC0Aujvtf0XqAkzCKFAicDdBbFmO8A2TuiZD7Bcfxx9gBxH_kICIilPK-b7ivARns226ggOlTnswNDjTPXs6RwuYUYZvvaWrTpFzPDqBCUoGKkhQa4KsUGTUlc8DYElAZBVlAlmEjjyc_soExO5MDyy34wThAxQDiiWYD4_BAPOYXw29HtmDH-O7LOKoVwnPTF5zqtwjHaRdCCyoJZdFfKyxl45fBQl8Xt0jcz4L8-XNdVfiHTlrbkh4NY8mla1lS9Lb1t5czCrHuzCtxyoeXk-7J7iM7phYWhq-56EH0GBzthYh70tO1rGwrA1n5vj6CrU0Qh-JvKaUykeQRocop4UBrmgxUUBuCEFl9e8zHsUUYJPjJ4gGNlJQAFoFvrgK46QQw0qTQGmpRE98S2sP7VOCScAFigpcgXhfpE3ktwA9ddSOjwmLgbLFPs3E0D2f7fudV754w7dbelG2FUDBj2BGBz7ZBLJIRo2OMWeujoSLTZ9Je6uU-i1Rjq2OlJcpT-Uz5x0MPPQi6z8yFyTm8sY6SRK7WfxK2eLy4SVoJ8swaDHgS287IkgVNtF-N7ffuDNniT1ZO7_tlhkXlIg-FHAz68bQiVrt6TP32km9MTvUYmDpD-rPgiPCpLeN_VkYY6yviXp8u7MZitZo-U12mN-DqoSZSCQi1fDky7YVHf010H6qX0AlP67FjdTyUqnEKkiVsfSe9M3m8ClmYjp-7wf3browyp8zZNDMlJ7Rj9l43DxVaymejvsKeP5ObhRBaV77yto9MJDs3uxHdxigAysf6rJexXuedCC2L04XnGNLy8wYODnFQfOqEQnUDXR8RaMYqb93W_BdaKhN8We8l4aq4wAzdNK_eoDA3So1-wvWZ42bhf7_t1-YgVyPyeCMbZtxBohokdRD03smi-VUJq64pohWfxCqp8J_pmwuBN-rLJ_tQ-t4boP-wHWc_UekZoE1-OINQ-tvM-A4GAKkzSRjtDMzNRSTgl4n8DIpvH4UJyC3jZLe4fHN41nRIu6gUJS8InUzKZ0qc4HMab0KrqYHWYFghXzaVL0oNlH8v-7oLr-Qj8B2MpIKjAtrhZD_wZSmbdF4HUgYbUWe4JLVFwh0h_MF17vnaQdJcdSTmqhNs8hBNcG9krQs4t8lArYlhoi13fxgj3i676XNpa3siwGEOtb8XCsWeZlRNXq3dWC8sIlVT38o-LOv9AYIyOFKut9ghZAy4sqb2sLa0e5zsibd97K46PrjJfcAhxH0PK913-PpbkQR7pCmRaIs-X2fYqs_J8IXIDq45KUAFaMUvcqCgGv8iJhLxNHS4d_tW1mr3dd1ZkIuSK9_F8YpBmTJoR5wd651ZWoVwNsEmTP4mteZQe4IhLShmu9Hk1WpwyzS2kWfJB7TDLMr1THaSp68RLCuWgN4YBZHojI0tAebofbzxDDJUNE2nhh-fKpmamv0w7lZT56J8K0vT1u7YMTxQIwjgqkQjPaawt578IYjxJjxS4_d6113kOnFh6HspF2GrFa0Z8UosDNdIErrgV0cLazC9iSoEkCzM3KaTiM0rIG6Qk4djgnjgqXs4gx_nC1GRy5MdSxC3sOYjFSeFcdCq8PVNzAhN2tE1QfCItpYcUlWbaJh_H1kGxAyPGQAIaNJsHdyfsnx3v7DlBklD9wrwNDxvNpjut_6FKrPl38DqU5zeCQB5TkJboQLthr5b5_Ja4ii-CzEOcrL5is3yUANcBtr4WwIEihBcYZbAqR5xHerXNNpkxhgbgBs8QRawttPjo33U0-HfqCVzzJ_1L39JKZeZxAiBGdlRTTyhoknaswwqAXbBdqhHQw4oVdg6xh3BX-UEU2-jXb6XGyvx20z2rbKUvI8PqCvvxdO8QAmP7qH9tvO1XUG3KazuAovwDM9TqWxEDGcRaB8ipC3KT146jjwcn_zfj7bIalfxTponB3T7JikQzMq3nPgAI_tkdhcbtmvKUGOC262jc7KqPt1PfvFDeNM3HAXe-pAOkHWpYiMI-MvDxVXYr0V2JJxwQcww42kV5hw4oXaBA44JlwWvYW5swIzjzyTSDLr47LbNHvwG5pVYYGFUPlxoZRp-ojMeUZ1HXWktozt83Rm1YH5lhJnDX7xxEzkyMsi8NPSEohg2JA7kmqPbQzRYH_UCVjNuYU4aBpQy1iQ2JwzMI4eOwz1djIU7Q4bj6_QQn501yR1k8a5FIiSXc-JTLIpmNk1bVC-fzJLa3bmSXVieNUNHB-J5-KhfhAveu9wgwYPiTSF7M0zLoFPDYLATvWYBwKeearOdWULnu9OyEeTAwMmPBckPDfCdBNI_0OU6-vzN_4L_zrJTcycEg_jNEdwexD6urZix-dXYoh1NoIyI7xOjMlZWn2J73NQ3UV_mGr1sYq7TgoyO4cAC5EQf-0qmLe_BjNXLqHg0pMGSM0geKL7M5XbnLjwWJQtjVtsYL70gDxzCBc1ZENQSJaalHt4mCyJy7qKVSaKnedI76WxIE9oFDk9mTO7CdN5r0ll9ZTznInsa3KJ4rgoANkatGs9jodYaBrbiijfdalgmZ1xvZu8olxkOJNWU6pZmfZIFVq6hCteE-YyRZa5w3Sz3VuZ4VR7tKUK7yENmbzqoeM8S1cHQ3d0WUW5CBKpVuIW2cKtzQSghnIWZCGZhIa6ovaU1jaCAK-6Bor9YzB1gyEgyokBNoIZMqAhASsaXV1BM6hc3ngdb2c4dTgp-7AA5aIuZdQNa5FDE4hy7RfXEVTuwIfz99Zpf3nhfoCejplUQI8-lBWRDFIhwlS1TePXrNy7XDgUnBJHNaN-5Wzu4TT38isAOAVsZ9KpjZbY42to-SH-3LW03Dz1VEWTsuDO7df9lza2PJ4ri5IT-lhLFov7EYrGcxj_-JvSQRA454rTLWQriIRoSTn_ukBbSfkkN8qhlauq0bAliUvr7_ubJm-Tw6-ciCTc1P0NE5k4tL7xClKedk9LpgfW1TYDT9vuQSEA4aI0L46Kx2KEVajyyEpy6aVTDneP_7RocjrW3XKPNOoLHPtNnm75as6sCYtOAQM0UB5iMKcpS4r6Eyp_0w8CUi2kAeKNW9dgBYogRWjdg_ODbGTgmOCkL_tlaJYV-huZXDrIsqLjxCU1btLwskDGR2ozL5P5O61oe5ArbiQWbE6Yl62GigvDB1F4pN_EhcNqiVuQ793-Y32Xn2BtlHaOMMfQQtKSH7-VX7hHK_Q-tmTUWCy2fcrgqvS1_aY&cid=CAQSSwBygQiDrd-qQ0kc_LcOBuuyfVe5uzkriO12Oqu9xKJE0kA1lvaaC3PILp61V00_iWsf__-NdpetGtJ-fwKJCbAlzPMByB1O06C5URgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fstad.yalla-shoot.io%2F&ds=l&xdt=1&iif=1&cor=15941378958748344000&adk=943508955&idt=27&cac=0&dtd=47

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c99a1db5a8ee11a2fc13ab0544e3865f781fab4515592ff6467e7273478f813d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:10:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16298
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11398
x-xss-protection: 0
server: cafe
etag: 3934322099733601226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 17:10:37 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 259D 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 13:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jun 2024 13:19:10 GMT

GET
H3 200 container.html Show response
41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F3D2 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 21:42:14 GMT
expires: Sun, 23 Jun 2024 21:42:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 259D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00b24d5cef3771e1b5a8ab19b1bc7eb245a969a0222f75a2780a702e7c9fb414

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
track.adform.net/mobile/script/ Frame 1DD3 6 KB
5 KB 18ms
18ms Script
text/javascript 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/mobile/script/?CC=1&bn=65509680;srctype=2;ord=741643595;gpp=;gpp_sid=;gdpr=;gdpr_consent=;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C7NcBNmOXZOriOMjD9u8PtK6d6Avc2taNcZ-wvbHbEbfpor3AARABIKiyhXxglfqXgqwHyAEJqQI2xPCRH0eyPqgDAcgDmwSqBIMCT9CYUtdKBiGfko3-3aJWC3LJv6_oftjyntzIwiRhRT-NYE59C7SBqt6Zb_g3S9gUgXv99n0KC60hb6J_oViieJzHz3BfJHcD-tJKUvKt0yI9ocVjJbk45eQCn4FEm8BADAKLyBoufIltA7H6QxJS91iwIZyPrJ6GYd4smOEvX6ynvlyWt6LdySxB4DF3KC6mngj3MmRZN1twFb9F3LtcvIJw19W6y1WTbvnqHkhtIL8tJ6tykdams80jWF7eiLVb0vjpsxnFK4CHMuxxjQ-66ROEORFF5O4-dahqsM_fGeBkmy3sL9c_rV7-2SCsfHLrl6fILGJGvcTDdWUL4fjd1F5Zc8AEy_DmpKUE4AQDkAYBoAZNgAfjqJ2PBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOWseoT0BMA2BMK2BQB0BUB-BYBgBcB6BcB&ae=1&num=1&cid=CAQSSwBygQiDrd-qQ0kc_LcOBuuyfVe5uzkriO12Oqu9xKJE0kA1lvaaC3PILp61V00_iWsf__-NdpetGtJ-fwKJCbAlzPMByB1O06C5URgB&sig=AOD64_3wc9Pl9CnrNYI_vqa6iPovGpkGyQ&client=ca-pub-2930805104418204&dbm_c=AKAmf-AJQOL0pkgxMPjI-lyb1qyYrTizV4_1Pu44YfqbIhZFdMEnK7j6YWkUWOXAjolyWTN7F7b_E9J95DQBV-8BCzA7uc6qMFNgtRDnqqvslzKpNbUnkQB6WYIQRpAL85MkOK99meG06EXVc6eR4JfPZnmH5slfKnuCmhhdTyb343sEyMkAcnc&cry=1&dbm_d=AKAmf-DYWQuRV_I7Mk_HKjMebMdJd2FNq4RMupVsjwXmwjaIeFnaa58nwSqf2sNW2DeO_a8H5LAhFBrLxJDS7PkW9Zu34lsG5qbIpj-6l4tRYBB-rmUR5DgcooK4xP_y9wYfdHclTVyLs8Tbif3NoMYsn8DrNfTizt8SSlGPLEW_4PSyHVLBX0bNtpKUT2ZMqnfr4JxBPkXbBLq7cGsiz_Z_stvlvRPetRrs6JbsF8wZQUPMnItTLfencKgWrbt3z6fndw75-wYPFk7McZ0KzuuIGh3HM-7Xagz9MUOK-AE4aWC3Qd9HjYXViot_y-GjpC_Y-XBA5T_UaenHM9en1y0vBkFTTnIbBm6KMu9fzWMR0N69kvHlf7wKrBoF87SerWrH-83GKMefrGGZ1YXPb7LdE6rCPfsHRRuK-uICp2R2tXPfCFd9sInPSBGanz3GaazUS7fCL-jsn4Azde67B11PhbhFmVWfu17Rat6ermaE4ZQVDunB5JFk5JqFkf3XxOnBfehi5XwHV6aIp1MqLHo7ppYGpqjjJZf8wxT4JGFKmSvO4I0CySyZovfGUQ6-hoA0pVD5NjlvvS8SR1dMdedIqewtv54ZSg&adurl=

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

081c4d4732befb24994b2171eb3bda0c453072d51e1f72632c1ab18233fda25b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 4260
expires: -1

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4613 0
0 45ms
45ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvUis-UzNMhe_5Zz0voU6xM-x2xapaGkv0JsL02sgetq0C6OerSkwj4PKdRqbJD4LRIJQlm0OtNVR5PNjeJQkufYWL54CMTjfiXhZSdtMo4BCwRdNsdC5l3Ex4AGdVETz6FdsICgJvDUz5NiADU1k_5I73XrOZOd2IR9H0Yr3Cd_kJJag&sai=AMfl-YTFXlkj4cz9m3U3v0L69xpuRJ8nnD5wAmsJtOICNjI3Ifda-bZ1J-buWgH1PuEHTEIwcuwLqGRWoFRgybAdr4lwRVuUlLHVJ7_ioZyhNN-3WsaNFLYpvjNzuZ6pvA&sig=Cg0ArKJSzMXogh4ZF1jzEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=400&vt=11&dtpt=279&dett=3&cstd=112&cisv=r20230620.44135&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 24 Jun 2023 21:42:15 GMT

GET
H2 200 prebid
rtb.openx.net/sync/ Frame ED02 43 B
245 B 55ms
15ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?gdpr=1&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dopenx
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame ED02 43 B
145 B 7ms
7ms Image
image/gif 52.57.76.205
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=1&gdpr_consent=
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.76.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-76-205.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 cookie
cm.adform.net/ Frame ED02 43 B
105 B 18ms
17ms Image
image/gif 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dadf
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:15 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame CE9E 0
214 B 9ms
8ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=25470
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame CE9E 0
214 B 18ms
9ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame CE9E
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=243BVSUNSWGAcPAUZV32jA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=243BVSUNSWGAcPAUZV32jA

43 B
479 B

37ms
37ms

Image
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=243BVSUNSWGAcPAUZV32jA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

Protocol

HTTP/1.1

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Jun 2023 21:42:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 93NTH57WT40WNDHD37KN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=243BVSUNSWGAcPAUZV32jA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame CE9E
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=bJ69KrSGSS-xkSvkyweL_w&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bJ69KrSGSS-xkSvkyweL_w

43 B
479 B

110ms
109ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bJ69KrSGSS-xkSvkyweL_w

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Jun 2023 21:42:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WNDGNAYN0G7X3S6C80FM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bJ69KrSGSS-xkSvkyweL_w
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cookiesync
bttrack.com/pixel/ Frame CE9E 35 B
163 B 303ms
100ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),

Reverse DNS

NET-33-132-192.46.bidtellect.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-servername: Track003-iad
pragma: no-cache
date: Sat, 24 Jun 2023 21:42:02 GMT
strict-transport-security: max-age=31536000;
content-type: image/gif
cache-control: private,no-cache
content-length: 35
expires: -1

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame CE9E
Redirect Chain

https://dmp.brand-display.com/cm/api/rubicon
https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=3fa41ab2-7837-10da-bd492d51

0
239 B

38ms
9ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=3fa41ab2-7837-10da-bd492d51
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 24 Jun 2023 21:42:15 GMT
via: 1.1 google
server: nginx/1.24.0
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://pixel.rubiconproject.com/tap.php?v=538100&nid=5446&put=3fa41ab2-7837-10da-bd492d51
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121

GET
H2

204

current
rubicon-match.dotomi.com/match/bounce/ Frame CE9E
Redirect Chain

https://token.rubiconproject.com/token?pid=2046&pt=n&a=1
https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=9L5R9BD2XoHhMoUFOxVy5Q

0
104 B

111ms
28ms

Image
text/plain

2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=9L5R9BD2XoHhMoUFOxVy5Q
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: H2
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:15 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

Redirect headers

Location: https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=9L5R9BD2XoHhMoUFOxVy5Q
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame CE9E
Redirect Chain

https://rcp.c.appier.net/rbcm
https://pixel.rubiconproject.com/tap.php?v=70596&nid=3632&put=o9hBdDL2DVCcirDaOWOXZA&expires=365

0
239 B

9ms
9ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=70596&nid=3632&put=o9hBdDL2DVCcirDaOWOXZA&expires=365
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 24 Jun 2023 21:42:17 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=70596&nid=3632&put=o9hBdDL2DVCcirDaOWOXZA&expires=365
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 131

GET
H2 200 css2
fonts.googleapis.com/ Frame F3D2 4 KB
744 B 38ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 24 Jun 2023 21:42:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 20:55:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Jun 2023 21:42:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5909 14 KB
2 KB 25ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 24 Jun 2023 21:42:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 21:23:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Jun 2023 21:42:15 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 5909 2 KB
892 B 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9020
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:11:55 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 5909 22 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 17:03:07 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 23B8 143 B
166 B 7ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1543
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 21:16:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 5909 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 16:34:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 16:34:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 5909 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9020
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:11:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5909 179 KB
56 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jun 2023 21:42:15 GMT

GET
H2 200 b2e5730d4c3b853e5c2ef15981a3fc9d.js Show response
www.gstatic.com/mysidia/ Frame 5909 33 KB
14 KB 42ms
7ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2e5730d4c3b853e5c2ef15981a3fc9d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14011
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 14:00:06 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/ Frame F3D2 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d5df165f9cd33cbc15eef8425d410408e4cb6d7791cbcdf678f6a0b05ee6b69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:23:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9401
x-xss-protection: 0
server: cafe
etag: 9087801343750428007
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:23:02 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F3D2 205 B
319 B 40ms
10ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 12:48:51 GMT
x-content-type-options: nosniff
age: 118404
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 09:18:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 22 Jun 2024 12:48:51 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F3D2 604 B
920 B 39ms
9ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 22:02:30 GMT
x-content-type-options: nosniff
age: 430785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 18 Jun 2024 22:02:30 GMT

GET
H2 200 adform.js Show response
s1.adform.net/banners/scripts/mobile/ Frame 1DD3 57 KB
24 KB 163ms
45ms Script
application/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/mobile/adform.js?1669130898142
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6352477f7dd223e3def9197581b2c43e9de34d6220885483a00108be24acb741

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:16 GMT
content-encoding: gzip
last-modified: Wed, 23 Nov 2022 08:13:58 GMT
server: nginx
x-amz-request-id: tx00000c3567072b28a7173-00637dd6a7-32941e2b-default
etag: W/"244eff0f9d7ccb27c2d7a7be777f8112"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 stylesheet.min.css
s1.adform.net/Banners/Elements/Files/2087214/13034732/main/css/ Frame 1DD3 6 KB
2 KB 140ms
23ms Stylesheet
text/css 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2087214/13034732/main/css/stylesheet.min.css
Requested by: Host: track.adform.net
URL: https://track.adform.net/mobile/script/?CC=1&bn=65509680;srctype=2;ord=741643595;gpp=;gpp_sid=;gdpr=;gdpr_consent=;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C7NcBNmOXZOriOMjD9u8PtK6d6Avc2taNcZ-wvbHbEbfpor3AARABIKiyhXxglfqXgqwHyAEJqQI2xPCRH0eyPqgDAcgDmwSqBIMCT9CYUtdKBiGfko3-3aJWC3LJv6_oftjyntzIwiRhRT-NYE59C7SBqt6Zb_g3S9gUgXv99n0KC60hb6J_oViieJzHz3BfJHcD-tJKUvKt0yI9ocVjJbk45eQCn4FEm8BADAKLyBoufIltA7H6QxJS91iwIZyPrJ6GYd4smOEvX6ynvlyWt6LdySxB4DF3KC6mngj3MmRZN1twFb9F3LtcvIJw19W6y1WTbvnqHkhtIL8tJ6tykdams80jWF7eiLVb0vjpsxnFK4CHMuxxjQ-66ROEORFF5O4-dahqsM_fGeBkmy3sL9c_rV7-2SCsfHLrl6fILGJGvcTDdWUL4fjd1F5Zc8AEy_DmpKUE4AQDkAYBoAZNgAfjqJ2PBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOWseoT0BMA2BMK2BQB0BUB-BYBgBcB6BcB&ae=1&num=1&cid=CAQSSwBygQiDrd-qQ0kc_LcOBuuyfVe5uzkriO12Oqu9xKJE0kA1lvaaC3PILp61V00_iWsf__-NdpetGtJ-fwKJCbAlzPMByB1O06C5URgB&sig=AOD64_3wc9Pl9CnrNYI_vqa6iPovGpkGyQ&client=ca-pub-2930805104418204&dbm_c=AKAmf-AJQOL0pkgxMPjI-lyb1qyYrTizV4_1Pu44YfqbIhZFdMEnK7j6YWkUWOXAjolyWTN7F7b_E9J95DQBV-8BCzA7uc6qMFNgtRDnqqvslzKpNbUnkQB6WYIQRpAL85MkOK99meG06EXVc6eR4JfPZnmH5slfKnuCmhhdTyb343sEyMkAcnc&cry=1&dbm_d=AKAmf-DYWQuRV_I7Mk_HKjMebMdJd2FNq4RMupVsjwXmwjaIeFnaa58nwSqf2sNW2DeO_a8H5LAhFBrLxJDS7PkW9Zu34lsG5qbIpj-6l4tRYBB-rmUR5DgcooK4xP_y9wYfdHclTVyLs8Tbif3NoMYsn8DrNfTizt8SSlGPLEW_4PSyHVLBX0bNtpKUT2ZMqnfr4JxBPkXbBLq7cGsiz_Z_stvlvRPetRrs6JbsF8wZQUPMnItTLfencKgWrbt3z6fndw75-wYPFk7McZ0KzuuIGh3HM-7Xagz9MUOK-AE4aWC3Qd9HjYXViot_y-GjpC_Y-XBA5T_UaenHM9en1y0vBkFTTnIbBm6KMu9fzWMR0N69kvHlf7wKrBoF87SerWrH-83GKMefrGGZ1YXPb7LdE6rCPfsHRRuK-uICp2R2tXPfCFd9sInPSBGanz3GaazUS7fCL-jsn4Azde67B11PhbhFmVWfu17Rat6ermaE4ZQVDunB5JFk5JqFkf3XxOnBfehi5XwHV6aIp1MqLHo7ppYGpqjjJZf8wxT4JGFKmSvO4I0CySyZovfGUQ6-hoA0pVD5NjlvvS8SR1dMdedIqewtv54ZSg&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 1047218933cf49a69ec5878362a5f8d785a064c7419deefe8e76cc07bf9ae2c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:16 GMT
content-encoding: gzip
last-modified: Tue, 13 Jun 2023 07:03:49 GMT
server: nginx
x-amz-request-id: tx00000eb877bab697645cd-006490f762-3295a825-default
etag: W/"8ecace0d37071c46e958d49b4baee770"
x-cache-status: STALE
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H/1.1 200
OK gsap.min.js Show response
cdn.flashtalking.com/frameworks/js/gsap/latest/ Frame 1DD3 59 KB
23 KB 55ms
12ms Script
text/javascript 184.30.20.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/frameworks/js/gsap/latest/gsap.min.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/mobile/script/?CC=1&bn=65509680;srctype=2;ord=741643595;gpp=;gpp_sid=;gdpr=;gdpr_consent=;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C7NcBNmOXZOriOMjD9u8PtK6d6Avc2taNcZ-wvbHbEbfpor3AARABIKiyhXxglfqXgqwHyAEJqQI2xPCRH0eyPqgDAcgDmwSqBIMCT9CYUtdKBiGfko3-3aJWC3LJv6_oftjyntzIwiRhRT-NYE59C7SBqt6Zb_g3S9gUgXv99n0KC60hb6J_oViieJzHz3BfJHcD-tJKUvKt0yI9ocVjJbk45eQCn4FEm8BADAKLyBoufIltA7H6QxJS91iwIZyPrJ6GYd4smOEvX6ynvlyWt6LdySxB4DF3KC6mngj3MmRZN1twFb9F3LtcvIJw19W6y1WTbvnqHkhtIL8tJ6tykdams80jWF7eiLVb0vjpsxnFK4CHMuxxjQ-66ROEORFF5O4-dahqsM_fGeBkmy3sL9c_rV7-2SCsfHLrl6fILGJGvcTDdWUL4fjd1F5Zc8AEy_DmpKUE4AQDkAYBoAZNgAfjqJ2PBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOWseoT0BMA2BMK2BQB0BUB-BYBgBcB6BcB&ae=1&num=1&cid=CAQSSwBygQiDrd-qQ0kc_LcOBuuyfVe5uzkriO12Oqu9xKJE0kA1lvaaC3PILp61V00_iWsf__-NdpetGtJ-fwKJCbAlzPMByB1O06C5URgB&sig=AOD64_3wc9Pl9CnrNYI_vqa6iPovGpkGyQ&client=ca-pub-2930805104418204&dbm_c=AKAmf-AJQOL0pkgxMPjI-lyb1qyYrTizV4_1Pu44YfqbIhZFdMEnK7j6YWkUWOXAjolyWTN7F7b_E9J95DQBV-8BCzA7uc6qMFNgtRDnqqvslzKpNbUnkQB6WYIQRpAL85MkOK99meG06EXVc6eR4JfPZnmH5slfKnuCmhhdTyb343sEyMkAcnc&cry=1&dbm_d=AKAmf-DYWQuRV_I7Mk_HKjMebMdJd2FNq4RMupVsjwXmwjaIeFnaa58nwSqf2sNW2DeO_a8H5LAhFBrLxJDS7PkW9Zu34lsG5qbIpj-6l4tRYBB-rmUR5DgcooK4xP_y9wYfdHclTVyLs8Tbif3NoMYsn8DrNfTizt8SSlGPLEW_4PSyHVLBX0bNtpKUT2ZMqnfr4JxBPkXbBLq7cGsiz_Z_stvlvRPetRrs6JbsF8wZQUPMnItTLfencKgWrbt3z6fndw75-wYPFk7McZ0KzuuIGh3HM-7Xagz9MUOK-AE4aWC3Qd9HjYXViot_y-GjpC_Y-XBA5T_UaenHM9en1y0vBkFTTnIbBm6KMu9fzWMR0N69kvHlf7wKrBoF87SerWrH-83GKMefrGGZ1YXPb7LdE6rCPfsHRRuK-uICp2R2tXPfCFd9sInPSBGanz3GaazUS7fCL-jsn4Azde67B11PhbhFmVWfu17Rat6ermaE4ZQVDunB5JFk5JqFkf3XxOnBfehi5XwHV6aIp1MqLHo7ppYGpqjjJZf8wxT4JGFKmSvO4I0CySyZovfGUQ6-hoA0pVD5NjlvvS8SR1dMdedIqewtv54ZSg&adurl=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-47.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 4f3078d79f59dca43390c202e38a3a25ff553362dade74143f41f7eb8046a7b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 24 Jun 2023 21:42:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Jun 2020 15:25:30 GMT
Server: Flashtalking (AKA)
ETag: W/"bdce73d5a7b1c35344c2bb8df556926e"
Vary: Accept-Encoding
Content-Type: text/javascript
X-Varnish: 217698245 210258536
Cache-Control: max-age=65796
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23640
Expires: Sun, 25 Jun 2023 15:58:51 GMT

GET
H2 200 mraid.js Show response
s1.adform.net/Banners/Elements/Files/2087214/13034732/main/ Frame 1DD3 1 KB
946 B 168ms
50ms Script
application/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2087214/13034732/main/mraid.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/mobile/script/?CC=1&bn=65509680;srctype=2;ord=741643595;gpp=;gpp_sid=;gdpr=;gdpr_consent=;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C7NcBNmOXZOriOMjD9u8PtK6d6Avc2taNcZ-wvbHbEbfpor3AARABIKiyhXxglfqXgqwHyAEJqQI2xPCRH0eyPqgDAcgDmwSqBIMCT9CYUtdKBiGfko3-3aJWC3LJv6_oftjyntzIwiRhRT-NYE59C7SBqt6Zb_g3S9gUgXv99n0KC60hb6J_oViieJzHz3BfJHcD-tJKUvKt0yI9ocVjJbk45eQCn4FEm8BADAKLyBoufIltA7H6QxJS91iwIZyPrJ6GYd4smOEvX6ynvlyWt6LdySxB4DF3KC6mngj3MmRZN1twFb9F3LtcvIJw19W6y1WTbvnqHkhtIL8tJ6tykdams80jWF7eiLVb0vjpsxnFK4CHMuxxjQ-66ROEORFF5O4-dahqsM_fGeBkmy3sL9c_rV7-2SCsfHLrl6fILGJGvcTDdWUL4fjd1F5Zc8AEy_DmpKUE4AQDkAYBoAZNgAfjqJ2PBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOWseoT0BMA2BMK2BQB0BUB-BYBgBcB6BcB&ae=1&num=1&cid=CAQSSwBygQiDrd-qQ0kc_LcOBuuyfVe5uzkriO12Oqu9xKJE0kA1lvaaC3PILp61V00_iWsf__-NdpetGtJ-fwKJCbAlzPMByB1O06C5URgB&sig=AOD64_3wc9Pl9CnrNYI_vqa6iPovGpkGyQ&client=ca-pub-2930805104418204&dbm_c=AKAmf-AJQOL0pkgxMPjI-lyb1qyYrTizV4_1Pu44YfqbIhZFdMEnK7j6YWkUWOXAjolyWTN7F7b_E9J95DQBV-8BCzA7uc6qMFNgtRDnqqvslzKpNbUnkQB6WYIQRpAL85MkOK99meG06EXVc6eR4JfPZnmH5slfKnuCmhhdTyb343sEyMkAcnc&cry=1&dbm_d=AKAmf-DYWQuRV_I7Mk_HKjMebMdJd2FNq4RMupVsjwXmwjaIeFnaa58nwSqf2sNW2DeO_a8H5LAhFBrLxJDS7PkW9Zu34lsG5qbIpj-6l4tRYBB-rmUR5DgcooK4xP_y9wYfdHclTVyLs8Tbif3NoMYsn8DrNfTizt8SSlGPLEW_4PSyHVLBX0bNtpKUT2ZMqnfr4JxBPkXbBLq7cGsiz_Z_stvlvRPetRrs6JbsF8wZQUPMnItTLfencKgWrbt3z6fndw75-wYPFk7McZ0KzuuIGh3HM-7Xagz9MUOK-AE4aWC3Qd9HjYXViot_y-GjpC_Y-XBA5T_UaenHM9en1y0vBkFTTnIbBm6KMu9fzWMR0N69kvHlf7wKrBoF87SerWrH-83GKMefrGGZ1YXPb7LdE6rCPfsHRRuK-uICp2R2tXPfCFd9sInPSBGanz3GaazUS7fCL-jsn4Azde67B11PhbhFmVWfu17Rat6ermaE4ZQVDunB5JFk5JqFkf3XxOnBfehi5XwHV6aIp1MqLHo7ppYGpqjjJZf8wxT4JGFKmSvO4I0CySyZovfGUQ6-hoA0pVD5NjlvvS8SR1dMdedIqewtv54ZSg&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 561f6655eaa2217e42357e80189b3f60a6dea1b2ab6eba64e35c83404037e432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:16 GMT
content-encoding: gzip
last-modified: Mon, 13 Mar 2023 10:30:59 GMT
server: nginx
x-amz-request-id: tx00000cd811eabfa084500-006490f762-32957f68-default
etag: W/"4760c975b15c791037bde5932ddd9dd5"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 m_1.jpg
s1.adform.net/Banners/Elements/Files/2087214/13034732/main/img/ Frame 1DD3 138 KB
138 KB 184ms
67ms Image
image/jpeg 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2087214/13034732/main/img/m_1.jpg
Requested by: Host: track.adform.net
URL: https://track.adform.net/mobile/script/?CC=1&bn=65509680;srctype=2;ord=741643595;gpp=;gpp_sid=;gdpr=;gdpr_consent=;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C7NcBNmOXZOriOMjD9u8PtK6d6Avc2taNcZ-wvbHbEbfpor3AARABIKiyhXxglfqXgqwHyAEJqQI2xPCRH0eyPqgDAcgDmwSqBIMCT9CYUtdKBiGfko3-3aJWC3LJv6_oftjyntzIwiRhRT-NYE59C7SBqt6Zb_g3S9gUgXv99n0KC60hb6J_oViieJzHz3BfJHcD-tJKUvKt0yI9ocVjJbk45eQCn4FEm8BADAKLyBoufIltA7H6QxJS91iwIZyPrJ6GYd4smOEvX6ynvlyWt6LdySxB4DF3KC6mngj3MmRZN1twFb9F3LtcvIJw19W6y1WTbvnqHkhtIL8tJ6tykdams80jWF7eiLVb0vjpsxnFK4CHMuxxjQ-66ROEORFF5O4-dahqsM_fGeBkmy3sL9c_rV7-2SCsfHLrl6fILGJGvcTDdWUL4fjd1F5Zc8AEy_DmpKUE4AQDkAYBoAZNgAfjqJ2PBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOWseoT0BMA2BMK2BQB0BUB-BYBgBcB6BcB&ae=1&num=1&cid=CAQSSwBygQiDrd-qQ0kc_LcOBuuyfVe5uzkriO12Oqu9xKJE0kA1lvaaC3PILp61V00_iWsf__-NdpetGtJ-fwKJCbAlzPMByB1O06C5URgB&sig=AOD64_3wc9Pl9CnrNYI_vqa6iPovGpkGyQ&client=ca-pub-2930805104418204&dbm_c=AKAmf-AJQOL0pkgxMPjI-lyb1qyYrTizV4_1Pu44YfqbIhZFdMEnK7j6YWkUWOXAjolyWTN7F7b_E9J95DQBV-8BCzA7uc6qMFNgtRDnqqvslzKpNbUnkQB6WYIQRpAL85MkOK99meG06EXVc6eR4JfPZnmH5slfKnuCmhhdTyb343sEyMkAcnc&cry=1&dbm_d=AKAmf-DYWQuRV_I7Mk_HKjMebMdJd2FNq4RMupVsjwXmwjaIeFnaa58nwSqf2sNW2DeO_a8H5LAhFBrLxJDS7PkW9Zu34lsG5qbIpj-6l4tRYBB-rmUR5DgcooK4xP_y9wYfdHclTVyLs8Tbif3NoMYsn8DrNfTizt8SSlGPLEW_4PSyHVLBX0bNtpKUT2ZMqnfr4JxBPkXbBLq7cGsiz_Z_stvlvRPetRrs6JbsF8wZQUPMnItTLfencKgWrbt3z6fndw75-wYPFk7McZ0KzuuIGh3HM-7Xagz9MUOK-AE4aWC3Qd9HjYXViot_y-GjpC_Y-XBA5T_UaenHM9en1y0vBkFTTnIbBm6KMu9fzWMR0N69kvHlf7wKrBoF87SerWrH-83GKMefrGGZ1YXPb7LdE6rCPfsHRRuK-uICp2R2tXPfCFd9sInPSBGanz3GaazUS7fCL-jsn4Azde67B11PhbhFmVWfu17Rat6ermaE4ZQVDunB5JFk5JqFkf3XxOnBfehi5XwHV6aIp1MqLHo7ppYGpqjjJZf8wxT4JGFKmSvO4I0CySyZovfGUQ6-hoA0pVD5NjlvvS8SR1dMdedIqewtv54ZSg&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6d4ecfe274e0167706dcd7e9f2e54131859013f4cc41d01c75075b04c1499385

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:16 GMT
last-modified: Tue, 13 Jun 2023 07:03:49 GMT
server: nginx
x-amz-request-id: tx00000f7a143c39a4e7126-006490e44b-32957f68-default
etag: "20fd71818423d1b2972965011deaaedf"
x-cache-status: STALE
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 141322

GET
H2 200 txt__1_1.png
s1.adform.net/Banners/Elements/Files/2087214/13034732/main/img/ Frame 1DD3 4 KB
4 KB 173ms
56ms Image
image/png 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2087214/13034732/main/img/txt__1_1.png
Requested by: Host: track.adform.net
URL: https://track.adform.net/mobile/script/?CC=1&bn=65509680;srctype=2;ord=741643595;gpp=;gpp_sid=;gdpr=;gdpr_consent=;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C7NcBNmOXZOriOMjD9u8PtK6d6Avc2taNcZ-wvbHbEbfpor3AARABIKiyhXxglfqXgqwHyAEJqQI2xPCRH0eyPqgDAcgDmwSqBIMCT9CYUtdKBiGfko3-3aJWC3LJv6_oftjyntzIwiRhRT-NYE59C7SBqt6Zb_g3S9gUgXv99n0KC60hb6J_oViieJzHz3BfJHcD-tJKUvKt0yI9ocVjJbk45eQCn4FEm8BADAKLyBoufIltA7H6QxJS91iwIZyPrJ6GYd4smOEvX6ynvlyWt6LdySxB4DF3KC6mngj3MmRZN1twFb9F3LtcvIJw19W6y1WTbvnqHkhtIL8tJ6tykdams80jWF7eiLVb0vjpsxnFK4CHMuxxjQ-66ROEORFF5O4-dahqsM_fGeBkmy3sL9c_rV7-2SCsfHLrl6fILGJGvcTDdWUL4fjd1F5Zc8AEy_DmpKUE4AQDkAYBoAZNgAfjqJ2PBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOWseoT0BMA2BMK2BQB0BUB-BYBgBcB6BcB&ae=1&num=1&cid=CAQSSwBygQiDrd-qQ0kc_LcOBuuyfVe5uzkriO12Oqu9xKJE0kA1lvaaC3PILp61V00_iWsf__-NdpetGtJ-fwKJCbAlzPMByB1O06C5URgB&sig=AOD64_3wc9Pl9CnrNYI_vqa6iPovGpkGyQ&client=ca-pub-2930805104418204&dbm_c=AKAmf-AJQOL0pkgxMPjI-lyb1qyYrTizV4_1Pu44YfqbIhZFdMEnK7j6YWkUWOXAjolyWTN7F7b_E9J95DQBV-8BCzA7uc6qMFNgtRDnqqvslzKpNbUnkQB6WYIQRpAL85MkOK99meG06EXVc6eR4JfPZnmH5slfKnuCmhhdTyb343sEyMkAcnc&cry=1&dbm_d=AKAmf-DYWQuRV_I7Mk_HKjMebMdJd2FNq4RMupVsjwXmwjaIeFnaa58nwSqf2sNW2DeO_a8H5LAhFBrLxJDS7PkW9Zu34lsG5qbIpj-6l4tRYBB-rmUR5DgcooK4xP_y9wYfdHclTVyLs8Tbif3NoMYsn8DrNfTizt8SSlGPLEW_4PSyHVLBX0bNtpKUT2ZMqnfr4JxBPkXbBLq7cGsiz_Z_stvlvRPetRrs6JbsF8wZQUPMnItTLfencKgWrbt3z6fndw75-wYPFk7McZ0KzuuIGh3HM-7Xagz9MUOK-AE4aWC3Qd9HjYXViot_y-GjpC_Y-XBA5T_UaenHM9en1y0vBkFTTnIbBm6KMu9fzWMR0N69kvHlf7wKrBoF87SerWrH-83GKMefrGGZ1YXPb7LdE6rCPfsHRRuK-uICp2R2tXPfCFd9sInPSBGanz3GaazUS7fCL-jsn4Azde67B11PhbhFmVWfu17Rat6ermaE4ZQVDunB5JFk5JqFkf3XxOnBfehi5XwHV6aIp1MqLHo7ppYGpqjjJZf8wxT4JGFKmSvO4I0CySyZovfGUQ6-hoA0pVD5NjlvvS8SR1dMdedIqewtv54ZSg&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 60cfa6ce626df030b028e3699758f17555253165d87ab4cdf55b8ee4c62a4330

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:16 GMT
last-modified: Tue, 13 Jun 2023 07:03:49 GMT
server: nginx
x-amz-request-id: tx00000b4d8a62623a83fac-006490e44b-32950a49-default
etag: "8dac88a228920b1d669aac4f54789e3c"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3842

GET
H2 200 txt__2_1.png
s1.adform.net/Banners/Elements/Files/2087214/13034732/main/img/ Frame 1DD3 4 KB
5 KB 172ms
55ms Image
image/png 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2087214/13034732/main/img/txt__2_1.png
Requested by: Host: track.adform.net
URL: https://track.adform.net/mobile/script/?CC=1&bn=65509680;srctype=2;ord=741643595;gpp=;gpp_sid=;gdpr=;gdpr_consent=;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C7NcBNmOXZOriOMjD9u8PtK6d6Avc2taNcZ-wvbHbEbfpor3AARABIKiyhXxglfqXgqwHyAEJqQI2xPCRH0eyPqgDAcgDmwSqBIMCT9CYUtdKBiGfko3-3aJWC3LJv6_oftjyntzIwiRhRT-NYE59C7SBqt6Zb_g3S9gUgXv99n0KC60hb6J_oViieJzHz3BfJHcD-tJKUvKt0yI9ocVjJbk45eQCn4FEm8BADAKLyBoufIltA7H6QxJS91iwIZyPrJ6GYd4smOEvX6ynvlyWt6LdySxB4DF3KC6mngj3MmRZN1twFb9F3LtcvIJw19W6y1WTbvnqHkhtIL8tJ6tykdams80jWF7eiLVb0vjpsxnFK4CHMuxxjQ-66ROEORFF5O4-dahqsM_fGeBkmy3sL9c_rV7-2SCsfHLrl6fILGJGvcTDdWUL4fjd1F5Zc8AEy_DmpKUE4AQDkAYBoAZNgAfjqJ2PBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOWseoT0BMA2BMK2BQB0BUB-BYBgBcB6BcB&ae=1&num=1&cid=CAQSSwBygQiDrd-qQ0kc_LcOBuuyfVe5uzkriO12Oqu9xKJE0kA1lvaaC3PILp61V00_iWsf__-NdpetGtJ-fwKJCbAlzPMByB1O06C5URgB&sig=AOD64_3wc9Pl9CnrNYI_vqa6iPovGpkGyQ&client=ca-pub-2930805104418204&dbm_c=AKAmf-AJQOL0pkgxMPjI-lyb1qyYrTizV4_1Pu44YfqbIhZFdMEnK7j6YWkUWOXAjolyWTN7F7b_E9J95DQBV-8BCzA7uc6qMFNgtRDnqqvslzKpNbUnkQB6WYIQRpAL85MkOK99meG06EXVc6eR4JfPZnmH5slfKnuCmhhdTyb343sEyMkAcnc&cry=1&dbm_d=AKAmf-DYWQuRV_I7Mk_HKjMebMdJd2FNq4RMupVsjwXmwjaIeFnaa58nwSqf2sNW2DeO_a8H5LAhFBrLxJDS7PkW9Zu34lsG5qbIpj-6l4tRYBB-rmUR5DgcooK4xP_y9wYfdHclTVyLs8Tbif3NoMYsn8DrNfTizt8SSlGPLEW_4PSyHVLBX0bNtpKUT2ZMqnfr4JxBPkXbBLq7cGsiz_Z_stvlvRPetRrs6JbsF8wZQUPMnItTLfencKgWrbt3z6fndw75-wYPFk7McZ0KzuuIGh3HM-7Xagz9MUOK-AE4aWC3Qd9HjYXViot_y-GjpC_Y-XBA5T_UaenHM9en1y0vBkFTTnIbBm6KMu9fzWMR0N69kvHlf7wKrBoF87SerWrH-83GKMefrGGZ1YXPb7LdE6rCPfsHRRuK-uICp2R2tXPfCFd9sInPSBGanz3GaazUS7fCL-jsn4Azde67B11PhbhFmVWfu17Rat6ermaE4ZQVDunB5JFk5JqFkf3XxOnBfehi5XwHV6aIp1MqLHo7ppYGpqjjJZf8wxT4JGFKmSvO4I0CySyZovfGUQ6-hoA0pVD5NjlvvS8SR1dMdedIqewtv54ZSg&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 18e521a5d0510315ef33808b763b097ba1e9778b5f788bb458cb2b40c75274ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:16 GMT
last-modified: Tue, 13 Jun 2023 07:03:49 GMT
server: nginx
x-amz-request-id: tx00000f7f6a536e3dab761-006490e44b-32950a49-default
etag: "1467a6e6b380ecc97acb4c9dcc245805"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4337

GET
H2 200 cta__box.png
s1.adform.net/Banners/Elements/Files/2087214/13034732/main/img/ Frame 1DD3 2 KB
3 KB 78ms
78ms Image
image/png 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2087214/13034732/main/img/cta__box.png
Requested by: Host: track.adform.net
URL: https://track.adform.net/mobile/script/?CC=1&bn=65509680;srctype=2;ord=741643595;gpp=;gpp_sid=;gdpr=;gdpr_consent=;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C7NcBNmOXZOriOMjD9u8PtK6d6Avc2taNcZ-wvbHbEbfpor3AARABIKiyhXxglfqXgqwHyAEJqQI2xPCRH0eyPqgDAcgDmwSqBIMCT9CYUtdKBiGfko3-3aJWC3LJv6_oftjyntzIwiRhRT-NYE59C7SBqt6Zb_g3S9gUgXv99n0KC60hb6J_oViieJzHz3BfJHcD-tJKUvKt0yI9ocVjJbk45eQCn4FEm8BADAKLyBoufIltA7H6QxJS91iwIZyPrJ6GYd4smOEvX6ynvlyWt6LdySxB4DF3KC6mngj3MmRZN1twFb9F3LtcvIJw19W6y1WTbvnqHkhtIL8tJ6tykdams80jWF7eiLVb0vjpsxnFK4CHMuxxjQ-66ROEORFF5O4-dahqsM_fGeBkmy3sL9c_rV7-2SCsfHLrl6fILGJGvcTDdWUL4fjd1F5Zc8AEy_DmpKUE4AQDkAYBoAZNgAfjqJ2PBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOWseoT0BMA2BMK2BQB0BUB-BYBgBcB6BcB&ae=1&num=1&cid=CAQSSwBygQiDrd-qQ0kc_LcOBuuyfVe5uzkriO12Oqu9xKJE0kA1lvaaC3PILp61V00_iWsf__-NdpetGtJ-fwKJCbAlzPMByB1O06C5URgB&sig=AOD64_3wc9Pl9CnrNYI_vqa6iPovGpkGyQ&client=ca-pub-2930805104418204&dbm_c=AKAmf-AJQOL0pkgxMPjI-lyb1qyYrTizV4_1Pu44YfqbIhZFdMEnK7j6YWkUWOXAjolyWTN7F7b_E9J95DQBV-8BCzA7uc6qMFNgtRDnqqvslzKpNbUnkQB6WYIQRpAL85MkOK99meG06EXVc6eR4JfPZnmH5slfKnuCmhhdTyb343sEyMkAcnc&cry=1&dbm_d=AKAmf-DYWQuRV_I7Mk_HKjMebMdJd2FNq4RMupVsjwXmwjaIeFnaa58nwSqf2sNW2DeO_a8H5LAhFBrLxJDS7PkW9Zu34lsG5qbIpj-6l4tRYBB-rmUR5DgcooK4xP_y9wYfdHclTVyLs8Tbif3NoMYsn8DrNfTizt8SSlGPLEW_4PSyHVLBX0bNtpKUT2ZMqnfr4JxBPkXbBLq7cGsiz_Z_stvlvRPetRrs6JbsF8wZQUPMnItTLfencKgWrbt3z6fndw75-wYPFk7McZ0KzuuIGh3HM-7Xagz9MUOK-AE4aWC3Qd9HjYXViot_y-GjpC_Y-XBA5T_UaenHM9en1y0vBkFTTnIbBm6KMu9fzWMR0N69kvHlf7wKrBoF87SerWrH-83GKMefrGGZ1YXPb7LdE6rCPfsHRRuK-uICp2R2tXPfCFd9sInPSBGanz3GaazUS7fCL-jsn4Azde67B11PhbhFmVWfu17Rat6ermaE4ZQVDunB5JFk5JqFkf3XxOnBfehi5XwHV6aIp1MqLHo7ppYGpqjjJZf8wxT4JGFKmSvO4I0CySyZovfGUQ6-hoA0pVD5NjlvvS8SR1dMdedIqewtv54ZSg&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 510c3152871ffc0ae3bea533ac14b522126ea18622a7a4cfda1c41d1a0e160f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:16 GMT
last-modified: Tue, 13 Jun 2023 07:03:49 GMT
server: nginx
x-amz-request-id: tx0000097c1be2902525a0e-006490e44b-32957f68-default
etag: "e8b2a0c103fe0435d23a75c5b9c4ea78"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2531

GET
H2 200 cta__arrow.png
s1.adform.net/Banners/Elements/Files/2087214/13034732/main/img/ Frame 1DD3 422 B
752 B 79ms
78ms Image
image/png 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2087214/13034732/main/img/cta__arrow.png
Requested by: Host: track.adform.net
URL: https://track.adform.net/mobile/script/?CC=1&bn=65509680;srctype=2;ord=741643595;gpp=;gpp_sid=;gdpr=;gdpr_consent=;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C7NcBNmOXZOriOMjD9u8PtK6d6Avc2taNcZ-wvbHbEbfpor3AARABIKiyhXxglfqXgqwHyAEJqQI2xPCRH0eyPqgDAcgDmwSqBIMCT9CYUtdKBiGfko3-3aJWC3LJv6_oftjyntzIwiRhRT-NYE59C7SBqt6Zb_g3S9gUgXv99n0KC60hb6J_oViieJzHz3BfJHcD-tJKUvKt0yI9ocVjJbk45eQCn4FEm8BADAKLyBoufIltA7H6QxJS91iwIZyPrJ6GYd4smOEvX6ynvlyWt6LdySxB4DF3KC6mngj3MmRZN1twFb9F3LtcvIJw19W6y1WTbvnqHkhtIL8tJ6tykdams80jWF7eiLVb0vjpsxnFK4CHMuxxjQ-66ROEORFF5O4-dahqsM_fGeBkmy3sL9c_rV7-2SCsfHLrl6fILGJGvcTDdWUL4fjd1F5Zc8AEy_DmpKUE4AQDkAYBoAZNgAfjqJ2PBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOWseoT0BMA2BMK2BQB0BUB-BYBgBcB6BcB&ae=1&num=1&cid=CAQSSwBygQiDrd-qQ0kc_LcOBuuyfVe5uzkriO12Oqu9xKJE0kA1lvaaC3PILp61V00_iWsf__-NdpetGtJ-fwKJCbAlzPMByB1O06C5URgB&sig=AOD64_3wc9Pl9CnrNYI_vqa6iPovGpkGyQ&client=ca-pub-2930805104418204&dbm_c=AKAmf-AJQOL0pkgxMPjI-lyb1qyYrTizV4_1Pu44YfqbIhZFdMEnK7j6YWkUWOXAjolyWTN7F7b_E9J95DQBV-8BCzA7uc6qMFNgtRDnqqvslzKpNbUnkQB6WYIQRpAL85MkOK99meG06EXVc6eR4JfPZnmH5slfKnuCmhhdTyb343sEyMkAcnc&cry=1&dbm_d=AKAmf-DYWQuRV_I7Mk_HKjMebMdJd2FNq4RMupVsjwXmwjaIeFnaa58nwSqf2sNW2DeO_a8H5LAhFBrLxJDS7PkW9Zu34lsG5qbIpj-6l4tRYBB-rmUR5DgcooK4xP_y9wYfdHclTVyLs8Tbif3NoMYsn8DrNfTizt8SSlGPLEW_4PSyHVLBX0bNtpKUT2ZMqnfr4JxBPkXbBLq7cGsiz_Z_stvlvRPetRrs6JbsF8wZQUPMnItTLfencKgWrbt3z6fndw75-wYPFk7McZ0KzuuIGh3HM-7Xagz9MUOK-AE4aWC3Qd9HjYXViot_y-GjpC_Y-XBA5T_UaenHM9en1y0vBkFTTnIbBm6KMu9fzWMR0N69kvHlf7wKrBoF87SerWrH-83GKMefrGGZ1YXPb7LdE6rCPfsHRRuK-uICp2R2tXPfCFd9sInPSBGanz3GaazUS7fCL-jsn4Azde67B11PhbhFmVWfu17Rat6ermaE4ZQVDunB5JFk5JqFkf3XxOnBfehi5XwHV6aIp1MqLHo7ppYGpqjjJZf8wxT4JGFKmSvO4I0CySyZovfGUQ6-hoA0pVD5NjlvvS8SR1dMdedIqewtv54ZSg&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b68411b5c2089d3bf7893dece808f91a8bec4cdb2efc3a6305fb239ea7bcf2de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:16 GMT
last-modified: Tue, 13 Jun 2023 07:03:49 GMT
server: nginx
x-amz-request-id: tx000008abeef10cf88e620-006490f762-32950a8f-default
etag: "8971b8fa01b8135dc0bf41368de22466"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 422

GET
H2 200 logo.png
s1.adform.net/Banners/Elements/Files/2087214/13034732/main/img/ Frame 1DD3 3 KB
4 KB 79ms
79ms Image
image/png 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/Elements/Files/2087214/13034732/main/img/logo.png
Requested by: Host: track.adform.net
URL: https://track.adform.net/mobile/script/?CC=1&bn=65509680;srctype=2;ord=741643595;gpp=;gpp_sid=;gdpr=;gdpr_consent=;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C7NcBNmOXZOriOMjD9u8PtK6d6Avc2taNcZ-wvbHbEbfpor3AARABIKiyhXxglfqXgqwHyAEJqQI2xPCRH0eyPqgDAcgDmwSqBIMCT9CYUtdKBiGfko3-3aJWC3LJv6_oftjyntzIwiRhRT-NYE59C7SBqt6Zb_g3S9gUgXv99n0KC60hb6J_oViieJzHz3BfJHcD-tJKUvKt0yI9ocVjJbk45eQCn4FEm8BADAKLyBoufIltA7H6QxJS91iwIZyPrJ6GYd4smOEvX6ynvlyWt6LdySxB4DF3KC6mngj3MmRZN1twFb9F3LtcvIJw19W6y1WTbvnqHkhtIL8tJ6tykdams80jWF7eiLVb0vjpsxnFK4CHMuxxjQ-66ROEORFF5O4-dahqsM_fGeBkmy3sL9c_rV7-2SCsfHLrl6fILGJGvcTDdWUL4fjd1F5Zc8AEy_DmpKUE4AQDkAYBoAZNgAfjqJ2PBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOWseoT0BMA2BMK2BQB0BUB-BYBgBcB6BcB&ae=1&num=1&cid=CAQSSwBygQiDrd-qQ0kc_LcOBuuyfVe5uzkriO12Oqu9xKJE0kA1lvaaC3PILp61V00_iWsf__-NdpetGtJ-fwKJCbAlzPMByB1O06C5URgB&sig=AOD64_3wc9Pl9CnrNYI_vqa6iPovGpkGyQ&client=ca-pub-2930805104418204&dbm_c=AKAmf-AJQOL0pkgxMPjI-lyb1qyYrTizV4_1Pu44YfqbIhZFdMEnK7j6YWkUWOXAjolyWTN7F7b_E9J95DQBV-8BCzA7uc6qMFNgtRDnqqvslzKpNbUnkQB6WYIQRpAL85MkOK99meG06EXVc6eR4JfPZnmH5slfKnuCmhhdTyb343sEyMkAcnc&cry=1&dbm_d=AKAmf-DYWQuRV_I7Mk_HKjMebMdJd2FNq4RMupVsjwXmwjaIeFnaa58nwSqf2sNW2DeO_a8H5LAhFBrLxJDS7PkW9Zu34lsG5qbIpj-6l4tRYBB-rmUR5DgcooK4xP_y9wYfdHclTVyLs8Tbif3NoMYsn8DrNfTizt8SSlGPLEW_4PSyHVLBX0bNtpKUT2ZMqnfr4JxBPkXbBLq7cGsiz_Z_stvlvRPetRrs6JbsF8wZQUPMnItTLfencKgWrbt3z6fndw75-wYPFk7McZ0KzuuIGh3HM-7Xagz9MUOK-AE4aWC3Qd9HjYXViot_y-GjpC_Y-XBA5T_UaenHM9en1y0vBkFTTnIbBm6KMu9fzWMR0N69kvHlf7wKrBoF87SerWrH-83GKMefrGGZ1YXPb7LdE6rCPfsHRRuK-uICp2R2tXPfCFd9sInPSBGanz3GaazUS7fCL-jsn4Azde67B11PhbhFmVWfu17Rat6ermaE4ZQVDunB5JFk5JqFkf3XxOnBfehi5XwHV6aIp1MqLHo7ppYGpqjjJZf8wxT4JGFKmSvO4I0CySyZovfGUQ6-hoA0pVD5NjlvvS8SR1dMdedIqewtv54ZSg&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 50a754759056b8854eea40f5546ba7b21909f3d7187304b2a3681e72279fa12f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:16 GMT
last-modified: Tue, 13 Jun 2023 07:03:49 GMT
server: nginx
x-amz-request-id: tx0000050fe7cffa3883a07-006490e44b-3295d06f-default
etag: "03eac2a3ba6842e6d921e579badf6028"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3400

GET
H2 200 pvm.min.js Show response
s1.adform.net/Banners/Elements/Files/2087214/13034732/main/js/ Frame 1DD3 7 KB
2 KB 168ms
51ms Script
application/x-javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/Banners/Elements/Files/2087214/13034732/main/js/pvm.min.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/mobile/script/?CC=1&bn=65509680;srctype=2;ord=741643595;gpp=;gpp_sid=;gdpr=;gdpr_consent=;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=C7NcBNmOXZOriOMjD9u8PtK6d6Avc2taNcZ-wvbHbEbfpor3AARABIKiyhXxglfqXgqwHyAEJqQI2xPCRH0eyPqgDAcgDmwSqBIMCT9CYUtdKBiGfko3-3aJWC3LJv6_oftjyntzIwiRhRT-NYE59C7SBqt6Zb_g3S9gUgXv99n0KC60hb6J_oViieJzHz3BfJHcD-tJKUvKt0yI9ocVjJbk45eQCn4FEm8BADAKLyBoufIltA7H6QxJS91iwIZyPrJ6GYd4smOEvX6ynvlyWt6LdySxB4DF3KC6mngj3MmRZN1twFb9F3LtcvIJw19W6y1WTbvnqHkhtIL8tJ6tykdams80jWF7eiLVb0vjpsxnFK4CHMuxxjQ-66ROEORFF5O4-dahqsM_fGeBkmy3sL9c_rV7-2SCsfHLrl6fILGJGvcTDdWUL4fjd1F5Zc8AEy_DmpKUE4AQDkAYBoAZNgAfjqJ2PBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBOWseoT0BMA2BMK2BQB0BUB-BYBgBcB6BcB&ae=1&num=1&cid=CAQSSwBygQiDrd-qQ0kc_LcOBuuyfVe5uzkriO12Oqu9xKJE0kA1lvaaC3PILp61V00_iWsf__-NdpetGtJ-fwKJCbAlzPMByB1O06C5URgB&sig=AOD64_3wc9Pl9CnrNYI_vqa6iPovGpkGyQ&client=ca-pub-2930805104418204&dbm_c=AKAmf-AJQOL0pkgxMPjI-lyb1qyYrTizV4_1Pu44YfqbIhZFdMEnK7j6YWkUWOXAjolyWTN7F7b_E9J95DQBV-8BCzA7uc6qMFNgtRDnqqvslzKpNbUnkQB6WYIQRpAL85MkOK99meG06EXVc6eR4JfPZnmH5slfKnuCmhhdTyb343sEyMkAcnc&cry=1&dbm_d=AKAmf-DYWQuRV_I7Mk_HKjMebMdJd2FNq4RMupVsjwXmwjaIeFnaa58nwSqf2sNW2DeO_a8H5LAhFBrLxJDS7PkW9Zu34lsG5qbIpj-6l4tRYBB-rmUR5DgcooK4xP_y9wYfdHclTVyLs8Tbif3NoMYsn8DrNfTizt8SSlGPLEW_4PSyHVLBX0bNtpKUT2ZMqnfr4JxBPkXbBLq7cGsiz_Z_stvlvRPetRrs6JbsF8wZQUPMnItTLfencKgWrbt3z6fndw75-wYPFk7McZ0KzuuIGh3HM-7Xagz9MUOK-AE4aWC3Qd9HjYXViot_y-GjpC_Y-XBA5T_UaenHM9en1y0vBkFTTnIbBm6KMu9fzWMR0N69kvHlf7wKrBoF87SerWrH-83GKMefrGGZ1YXPb7LdE6rCPfsHRRuK-uICp2R2tXPfCFd9sInPSBGanz3GaazUS7fCL-jsn4Azde67B11PhbhFmVWfu17Rat6ermaE4ZQVDunB5JFk5JqFkf3XxOnBfehi5XwHV6aIp1MqLHo7ppYGpqjjJZf8wxT4JGFKmSvO4I0CySyZovfGUQ6-hoA0pVD5NjlvvS8SR1dMdedIqewtv54ZSg&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b76ad8a70f03910253032962f4c1b1303ab5b214f71f970847df245b657ed510

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:16 GMT
content-encoding: gzip
last-modified: Tue, 13 Jun 2023 07:03:49 GMT
server: nginx
x-amz-request-id: tx0000003e3182354ff28c0-006490f762-3295d06f-default
etag: W/"68f57facb002fb086c85d30fd65dd9de"
x-cache-status: STALE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3208 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 79796
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jun 2023 23:32:19 GMT
expires: Sat, 22 Jun 2024 23:32:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 main.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame F7F6 3 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=EmwfWBRKDx&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=EmwfWBRKDx&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 816
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1100
x-xss-protection: 0
last-modified: Fri, 05 May 2023 10:07:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 24 Jun 2023 21:43:39 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F7F6 8 KB
6 KB 64ms
49ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02f67c41ee5f6b8f8e714766432c7fc830a4d8a763619bef91623990abf2222a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5824
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 23B8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

20ms
19ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 21:42:15 GMT
expires: Sat, 24 Jun 2023 21:42:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 21:42:15 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame 3208 37 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 12:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Jun 2024 12:12:57 GMT

GET
H3 200 300x600_de-de_performance.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame F7F6 62 KB
17 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/300x600_de-de_performance.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9193201d0203b0bad4683950a20568489eb0bc5d8cf8ec8e3ec0d7c2765900d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=EmwfWBRKDx&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17859
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 08:33:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 24 Jun 2023 21:55:12 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F7F6 17 KB
6 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 24 Jun 2023 21:42:16 GMT

GET
H2 200 media-u1jbjx32p_DVR_4987.ts Show response
live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/ Frame 172C 585 KB
586 KB 9ms
9ms XHR
video/mp2t 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/media-u1jbjx32p_DVR_4987.ts
Requested by: Host: m.livehd7xc.com
URL: https://m.livehd7xc.com/clappr.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: a17be26a0fc3f0d5d9bbbef4dc034a02dbd169ca4817c773185e3485cac3cd83

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:15 GMT
server: nginx
access-control-allow-methods: OPTIONS, GET, POST, HEAD
content-type: video/MP2T
access-control-allow-origin: *
x-hw: 1687642935.cds278.fr8.hn,1687642935.cds212.fr8.c
access-control-expose-headers: Date, Server, Content-Type, Content-Length
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
content-length: 599344

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 4613 43 B
215 B 168ms
165ms Image
image/gif 2600:1f13:800:7781:2c5e:9481:735c:93a8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=d6f58e8d-b266-3fdc-c43e-3f11ef83681b&tv=%7Bc:guHiRp,time:815,type:e,im:%7Bpci:%7Btdr:531%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:816,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B810~0%5D,as:%5B810~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:211,fm:tI8xLDG+11%7C12%7C13%7C14%7C15*.1352960-70224085%7C151%7C152,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:21,sis:262%7D&br=c
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:2c5e:9481:735c:93a8 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:16 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame DB76 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 12:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Jun 2024 12:12:57 GMT

GET
H2 200 chunklist_DVR.m3u8 Show response
live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/ Frame 172C 199 KB
13 KB 276ms
275ms XHR
application/vnd.apple.mpegurl 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/chunklist_DVR.m3u8
Requested by: Host: m.livehd7xc.com
URL: https://m.livehd7xc.com/clappr.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 44302c25ed2ce1dfc9ecb0da46359e996d4a78e355effa617eb801606defda11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:16 GMT
content-encoding: gzip
server: nginx
x-hw: 1687642936.cds278.fr8.hn,1687642936.cds246.fr8.sc,1687642936.cds246.fr8.p
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, POST, HEAD
access-control-expose-headers: Date, Server, Content-Type, Content-Length
cache-control: max-age=1
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range

GET
H3 200 container.html Show response
41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C43B 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 21:42:14 GMT
expires: Sun, 23 Jun 2024 21:42:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame E48F 37 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 12:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Jun 2024 12:12:57 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame C43B 34 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63715e8ffb3d4efab913b95b9369dc96445bde93529cdc97909bdf57a8134300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:21:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13554
x-xss-protection: 0
server: cafe
etag: 10619647361806024282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:21:09 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C43B 24 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:05:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9407
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 23 Jun 2024 19:05:29 GMT

GET
H2 200 web_video.js Show response
www.gstatic.com/admanager/outstream/ Frame C43B 329 KB
114 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/admanager/outstream/web_video.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

facf5f0be178fcf46bc483644fe84256e4f0f5c7da5829904a5f53a65cde4469

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/drx-mobile-serving
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115876
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 15 Mar 2023 13:49:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="drx-mobile-serving"
vary: Accept-Encoding
report-to: {"group":"drx-mobile-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/drx-mobile-serving"}]}
content-type: text/javascript
cache-control: no-cache, must-revalidate
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame C43B 22 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16749
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 17:03:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame C43B 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 16:34:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18445
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 16:34:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame C43B 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9021
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:11:55 GMT

GET
H3 200 star_alliance.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame F7F6 4 KB
2 KB 18ms
18ms XHR
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x600_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=EmwfWBRKDx&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:27:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1840
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 11:00:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 24 Jun 2023 21:42:35 GMT

GET
H3 200 lh_logotype_single.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame F7F6 5 KB
2 KB 19ms
18ms XHR
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x600_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=EmwfWBRKDx&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 307
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2151
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 24 Jun 2023 21:52:09 GMT

GET
H3 200 lh_crane.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame F7F6 2 KB
1 KB 19ms
19ms XHR
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/300x600_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=EmwfWBRKDx&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:38:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 24 Jun 2023 21:53:06 GMT

GET
H3 200 NH_D_NA_Canada-Fjord_300x600.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame F7F6 78 KB
78 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4703548/NH_D_NA_Canada-Fjord_300x600.jpg

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c035714feae82aba37437b0bc97288642194e2ec8affe988dfdaa9c70c5d798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=EmwfWBRKDx&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:36:28 GMT
x-content-type-options: nosniff
age: 348
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79469
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 16:57:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 24 Jun 2023 21:51:28 GMT

GET
H2 200 mraid.js Show response
s1.adform.net/banners/scripts/mobile/ Frame 1DD3 27 KB
12 KB 26ms
23ms Script
application/javascript 37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/mobile/mraid.js?1678702576204
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/Banners/Elements/Files/2087214/13034732/main/mraid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 5d18193691964b10a7e68b0e3332053e4d4bb8c7971559815345697fa5fb1a04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:16 GMT
content-encoding: gzip
last-modified: Mon, 13 Mar 2023 10:30:59 GMT
server: nginx
x-amz-request-id: tx00000fcf0614b1f4997e9-00640efb99-3295c42b-default
etag: W/"7a1987ed3c4f4b044c9fa59087a230ca"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 /
track.adform.net/mobile/csimpr/ Frame 259D 35 B
518 B 17ms
17ms Image
image/gif 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/mobile/csimpr/?CC=1&bn=65509680;msrc=1;smid=0;idata=K0nu-kXaB82n2DmsdrGsjsHzWJ8iG5IJZk2TgBF5oEiNy-7h7Mj3N9zJANHTYJ_0I8oul714PiXqbwkceK3RYMWjAexNyLOV0;;rotseqno=1;srctype=5;set=en-US%7Cen-US%7C1600X1200%7C0%7C300%7C250%7C24%7C1%7C3%7C7%7C1%7C;ord=172536092;unloadid=2258026178503580034;mloc=https%3A%2F%2Fstad.yalla-shoot.io

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: image/gif
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H3 200 LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame F7F6 50 KB
50 KB 18ms
18ms Font
font/woff2 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/346383189655976896/index.html?e=69&leftOffset=0&topOffset=0&c=EmwfWBRKDx&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:27:28 GMT
x-content-type-options: nosniff
age: 888
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51548
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 11:46:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 24 Jun 2023 21:42:28 GMT

GET
H3 200 12354540392113758513
s0.2mdn.net/simgad/ Frame C43B 99 KB
99 KB 18ms
18ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12354540392113758513

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d626e9843e50d2aed23aef3b842a1b76ffa2a9dc3524cc13758a906f62ad737

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 19:13:48 GMT
x-content-type-options: nosniff
age: 95308
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101648
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 13:55:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Jun 2024 19:13:48 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C43B 0
0 46ms
45ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cvc71N2OXZOqKKYuI9u8P0-qAyALElPbpb6-8gsONEc_elt7tHRABIKiyhXxglfqXgqwHyAEGqQI2xPCRH0eyPqgDAaoE-wFP0PLuP6nw3LWVoxisW4assZ-nv1-bftS_BFSxsFeu-m3uLf8ZSaJoAo5x6jm4mzyWYOUG3alcW7Jic5bb02M5SvncwtyLnyjI4HfLVEYCK0RMpU2aVVNrNEagX06cgK1iyf2Ji67ltjcKc1Nq0fhzzXkxYjIw21Df7ioVNqTd77Sm69zCNs5mK7vQHd8dZEUIe8HdHWrUwZTTfAjc4-DJKNSZl8VPgBZRAi_KVS3PkCbjrdHo2wa9K9t-2ahEkdyA0er2PVRet9514hlIwRHuCBdnr_Dcv7WyzH6PkzNMj82-8bJpN8Xo7DmT-MvjjKCPr1NfOXb5ylfu0MAE3caLuKUE4AQDiAXSn5uUSpIFBggDEAEYAZIFBggbEAIYAZIFCggiEAIYAUirti-SBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB7S7lDyoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHChD0yCMY6tHC5QHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsBsBO659sTyBP8u5LiA9gTA4gUAdgUAdAVAYAXAbIXHgocCAASFHB1Yi02ODY5MjI5ODA2MjMyNjc2GKaTdg&sigh=ucn2C7sCZD8&uach_m=[UACH]&cid=CAQSSwBygQiD5LBARwrUpeH1FHl-zYC0zLrXbs8CRwBcgCIcryBR1Waf2DeWstSXqBQ_F32x8oNXD3nvJfp_u8pykvl-oQ9HD6lbzWBtSBgB&template_id=509&vt=10
Requested by: Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C773 143 B
166 B 7ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1544
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 21:16:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C43B 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b7e69fd51a75b11065ab111a3ac9ac3573f9731ce97aa96ef8743a59ea01191

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame C43B 0
54 B 348ms
14ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ljaj13nq&c=4440381528505&slotId=2220190764252.5&qqid=CKqCwe3v3P8CFQuE_QcdUzUAKQ&fb=web_video-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=styleframe_video
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 volume_off.png
www.gstatic.com/dfp/native/ Frame C43B 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/dfp/native/volume_off.png

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 20:17:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 91502
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2684
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 22 Jun 2024 20:17:14 GMT

GET
H3 200 pause.png
www.gstatic.com/dfp/native/ Frame C43B 763 B
786 B 9ms
8ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/dfp/native/pause.png

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4ffcb380b93be8587df1adff939042b89c5b2f0329458df5f2f2a8c07123297

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 22:43:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 09:18:00 GMT
server: sffe
age: 341947
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 763
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 19 Jun 2024 22:43:09 GMT

GET
H3 200 replay.png
www.gstatic.com/dfp/native/ Frame C43B 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/dfp/native/replay.png

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0240de66a7b445f61b5a32e74c7d1dff431ac48b1b218ba454275b8f22046368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 23:22:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 14 Jun 2023 09:18:00 GMT
server: sffe
age: 80373
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2305
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 22 Jun 2024 23:22:43 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C43B 0
234 B 342ms
13ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ljaj13or&c=4440381528505&slotId=2220190764252.5&qqid=CKqCwe3v3P8CFQuE_QcdUzUAKQ&fb=web_video-lima&ulv=1&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame C43B 26 KB
15 KB 61ms
60ms XHR
text/xml 74.125.71.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BY84GgIP3jpT-5NyjHhNbjg74zjmXcG7QsYVmNq10e28vL921NI_J-aqXcz7HmRC3WuodMFYJzS2oIQ6KNX33PI_BfSQ&dbm_d=AKAmf-CbTk_qdbOkfrfKs8QaWENfgscD6B_lpis2OnIX4TPzF0xTzFeXTOk1JqGDO9R-rCjpoWTTjHb5Yrj7aiTni9JWh8wc971DgFgAevAEDzB8iuxMZ9ft-P8YTAzwI-6wH8ghrm5SynZjnfP0_LDC96CIX242kI77YheCyX1QhUvi-PbaEZ2BDwwV2y1Qt_XCUr3Ue-r2Z1ZZ-1c0SSxWJCgOYFiI-Va4Z_YJ_l62Hsbc1aj5OPlpXTnxNkKLipZ4Cq4niSpFWYJL7uqgIGOaL_G3rkJ1V_6ODcgnGzax-xPYfN_3_w0QUYSfQLkNMsu2gVym8i7LnbpX8QQkSUvUB5iUQinlpUTS-tCvoqiOvPjG9QF4MtmucPzf264xuxTnplpKhFWhSMGz3mJ6amVgxn5B4zScGlf2qJBRQ_NCKZFHbVYO0RL3DosXaJ_buonoutBWlcPDy3C9IBZnHAWdTDMO2eAM20A_tX15NcB_FBi5TOTbLQ7ErN5PrjXs72rLb641hTFv62OCekyxyXGCEGyHFmkhobolMN3JfBGTfi4uHYMhHfdANUGGqvCpiPLHJ-ZfvkEzxNseI-2RzAcIZ0HQlWAVe3wbL1mUnNeCvl9QXQ1ae5HTnTjdjRmPPb9ZfEsPQU2Hu82_OhY5MknNmcsqprc1MwMjQbXgZLNht4CT0zxgk4XXGMeF81xp2KDZTkAvNER_tBOzLtyXw_pIBlqEIhjR0ZmjaIgo3jfmg5uqZog6HQ55xuUus5F4DFVx-IGoZmjFkqoDQDuflqmnhbIlljY9bb5Z4YVPNZsoQTsQMZFEaPZuB1MigbbfuuNk3idTBjwlo-6p5Cp3oCxbJ01osEwhoafUvoc4Jm1_SgZ7M5n5JS-yHOQkSfWn1f6eXjAQsyAQjFtXbxiv7pCborUfGb6wAm8YPDnWSLl-hxn6KTxTnkbPWn_xozLHYG4BEJEN95kDUfBsRYPQifzhqEFheF99AeLyTELigjafdRBYuAzLTAWrn8UcVM2RUBWBTIi_Ekm40nVBHouMOZtTC8vGyYbvehvf6c7CX0GFkfrLrlwTPsHx81JIpOiIRU8pBiNGE4l7CNo86mctyibK5_tcHzRe01B8q8alBp6wcdf-ip2svZ8EfuAMh0oehbgZiTvk7cdEL8tMIaTeL2hnOynKk6K7KwFTD7leuAexOWPzBhZPp_-Ap_zYTJT_-G1UvUeKBll4oMfpXpN823mddfJVSbR80dA7ZyhTG3x0xyxDqT1ELLa8MUW4gSD3HnXXib2-sgWuTXGpefmNfPRMIQiP4eOLMLenKsTX2O-aKYQZvi8fnIfQxXVebHlP__22xweLFJxX6GvRLcorOtvWZzKACN-Z4iqZGT5l8DOPPJ-u949cUe6wKh_OdXS5a-M3ZQKZg2XJu5zdf89XLTemrcdT147MwMvIvslkPQwHhQAnNm1TK4HpqM4dBA9-z3trynHj1zILO9fmoOb0EXxjSgjOtIzyUvKlI0sp6BtTO5VcU_n4FEap4sGxLy6L2C48dFCNPq_90uR6g6Ad0wmgN8mBoM87LiUNSaHnNuHD-I2N8fftB8iRp7GqeT-0QhFJGctkuwZfKnDF0w7gCEtQkNviRkZsj2F4LzeTE3nIzbcpUMFsehiTp4_Nk37vFdVps1qnf_gjRxawsIF5FMb8c64vLcuqmZW0alsgMJ6XgDS45hiJZkpyDKCaeg1Hg4UZSz_Pdh7fa7kaVOoxWIYKmE-fBS1NXbL6UNC4OH4Y9Dx0eID_RmFSfjpVf-u6Tvj80UQEUuJ-EG7fc1b2_UwwMig79HAlS04Lt4XYIajIzeMWtFLrlg4cSOEuK58Ad8WEanIRBnp-RWlBB0zHPB1lc36WiB_5XgZc-aLPAixvDYEuy-iXAMK2EE_L1bxljIehNozQ5pn7YZ9idzkbGzw2isvh-Jev2iPXny-FO9YyLQUiGvPhCJRoG-5TzmrsLjcWEfnjSh5ccy4__-pUDGA5FlJHjgwpZfjMKMztP4dFLrhh1U2SPU_YBGFMzLeYHCunQAQRE6Lww0QdjEdiMSYMgPKTnZO34vn0t9OCQNmh0_kAMZEXZIY-kQopYrFFN2-q4ZsItTSLIu_7PdAID-Y5YAi_ZcL2IiSB_jdijWH0PaJkkroPIVB9ukoIoE0yV3dh5G6yOLlajPFn7bpzxE-58SODyv-jd5OH9ZoqSYDI1kiILjnejwdPuB4r1W-1viCcnUWD-YYnzYOCr0TMPrgjMDdeFJeu6PvxJoRnnvw5RkfM2IY_pos4AAYyt_WoiwmwLy5m-8JB3J-OdO9KzJNk-m8v0VhbvWmSkw3UNGdW22xymSfF7jh9x5LD4svJmbsAZ4VmALTQdUYCCfglWe-ZvBQnd9LkIrYLnE1SC0fj6TY7-BuNSg4vmTnZGITCThpKEU_hwqoRndiijkzvn-qL-6v2lkKxqurVncsEPoN7Nh2IulptIGLQ_lLXfAsuJUIq1uaMhY_t9yMy9cSzSsSp8EuLpCV--J5SLCJtWRxPTptdqP1YLvxsa4DG69gN_GTmGKOf8Ypv8KwyuggKOM-oW6Vn_3vj-8eVfRUtBpod2i34n7beafqvX6WqhWsFhfV1TyOJCYln4vF-NvcxOtqj8FAsrnLyCKuU78XVkaiE05kcCfywafAgATp8O1LEWMO8QtB3_JRjJ7aHeeKXMvZTgtikjKlIPhSl424afRL0nv-8i9qnW2JFSPzrt_yBtUwqZYxnH3a2mBLhwbtPj3Hi3jLdcUELAmH-nkHl9i9wnyQAQO3K3e-L_Chsxlk1wcw0wqM8HMkvCoBk2VfMkt4Agnf_QcHezbVs6lV9A_CbzBYTCHKizAEVgNA-aYkr2ZaSWO5Ll-fJj9u8CH0q15UYiJtU9YMG6Jff6VByFIVFiFBCFBhrNfNyULPEyjErlGTNkn7o2Ab0EOt7X7q7JmtlP5tFSTglrwGAnij2Vv0jaFPL-TLbHdTUznxGSf5HjdTQ8NEcRi41zjYJwh4GBGPvpBf7BW2l46Mu4vPnF9LlHHuvnSP6IaUbNdZCjjBd3eCjYBjGMOkqr2i2cqgr04RuzF0dnZI4yPVSEmK0WsyHqCUJTlXN89Ny3WT2OKii6paZ3O5g_qKiz0-g4vN7V9ZfeN-g70VAZXDlICcihF5Fe_cPHZqaaD5-pi_nrj0_Ea1DXhKczz8J051wtyeq0hmXobEvEv4JqaHQWMzxGR_fspqnydpBjSbhyPgNfbAk28ruH4z5DYiOpLzDJy21uPsq7ngA3uP4IP9bwv4DYY1aooIeuguEaLN7VD5scWtqEHGTFC11tK9K2VpJUeAOsuX_27_k0dxb1w_PI6obyMYAufXxw65DM7a3ykzrL0BAvVTT1o-BxDHlyuibhqKNhDb_x5Yo3mR4ocDj6xlSC2kypVtEl7I27jnaqnl6PrnqFnK4T3neWUcISPVgrR57SgL48KX8stUeGkd64k1Nnr52ECd6jnUDTw0bsdRvh19BbpLFwOsBRzZcjUF0qq-YD8UonIc4fwqrfLkNluQB4ATGtgLFG7DdCio&cid=CAQSSwBygQiD5LBARwrUpeH1FHl-zYC0zLrXbs8CRwBcgCIcryBR1Waf2DeWstSXqBQ_F32x8oNXD3nvJfp_u8pykvl-oQ9HD6lbzWBtSBgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.71.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wn-in-f155.1e100.net

Software

cafe /

Resource Hash

49d2a4011cd567d3219b35ede345a93344960fb0d60869b823613d76df8b7684

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15185
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 media-u1jbjx32p_DVR_4988.ts Show response
live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/ Frame 172C 629 KB
630 KB 612ms
612ms XHR
video/mp2t 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/media-u1jbjx32p_DVR_4988.ts
Requested by: Host: m.livehd7xc.com
URL: https://m.livehd7xc.com/clappr.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 4312db021b84da02b5d5e5f8a271a5d2861060bbb29f89f42424b9b6b2b93d5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:16 GMT
server: nginx
x-hw: 1687642936.cds278.fr8.hn,1687642936.cds212.fr8.sc,1687642936.cds212.fr8.p
content-type: video/MP2T
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, POST, HEAD
access-control-expose-headers: Date, Server, Content-Type, Content-Length
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
content-length: 644276

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C773
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

16ms
15ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 21:42:16 GMT
expires: Sat, 24 Jun 2023 21:42:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 21:42:16 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3208 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiDwvN2OXZKTCKcqbgQfvy5j4BgAAAAA4AeAEAg&bg=!FRalFkLNAAYQ3eRoMN07ADkAdvg8WkQc0rryJArKsnh8GiUpleqXj61JMyQncv4WGmRo9gwQBCFuIqiEAleMson1VDtpDqcOm6cCAAABRlIAAAACaAEHCgAaW3oMQS832EGTx3L90tGFvd1kGw6tbFnQ9dGZAwdu4yA4nk9ervc1bfhO_vie484PoT81ni9jW9vDpNHviJaqJcxV6ND325DC62j1Olpo9n3GhNcyuFKl9Yo_5VTf7rMXX0_MzF7GB0bZS6q5e6lLcWhU6kN_P-xE6DaRRt3ns7rgnJGGZ51dnJi21UQUZP788637XkZb06uCYgH_PX0WEITD_Ws-H3JYH9j6KJB8hgsos6MwDxOPcruFSnaLne4-qiveS5FhPPqH8pdI1devSb8dC4GZoOi1IK5BLx7lvFDYwESb3SJIIDVn_07br_HnOiusggSrX-bH25sLWNGLRNO-l_CnvnhOKot3X07l87OiwOfBIgYtYuRfEMqA6j0Lr8GkGySFE92lm8eeeLVXO4vVcQt4WqFkHn1g6y2j4pEz1kNmW_ll5vO_x0uhTYKAV9cFh3aqYnFNt4BMo4B4LVZV0AZBrLYwej5d7zj1kh5TMcJ6j22lOJnqcGaBR2Jr59-DjuaPH-RhRgtaxxnM1SPlhNx61TQMVu56Kw2Elmcnpyk-Q-CJ9N_GZjYkVdPGfHRdvOhHGyQBpdcZbuCdY3HY4ZWNkjs4pBoc7j_ZWIrhoTVcekwmFKPp5wkdlcxMAm-pSBqUnQmV8OfRa4RHkXppwtJBkDBJFPD43LAwwzotjAV8Zysvwilrv-eG3E5b1wsAh9NKp4aKy71a2LzPm8Ijp9jiAbx5yW0Ao8yGtiq4TutjJ-JqHnnhWHejA4IAgKkjsjqIjKXofSUaeaioqMhz6pKx-z_5L-n30ESQv04bPPZb5Bc0PUTpchkz_yvBLeDtZjtwRSyKwke4tSj-27h15QhIXd9fOi1WihVsHKBh5giCehXJositRwNMDUj0nO4flVf2_e28j5b99bJOyn7K9YjlPLtVRCNFKEkEzNe5x29qpYFBAQRvzWuKpAO2wZp5PJzk5HqSVt4gNcujq9L_uA7DN5OGX8xJ7-1rPum4-0rvNQQev9vgfDQ41x9H4gpt-zo4ftEtTOtl77OBt7axW3ARMhMKXhLSkiqCOFPl_3ks

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C43B 0
54 B 273ms
14ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~ljaj13ow&c=4440381528505&slotId=2220190764252.5&qqid=CKqCwe3v3P8CFQuE_QcdUzUAKQ&fb=web_video-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

file.mp4
r4---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/9d4c6e9ee61b6206/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3824719061/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame C43B
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/9d4c6e9ee61b6206/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3824719061/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r4---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/9d4c6e9ee61b6206/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3824719061/sparams/acao,ctier,expire,id,ip,ipbits,ita...

2 MB
2 MB

99ms
8ms

Media
video/mp4

2a00:1450:4001:62::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/9d4c6e9ee61b6206/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3824719061/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2660E3ECDC06F4CA04CD75AC377DDF7A1491FDA1.7AEEB21330FAF1418E937D8DDACF1A0E05D83C5B/key/cms1/cms_redirect/yes/mh/yH/mip/2a02:6ea0:c71b:0:1012:e7a3:ef71:a9e4/mm/42/mn/sn-4g5e6nsk/ms/onc/mt/1687641833/mv/u/mvi/4/pl/48/file/file.mp4

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

HTTP/1.1

Server

2a00:1450:4001:62::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

806d0fde2113822412bc6ab304d20c25ec6d30353560cd006a477b05de24ae41

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 24 Jun 2023 21:42:16 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 31 Mar 2023 13:55:34 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-2236664/2236665
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2236665
Expires: Sat, 24 Jun 2023 21:42:16 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:16 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r4---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/9d4c6e9ee61b6206/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3824719061/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/2660E3ECDC06F4CA04CD75AC377DDF7A1491FDA1.7AEEB21330FAF1418E937D8DDACF1A0E05D83C5B/key/cms1/cms_redirect/yes/mh/yH/mip/2a02:6ea0:c71b:0:1012:e7a3:ef71:a9e4/mm/42/mn/sn-4g5e6nsk/ms/onc/mt/1687641833/mv/u/mvi/4/pl/48/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 666
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DE89 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 21:42:14 GMT
expires: Sun, 23 Jun 2024 21:42:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame DE89 4 KB
751 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 24 Jun 2023 21:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 21:14:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Jun 2023 21:42:16 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame DE89 2 KB
893 B 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9021
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:11:55 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame DE89 22 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16749
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 17:03:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame DE89 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 16:34:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18445
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 16:34:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame DE89 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9021
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:11:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DE89 179 KB
56 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jun 2023 21:42:16 GMT

GET
H3 200 b2e5730d4c3b853e5c2ef15981a3fc9d.js Show response
www.gstatic.com/mysidia/ Frame DE89 33 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2e5730d4c3b853e5c2ef15981a3fc9d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14011
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 14:00:06 GMT

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame 7876 37 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 12:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Jun 2024 12:12:57 GMT

GET
H3 200 container.html Show response
41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5801 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 21:42:14 GMT
expires: Sun, 23 Jun 2024 21:42:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4037 640 B
265 B 26ms
25ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjUyrHlATAB&v=APEucNUuG0Xk2PwxKwAmA5lDTtTwfeKm26J-ZmcJFSJ2wZ9JnHFpw_dhsvTGHbKuFtdrT56f9LRuNvk9m4S6R5gAacCV1i9EqXNcfy4RfxkxV8jtzL0cp_Q8TJZN9uQPLNEA3mvoOMZimJ9-__w_62Te9Vn6yIpcDP6TBzwO0j8lQQU3nsMh-Yg

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 21:42:16 GMT
expires: Sat, 24 Jun 2023 21:42:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5801 78 KB
27 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 24 Jun 2023 21:42:16 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5801 42 B
63 B 48ms
47ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D0xFtH0PTTmpPiY6JmhtiYm7_xVfA6eNjsPv87T4t5svU8nbblIG3Rk-FxkIe1r7KGEU6Jl0z_dNan_3YNhDgkIF5g4mRNdE1fb6ufkUUYCYmRSXE

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5801 0
20 B 49ms
49ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9366611008469082241&x=1&ct=76

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 5801 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 16:34:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18445
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 16:34:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 5801 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9021
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:11:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5801 179 KB
56 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jun 2023 21:42:16 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5801 0
20 B 45ms
45ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4445452439268&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5801 0
20 B 45ms
44ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4445452439268&version=m202301230201&ct=76&x=1&cor=9366611008469082000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5801 87 KB
36 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3fVzUylrKgoFwtcMxDUqtK9svL3kc_fY4Hz9Op6y9itbwqPet0BPImbsrWZkMl-q2D2Mmvv9PKxIbCGItGZF71-YpnFE6Ms6a5v8Sinl3CI_knTW22x4oxqsNgQ9gMzxrABLVjYOh8SZ_vKlV5mBqL8MOkFpbwv27t_sv0m70F4_M5GY&dbm_d=AKAmf-AFVOEWhd42Y_xc-9FqnpOkxk_gNPcPmGwwlYn7cFc-7rMaoE2joQ7R0jro3KC2w03sDM4-IVeto67zUx54lu_TvVrLzW0wcrI2tuMhRspPk8TGndIfhEJx723f0pEntLDP6p7FP7xnRSVZKbkHn4ck_DYWTJaH6KXZkhEkMQXK98jJklEZC2zLDOnM-TIOIusJ7t21SDUsI5qFFhkN9lT64iIt6948tUUvZ0zbxlx62PvWDVOl1Kf37lNNUOVFHqTTlF4mllgbMEkW__KXawIECwWemTtuUVLOBIIqXJKorYGWTP_poPeBHgn_YuAnOMRqKmmzTc3jHiz_5hKWwH6FNXRqxXMKCt_QO0xGVB-QSmkuO7Ouy0sGaHHzgLMFeLn-ZmGbpWc4t3ALpMqXUo2TiLgW7EXJ7RgPj1qPGAEvNV-ekUdOaI0W8_wQJ22BBMU7itzbfIEavKKc7tuBCQ7Qt_nON4nmyBPVCv4cA8Z_CKiA8xX5RCTW_1kMbS84mgNl0z0oe2EwDxnbdad7qC-ZBaQX6BIlYwETVpj5GX2f6wUy4zhJAsYAQFgFEbiUi8MPql4y5QyQsS9mJqfJ-UlcLUCMDQCP_LjcL_TetuxOTBc2eGr2GNSer1ALl5wmpwCskCJ7pJBbywOYYMOP96Xvlpwmad1Wr3zDVAn9UPwteOk_dSmHYnqYyAnzETaMD6-sD3eCRtAunChC5MEvJ4A1zsSaPfDvBvifrABpkPqeL_c_bN1zMuMSmelkMripfx1I-tFq2Gtxj77HiLYPgumSMM-FaRYwtGz-emxdVsbNEuNQbTr4GpI0_UgE5vxmpfcdFL7UI9OiVds7h1BRztOiZPPD_5YXAsqx2Ro5uITDnzdFks4yp8ntUPiZvZ3Dhp6r_VMxWo7GYKIEKp01hpLK3hbij-yuoaJ5kijZlLB3CCTpke1DEQz4Au5TcM9qrL_snhQHqwzyCoaeYr52UZImcm48hewEUkyFqoN0eAiqM4C0I0pVW-OH2c4-0LED3hGFzKraAvWc1tY7b2OCcB4WzWJNT0TBKXWphlijqV_dPL_hWSsZTdUMsaj_guUxtqOV2H_u0avd3YAt1uEj5a7eUaQXqB-IRSUsdX3hgamLpnZ_RLi8l7H5EB3xF1aZQcv3YQ69YRhu4UCV-sumb1U_y8eh7YMoES775_li69bbF1W3sz4XhDjE9Mt1za3doxOrD5GAYS1w4L_vYNwAm3hlMQYutCW3C0mzWvXYHmOLnfpVLJaVjScLFw1z_sV49F0HhKvlYL7n6qVFEWeXY3PEJcB_otwKEqBG_rCNXTvaq7QjJ-GB1VOun4Eibfy9ZZBJs23bn_Ck5ObD2PGGuXMGwezwo7OwMDGl-huwyqR59iIJWDp7DglYLWxdMu-ivbMQzANhcQfIGw31GeA-tMEjInwmV_QPM2_RpfX5yQt-4rUsHtdPZZ4Kvy24iuPfT_LGvMDlTNrHZIZhGxwKVNswvjfULQc_7kKu43N971lGdQfQ1yixOGBm9z8zSuE2LFwv9HZZz2KqIFnJcRDjUDQzmpUo2APOy8rWqYnuSawhZTbnljoeoYwqVX1IGOyNvAFy53F8KRd1ZCcc-RRLlRpXx8BA0FH7d5pX8OpQAcZlPdE8Pu2FxODxZWz5RHsHeR3Wit6k8jJ3aLwLUyWiLKRdxVZ9D1pQ4brCZKzg88IahIqbNMJhlD07xF0X33-RuMTj3f_181DW13t4EW3UXelVEMmbC4vq4vhXFSdm8DPDpr228-bUPoFG-0uAvSqmcLFVNEYiXxEMI4ien5Fdg-ShauE90hGwobIN70BddT0APMTYSh49-blLDyIC8PuJ64Z-iq4kok1OEjAHxu0JFvtOK_0uUv0DqSncWSrv8CLTf5wKhkKvZDPrQDNE08CBcimSxE4zXLYJRyCXH5tNcuODoJXo7D3PtSLGC6YJxdsYkL3fFyYs7wCx2i4t4v2R5KZguxGOmDda7FQVRbH9yNVyO6aG_LCF77v8t33ckKJmfYhJu6K9X_gFlUdij1lZXlXIeV9CrM1APmzpWrpiN8JnZ2AElruJstmvKg8DRCwoBS8xHkvgcA-e-So0kYOHnCBUPB0BRItBayJzKsCPzC2MJLsroMiRX-3uTyyrsMyPpTphnaWjqye2cXjrrzDWw6ytWnU68maIrGCchoyNuyfFcBYpFXS5yteUo-ZuunC69Rcwb2JXeZ3vjHZFDLhhHdt6Qr3rxgEGg-T_aJh26p7W1As8nGiWUeI9HJkD4Ld4Iij_swVtOuwmHwG-uNraLlAmDSY2ffy-b6_BW8a1xc48AnT5YxuwggCNv8GPiCXt4wI7PtgGC7jNZvMm52J1cnwCiHFquH91GMhVrHVtPTTuGMmyTmQYu8LZzYYaxEo5dbZ1d-sYD-635hx6jSGJCui9VHFNKBFtAVsnK0BzfYijhe7eCzoUn0WK97ojFnzzlE6yD87U8i_qZgPMI2G-9pgnxniq-Fsr4og9pdAKFHiScWvdYacjZYyGnRvstXjzulMooJRf0ZQAioo1Wj6DNsdIZft-ceBd5eEKkXyEw-CQEQKV4UQ7ijnGYN-CI5HgfE8rs4onQt9S--9U9rQTwW0PfqYYhjDfXMvS_THOOkSNYvaNfTVTZ-KVUjkZLnMKcqI9tYryx4hU7hrIwZFg_VBdAywgIBSzkwXTw_J1gTB-VbVVhPjTN8benucSI9EnVHKLzCsd9wDHfox0gCwbDYcq-Jj0LtLS0QiJgjYGT2gN5lU4A0lslUGOCUa-SDndyHHjZROPumvU257zkeWdWlIZPDpnhl4W-ezAb0svniv_S5VoA2vjyODynOHj0ofofdN9Q3v0u2ExjrdZ34b6_cECtEiEh_j7qRPexAdsLGeisQRkhUYPNaLFoU7UekIEIiX_ECWc3dEy6anF53rucoqkQoTNKmhr-oHuRelb1crmnnHIbMRzuEvJeVJL62t2I3AF7jqVEYK-4ATB9FQXq7oNoS1J2mwG9JG_L0CagXGIr-2Kjy2CareMzjR1iIiBtzIb2oZC2IeJBVDZUSxtRMZII43iEHlSue_zruKSKZiVWazC3Dlf5VLAphCWqevjydWdXs3uJKWrckIXHDp4mONubcdsafFTmRcDxOkh2mGW3kgVXKoSkIMOnSjrKQVtI6wZE37R2ErGcD9-qDrB4MsNeaO2OZ4Au9Na2s4iiD4W5JEa4p16KdN2FU-uvkuCIE3Sf3d-5Eu2MVxCh7gxjIMOViPitCTlOlWGNNA-qpu72q_NNFOST4Q8lkX21oE4HjSEcSKS7WAngC9glDrBrwRaWGNjOZlem599WE6aoZBklUiL7uwl1cOLxj-sMTmtK2IqPcnINbqh4LnIJn-igdp52ld8hP6Jtb9px3GoSJ6O0-u2cRfgUZKt43lV3UItRuJmko8&cid=CAQSTABygQiDLofChx--TktkbRhOoxwzkX-vqyQG7P1dHuXKAD-Ogxr3O0DAwHeVJT1F5maYvoIUYQQKi7nkEMpWyh4HuY3FzJalI5yDBoQYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fstad.yalla-shoot.io%2F&ds=l&xdt=1&iif=1&cor=9366611008469082000&adk=3037181500&idt=28&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a11d6c7a0bc2a318cd02fe1fd7ddf95b8acf306d402d965d9f25b7f38da8150a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37211
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 259D 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZ1w7ZD5mOhqbUhM9zs9onD2kWvrNtD81ymN8J_kPhuUSEnLrGAoUfVvS90f2F6i6rZaKUHIK82jDC6hMuQPmOKATQAHufHDJXbdDjYkudCmDvdmpswC1Pt4FFdPguq9w&sai=AMfl-YTST6OF0IoSE86iqVi1qBqbkpGKBjHm0Kcip01Uo_jMIa4nA4ETLpeIvfzmlfnaG8tXTgPjGd1nVI8alzx-8lnNFjKvh_S09Zm18Sr8xZN-1BYx43uD8HgeGQCQumfNEOYIoprdwhbM74Uz&sig=Cg0ArKJSzLSI_FtcJJzlEAE&cid=CAQSSwBygQiDrd-qQ0kc_LcOBuuyfVe5uzkriO12Oqu9xKJE0kA1lvaaC3PILp61V00_iWsf__-NdpetGtJ-fwKJCbAlzPMByB1O06C5URgB&id=lidar2&mcvt=1000&p=272,650,522,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230621&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2762301397&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687642935494&rpt=299&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4613 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4904759817233&version=m202301230201&ct=76&x=1&cor=223706619978749100

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chunklist_DVR.m3u8 Show response
live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/ Frame 172C 199 KB
13 KB 9ms
8ms XHR
application/vnd.apple.mpegurl 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/chunklist_DVR.m3u8
Requested by: Host: m.livehd7xc.com
URL: https://m.livehd7xc.com/clappr.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 44302c25ed2ce1dfc9ecb0da46359e996d4a78e355effa617eb801606defda11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:16 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: OPTIONS, GET, POST, HEAD
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
x-hw: 1687642936.cds278.fr8.hn,1687642936.cds246.fr8.c
access-control-expose-headers: Date, Server, Content-Type, Content-Length
cache-control: max-age=1
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
content-length: 13295

GET
H3 200 container.html Show response
41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7ADC 6 KB
3 KB 10ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 21:42:14 GMT
expires: Sun, 23 Jun 2024 21:42:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 4037
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMVb5fNw4k0nXIVXQ7SSys&google_cver=1

43 B
273 B

30ms
22ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMVb5fNw4k0nXIVXQ7SSys&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjUyrHlATAB&v=APEucNUuG0Xk2PwxKwAmA5lDTtTwfeKm26J-ZmcJFSJ2wZ9JnHFpw_dhsvTGHbKuFtdrT56f9LRuNvk9m4S6R5gAacCV1i9EqXNcfy4RfxkxV8jtzL0cp_Q8TJZN9uQPLNEA3mvoOMZimJ9-__w_62Te9Vn6yIpcDP6TBzwO0j8lQQU3nsMh-Yg
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:17 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAMVb5fNw4k0nXIVXQ7SSys&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 4037 43 B
145 B 63ms
23ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjUyrHlATAB&v=APEucNUuG0Xk2PwxKwAmA5lDTtTwfeKm26J-ZmcJFSJ2wZ9JnHFpw_dhsvTGHbKuFtdrT56f9LRuNvk9m4S6R5gAacCV1i9EqXNcfy4RfxkxV8jtzL0cp_Q8TJZN9uQPLNEA3mvoOMZimJ9-__w_62Te9Vn6yIpcDP6TBzwO0j8lQQU3nsMh-Yg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:17 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 4037
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEFFARz-aDv0uV2FB7WtW8Y8&google_cver=1

23 B
163 B

44ms
33ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEFFARz-aDv0uV2FB7WtW8Y8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjUyrHlATAB&v=APEucNUuG0Xk2PwxKwAmA5lDTtTwfeKm26J-ZmcJFSJ2wZ9JnHFpw_dhsvTGHbKuFtdrT56f9LRuNvk9m4S6R5gAacCV1i9EqXNcfy4RfxkxV8jtzL0cp_Q8TJZN9uQPLNEA3mvoOMZimJ9-__w_62Te9Vn6yIpcDP6TBzwO0j8lQQU3nsMh-Yg
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Sat, 24 Jun 2023 21:42:17 GMT
pragma: no-cache
date: Sat, 24 Jun 2023 21:42:17 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEFFARz-aDv0uV2FB7WtW8Y8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 4037 23 B
163 B 74ms
34ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPG8uQEQu-u9ARjUyrHlATAB&v=APEucNUuG0Xk2PwxKwAmA5lDTtTwfeKm26J-ZmcJFSJ2wZ9JnHFpw_dhsvTGHbKuFtdrT56f9LRuNvk9m4S6R5gAacCV1i9EqXNcfy4RfxkxV8jtzL0cp_Q8TJZN9uQPLNEA3mvoOMZimJ9-__w_62Te9Vn6yIpcDP6TBzwO0j8lQQU3nsMh-Yg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Sat, 24 Jun 2023 21:42:17 GMT
pragma: no-cache
date: Sat, 24 Jun 2023 21:42:17 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 5801 172 KB
60 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
Origin: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 13:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Jun 2023 13:52:35 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/ Frame 5801 11 KB
4 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C3fVzUylrKgoFwtcMxDUqtK9svL3kc_fY4Hz9Op6y9itbwqPet0BPImbsrWZkMl-q2D2Mmvv9PKxIbCGItGZF71-YpnFE6Ms6a5v8Sinl3CI_knTW22x4oxqsNgQ9gMzxrABLVjYOh8SZ_vKlV5mBqL8MOkFpbwv27t_sv0m70F4_M5GY&dbm_d=AKAmf-AFVOEWhd42Y_xc-9FqnpOkxk_gNPcPmGwwlYn7cFc-7rMaoE2joQ7R0jro3KC2w03sDM4-IVeto67zUx54lu_TvVrLzW0wcrI2tuMhRspPk8TGndIfhEJx723f0pEntLDP6p7FP7xnRSVZKbkHn4ck_DYWTJaH6KXZkhEkMQXK98jJklEZC2zLDOnM-TIOIusJ7t21SDUsI5qFFhkN9lT64iIt6948tUUvZ0zbxlx62PvWDVOl1Kf37lNNUOVFHqTTlF4mllgbMEkW__KXawIECwWemTtuUVLOBIIqXJKorYGWTP_poPeBHgn_YuAnOMRqKmmzTc3jHiz_5hKWwH6FNXRqxXMKCt_QO0xGVB-QSmkuO7Ouy0sGaHHzgLMFeLn-ZmGbpWc4t3ALpMqXUo2TiLgW7EXJ7RgPj1qPGAEvNV-ekUdOaI0W8_wQJ22BBMU7itzbfIEavKKc7tuBCQ7Qt_nON4nmyBPVCv4cA8Z_CKiA8xX5RCTW_1kMbS84mgNl0z0oe2EwDxnbdad7qC-ZBaQX6BIlYwETVpj5GX2f6wUy4zhJAsYAQFgFEbiUi8MPql4y5QyQsS9mJqfJ-UlcLUCMDQCP_LjcL_TetuxOTBc2eGr2GNSer1ALl5wmpwCskCJ7pJBbywOYYMOP96Xvlpwmad1Wr3zDVAn9UPwteOk_dSmHYnqYyAnzETaMD6-sD3eCRtAunChC5MEvJ4A1zsSaPfDvBvifrABpkPqeL_c_bN1zMuMSmelkMripfx1I-tFq2Gtxj77HiLYPgumSMM-FaRYwtGz-emxdVsbNEuNQbTr4GpI0_UgE5vxmpfcdFL7UI9OiVds7h1BRztOiZPPD_5YXAsqx2Ro5uITDnzdFks4yp8ntUPiZvZ3Dhp6r_VMxWo7GYKIEKp01hpLK3hbij-yuoaJ5kijZlLB3CCTpke1DEQz4Au5TcM9qrL_snhQHqwzyCoaeYr52UZImcm48hewEUkyFqoN0eAiqM4C0I0pVW-OH2c4-0LED3hGFzKraAvWc1tY7b2OCcB4WzWJNT0TBKXWphlijqV_dPL_hWSsZTdUMsaj_guUxtqOV2H_u0avd3YAt1uEj5a7eUaQXqB-IRSUsdX3hgamLpnZ_RLi8l7H5EB3xF1aZQcv3YQ69YRhu4UCV-sumb1U_y8eh7YMoES775_li69bbF1W3sz4XhDjE9Mt1za3doxOrD5GAYS1w4L_vYNwAm3hlMQYutCW3C0mzWvXYHmOLnfpVLJaVjScLFw1z_sV49F0HhKvlYL7n6qVFEWeXY3PEJcB_otwKEqBG_rCNXTvaq7QjJ-GB1VOun4Eibfy9ZZBJs23bn_Ck5ObD2PGGuXMGwezwo7OwMDGl-huwyqR59iIJWDp7DglYLWxdMu-ivbMQzANhcQfIGw31GeA-tMEjInwmV_QPM2_RpfX5yQt-4rUsHtdPZZ4Kvy24iuPfT_LGvMDlTNrHZIZhGxwKVNswvjfULQc_7kKu43N971lGdQfQ1yixOGBm9z8zSuE2LFwv9HZZz2KqIFnJcRDjUDQzmpUo2APOy8rWqYnuSawhZTbnljoeoYwqVX1IGOyNvAFy53F8KRd1ZCcc-RRLlRpXx8BA0FH7d5pX8OpQAcZlPdE8Pu2FxODxZWz5RHsHeR3Wit6k8jJ3aLwLUyWiLKRdxVZ9D1pQ4brCZKzg88IahIqbNMJhlD07xF0X33-RuMTj3f_181DW13t4EW3UXelVEMmbC4vq4vhXFSdm8DPDpr228-bUPoFG-0uAvSqmcLFVNEYiXxEMI4ien5Fdg-ShauE90hGwobIN70BddT0APMTYSh49-blLDyIC8PuJ64Z-iq4kok1OEjAHxu0JFvtOK_0uUv0DqSncWSrv8CLTf5wKhkKvZDPrQDNE08CBcimSxE4zXLYJRyCXH5tNcuODoJXo7D3PtSLGC6YJxdsYkL3fFyYs7wCx2i4t4v2R5KZguxGOmDda7FQVRbH9yNVyO6aG_LCF77v8t33ckKJmfYhJu6K9X_gFlUdij1lZXlXIeV9CrM1APmzpWrpiN8JnZ2AElruJstmvKg8DRCwoBS8xHkvgcA-e-So0kYOHnCBUPB0BRItBayJzKsCPzC2MJLsroMiRX-3uTyyrsMyPpTphnaWjqye2cXjrrzDWw6ytWnU68maIrGCchoyNuyfFcBYpFXS5yteUo-ZuunC69Rcwb2JXeZ3vjHZFDLhhHdt6Qr3rxgEGg-T_aJh26p7W1As8nGiWUeI9HJkD4Ld4Iij_swVtOuwmHwG-uNraLlAmDSY2ffy-b6_BW8a1xc48AnT5YxuwggCNv8GPiCXt4wI7PtgGC7jNZvMm52J1cnwCiHFquH91GMhVrHVtPTTuGMmyTmQYu8LZzYYaxEo5dbZ1d-sYD-635hx6jSGJCui9VHFNKBFtAVsnK0BzfYijhe7eCzoUn0WK97ojFnzzlE6yD87U8i_qZgPMI2G-9pgnxniq-Fsr4og9pdAKFHiScWvdYacjZYyGnRvstXjzulMooJRf0ZQAioo1Wj6DNsdIZft-ceBd5eEKkXyEw-CQEQKV4UQ7ijnGYN-CI5HgfE8rs4onQt9S--9U9rQTwW0PfqYYhjDfXMvS_THOOkSNYvaNfTVTZ-KVUjkZLnMKcqI9tYryx4hU7hrIwZFg_VBdAywgIBSzkwXTw_J1gTB-VbVVhPjTN8benucSI9EnVHKLzCsd9wDHfox0gCwbDYcq-Jj0LtLS0QiJgjYGT2gN5lU4A0lslUGOCUa-SDndyHHjZROPumvU257zkeWdWlIZPDpnhl4W-ezAb0svniv_S5VoA2vjyODynOHj0ofofdN9Q3v0u2ExjrdZ34b6_cECtEiEh_j7qRPexAdsLGeisQRkhUYPNaLFoU7UekIEIiX_ECWc3dEy6anF53rucoqkQoTNKmhr-oHuRelb1crmnnHIbMRzuEvJeVJL62t2I3AF7jqVEYK-4ATB9FQXq7oNoS1J2mwG9JG_L0CagXGIr-2Kjy2CareMzjR1iIiBtzIb2oZC2IeJBVDZUSxtRMZII43iEHlSue_zruKSKZiVWazC3Dlf5VLAphCWqevjydWdXs3uJKWrckIXHDp4mONubcdsafFTmRcDxOkh2mGW3kgVXKoSkIMOnSjrKQVtI6wZE37R2ErGcD9-qDrB4MsNeaO2OZ4Au9Na2s4iiD4W5JEa4p16KdN2FU-uvkuCIE3Sf3d-5Eu2MVxCh7gxjIMOViPitCTlOlWGNNA-qpu72q_NNFOST4Q8lkX21oE4HjSEcSKS7WAngC9glDrBrwRaWGNjOZlem599WE6aoZBklUiL7uwl1cOLxj-sMTmtK2IqPcnINbqh4LnIJn-igdp52ld8hP6Jtb9px3GoSJ6O0-u2cRfgUZKt43lV3UItRuJmko8&cid=CAQSTABygQiDLofChx--TktkbRhOoxwzkX-vqyQG7P1dHuXKAD-Ogxr3O0DAwHeVJT1F5maYvoIUYQQKi7nkEMpWyh4HuY3FzJalI5yDBoQYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fstad.yalla-shoot.io%2F&ds=l&xdt=1&iif=1&cor=9366611008469082000&adk=3037181500&idt=28&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:12:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:12:34 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 5801 30 KB
11 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c99a1db5a8ee11a2fc13ab0544e3865f781fab4515592ff6467e7273478f813d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:10:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11398
x-xss-protection: 0
server: cafe
etag: 3934322099733601226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 17:10:37 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5801 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 13:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jun 2024 13:19:10 GMT

GET
DATA 200
OK truncated
/ Frame 5801 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 854e0fc24eb3880ba55a7571185c80932cd2a761f819d4b921c2c4f0fff9d36b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 9162cfb8f9e171e5e49ad48038de6feb.js Show response
www.gstatic.com/mysidia/ Frame 7ADC 8 KB
4 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9162cfb8f9e171e5e49ad48038de6feb.js?tag=client_fast_engine_2019

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

211dc8588f711db179785e224fe895b50a4398e4c69ccfff61704fa2793f394d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 23:46:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3796
x-xss-protection: 0
last-modified: Wed, 21 Jun 2023 16:37:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 23:46:56 GMT

GET
H3 200 1dcc5fb9a7bb5eafae7d33eccbce996b.js Show response
www.gstatic.com/mysidia/ Frame 7ADC 18 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1dcc5fb9a7bb5eafae7d33eccbce996b.js?tag=pingback

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c987cb920d8b2aa1b8cd1e0fac300bcaa1923107ca0486e01dc4edf810077e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 04:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 321776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7862
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 04:19:21 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7ADC 4 KB
655 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 24 Jun 2023 21:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 21:13:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Jun 2023 21:42:17 GMT

GET
H3

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame 7ADC
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
107 KB

8ms
7ms

Image
image/png

2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 14:59:14 GMT
x-content-type-options: nosniff
age: 24183
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Jun 2024 14:59:14 GMT

Redirect headers

date: Sat, 24 Jun 2023 21:40:35 GMT
x-content-type-options: nosniff
server: cafe
age: 102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 24 Jul 2023 21:40:35 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 7ADC 2 KB
893 B 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:11:55 GMT

GET
H3 200 136beb7e84d4b05a5b5bba85738ca9f6.js Show response
www.gstatic.com/mysidia/ Frame 7ADC 6 KB
2 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/136beb7e84d4b05a5b5bba85738ca9f6.js?tag=analytics_pingback_2019

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 22:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 341984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2330
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Sep 2023 22:42:33 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/ Frame 7ADC 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 17:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16750
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9007
x-xss-protection: 0
server: cafe
etag: 10216374826415589524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 17:03:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 7ADC 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 16:34:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 16:34:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 7ADC 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 19:11:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9022
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8131
x-xss-protection: 0
server: cafe
etag: 7076601798724011321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 08 Jul 2023 19:11:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7ADC 179 KB
56 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687383875062185"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Jun 2023 21:42:17 GMT

GET
H3 200 b2e5730d4c3b853e5c2ef15981a3fc9d.js Show response
www.gstatic.com/mysidia/ Frame 7ADC 33 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2e5730d4c3b853e5c2ef15981a3fc9d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:00:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14011
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 14:00:06 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11934569601524222564/ Frame D0EC 13 KB
3 KB 27ms
26ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=zLXFeIigu0&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

293c4dc30efea546e286c0185dce44c51099dd75f3486716f08547a8df84d6a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2688
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 21:42:17 GMT
expires: Sun, 23 Jun 2024 21:42:17 GMT
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5801 0
0 54ms
54ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssyDy7u0BKWBoay8_QTQCOGvoxsfxGa-rLhDIEYmBolTyt2F7kAOYedOqiUBtPgZDSOd1Wuslmnd4Rq_p6oS90pFau1h0dIGBApFqf6xCt6cIzO9X88ZScefKvZzCBYta_4I_kwEHfNMtAN1WfMNTxfTQbv2itjGOGh1b3PHc5jGaSjLzudhV7Q2ojJfQCGVzcSrAfGzcyp3fkc9znrmQBRk-jaaHBkwZyAUxlkIBsnm_oG_VApVHLHzRotS7d6pN15ed0Y7gS8W3DRGq4jBKcnJPhjLVuKOcZIp_IxkCFHbjjKrc1KFyUwWKv8IUxB_uE5rnqaYC2_vD8cnYlM5nFHAnZAlA-rhfUo8J-e7aiL9soMGCzg45n7ZyREbZ3B0qtKa9ugD3ZQa_Z_u3i3BWqPgZjAcratKAx6XITgGzoNMmJPq4cGbDTqcKlEIoNO4CA3w7emLh1njQZEbhapOFYGNRKaQMppzUrIpnVHrYBZc_xLhXRwMoOYak571Mfzj5A6wlbl5iM8x-EPVwcOEfF0D1YBh9K5tuZaB0A9MioI2ZqxZEzaHqi9DobQHdVtm_5rpjkcKcIdpVpuoWmNIrA0KlkUqzsnXOMSQv_ep4NvhVowOrsrnW5chhmDHfV0nvD2pn3sSk1X0Avi1WNehLLONPOCrTiqQskysLsBUsgJgl1O9hfPJVLF3Od8XgVpVdBTwjK5vrlrLfhsN7YXYYMxoa88B2MdXN_w4jB0m-JwVI7gHLPi3ttPxfs9bUq9kqDdSxmCuE5jkYEdnMnCSQnY2fsFFG8AsSTfzGZLKeiPI_bFgbh3jz28nLuPIc3VIvcYDw18caw1dqEBJ8uBmzanMYlKCCqrearvr2Nj-tRoIGwmnoK3yfxQSdTK9VC8SuvaGxkEQr6m_bEMBOJAhR_dkj_OwGYOE-4qFCegPuIi-uhYfcWgOL8lvUHOe4CEBq2JbxNZ_vGCsdqomHbSnxr8pDReRZxMdgMoz1AjL_BAfY1ZIjKRG7-PEn0xzeAX-LTLMF_st-F21FBWWmMJgZcP_MbX6dfpGYWwuqs8eURFbGkcUWKm4fR67FpHvYskR6L48RePUhHzsV9RLiJfX20rhz_wTHcZ6oCvxUpEtr0k1dwXGjv4yv0DXtjFc4f27nO945pDv5FRkwP97qrQ_2-7pylbzJTVVGqPLBiw03ajviG1L05nSiIcXoxAwWneQA4W788vYA4sDJF8BDcuS4JuiKXSgex3Qn7vVPn88WDbA87EedoSb0rEEHH1wg08slWdhjBSU2gIv_dC0wh0Gn-CsM0uSeFK2aHp3cll7tZY4LNHcuKEiUoJ2mLItQ&sai=AMfl-YQvLntQvDwApg9RH7EsTWXjUiGDM8-j_il2U2WN55QVMaX5zOtegh6BIdRHvN3Nni179bGcUAsiOX5iolKrM0LzRQXHcUESjaDVOq2UeE1AJw3gXyl_ySfPUn1GamP3vjyXBm5cZAilqZyk8wt53TZTVZzKPEOdUcTfor_uLJsnwT85Bo2LlgBdyWZfOR6OPXZ6BXOzJIhsshjcIabSEmDsXmpmlGgAnDp3LsC93jS3AtS_rGKgLGIX2EN8A0K9T25vvBuv_f4pl2M0YCfYJiePvYj3Q6h9ZHb3I6F-bQxVIBvGv-JSSPmPrfEYlw&sig=Cg0ArKJSzImCYatoEVASEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=75&cbvp=1&cstd=66&cisv=r20230620.58874&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 24 Jun 2023 21:42:17 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 24 Jun 2023 21:42:17 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 25C3 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 79798
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jun 2023 23:32:19 GMT
expires: Sat, 22 Jun 2024 23:32:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7ADC 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoQCAEqDHRvd2VyLWxheW91dAoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRArIQAAAAAAACxAMAQKDRADIQAAAAAAIGRAMAQSGkNPalpfLTN2M1A4Q0ZYeWZfUWNkc0tBQUFRIgtncGEvZmxpZ2h0cygM

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1dcc5fb9a7bb5eafae7d33eccbce996b.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7ADC 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7ADC 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1dcc5fb9a7bb5eafae7d33eccbce996b.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7ADC 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoQCAEqDHRvd2VyLWxheW91dAoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRANIQAAAAAAAAAAMAQKDRAeKgczMjB4MjUwMAQKDRAZKgczMjB4MjUwMAQSGkNPalpfLTN2M1A4Q0ZYeWZfUWNkc0tBQUFRIgtncGEvZmxpZ2h0cygM

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1dcc5fb9a7bb5eafae7d33eccbce996b.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7ADC 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1dcc5fb9a7bb5eafae7d33eccbce996b.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7ADC 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1dcc5fb9a7bb5eafae7d33eccbce996b.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7ADC 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1dcc5fb9a7bb5eafae7d33eccbce996b.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7ADC 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoQCAEqDHRvd2VyLWxheW91dAoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRArIQAAAAAAADtAMAQKDRAFIQAAANDMnGVAMAQSGkNPalpfLTN2M1A4Q0ZYeWZfUWNkc0tBQUFRIgtncGEvZmxpZ2h0cygM

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1dcc5fb9a7bb5eafae7d33eccbce996b.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/11934569601524222564/css/ Frame D0EC 5 KB
1 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=zLXFeIigu0&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

889f2bab730d916ae6b55451a2f2fcdb173b310e29306103ece5b4c545a38156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=zLXFeIigu0&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 23:26:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80165
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1412
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Jun 2024 23:26:12 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame D0EC 118 KB
40 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=zLXFeIigu0&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=zLXFeIigu0&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 13:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28181
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 25 Jun 2023 13:52:36 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/11934569601524222564/img/ Frame D0EC 6 KB
3 KB 18ms
18ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/img/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=zLXFeIigu0&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=zLXFeIigu0&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 14:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 284601
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2563
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jun 2024 14:38:56 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame D0EC 60 KB
24 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=zLXFeIigu0&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=zLXFeIigu0&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 24 Jun 2023 21:42:17 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7ADC 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJ885OGOXZOjdKvy-9u8PsMGCCPnk6sVtzsDFt6YNzMeapv0IEAEgqLKFfGCV-peCrAegAbC6odcDyAEJqQI2xPCRH0eyPuACAKgDAcgDywSqBJICT9CM_7g7zCbj9Iz_NjF9stYNfGWwcNDVl3J47zthsfnagwKhNbwpfEJ07EzrGFRqG3MLJ2rQ8rfVYNb_2ASE0iKVCap9P1JbYhQe8U9qordwvd0I4-k0chyBg_jkbIrv3wWN4GY3VNEJ7WG_WrUWDGzhKjsOa5AREZcnYBTZB1eMT5t_zRTpZ6f6bI__PHDr5TirAC5fCQXT3p0nUFolfji9Hx6RNng3Jxb4svr-0wB2dxakWux4BrvmYYRdmQWp9fmvA5lsi6XAeUiWm1Rwx5qMRdJKsbTNTP0pZY1Z-JdTiMkbdVx5tu4BxwRUER_UHVKTAFNkxH_5eyLdZD5qq7jpUWniw2QpS8lBlQ4E78X2vsAEkav95KID4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7_ZvWCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQiYAR0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi02ODY5MjI5ODA2MjMyNjc2GKaTdg&sigh=VZerCWn0o7A&uach_m=[UACH]&cid=CAQSTABygQiDbVDEX6anc6cq56illeTyxfYoOFROD3hlM1XsCxjeJs2IGCjVyi_ye2VMjgKinQaxOMoVXB15y3fkcoNZiWGurkRxn44AihwYAQ&template_id=494
Requested by: Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 259D 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2072477521801&version=m202301230201&ct=77&x=1&cor=15941378958748344000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7ADC 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d606e34e1c4a2aa732915a5e09dffe44159893a4a8b295a67ed04d5ecc50c8c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7ADC 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1dcc5fb9a7bb5eafae7d33eccbce996b.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame 25C3 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 12:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Jun 2024 12:12:57 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7ADC 16 KB
16 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 18:58:23 GMT
x-content-type-options: nosniff
age: 9834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 18:58:23 GMT

GET
H3 200 FordAntennaCondMedium.subline.woff
s0.2mdn.net/sadbundle/11934569601524222564/fonts/ Frame D0EC 13 KB
13 KB 20ms
19ms Font
font/woff 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/fonts/FordAntennaCondMedium.subline.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 21 Jun 2023 01:09:06 GMT
x-content-type-options: nosniff
age: 333191
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13336
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jun 2024 01:09:06 GMT

GET
H3 200 FordAntennaBlack.headline.woff
s0.2mdn.net/sadbundle/11934569601524222564/fonts/ Frame D0EC 12 KB
12 KB 21ms
20ms Font
font/woff 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/fonts/FordAntennaBlack.headline.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 21:57:50 GMT
x-content-type-options: nosniff
age: 603867
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11876
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 16 Jun 2024 21:57:50 GMT

GET
H3 200 FordAntennaRegular.legal.woff
s0.2mdn.net/sadbundle/11934569601524222564/fonts/ Frame D0EC 14 KB
14 KB 20ms
19ms Font
font/woff 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/fonts/FordAntennaRegular.legal.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/css/styles.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 18:36:47 GMT
x-content-type-options: nosniff
age: 11130
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14468
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 23 Jun 2024 18:36:47 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D0EC 8 KB
6 KB 50ms
49ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

357b3eda0b46a91c83c1f1a25757467c7dc6296bb4d32968625d7042f5abb6cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5832
x-xss-protection: 0

POST
H2 200 /
track.adform.net/serving/unload/ Frame 1DD3 35 B
626 B 17ms
17ms Ping
image/gif 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&msrc=1&unload=0@@65509680,2258026178503580034,100|1032|0|0|0|0|0|0|0||40|1|||||1|0|0|A_ust3ScEhBcPlakbYq96cX_iO_C2nPhG9lgzKSiR1pC053A9rT3oPL_QlhaeLlf0|||11||

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/mobile/adform.js?1669130898142

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7ADC 0
20 B 43ms
43ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1dcc5fb9a7bb5eafae7d33eccbce996b.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5801 0
0 45ms
44ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssyDy7u0BKWBoay8_QTQCOGvoxsfxGa-rLhDIEYmBolTyt2F7kAOYedOqiUBtPgZDSOd1Wuslmnd4Rq_p6oS90pFau1h0dIGBApFqf6xCt6cIzO9X88ZScefKvZzCBYta_4I_kwEHfNMtAN1WfMNTxfTQbv2itjGOGh1b3PHc5jGaSjLzudhV7Q2ojJfQCGVzcSrAfGzcyp3fkc9znrmQBRk-jaaHBkwZyAUxlkIBsnm_oG_VApVHLHzRotS7d6pN15ed0Y7gS8W3DRGq4jBKcnJPhjLVuKOcZIp_IxkCFHbjjKrc1KFyUwWKv8IUxB_uE5rnqaYC2_vD8cnYlM5nFHAnZAlA-rhfUo8J-e7aiL9soMGCzg45n7ZyREbZ3B0qtKa9ugD3ZQa_Z_u3i3BWqPgZjAcratKAx6XITgGzoNMmJPq4cGbDTqcKlEIoNO4CA3w7emLh1njQZEbhapOFYGNRKaQMppzUrIpnVHrYBZc_xLhXRwMoOYak571Mfzj5A6wlbl5iM8x-EPVwcOEfF0D1YBh9K5tuZaB0A9MioI2ZqxZEzaHqi9DobQHdVtm_5rpjkcKcIdpVpuoWmNIrA0KlkUqzsnXOMSQv_ep4NvhVowOrsrnW5chhmDHfV0nvD2pn3sSk1X0Avi1WNehLLONPOCrTiqQskysLsBUsgJgl1O9hfPJVLF3Od8XgVpVdBTwjK5vrlrLfhsN7YXYYMxoa88B2MdXN_w4jB0m-JwVI7gHLPi3ttPxfs9bUq9kqDdSxmCuE5jkYEdnMnCSQnY2fsFFG8AsSTfzGZLKeiPI_bFgbh3jz28nLuPIc3VIvcYDw18caw1dqEBJ8uBmzanMYlKCCqrearvr2Nj-tRoIGwmnoK3yfxQSdTK9VC8SuvaGxkEQr6m_bEMBOJAhR_dkj_OwGYOE-4qFCegPuIi-uhYfcWgOL8lvUHOe4CEBq2JbxNZ_vGCsdqomHbSnxr8pDReRZxMdgMoz1AjL_BAfY1ZIjKRG7-PEn0xzeAX-LTLMF_st-F21FBWWmMJgZcP_MbX6dfpGYWwuqs8eURFbGkcUWKm4fR67FpHvYskR6L48RePUhHzsV9RLiJfX20rhz_wTHcZ6oCvxUpEtr0k1dwXGjv4yv0DXtjFc4f27nO945pDv5FRkwP97qrQ_2-7pylbzJTVVGqPLBiw03ajviG1L05nSiIcXoxAwWneQA4W788vYA4sDJF8BDcuS4JuiKXSgex3Qn7vVPn88WDbA87EedoSb0rEEHH1wg08slWdhjBSU2gIv_dC0wh0Gn-CsM0uSeFK2aHp3cll7tZY4LNHcuKEiUoJ2mLItQ&sai=AMfl-YQvLntQvDwApg9RH7EsTWXjUiGDM8-j_il2U2WN55QVMaX5zOtegh6BIdRHvN3Nni179bGcUAsiOX5iolKrM0LzRQXHcUESjaDVOq2UeE1AJw3gXyl_ySfPUn1GamP3vjyXBm5cZAilqZyk8wt53TZTVZzKPEOdUcTfor_uLJsnwT85Bo2LlgBdyWZfOR6OPXZ6BXOzJIhsshjcIabSEmDsXmpmlGgAnDp3LsC93jS3AtS_rGKgLGIX2EN8A0K9T25vvBuv_f4pl2M0YCfYJiePvYj3Q6h9ZHb3I6F-bQxVIBvGv-JSSPmPrfEYlw&sig=Cg0ArKJSzImCYatoEVASEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=244&vt=11&dtpt=169&dett=3&cstd=66&cisv=r20230620.58874&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 24 Jun 2023 21:42:17 GMT

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame B270 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: 41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
URL: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 12:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Jun 2024 12:12:57 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7ADC 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoQCAEqDHRvd2VyLWxheW91dAoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRAyIQAAAGBm5kRAMAQKDRAzIQAAAGBm5kRAMAQKDRA0IQAAAGBm5kRAMAQKDRA1IQAAAGBm5kRAMAQKDRA2IQAAAGBm5kRAMAQKDRA3IQAAAGBm5kRAMAQKDRA4IQAAAAAAQEdAMAQKDRA5IQAAAODMTEpAMAQKDRA6IQAAAGBmpkpAMAQKDRA7IQAAADgzw25AMAQKDRA8IQAAADgzw25AMAQKDRA9IQAAANDM7G5AMAQKDRA-IQAAAGhmjnJAMAQKDRA_IQAAAGhmjnJAMAQKDRBAIQAAADQzK3NAMAQSGkNPalpfLTN2M1A4Q0ZYeWZfUWNkc0tBQUFRIgtncGEvZmxpZ2h0cygM

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1dcc5fb9a7bb5eafae7d33eccbce996b.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 visual.jpg
s0.2mdn.net/sadbundle/11934569601524222564/img/ Frame D0EC 81 KB
81 KB 18ms
18ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/img/visual.jpg

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c07684aa8b5395431f3b243baad78a2ddac988833fed866fa18b7d9cb6e1fdce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=zLXFeIigu0&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 07:44:41 GMT
x-content-type-options: nosniff
age: 50256
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82828
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 23 Jun 2024 07:44:41 GMT

GET
H3 200 overlay.png
s0.2mdn.net/sadbundle/11934569601524222564/img/ Frame D0EC 95 B
129 B 22ms
22ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11934569601524222564/img/overlay.png

Requested by

Host: stad.yalla-shoot.io
URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11934569601524222564/index.html?e=69&leftOffset=0&topOffset=0&c=zLXFeIigu0&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 08:27:36 GMT
x-content-type-options: nosniff
age: 47681
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
x-xss-protection: 0
last-modified: Thu, 30 Mar 2023 10:59:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 23 Jun 2024 08:27:36 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C43B 0
54 B 14ms
13ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~ljaj13qu&c=4440381528505&slotId=2220190764252.5&qqid=CKqCwe3v3P8CFQuE_QcdUzUAKQ&fb=web_video-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=994&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C692%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&umsem=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D0EC 17 KB
6 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 24 Jun 2023 21:42:17 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 55ms
55ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10fda70a26ac2b5dffe971591b32fd4a266de6b1b3a7504a701eb76c586081c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11301
x-xss-protection: 0

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame 5D31 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 12:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Jun 2024 12:12:57 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 24 Jun 2023 21:42:17 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 76F7 13 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9409
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 19:05:28 GMT
expires: Sun, 23 Jun 2024 19:05:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A09E 783 B
536 B 19ms
18ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d2ceb84d7661b0b7ec70bfe18f6596a63cccf997f6cfc45fafcb722e3715ca89

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9T8wCfCqQ3aSVL4NSZYAqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://stad.yalla-shoot.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-9T8wCfCqQ3aSVL4NSZYAqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 24 Jun 2023 21:42:17 GMT
expires: Sat, 24 Jun 2023 21:42:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 25C3 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQEioOGOXZOniMNOU9u8P3oOQ0A0AAAAAOAHgBAI&bg=!IiGlIXXNAAYQ3eRoMN07ADkAdvg8WlgpBjp7IdAHFxatqXhwsCXDjNJElRXXLRq70D1tZAo15eMIDJrHYdPty3oHDGPLiwLRmIYCAAAAw1IAAAADaAEHmQLyZrXMMZB9PBwOG5O2cUhGCGZ_nz65LsdV_y6M4Pq2bUcQ0CrBNCQRhRpoZ7fcJnw1KzOp0jA4V0Y7lq8a57_NQm6kEmcJGkgt7hPRUwLzKj6E2nqqXaDZ-i4qjczMCiBrhaVc4FB9lNfggJSoxkaKjM-b34aZyYxIFX_bjeEpmMoMSIcSLzfxTGK_yN-86Gng4T9YYjzrSbvlDzMzkSBYpAkwcBPO2XHhsjz4eoAiQvKQIdNr6oeschrHQuYSeCsRkCTawRy61PoZe3QvbwM1bpOPnYwi-hTzx-l9IBeE_pFsGrDympOeO00ujcFVq96QWLSepLkZOY-mGejHSQiKdAkNqOwOJ547VQW1bhrx2N_3g19q50wEt0zDAXMstpTcqswN11HxoawRrB5UjEGFxq-FQkdO5MOXCabMcgJyyoYREy8IHJ9IeBwtk3miTSRo_sLKa3qbjrRvIXPeZORH-dT42FO23k0YGOaokeB07Cj1ymd-w3C2y9ZVuW9M2D6Ft0DBVXVeDRmVjwsl8X3tjezO9gVlbHNBbVap-Gc6VhKdQACmAzlD18FPMDalDEbXXoAHxjCXRyAsAu-9HoJHWKw9cINCPTQcCzpmtDgSN3AICSbfk0ydK6cQxDtUJQn61Za3OqxXeAqYR1x6umqS17uZABwRZoQl5X1t64Rx0UG6Fzdfbq9i4TFb4ND9nuTQLdBGz-lOmv3dypV5Xd4NF35G_oTcd06xiO7u0bNf9bZZKPhWeq51F9CpEbqkAtoGBE7iYjVuTl7vD1-LCVieLr6iFmS3S6VoXZtKGOkzm73bZWSzh2V3FrZvIg3GIjBAu7ddE20d1AcULkI1aY3ToVmEXgi9VhsBHwy1w7iP3BBljOlRIxYkqlFPM2AQ6HdV5XHmx3W1WuJM4X9nmAwz7xAFozmwtTeoWJqaxKe8deAgAcQeMdB2-_FLtu1FFhr4biwtRjy0z1DwOOMNlLPBQy4lPvswd_OdZrz5Lu_b7s2lvg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js Show response
pagead2.googlesyndication.com/bg/ Frame 76F7 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jdpdYrpkibv-F-ZvbPHZN82lghlqt1OiHBdTY59cac0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 12:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14627
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Jun 2024 12:12:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A09E 0
0 42ms
41ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306200101&jk=4459016729670276&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 76F7 0
12 B 6ms
6ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fI7P9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cookiesyncendpoint Show response
servs.modoro360.com/ Frame ED02 0
235 B 97ms
97ms Document
text/plain 3.232.175.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=133&auid=1687642935216-936808372678-001197-007-006844&key=a6f37f0123013099a595be2217fc435a
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1687642935216-936808372678-001197-007-006844%26key%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.232.175.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-175-212.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vid.vidoomy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Sat, 24 Jun 2023 21:42:17 GMT

GET
H2 200 chunklist_DVR.m3u8 Show response
live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/ Frame 172C 199 KB
13 KB 278ms
278ms XHR
application/vnd.apple.mpegurl 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/chunklist_DVR.m3u8
Requested by: Host: m.livehd7xc.com
URL: https://m.livehd7xc.com/clappr.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: f5d20af9616696585f845a8826d675a2d8ba6067f30fe7fe5c39d32588abdd23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:18 GMT
content-encoding: gzip
server: nginx
x-hw: 1687642938.cds278.fr8.hn,1687642938.cds246.fr8.sc,1687642938.cds246.fr8.p
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, POST, HEAD
access-control-expose-headers: Date, Server, Content-Type, Content-Length
cache-control: max-age=1
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
42ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306200101&jk=4459016729670276&bg=!IiGlIXXNAAYQ3eRoMN07ADkAdvg8WvYDjNXTVio5wVn1hUxbrEjU-Faotf1kLAUjftmYL1osNWKYZ6NCH24B-bUhz7NXsRMevqsCAAAAT1IAAAADaAEHmQK73gOsFXWE7J8V8MMUGtjpVD-tO4rc3iqcNddcnbmPy_7ODUjvXNl9p3gBOb0aUIx4rAMOv__kKMMKJFFwohKvU0INGNVgA54vBviL6lgsoIuIUNka3kmZYPOUVCBJK91EL5uDkLqZR60ZBzzYFuVzZPKZ00lRTzbEims9HK5vnKtafKApMKeFLzvBFQgCYIzbgmbopLbB8jWx7rhugxY8yY4XbsQPmx4cbpuT2qY8hhK766FQVg0BASU8zGd9yq3HqziZ1s99Pa-RmbZ0HJr2pYZPzNFubEc6w1xhHQOdQDOMFXHBTs8Lu_20kS3JCwCtWbPqjaWo0jUsIz5-6HK_FCijAuAmQIiubQCDVoyd7RJSI61DzLJYK6SC-lsGvsCYfCilUSaRXArd6i0EoWJof7YDxxoGNHPqArLrncKXzNMHXazg31G1CiXgvXpij1dfssmhuFYnXLTjNo25DERlLu0-UQPRtwdgCyaxhuuxX8ahA9p6Z_sD44D4VPhQ2BRUxVnnXfCY4JOsms-68IfPB0cHnuj1TD1qISR0mCw9I9S1-OjlhBfqmqQHvB_XqC9oqeir_nmCCqkPU0q-BGaZht5FK2fg0nDIUEvFyC8wUCylw5Gtbev199GKXaJBad1P3FcZ2dpx3LqGbklK200PWZAsZeos9RKa_ggN2jRT0Ay0rTyklkVJcwsaPL2apNfdUSwnJnG_cAUEjISGWb-jRt1ePN7BWLL8PU2XfjTK2aQg_UYSMkZJaCdfhEmFGZlXzaUKzwp-A51FBWt2sHjUv5DooN8b1ye67ssSymmRbKKBr35hHOer-7X5Ebza4iMBWi7UB22oZdaGgzh40E4MM0TxGE7Qwo4cjaYi4CeF7af50YlYhCwF8-0gO3udtiVZY2eTlVc-bpUwPyDC_8NuumCY8lhgEfeNQjzG
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://stad.yalla-shoot.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 media-u1jbjx32p_DVR_4989.ts Show response
live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/ Frame 172C 617 KB
617 KB 296ms
296ms XHR
video/mp2t 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/media-u1jbjx32p_DVR_4989.ts
Requested by: Host: m.livehd7xc.com
URL: https://m.livehd7xc.com/clappr.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: dc66f79e3fe82e963c077531ca89f4ab616ad5410e6d6fb1cc2c384e06e7c33d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:18 GMT
server: nginx
x-hw: 1687642938.cds278.fr8.hn,1687642938.cds212.fr8.sc,1687642938.cds212.fr8.p
content-type: video/MP2T
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, POST, HEAD
access-control-expose-headers: Date, Server, Content-Type, Content-Length
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
content-length: 631680

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5801 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4445452439268&version=m202301230201&ct=76&x=1&cor=9366611008469082000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7ADC 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQj0NTMai6EWxL1ZN3BAoxdKA-SJib25Z54vBhuVDq6gvzg4tX_nMcwaxWJNDtk4ZXFjffNBSsBLQ-tyuuiYilAO4vhSbfa82hdT-QWSATPHVAOA61_N2v_IA8SBNINpc6HjynF3DUIwLJL9haysGgMbpkMpPXx4Z39QEQ_b4&sai=AMfl-YRQSD_K-aD_H8qA8dI8kPL_mhtSxQW-ItBMlytL8_Ul7EIZNkNtZU4SbSBBqOU7TZvdQWG6SvckG08xbynQDnSAypm43zZw1kNZNiqX3htsGpviPwq0DHd4x9ld1kEt_7LU2u7w7MveVDn-8A&sig=Cg0ArKJSzPIpg4BZfdKAEAE&cid=CAQSTABygQiDbVDEX6anc6cq56illeTyxfYoOFROD3hlM1XsCxjeJs2IGCjVyi_ye2VMjgKinQaxOMoVXB15y3fkcoNZiWGurkRxn44AihwYAQ&id=lidar2&mcvt=1037&p=110,640,360,960&mtos=1037,1037,1037,1037,1037&tos=1037,0,0,0,0&v=20230621&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3714974203&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687642937115&rpt=305&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
track1.aniview.com/ Frame CF6B 0
121 B 319ms
96ms Ping
text/plain 3.91.165.1
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=stad.yalla-shoot.io&rs=stad.yalla-shoot.io&sid=78463&t=1687642935&cip=138.199.38.132&sn=&tgt=0&osv=10&bv=114.0&brn=Chrome&wi=450&he=253&app=&AV_PUBLISHERID=6181354e7fb04045d1763610&test=&d64=8582f968485acf9de17432a067fd6532&d63=8582f968485acf9de17432a067fd6532&aafaid=&proto=https&uid=1687642935216-936808372678-001197-007-006844&cha=0.7&stagid=61829aec12a96609532b3fd9&stplid=635e40ee9cca104d830d91c4&d35=&d36=6.2.108&cb=31948304370&d39=&d65=Test1&d66=&d73=&apppkg=&d9=1000&prbdres=&prbdlevDB=&prebdlevEnt=&prbdsup=whiteOps&d16=2&d37=realtime&AV_WIDTH=450&AV_HEIGHT=253
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6181354e7fb04045d1763610
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.165.1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-165-1.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://stad.yalla-shoot.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 24 Jun 2023 21:42:20 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 chunklist_DVR.m3u8 Show response
live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/ Frame 172C 199 KB
13 KB 287ms
286ms XHR
application/vnd.apple.mpegurl 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/chunklist_DVR.m3u8
Requested by: Host: m.livehd7xc.com
URL: https://m.livehd7xc.com/clappr.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: 0ee1c354b10594b7cdc4197959b433c784ec75c6405b6adfbb17f21d4ffe58cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:20 GMT
content-encoding: gzip
server: nginx
x-hw: 1687642940.cds278.fr8.hn,1687642940.cds246.fr8.sc,1687642940.cds246.fr8.p
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, POST, HEAD
access-control-expose-headers: Date, Server, Content-Type, Content-Length
cache-control: max-age=1
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range

GET
H2 200 media-u1jbjx32p_DVR_4990.ts Show response
live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/ Frame 172C 615 KB
616 KB 169ms
168ms XHR
video/mp2t 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/media-u1jbjx32p_DVR_4990.ts
Requested by: Host: m.livehd7xc.com
URL: https://m.livehd7xc.com/clappr.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: nginx /
Resource Hash: bf0ae776f2c129f8245726edbb712091a0558f57c97704cdcd5ca0f1f5c43af5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 21:42:20 GMT
server: nginx
x-hw: 1687642940.cds278.fr8.hn,1687642940.cds241.fr8.sc,1687642940.cds241.fr8.p
content-type: video/MP2T
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET, POST, HEAD
access-control-expose-headers: Date, Server, Content-Type, Content-Length
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
content-length: 629612

POST
H2 200 /
track.adform.net/serving/unload/ Frame 1DD3 35 B
626 B 17ms
17ms Ping
image/gif 37.157.5.132
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&msrc=1&unload=0@@65509680,2258026178503580034,100|4886|0|0|0|0|0|0|0||191|1|||4886||1|0|0|A_ust3ScEhBcPlakbYq96cX_iO_C2nPhG9lgzKSiR1pC053A9rT3oPL_QlhaeLlf0|||01||

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/mobile/adform.js?1669130898142

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.132 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Jun 2023 21:42:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET chunklist_DVR.m3u8
live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/ Frame 172C 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: live-v13wgnv6.rmbl.ws
URL: https://live-v13wgnv6.rmbl.ws/slot-75/q90f-74wp_720p/chunklist_DVR.m3u8

Verdicts & Comments Add Verdict or Comment

181 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yalla-shoot.io/	1970-01-20 12:48:49	Name: _gid Value: GA1.2.1101782043.1687642934
.yalla-shoot.io/	1970-01-20 12:47:22	Name: _gat_gtag_UA_107335079_1 Value: 1
.yalla-shoot.io/	1970-01-20 22:23:22	Name: _ga_2Y3HW36EKK Value: GS1.1.1687642934.1.0.1687642934.0.0.0
.yalla-shoot.io/	1970-01-20 22:23:22	Name: _ga Value: GA1.1.212665835.1687642934
.yalla-shoot.io/	1970-01-20 12:47:22	Name: lotame_domain_check Value: yalla-shoot.io
.criteo.com/	1970-01-20 22:08:58	Name: uid Value: b9078146-12a9-42dd-b467-38219675754e
.doubleclick.net/	1970-01-20 22:08:58	Name: IDE Value: AHWqTUlhzIR_mUe3lXFVfF7-2J5ay9hHjDtjUfZY7tEQ5hfW0Tz97Tew-sCR6ZWl
.adnxs.com/	1970-01-20 14:56:58	Name: uuid2 Value: 4499791808092257980
.casalemedia.com/	1970-01-20 21:32:58	Name: CMID Value: ZJdjNyhgHrldIR4XROftXAAA
.casalemedia.com/	1970-01-20 14:56:58	Name: CMPS Value: 5170
.casalemedia.com/	1970-01-20 14:56:58	Name: CMPRO Value: 5170
.yalla-shoot.io/	1970-01-20 22:08:58	Name: cto_bundle Value: 6929dF9OTWgzUE41QmRvJTJGeVVZNHJSNWczMmxzOWtCTTZ5UExlUnlaMlh5cHA0RGR2M2ROVEptN3liRUJibzJraTdmS3EyVkVGN0FvdlVFeEVuZUIlMkZ2ZyUyRmhGT1N5Nkx5SEZtQmJqTjFDY0tIYTdyekUwRnRHRzRITWkwd005akFhd2N5am02S2lRc1NmOVJ4ZkxVWFVGOEIlMkJHdyUzRCUzRA
.adnxs.com/	1970-01-20 14:56:58	Name: anj Value: dTM7k!M41.D>6NRF']wIg2ImUFH7yA!@wnfH8K6pQK`!5=E<L5?%K32P[V'4gi<'7Tn()k2pP].Owc1@./Y1b4ci'bpRzqF1`b`(R*8Qvo
.modoro360.com/	1970-01-20 13:16:10	Name: aniC Value:
.csync.loopme.me/	1970-01-20 14:59:51	Name: viewer_token Value: 40bbb68e-9c68-42f2-98b7-610adf7fc86a
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 3dc335d68eb9abba
.360yield.com/	1970-01-20 14:56:58	Name: tuuid Value: cad6bad1-dab8-4910-b12d-17a0b3c4a8a8
.360yield.com/	1970-01-20 14:56:58	Name: tuuid_lu Value: 1687642935
.adform.net/	1970-01-20 13:30:34	Name: C Value: 1
m.exactag.com/	1970-01-20 14:56:58	Name: exactag_new_gk Value: 97daca0a91344490820e9bfede2fa913%7c23.08.2023+21%3a42%3a15
m.exactag.com/	1970-01-20 17:06:34	Name: exactag_new_uk Value: c2b2d0bca0734cc5a0f00e9c5e93320e%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: fc5fa5756e264e72a2df61a9
.modoro360.com/	1970-01-20 13:01:46	Name: 1_C_56 Value: 40bbb68e-9c68-42f2-98b7-610adf7fc86a
servs.modoro360.com/	1970-01-20 13:01:46	Name: 1_C_56 Value: 40bbb68e-9c68-42f2-98b7-610adf7fc86a
.modoro360.com/	1970-01-20 13:01:46	Name: 1_C_22 Value: cad6bad1-dab8-4910-b12d-17a0b3c4a8a8
servs.modoro360.com/	1970-01-20 13:01:46	Name: 1_C_22 Value: cad6bad1-dab8-4910-b12d-17a0b3c4a8a8
.modoro360.com/	1970-01-20 13:01:46	Name: 1_C_10 Value: pfxQuziWJuWH
servs.modoro360.com/	1970-01-20 13:01:46	Name: 1_C_10 Value: pfxQuziWJuWH
.adform.net/	1970-01-20 14:13:46	Name: uid Value: 7545919862962373011
.adform.net/	1970-01-20 12:57:27	Name: TPC Value: 1687642935826
.aniview.com/	1970-01-20 13:01:46	Name: 1_C_9 Value: bd95dc6614485e81e42db31b5a6d539
sync.aniview.com/	1970-01-20 13:01:46	Name: 1_C_9 Value: bd95dc6614485e81e42db31b5a6d539
.doubleclick.net/	1970-01-20 12:47:26	Name: DSID Value: NO_DATA
.brand-display.com/	1970-01-20 22:23:22	Name: _knxq_ Value: 3fa41ab2-7837-10da-bd492d51.1687642935.0.1687642935.1687642935
.amazon-adsystem.com/	1970-01-20 22:23:22	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 17:22:25	Name: ad-id Value: A1X1dyKcvUdImtyEEmIEplU
.doubleclick.net/	1970-01-20 12:47:23	Name: test_cookie Value: CheckForPermission
.yalla-shoot.io/	1970-01-20 22:08:58	Name: __gads Value: ID=89cb4e03c9d9f292:T=1687642934:RT=1687642934:S=ALNI_MZLMlzgQDSVo791w6VAut8WSI1SXQ
.yalla-shoot.io/	1970-01-20 22:08:58	Name: __gpi Value: UID=00000c32cd979980:T=1687642934:RT=1687642934:S=ALNI_MZnRs7o9Q8Rd8z2Yw1HsO5tvD1yRA
.c.appier.net/	1970-01-20 21:32:58	Name: _auid Value: o9hBdDL2DVCcirDaOWOXZA
.modoro360.com/	1970-01-20 13:01:46	Name: 1_C_133 Value: a6f37f0123013099a595be2217fc435a
servs.modoro360.com/	1970-01-20 13:01:46	Name: 1_C_133 Value: a6f37f0123013099a595be2217fc435a

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://stad.yalla-shoot.io/channels/bein-sport-4d-hd/(Line 306) Message: <link rel=preload> must have a valid `as` value

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

41aa11509fc6f76804cc4bdde36dacfd.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
ap.lijit.com
bcp.crwdcntrl.net
bh.contextweb.com
bid.g.doubleclick.net
bttrack.com
cdn.flashtalking.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.adform.net
cm.g.doubleclick.net
content1.avplayer.com
csi.gstatic.com
csync.loopme.me
dmp.brand-display.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
esp.rtbhouse.com
eus.rubiconproject.com
feed.avplayer.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
invstatic101.creativecdn.com
jscdn.greeter.me
live-v13wgnv6.rmbl.ws
live.yalla-shoott.xyz
m.exactag.com
m.livehd7xc.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
player.aniview.com
player.aplhb.adipolo.com
player.avplayer.com
prebid.a-mo.net
r4---sn-4g5e6nsk.c.2mdn.net
rcp.c.appier.net
region1.google-analytics.com
rtb.openx.net
rubicon-match.dotomi.com
s.amazon-adsystem.com
s0.2mdn.net
s1.adform.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
serv.modoro360.com
servs.modoro360.com
servt.modoro360.com
stad.yalla-shoot.io
static.adsafeprotected.com
static.criteo.net
sync.1rx.io
sync.aniview.com
sync.teads.tv
tags.crwdcntrl.net
tg1.modoro360.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
track1.aniview.com
ups.analytics.yahoo.com
us-u.openx.net
vid.vidoomy.com
vpaid.vidoomy.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
live-v13wgnv6.rmbl.ws
108.156.2.55
142.250.181.226
142.250.185.130
147.75.84.158
151.139.128.10
162.19.138.120
172.105.235.90
178.250.1.11
184.30.20.47
185.80.39.216
185.89.210.122
192.132.33.46
198.47.127.19
2.16.97.41
2001:4860:4802:34::36
205.185.216.10
208.93.169.131
216.239.32.3
216.52.2.30
23.2.229.193
23.201.255.110
23.32.184.192
23.55.161.173
2600:1f13:800:7781:2c5e:9481:735c:93a8
2600:9000:225b:c800:a:e047:753:be1
2600:9000:26da:f400:8:48e:53c0:93a1
2606:4700:10::6816:3556
2606:4700:20::681a:b15
2a00:1450:4001:62::9
2a00:1450:4001:800::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2008
2a00:1450:4001:831::200a
2a02:2638:d::2
2a02:2638:d::d
2a02:26f0:3100::1735:2b93
2a02:26f0:480:7b5::2c79
2a02:6ea0:c700::17
2a02:6ea0:c700::19
2a02:fa8:8806:13::1400
2a04:4e42:400::485
2a06:98c1:3120::3
3.214.255.62
3.232.175.212
3.71.149.231
3.91.165.1
34.111.151.213
34.200.86.209
34.96.70.87
34.98.64.218
35.174.100.165
35.190.39.111
35.214.248.82
35.227.252.103
37.157.5.132
37.157.6.236
45.133.44.4
46.228.174.117
51.75.86.98
52.46.151.131
52.57.76.205
52.95.125.22
54.220.16.63
54.246.204.72
54.76.77.34
69.16.175.10
69.16.175.42
69.173.144.138
69.173.151.100
74.125.71.155
85.14.248.71
00b24d5cef3771e1b5a8ab19b1bc7eb245a969a0222f75a2780a702e7c9fb414
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0240de66a7b445f61b5a32e74c7d1dff431ac48b1b218ba454275b8f22046368
027d1d05c48887ea0c10539e5c3ed5960b8a63df4672c9b5c8949f06be6a113a
02efd28827917660f671b8f9242f78a0f1db99c63e7082fd06fb7a29d89d8605
02f67c41ee5f6b8f8e714766432c7fc830a4d8a763619bef91623990abf2222a
081c4d4732befb24994b2171eb3bda0c453072d51e1f72632c1ab18233fda25b
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08745b0c47e0b75e0f0b84d3a29b802aeaa865550c3f25d09343a340b84f154a
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0a5ff0203c96d0cd6110d3b9d485a1835c2b341f511d8d7ce46c6c2e37dbc09e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0da36ff249ba1ea612b5569a23b0de4a5b41846f9d269309035782881734bf8b
0ee1c354b10594b7cdc4197959b433c784ec75c6405b6adfbb17f21d4ffe58cc
1047218933cf49a69ec5878362a5f8d785a064c7419deefe8e76cc07bf9ae2c5
10fda70a26ac2b5dffe971591b32fd4a266de6b1b3a7504a701eb76c586081c1
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13b4bb0bb059eee9a7ddf5b8ae3f395e28e7f81918eeac0ec934f3d050c4d0a2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
18e521a5d0510315ef33808b763b097ba1e9778b5f788bb458cb2b40c75274ac
1c035714feae82aba37437b0bc97288642194e2ec8affe988dfdaa9c70c5d798
1c36f708542bca1b708ec3db7d82a1a8521966d09a2cc57a0a368f107b05d1da
1cf86132868477d53c7ae50695c079df445777d204b11f89235d43aa889c05ca
1d626e9843e50d2aed23aef3b842a1b76ffa2a9dc3524cc13758a906f62ad737
211dc8588f711db179785e224fe895b50a4398e4c69ccfff61704fa2793f394d
220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9
2238dba32596d466c32d34a64f952e8d343263efc859357ead281895fb39e57e
293c4dc30efea546e286c0185dce44c51099dd75f3486716f08547a8df84d6a7
2ac19ab6cd1bfbfe8e8b7acf7fa941266435fbbf5aa7842e37574ee392a92acb
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d5df165f9cd33cbc15eef8425d410408e4cb6d7791cbcdf678f6a0b05ee6b69
2df957d141202a0ff7127f12d1df45b6c0e689872d63accc4d91f600b0056ab2
304fd0722ffb85ff2ffdb8d78290052be2ad5097b69254d692e11f965a050378
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
357b3eda0b46a91c83c1f1a25757467c7dc6296bb4d32968625d7042f5abb6cb
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3c987cb920d8b2aa1b8cd1e0fac300bcaa1923107ca0486e01dc4edf810077e5
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
4312db021b84da02b5d5e5f8a271a5d2861060bbb29f89f42424b9b6b2b93d5d
43ea5d14a41cebe3bd32efa9ea3a731bb515650ea4aa3df2859af77e4ccf9c93
44302c25ed2ce1dfc9ecb0da46359e996d4a78e355effa617eb801606defda11
463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4722d1a48e2574651587d3052507794d85f83641dda400c213c4283fba8d5977
47ca804904884085125b67b83b706edc875fab19e98a541e8fe46bb5c01bf9aa
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49d2a4011cd567d3219b35ede345a93344960fb0d60869b823613d76df8b7684
4a195a536325adf7801121e1ea72782cb772259aed1fcf0da91eb0d18cfe5ec7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c1fd5df408874cca82afe627a36a9ba0988d5a350a38ba572053d38941736f6
4cc542e7865fd9f0083eea7ab967802a0796cb2f644389c3b940d291c352ef5c
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d97d2f204c48ceadcc2f5b86ba6bf25987c6f7c43c8dd7fee7a2847e6a71f4f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1f566a0be2ff302a602dbd795a5497eb03ce8990eccc9d0a10fd62088badb8
4f3078d79f59dca43390c202e38a3a25ff553362dade74143f41f7eb8046a7b0
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a754759056b8854eea40f5546ba7b21909f3d7187304b2a3681e72279fa12f
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
510c3152871ffc0ae3bea533ac14b522126ea18622a7a4cfda1c41d1a0e160f2
53f328d5b1bc412e4459c4d0cffcf91ce00088b7f12e62259b2fc80178fbf5a4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550cb9add249cab0af5d81b7b7293170a9436d2f7fbece20ca02a52978d72a44
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561f6655eaa2217e42357e80189b3f60a6dea1b2ab6eba64e35c83404037e432
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d18193691964b10a7e68b0e3332053e4d4bb8c7971559815345697fa5fb1a04
5ea995481d7dfddb5307f94aedabe955e8bdd9ba40b925007532997185cd35c6
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
605faec36fd7b78320cb9c22282787d5b34a92356b909f52b2e4f1ba5a5050fe
60cfa6ce626df030b028e3699758f17555253165d87ab4cdf55b8ee4c62a4330
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
6352477f7dd223e3def9197581b2c43e9de34d6220885483a00108be24acb741
63715e8ffb3d4efab913b95b9369dc96445bde93529cdc97909bdf57a8134300
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
657696b1ac4f6568f6c3b5cf237463d7561b25e3f55afdca19522f97b0db0303
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d4ecfe274e0167706dcd7e9f2e54131859013f4cc41d01c75075b04c1499385
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
7b1bfbac0178604f4dce665117d962743d2916a2a37968438f3d49d7e9c04445
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
806d0fde2113822412bc6ab304d20c25ec6d30353560cd006a477b05de24ae41
81a4bd27e957576653d3059ac699bf25e16698b98a98e26a6a84cf1d6d9660b5
81f66fb840c902b62f902bc4e27a6e3dee001d2f8babf5e767f78f16136ff0b7
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
854e0fc24eb3880ba55a7571185c80932cd2a761f819d4b921c2c4f0fff9d36b
889f2bab730d916ae6b55451a2f2fcdb173b310e29306103ece5b4c545a38156
8d67e93b773c993230e55a3881853d5e8d399b32fb591d845c41553c0fe8c71b
8dda5d62ba6489bbfe17e66f6cf1d937cda582196ab753a21c1753639f5c69cd
923ac60ae2b51d9cb2025f34d30e8188c5bdfb61e04f7d5c88908b56800c7ed0
9267e927c8b6852d835ecfb338c9b7dfc803d3fd2c2c3eb43c1a7627f8eb19bc
9869cc919f23de9da5acd3ae15c16e487b507092244e2d9c82a99044ef2970f0
9b7e69fd51a75b11065ab111a3ac9ac3573f9731ce97aa96ef8743a59ea01191
9e83314d333416d003a14ff991793feefefe12184980a4f081c0465cda5dc8da
9f66145fbaf681859fb04fc4cdedf358806d85dd27355199545b97db90d48829
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a11d6c7a0bc2a318cd02fe1fd7ddf95b8acf306d402d965d9f25b7f38da8150a
a17be26a0fc3f0d5d9bbbef4dc034a02dbd169ca4817c773185e3485cac3cd83
a2bc604c9b03104474fef892077388280342c9135ce7b20f82843db046446d5b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab6608273f8d3c48c4080e531a5f99a8365dac7245e362cdb57c59e024b20a94
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0e5ffbe1fbf32b9f80e09a1c81a35f51defe2846347e186184e3cea5a264280
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d
b5f29cbb6a60a0fe89e12a35ebede54845586bceeac3078794e45eee8130e22c
b68411b5c2089d3bf7893dece808f91a8bec4cdb2efc3a6305fb239ea7bcf2de
b76ad8a70f03910253032962f4c1b1303ab5b214f71f970847df245b657ed510
b8eae5eb6b0d3e7ece793e03e9c192a4f61eae565cab699b5e20107aa2227937
b9193201d0203b0bad4683950a20568489eb0bc5d8cf8ec8e3ec0d7c2765900d
bf0ae776f2c129f8245726edbb712091a0558f57c97704cdcd5ca0f1f5c43af5
c07684aa8b5395431f3b243baad78a2ddac988833fed866fa18b7d9cb6e1fdce
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c12d4ad7e44902963384de867b055e43ff6bc5d067c57fb8fdc46518b4540191
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4ffcb380b93be8587df1adff939042b89c5b2f0329458df5f2f2a8c07123297
c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4
c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b
c7edb5d4d78ea14da7a91764cdcb5ea177233e63d1c3803073b6c4d4104c2cb1
c99a1db5a8ee11a2fc13ab0544e3865f781fab4515592ff6467e7273478f813d
cbd3a012c540f71ca5869fd468bf3d05daf0f8b735d1d86f78775414835ab231
ce33815b4c0f7c15686c773ff8b0e5092b36696a6c758ef499dc32e5a8f01e9a
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d2ceb84d7661b0b7ec70bfe18f6596a63cccf997f6cfc45fafcb722e3715ca89
d606e34e1c4a2aa732915a5e09dffe44159893a4a8b295a67ed04d5ecc50c8c2
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
d8150ac13ec014fb343f5a481c41e92eee8e1281c02e36b0c3ca7f7de8ad82fc
d87c9d3bcb59e9c614ce340d9c6855e7754697b58498222ecb33e698d598f1ce
db63c8f249fee1a8e3137b6787aefe82cdc442d94315e021950d36875470ca05
dc66f79e3fe82e963c077531ca89f4ab616ad5410e6d6fb1cc2c384e06e7c33d
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e002c6020378aeebb5600b0773d720e1cb774c01862c69fdfba6cc306ab065e5
e0a6703c6269efa01aa462927a7e2090a33f03dfe07d0e11a23716c9a8235b93
e0f8199c62d018c38c3ff79ad3632c831dcd60cf3e1c926f0a83da953a8348e2
e2e2ee124a92ca6673a9ce2508260ac228832de36594217daffcbce988758fc5
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30b4f5df3c9773448d5e9a2f8b772308ffc80db3a4e437bd1e409fce41ebfaf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f3fa87bef5662f39154b0ac24bdc5fac80fa70d732ba488858c344b5d52b33
e77eb1880aa724e4c041a5b3dbdeedceb28b90a0662c24107f7d7af4535cbcfc
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d0dd9194383a0e25266d9973394c2be5613b214d0c4c5fad6ce95f1849e583
f5d20af9616696585f845a8826d675a2d8ba6067f30fe7fe5c39d32588abdd23
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
facf5f0be178fcf46bc483644fe84256e4f0f5c7da5829904a5f53a65cde4469
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb
ff1ea82759f4df729f7ee24dac62805f05a2fc79c7ca4cb518a072a11835e884

stad.yalla-shoot.io Open in urlscan Pro 2606:4700:20::681a:b15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

305 Requests

93 %HTTPS

38 %IPv6

52 Domains

86 Subdomains

75 IPs

10 Countries

10196 kBTransfer

16577 kBSize

42 Cookies

5 Outgoing links

Redirected requests

305 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

stad.yalla-shoot.io Open in urlscan Pro
2606:4700:20::681a:b15 Public Scan

Screenshot
Live screenshot

Full Image

305
Requests

93 %
HTTPS

38 %
IPv6

52
Domains

86
Subdomains

75
IPs

10
Countries

10196 kB
Transfer

16577 kB
Size

42
Cookies

305 HTTP transactions
15 data transactions